Utilizing Vector Database Management Systems in Cyber Security


  • Toni Taipalus University of Jyväskylä
  • Hilkka Grahn University of Jyväskylä
  • Hannu Turtiainen University of Jyväskylä
  • Andrei Costin University of Jyväskylä




vector database, Anomaly Detection, traffic analysis, cyber security, phishing detection


The rising popularity of phenomena such as ubiquitous computing and IoT poses increasingly high demands for data management, and it is not uncommon that database management systems (DBMS) must be capable of reading and writing hundreds of operations per second. Vector DBMSs (VDBMS) are novel products that focus on the management of vector data and can alleviate data management pressures by storing data objects such as logs, system calls, emails, network flow data, and memory dumps in feature vectors that are computationally efficient in both storage and information retrieval. VDMBSs allow efficient nearest neighbour similarity search on complex data objects, which can be used in various cyber security applications such as anomaly, intrusion, malware detection, user behaviour analysis, and network flow analysis. This study describes VDBMSs and some of their use cases in cyber security.

Author Biographies

Toni Taipalus, University of Jyväskylä

Toni Taipalus is an assistant professor at Tampere University, and a postdoctoral researcher at the Faculty of Information Technology, University of Jyväskylä. His research has been published in journals such as ACM Transactions on Software Engineering and Journal of Systems and Software. His current research interests include database performance and data-intensive software systems.

Hilkka Grahn, University of Jyväskylä

Hilkka Grahn is a postdoctoral researcher at the Faculty of Information Technology, University of Jyväskylä, Finland. Her research has been published in journals such as International Journal of Human–Computer Studies and Accident Analysis & Prevention. Her current research interests include cognitive security and human behavior within security contexts.

Hannu Turtiainen, University of Jyväskylä

Hannu Turtiainen received the B.Sc. degree in electronics engineering from the University of Applied
Sciences, Jyväskylä, Finland, in 2012, the M.Sc. degree in cybersecurity from the University of Jyväskylä, Jyväskylä, in 2020, where he is currently pursuing the Ph.D. degree in software and communication technology. His research topic is Machine Learning and Artificial Intelligence in the Cybersecurity and
Digital Privacy field. He is also working in the IoT field as a Cybersecurity and Software Engineer in Binare.io, Jyväskylä, a deep-tech cybersecurity spin-off from the University of Jyväskylä.

Andrei Costin, University of Jyväskylä

Andrei Costin received the Ph.D. degree from EURECOM/Telecom ParisTech, Sophia Antipolis, France, under co-supervision of Prof. Francilon and Prof. Balzarotti in 2015. He is currently a Senior Lecturer/Assistant Professor of Cybersecurity with the University of Jyväskylä (Central Finland), Jyväskylä, Finland, with a particular focus on IoT/firmware cybersecurity and Digital Privacy. He has been publishing
and presenting at more than 45 top international cybersecurity venues, both academic, such as Usenix
Security and ACM ASIACCS, and industrial, such as BalckHat, CCC, and HackInTheBox. He has authored the first practical ADS-B attacks (BlackHat 2012) and has literally established the large-scale automated firmware analysis research areas (Usenix Security 2014)—these two works are considered seminal in their respective areas, being also most cited at the same time. Dr. Costin is also the CEO/co-founder of Binare.io, a deep-tech cybersecurity spin-off from University of Jyväskylä, focused on innovation and tech-transfer related to IoT cybersecurity.