Kursused - Kasutaja kaastöö [et]

ITC8111

2016-02-02T10:39:51Z

Kaur: /* Special Course in Cyber Security I: Locked Shields 2016 */

= Special Course in Cyber Security I: Locked Shields 2016 =

* '''Instructor:''' Kaur Kasak, kaur.kasak [ at ] gmail.com

* '''Topic:''' Exercise Locked Shields 2016. Student's role: Test Run Blue Team, Execution White Team support

* '''Objectives:'''
** Provide the students a practical experience in '''assembling a defensive team and preparing a defensive campaign''' according to exercise scenario. This will be accomplished by engaging the students into the Blue Teams of LS16 Test Run.
** Provide the students an experience in '''responding to full-scale cyber attack campaign''' by tasking them to protect exercise networks during one day lasting attack campaign.
** '''Use the help of the students to run LS16'''. Provide the students insight how technical cyber defence exercises are organized. The students will be engaged into the White Team after the Test Run.

* '''Limitations''':
** 3 Student Blue Teams, (up to) 12 + 12 + 12 students
** LS16 will be UNCLASS exercise, but '''participation is only open to persons who have nationality of a NATO nation'''.

* '''Important Dates''':

** 10 Feb 2016 18:00 - 20:30, Room U06-220, Kick-off meeting
** (Tentative) 22 Feb 2016 18:00 - 20:30, Room U06-220, Team progress review meeting
** 01 Feb - 08 Mar 2016: Intensive preparation period
** 09-10 Mar 2016: Access to systems. Test Run (full-day events!)
** 19-21 Apr 2016: Execution (full-day events!)
* All other information will be provided through another collaboration environment. In case you have registered but have not received the invitation by '''12 Feb 2016''', please contact kaur.kasak [ at ] gmail.com

ITX8050

2016-01-30T18:44:28Z

Kaur: /* LOCKED SHIELDS 2016 version */

= LOCKED SHIELDS 2016 version =
This course has a new code - [[ITC8111]]

= STRATEGY / CYBER CHALLENGE PREP version =

* Instructor: Tiia Sõmer
* Topic: management of cyber security at a strategic level. The course will be taught by invited speakers (from Estonia and international), putting main effort to the practical side of strategic cyber security. The course is also designed to prepare students for the 9/12 Cyber Challenge, but participation does not guarantee a slot on the TUT team.
* First meeting: '''05 Nov 2015''' at '''1800-1930''' in '''ICT-315'''

== Schedule ==
NB! Check for updates regularly!

=== 05.11 ===
Introduction to the course (Tiia Sõmer) [[Meedia:001_05NOV15.pptx]]

Strategic issues in cyber security (Rain Ottis)

Cyber Challenge 2015 experience (Wael AbuSeada)

=== 12.11 ===

International actors in cyberspace, role of small states in international arena (Liina Areng) [[Meedia:002_12NOV15_LA.pdf]]

E-Diplomacy (Tanel Sepp)

=== '''19.11 -> 20.11'''

'''PLEASE NOTE THE CHANGE OF DATE TO 20NOV 2015 !!!'''

'''THE LECTURE WILL BE HELD IN THE SAME ROOM AS USUALLY: ICT 315'''

UN and Cyber Security (Peter Pedak) [[Meedia:003_20NOV15_PP.pdf]]

EU and cyber security. EU Cyber Security Structure. The functioning of EU (Luukas Ilves)

NATO and Cyber Security (Hannes Krause) [[Meedia:004_20NOV15_HK.pdf]]

=== 26.11 -> 27.11 ===

'''PLEASE NOTE THE CHANGE OF DATE TO 27 NOV 2015 !!!'''

'''THE LECTURE WILL BE HELD IN THE SAME ROOM AS USUALLY: ICT 315'''

Comparative analysis of cyber security strategies (Kadri Kaska)[[Meedia:005_27NOV15_KK.pdf]]

General principles of International law applicable in cyberspace (Pascale Brangetto)[[Meedia:006_27NOV15_PB.pdf]]

Writing policy briefs (Dr Mika Kerttunen)

=== 03.12 -> 07.12 ===

'''DATE HAS BEEN CHANGED TO 07 DECEMBER'''

Cyber security and national security. Decision-making on cyber at national level. (Kristjan Prikk) [[Meedia:009_07DEC15_KP.pdf]]

Critical Infrastructure and Critical Information Infrastructure (Urmo Sutermäe) [[Meedia:008_07DEC15_US.pdf]]

Crisis Management in Cyber (Lauri Luht) [[Meedia:007_07DEC15_LL.pdf]]

=== 10.12 ===
Media involvement/ strategic communications in cyber crisis (Liisa Past)

Strategic communications is a somewhat underrated aspect in crisis management. This lecture will give you insight into how STRATCOM can be used to your advantage in times of crisis. The lecture will take place in the form of seminar, please come with your questions and thoughts and be ready to discuss the topic.

=== WRITTEN ASSIGNMENT ====

This assignment can be completed either individually or as teamwork. In individual task, you will have to provide one policy recommendation; in case you opt for teamwork you should provide policy recommendations from one perspective per person in the group. The maximum group size can be 4 persons.
'''Deadline for submission of written assignment is 10 January 2016'''.

'''INSTRUCTIONS'''

You are cyber security advisor to the Government of one country. A major cyber incident is occurring that affects the country’s national security. The Head of Government needs information on the full range of ongoing crisis and policy response alternatives available to respond, and you have been tasked to develop policy recommendation to the Government. You should provide policy recommendation from one of the following perspectives:

- Crisis management at national level;

- Critical infrastructure;

- Private sector;

- Diplomacy/ international organisations;

- Legal;

- Cyber security.

To present your policy recommendation, you will have to keep in mind all aspects in order to successfully synthesize useful policy measures from the limited information available.

You will be provided with fictional information on the background and current situation of a major cyber attack. The scenario will present a fictional account of political and economic developments leading up to the cyber incident. You are restricted to the facts provided within the coming week in order to formulate your analysis.
You will have to '''provide a WRITTEN POLICY PAPER of 1500 words'''. This will be an analytical paper, discussing the potential implications of the cyber attack for different state and non-state actors and exploring one policy recommendation from selected perspective as chosen in depth.

'''Some tips:'''

- Don’t fight the scenario – assume the information given is true, and explore the implications of that information, not plausibility of scenario.

- Be creative – cyber policy is an evolving discourse and there is no single correct policy response to any scenario. There can be many ideas to experiment with in responding to crisis.

- Analyse the issues – it will be more important to analyse the issues than to list all possible problems or solutions.

'''Information on background and current situation''' of cyber attack affecting the country:

The country in question is the U.S. and you are asked to give advise to the Cybersecurity Directorate of the National Security Staff. The packet attached herewith contains fictional information on the background and current situation of a major cyber attack affecting the United States. The scenario added represents fictional account of political and economic developments leading to the cyber incident. You are restricted to the facts contained in the attached documents in formulating your answers.

Your recommendation must analyse the possible strengths, weaknesses, opportunities and threats of the proposed policy alternative.

'''Scenario packet:''' [[Meedia:strat_course_written_assignment_2015.pdf]]

ITC8111

2016-01-30T18:43:54Z

Kaur: Uus lehekülg: '= Special Course in Cyber Security I: Locked Shields 2016 = * '''Instructor:''' Kaur Kasak, kaur.kasak [ at ] gmail.com * '''Topic:''' Exercise Locked Shields 2016. Student's r...'

= Special Course in Cyber Security I: Locked Shields 2016 =

* '''Instructor:''' Kaur Kasak, kaur.kasak [ at ] gmail.com

* '''Topic:''' Exercise Locked Shields 2016. Student's role: Test Run Blue Team, Execution White Team support

* '''Objectives:'''
** Provide the students a practical experience in '''assembling a defensive team and preparing a defensive campaign''' according to exercise scenario. This will be accomplished by engaging the students into the Blue Teams of LS16 Test Run.
** Provide the students an experience in '''responding to full-scale cyber attack campaign''' by tasking them to protect exercise networks during one day lasting attack campaign.
** '''Use the help of the students to run LS16'''. Provide the students insight how technical cyber defence exercises are organized. The students will be engaged into the White Team after the Test Run.

* '''Limitations''':
** 3 Student Blue Teams, (up to) 12 + 12 + 12 students
** LS16 will be UNCLASS exercise, but '''participation is only open to persons who have nationality of a NATO nation'''.

* '''Important Dates''':

** First meeting: TBD Feb 2016
** 01 Feb - 08 Mar 2016: Intensive preparation period
** 09-10 Mar 2016: Access to systems. Test Run (full-day events!)
** 19-21 Apr 2016: Execution (full-day events!)
* All other information will be provided through another collaboration environment. In case you have registered but have not received the invitation by '''12 Feb 2016''', please contact kaur.kasak [ at ] gmail.com

Cyber

2016-01-30T18:41:23Z

Kaur:

== News for Spring 2016 ==
Rearranged by course code
* '''June thesis defence''' candidates - please indicate your thesis topic by 01 FEB in Moodle. See the [https://courses.cs.ttu.ee/pages/Thesis Thesis] page for more details.
* '''IDN0110 Data Mining and Network Analysis''' will be offered this semester. Lectures on Mondays 1745-1915, practice on Tuesdays 1400-1530. Location TBA. Instructor: dr Sven Nõmm. [https://courses.cs.ttu.ee/pages/Data_Mining_and_network_analysis_IDN0110 Details]
* '''ITC8010 Legal Aspects of Cyber Security''' will be offered this semester. Instructor: Anna-Maria Osula. Fridays 1200-1530 in room ICT-315.
* '''ITC8050 Strategic and Operational Aspects of Cyber Security''' will be offered this semester. Even week Wednesdays 1745-2100 in ICT-315. [https://courses.cs.ttu.ee/pages/ITC8050 Details]
* '''[https://courses.cs.ttu.ee/pages/ITC8060 ITC8061 Network Protocol Design]''' replaces ITC8060 (instructor: prof Olaf Maennel). ITC8061 will be '''6 ECTS''' (elective in Special Studies module, both specializations).
* [[ITC8111]] Special Course''' on '''Locked Shields''' will take place. This will be available for both specializations. Instructor: Kaur Kasak.
* '''ITC8112 Special Course''' on '''current cyber security topics''' will take place in ICT-312 on odd week Wednesdays 1745-2015. This will be available for both specializations. Instructor: dr Hayretdin Bahsi. [https://courses.cs.ttu.ee/pages/ITC8112 Details]
* '''MTAT.03.248 Introduction to Internet Psychology''' (instructor: Kätlin Konstabel) will take place '''in Tallinn''' during first half of the semester, on Mondays 1200-1600 and Tuesdays 1000-1400 on the dates of 15-16 FEB, 29 FEB - 01 MAR, 14-15 MAR, 28-29 MAR - total of 8 lectures. Room ICT-315. Sign up via Tartu University OIS (admin problems -> hanna-liisa.ennet@ut.ee). '''NB! First lecture now on 15 FEB.'''
* '''MTAT.03.307 Secure Software Design''' will be available with a '''mostly remote study''' option (minimal travel needed) this semester. The first lecture in Tartu on 18 FEB is mandatory. Sign up via Tartu University OIS (admin problems -> hanna-liisa.ennet@ut.ee). [https://courses.cs.ut.ee/2016/ssd/spring Details]
* It is highly recommended that '''Digital Forensics students''' take at least one course from Tartu University (see the previous two bullets for possible candidates that require little or no travel).
* General note: you can replace '''Intro to IT''' and '''Intro to Programming''' with more advanced IT courses that have at least the same ECTS. Consult with Rain Ottis before committing to any changes, though.
* General note: if you take more ECTS than required in the Special Studies module than this will count towards your Free Choice module. It is not necessary to actually move the courses to Free Studies in this case.
* General note: contact Rain Ottis if you need to move HOE7023, ITC8010, ITC8050 or ITC8070 to the correct module (it may show up under Free Choice).

== News for Fall 2015 ==

* '''January thesis defence dates:'''
** 14 DEC - deadline for applying for defence in OIS (thesis code ITC70LT).
** 05 JAN - deadline for submitting your thesis for review.
** 18 JAN - thesis defence day.'''

* The new instructor for '''ITX8090''' (Information and Cyber Security Assurance in Organisations) is Dr Andro Kull.

* If a course does not show up on your schedule:
** try a manual search for that specific course. Electives (especially from different departments) are often not added to the full schedule.
** wait. Some of them are not in the system yet, but this should be resolved by the end of this week.

* '''ITX8041''' (Legal Aspects of Cyber Security) is replaced by '''ITC8010''' (same name). There are minor changes in content and the course is now given on both semesters. For the fall semester of 2015 the course is given by Agnes Käsper. Do not take it, if you have already passed ITX8041.

* '''ITX8215''' (Digital Evidence) is replaced by '''HOE7023''' (same name); taught by Agnes Käsper. There are no significant changes to the content. Do not take it, if you have already passed ITX8215. '''NB! Schedule change: it takes place every week for weeks 1-8 in U03-222 on Mondays at 1745-2100.'''

* '''ITX8062''' (Information Systems Mass Attacks and Defence) is replaced by '''ITC8050''' (Strategic and Operational Aspects of Cyber Security), which will be offered on both semesters. The course will be given on odd weeks throughout the semester (previously taught on weeks 1-8). The course is designed for second year students and there are limited number of seats available. If you do not fit into this fall's version, you can take it in the spring. Do not take it, if you have already passed ITX8062. '''NB! Schedule change: it takes place on odd weeks throughout the semester in ICT-A1 on Wednesday 1745-2100.'''

* '''ITX8063''' (Information Systems Hacking Attacks and Defence) is replaced by '''ITC8070''' (Information Systems Attacks and Defence). The new course will be 4 ECTS and there are limited slots available. Do not take it, if you have already passed ITX8063. '''NB! Schedule change: it takes place every week on weeks 9-16 in SOC-212 on Tuesday 1745-2100.'''

* If you enrolled in 2014 or earlier, then the replacement courses (see above) may not display in the correct modules. Do not worry about this, we will move them at the end of the semester. Just contact Rain Ottis during the exam session and let him know what the situation is.

* A special course on forensics takes place ('''ITX8220/ITX8221''' - you should pick a code that you have not used yet) in the second half of the semester. This will be a hands on course that is going to look at the forensics tools in Kali Linux. It is taught by Erika Matsak. If you consider taking it, you will have to sign up for it by September 10th. '''NB! Schedule change: it takes place every week on weeks 9-16 in ICT-403 on Monday 1930-2100 and Thursday 1930-2100.'''

* The seminars [https://courses.cs.ttu.ee/pages/ITX8040 '''ITX8040''' and '''ITX8230'''] (depending on your focus) are taking place together on Tuesdays, 1600-1730 in room ICT-315. They are designed to help you with your thesis and should be taken on the third semester. However, you can also take it during your first semester, if you already have some idea about your thesis. You can only sign up for one seminar. If you have passed either one in the past, then you can attend, but not get credit for it.

* There will be a Special Course on Cyber Security ([https://courses.cs.ttu.ee/pages/ITX8050 '''ITX8050''']) that focuses on national and international cyber security questions (policy/strategy level). The course is designed to prepare candidates for the Cyber Challenge, although there is no guarantee that those who pass the course actually get to go. Last year we sent a team to Switzerland and they did very well. This course will be run by Tiia Sõmer during the second half of the semester, on Thursday evenings at 1800-1930 in ICT-315.

* Information about '''language courses''' in [http://www.ttu.ee/faculty-of-social-sciences/language-centre-2/student-guidelines-2/ English] and in [http://www.ttu.ee/?id=14217 Estonian].

* '''IDN0110''' and '''ITX8080''' are not offered this semester.

== News for Spring 2016 ==

* There will be a 6 credit point data mining course for 15-20 people offered by Sven Nõmm (in Tallinn). More details in January.

* Tartu University courses '''MTAT.03.246''' and '''MTAT.03.247''' will be combined into one 6 ECTS course '''MTAT.03.307''' (Principles of Secure Software Design).

* Tartu University Research Seminar on Cryptography (MTAT.07.019) gets a new code: '''MTAT.07.022'''.

== Studies ==

==== Administrative information ====

[http://www.ttu.ee/students/study-information-2/academic-calendar-9/ Academic Calendar] in English

[http://www.ttu.ee/public/t/tudengile/oppeinfo/juhendid/Akad_kalender_15_16.pdf Academic Calendar] in Estonian (pdf)

[https://ois.ttu.ee/ Study portal]. See also:

* [https://ois.ttu.ee/video/english portal intro video]

* Navigate to the Cyber Security curriculum: click ENG on the right, Select Curricula on the left, Select by "structural units" under Curricula, Open (click to the little +) "Faculty of Information Technology", "10. IVCM09 IVCM09/13 Cybersecurity" in the middle table

* You must declare your courses for the semester by the so-called "red line" date, which is generally mid-September or mid-February, depending on the semester. Use the [http://ois.ttu.ee/pls/portal/ois2.ois_public.main OIS study portal] to declare courses.

* Please contact Dean's office for necessary passwords if you cannot log in with your ID-card and for any other kind of technical administrative help!

==== Course web sites ====

Please note that this is not a complete list.

* '''ITC8050''' [[ITC8050 | Strategic and Operational Aspects of Cyber Security]]

* '''ITV8060''' Computer Network Security (4 ECP) is available and free on Fall for second year students and can be moved to Specialization module after you have got a grade.

* '''ITX8040''' [http://courses.cs.ttu.ee/pages/ITX8040 Cyber Defence seminar]

* '''ITX8042''' [[Malware:ITX8042:2014 | 2014 Malware]]

* '''ITX8050''' [[ITX8050 | Special Course in Cyber Security]]

* '''ITX8060''' [[Malware:ITX8042:2014 | 2014 Malware II]]

* '''ITX8062''' [[ITX8062 | Information Systems Mass Attacks and Defence]]

* '''ITX8063''' [[ITX8063 | Information Systems Hacking Attacks and Defence]]

* '''ITX8071''' Cyber Defense Monitoring Solutions replaces the course ITX8070 Log Mining and Disc Forensics.

* '''ITX8090''' [[ITX8090 | Information and Cyber Security Assurance in Organisations]]

* '''ITX8220/ITX8221''' [[ITX8220 | Special Course in Digital Forensics]]

* '''[[ITC8060]]''' [[ITC8060|Network Protocol Design.]]

The courses are free (the invoices are cancelled) to Cyber Security RE students and can be moved to Specialization module after you get a grade.

==== Sources for free choice courses ====

You can look for additional free choice courses from the following sources

Scan the [http://ois.ttu.ee OIS study portal] for available courses this semester (takes effort, but it is useful to learn to find your way in OIS). You can find all the courses given in English (timetables of all international programs) in TUT by looking at OIS -> Timetables -> click to GB flag in the center of the page.

You can take [http://www.ttu.ee/faculty-of-social-sciences/language-centre-2/student-guidelines-2/ some other language course] (French, German, Russian, Finnish) offered by the [http://www.ttu.ee/faculty-of-social-sciences/language-centre-2/ Language Centre] in addition to the courses (HLI2200, HLX8040) in your curriculum. Some of the alternative courses may not be free to study. In such a case OIS will give notice when you declare the course.

==== ITX8512 Practical Training in Information Technology ====
You can get credits if you have working experience in IT field. More information can be found here: [[ITX8512]]

== Thesis and graduation ==
The fourth semester is reserved for writing your thesis. This is a demonstration of your professional knowledge and skills, and the process typically involves the following steps (with the help of your supervisor):
* identify a problem that matters
* research possible solutions, and select or develop the most suitable one
* implement the solution
* analyze the results of your work
* present your work in a professional manner in written (thesis) and oral (thesis defence) form

[http://courses.cs.ttu.ee/pages/Thesis Thesis information] - deadlines, proposed topics, requirements, etc.

== Scholarships ==

There are special IT-Academy scholarships available for Cyber Security students. The scholarships are awarded based on rank in admission and the study results in the previous semesters. You will have to apply for this scholarship on OIS and OIS will also tell you if you qualify for it. Check also: [http://www.ttu.ee/public/i/infotehnoloogia-teaduskond/Tudengile/ITA/IT_Academy__stipend_M_english.docx statute of the scholarship], which is available on the faculty web site.

In addition, you can apply for [http://www.studyitin.ee/scholarship/skype-scholarship Skype and IT Academy Master’s Scholarship] and [http://www.studyitin.ee/scholarship/lhv-scholarship LHV Bank Scholarship].

== Contact ==
* [http://www.ttu.ee/?lang=en Tallinn University of Technology]
** [http://www.ttu.ee/studying/new-and-current-student/ International Study Centre] will help you in the first steps at TUT and provides useful help along your studies.
** See also [http://www.ttu.ee/public/u/ulikool/kontakt/TTU_Campusekaart_juuli2010.pdf campus maps]
** [http://www.ttu.ee/faculty-of-information-technology/faculty-of-information-technology-1/home-2/ Faculty of Information Technology]
** Dean's Office of IT dept: room ICT-407, phone 6203528, email i@ttu.ee
** program coordinator Rain Ottis, rain.ottis@ttu.ee, room ICT-430, Akadeemia 15a. Consultancy registration via e-mail.
** research coordinator [http://www.ttu.ee/en/personnel-search/&kood=T0067160 Olaf Maennel], olaf.maennel@ttu.ee, ICT-420, Akadeemia 15a. Consultancy registration via e-mail.
* [http://www.ut.ee/en University of Tartu]
** [http://www.cs.ut.ee/en Institute of Computer Science]
** program coordinator [http://vvv.cs.ut.ee/~unruh/ Dominique Unruh]

ITX8050

2016-01-30T18:39:44Z

Kaur:

= LOCKED SHIELDS 2016 version =

= STRATEGY / CYBER CHALLENGE PREP version =

* Instructor: Tiia Sõmer
* Topic: management of cyber security at a strategic level. The course will be taught by invited speakers (from Estonia and international), putting main effort to the practical side of strategic cyber security. The course is also designed to prepare students for the 9/12 Cyber Challenge, but participation does not guarantee a slot on the TUT team.
* First meeting: '''05 Nov 2015''' at '''1800-1930''' in '''ICT-315'''

== Schedule ==
NB! Check for updates regularly!

=== 05.11 ===
Introduction to the course (Tiia Sõmer) [[Meedia:001_05NOV15.pptx]]

Strategic issues in cyber security (Rain Ottis)

Cyber Challenge 2015 experience (Wael AbuSeada)

=== 12.11 ===

International actors in cyberspace, role of small states in international arena (Liina Areng) [[Meedia:002_12NOV15_LA.pdf]]

E-Diplomacy (Tanel Sepp)

=== '''19.11 -> 20.11'''

'''PLEASE NOTE THE CHANGE OF DATE TO 20NOV 2015 !!!'''

'''THE LECTURE WILL BE HELD IN THE SAME ROOM AS USUALLY: ICT 315'''

UN and Cyber Security (Peter Pedak) [[Meedia:003_20NOV15_PP.pdf]]

EU and cyber security. EU Cyber Security Structure. The functioning of EU (Luukas Ilves)

NATO and Cyber Security (Hannes Krause) [[Meedia:004_20NOV15_HK.pdf]]

=== 26.11 -> 27.11 ===

'''PLEASE NOTE THE CHANGE OF DATE TO 27 NOV 2015 !!!'''

'''THE LECTURE WILL BE HELD IN THE SAME ROOM AS USUALLY: ICT 315'''

Comparative analysis of cyber security strategies (Kadri Kaska)[[Meedia:005_27NOV15_KK.pdf]]

General principles of International law applicable in cyberspace (Pascale Brangetto)[[Meedia:006_27NOV15_PB.pdf]]

Writing policy briefs (Dr Mika Kerttunen)

=== 03.12 -> 07.12 ===

'''DATE HAS BEEN CHANGED TO 07 DECEMBER'''

Cyber security and national security. Decision-making on cyber at national level. (Kristjan Prikk) [[Meedia:009_07DEC15_KP.pdf]]

Critical Infrastructure and Critical Information Infrastructure (Urmo Sutermäe) [[Meedia:008_07DEC15_US.pdf]]

Crisis Management in Cyber (Lauri Luht) [[Meedia:007_07DEC15_LL.pdf]]

=== 10.12 ===
Media involvement/ strategic communications in cyber crisis (Liisa Past)

Strategic communications is a somewhat underrated aspect in crisis management. This lecture will give you insight into how STRATCOM can be used to your advantage in times of crisis. The lecture will take place in the form of seminar, please come with your questions and thoughts and be ready to discuss the topic.

=== WRITTEN ASSIGNMENT ====

This assignment can be completed either individually or as teamwork. In individual task, you will have to provide one policy recommendation; in case you opt for teamwork you should provide policy recommendations from one perspective per person in the group. The maximum group size can be 4 persons.
'''Deadline for submission of written assignment is 10 January 2016'''.

'''INSTRUCTIONS'''

You are cyber security advisor to the Government of one country. A major cyber incident is occurring that affects the country’s national security. The Head of Government needs information on the full range of ongoing crisis and policy response alternatives available to respond, and you have been tasked to develop policy recommendation to the Government. You should provide policy recommendation from one of the following perspectives:

- Crisis management at national level;

- Critical infrastructure;

- Private sector;

- Diplomacy/ international organisations;

- Legal;

- Cyber security.

To present your policy recommendation, you will have to keep in mind all aspects in order to successfully synthesize useful policy measures from the limited information available.

You will be provided with fictional information on the background and current situation of a major cyber attack. The scenario will present a fictional account of political and economic developments leading up to the cyber incident. You are restricted to the facts provided within the coming week in order to formulate your analysis.
You will have to '''provide a WRITTEN POLICY PAPER of 1500 words'''. This will be an analytical paper, discussing the potential implications of the cyber attack for different state and non-state actors and exploring one policy recommendation from selected perspective as chosen in depth.

'''Some tips:'''

- Don’t fight the scenario – assume the information given is true, and explore the implications of that information, not plausibility of scenario.

- Be creative – cyber policy is an evolving discourse and there is no single correct policy response to any scenario. There can be many ideas to experiment with in responding to crisis.

- Analyse the issues – it will be more important to analyse the issues than to list all possible problems or solutions.

'''Information on background and current situation''' of cyber attack affecting the country:

The country in question is the U.S. and you are asked to give advise to the Cybersecurity Directorate of the National Security Staff. The packet attached herewith contains fictional information on the background and current situation of a major cyber attack affecting the United States. The scenario added represents fictional account of political and economic developments leading to the cyber incident. You are restricted to the facts contained in the attached documents in formulating your answers.

Your recommendation must analyse the possible strengths, weaknesses, opportunities and threats of the proposed policy alternative.

'''Scenario packet:''' [[Meedia:strat_course_written_assignment_2015.pdf]]

ITX8050

2016-01-05T11:19:14Z

Kaur: /* LOCKED SHIELDS 2016 version */

= LOCKED SHIELDS 2016 version =

* '''Instructor:''' Kaur Kasak, kaur.kasak [ at ] gmail.com

* '''Topic:''' Exercise Locked Shields 2016. Student's role: Test Run Blue Team, Execution White Team support

* '''Objectives:'''
** Provide the students a practical experience in '''assembling a defensive team and preparing a defensive campaign''' according to exercise scenario. This will be accomplished by engaging the students into the Blue Teams of LS16 Test Run.
** Provide the students an experience in '''responding to full-scale cyber attack campaign''' by tasking them to protect exercise networks during one day lasting attack campaign.
** '''Use the help of the students to run LS16'''. Provide the students insight how technical cyber defence exercises are organized. The students will be engaged into the White Team after the Test Run.

* '''Limitations''':
** 3 Student Blue Teams, (up to) 12 + 12 + 12 students
** LS16 will be UNCLASS exercise, but '''participation is only open to persons who have nationality of a NATO nation'''.

* '''Important Dates''':

** First meeting: TBD Feb 2016
** 01 Feb - 08 Mar 2016: Intensive preparation period
** 09-10 Mar 2016: Access to systems. Test Run (full-day events!)
** 19-21 Apr 2016: Execution (full-day events!)
* All other information will be provided through another collaboration environment. In case you have registered but have not received the invitation by '''TBD Feb 2016''', please contact kaur.kasak [ at ] gmail.com

= STRATEGY / CYBER CHALLENGE PREP version =

* Instructor: Tiia Sõmer
* Topic: management of cyber security at a strategic level. The course will be taught by invited speakers (from Estonia and international), putting main effort to the practical side of strategic cyber security. The course is also designed to prepare students for the 9/12 Cyber Challenge, but participation does not guarantee a slot on the TUT team.
* First meeting: '''05 Nov 2015''' at '''1800-1930''' in '''ICT-315'''

== Schedule ==
NB! Check for updates regularly!

=== 05.11 ===
Introduction to the course (Tiia Sõmer) [[Meedia:001_05NOV15.pptx]]

Strategic issues in cyber security (Rain Ottis)

Cyber Challenge 2015 experience (Wael AbuSeada)

=== 12.11 ===

International actors in cyberspace, role of small states in international arena (Liina Areng) [[Meedia:002_12NOV15_LA.pdf]]

E-Diplomacy (Tanel Sepp)

=== '''19.11 -> 20.11'''

'''PLEASE NOTE THE CHANGE OF DATE TO 20NOV 2015 !!!'''

'''THE LECTURE WILL BE HELD IN THE SAME ROOM AS USUALLY: ICT 315'''

UN and Cyber Security (Peter Pedak) [[Meedia:003_20NOV15_PP.pdf]]

EU and cyber security. EU Cyber Security Structure. The functioning of EU (Luukas Ilves)

NATO and Cyber Security (Hannes Krause) [[Meedia:004_20NOV15_HK.pdf]]

=== 26.11 -> 27.11 ===

'''PLEASE NOTE THE CHANGE OF DATE TO 27 NOV 2015 !!!'''

'''THE LECTURE WILL BE HELD IN THE SAME ROOM AS USUALLY: ICT 315'''

Comparative analysis of cyber security strategies (Kadri Kaska)[[Meedia:005_27NOV15_KK.pdf]]

General principles of International law applicable in cyberspace (Pascale Brangetto)[[Meedia:006_27NOV15_PB.pdf]]

Writing policy briefs (Dr Mika Kerttunen)

=== 03.12 -> 07.12 ===

'''DATE HAS BEEN CHANGED TO 07 DECEMBER'''

Cyber security and national security. Decision-making on cyber at national level. (Kristjan Prikk) [[Meedia:009_07DEC15_KP.pdf]]

Critical Infrastructure and Critical Information Infrastructure (Urmo Sutermäe) [[Meedia:008_07DEC15_US.pdf]]

Crisis Management in Cyber (Lauri Luht) [[Meedia:007_07DEC15_LL.pdf]]

=== 10.12 ===
Media involvement/ strategic communications in cyber crisis (Liisa Past)

Strategic communications is a somewhat underrated aspect in crisis management. This lecture will give you insight into how STRATCOM can be used to your advantage in times of crisis. The lecture will take place in the form of seminar, please come with your questions and thoughts and be ready to discuss the topic.

=== WRITTEN ASSIGNMENT ====

This assignment can be completed either individually or as teamwork. In individual task, you will have to provide one policy recommendation; in case you opt for teamwork you should provide policy recommendations from one perspective per person in the group. The maximum group size can be 4 persons.
'''Deadline for submission of written assignment is 10 January 2016'''.

'''INSTRUCTIONS'''

You are cyber security advisor to the Government of one country. A major cyber incident is occurring that affects the country’s national security. The Head of Government needs information on the full range of ongoing crisis and policy response alternatives available to respond, and you have been tasked to develop policy recommendation to the Government. You should provide policy recommendation from one of the following perspectives:

- Crisis management at national level;

- Critical infrastructure;

- Private sector;

- Diplomacy/ international organisations;

- Legal;

- Cyber security.

To present your policy recommendation, you will have to keep in mind all aspects in order to successfully synthesize useful policy measures from the limited information available.

You will be provided with fictional information on the background and current situation of a major cyber attack. The scenario will present a fictional account of political and economic developments leading up to the cyber incident. You are restricted to the facts provided within the coming week in order to formulate your analysis.
You will have to '''provide a WRITTEN POLICY PAPER of 1500 words'''. This will be an analytical paper, discussing the potential implications of the cyber attack for different state and non-state actors and exploring one policy recommendation from selected perspective as chosen in depth.

'''Some tips:'''

- Don’t fight the scenario – assume the information given is true, and explore the implications of that information, not plausibility of scenario.

- Be creative – cyber policy is an evolving discourse and there is no single correct policy response to any scenario. There can be many ideas to experiment with in responding to crisis.

- Analyse the issues – it will be more important to analyse the issues than to list all possible problems or solutions.

'''Information on background and current situation''' of cyber attack affecting the country:

The country in question is the U.S. and you are asked to give advise to the Cybersecurity Directorate of the National Security Staff. The packet attached herewith contains fictional information on the background and current situation of a major cyber attack affecting the United States. The scenario added represents fictional account of political and economic developments leading to the cyber incident. You are restricted to the facts contained in the attached documents in formulating your answers.

Your recommendation must analyse the possible strengths, weaknesses, opportunities and threats of the proposed policy alternative.

'''Scenario packet:''' [[Meedia:strat_course_written_assignment_2015.pdf]]

ITX8050

2015-10-28T08:02:10Z

Kaur: /* LOCKED SHIELDS 2016 version */

= LOCKED SHIELDS 2016 version =

* Instructor: Kaur Kasak
* Topic: Exercise Locked Shields 2016. Student's role: Test Run Blue Team, Execution White Team support
* Objectives:
** Provide the students a practical experience in '''assembling a defensive team and preparing a defensive campaign''' according to exercise scenario. This will be accomplished by engaging the students into the Blue Teams of LS16 Test Run.
** Provide the students an experience in '''responding to full-scale cyber attack campaign''' by tasking them to protect exercise networks during one day lasting attack campaign.
** '''Use the help of the students to run LS16'''. Provide the students insight how technical cyber defence exercises are organized. The students will be engaged into the White Team after the Test Run.
* Limitation:
** 3 Student Blue Teams, (up to) 12 + 12 + 12 students
** LS16 will be UNCLASS exercise, but '''participation is only open to persons who have nationality of a NATO nation'''.
* First meeting: '''TBD Feb 2016'''
* All other information will be provided through another collaboration environment. In case you have registered but have not received the invitation by '''TBD Feb 2016''', please contact kaur.kasak [ at ] gmail.com

= STRATEGY / CYBER CHALLENGE PREP version =

* Instructor: Tiia Sõmer
* Topic: management of cyber security at a strategic level. The course will be taught by invited speakers (from Estonia and international), putting main effort to the practical side of strategic cyber security. The course is also designed to prepare students for the 9/12 Cyber Challenge, but participation does not guarantee a slot on the TUT team.
* First meeting: '''05 Nov 2015''' at '''1800-1930''' in '''ICT-315'''

== Schedule ==
NB! Check for updates regularly!

=== 05.11 ===
Introduction to the course (Tiia Sõmer)

Strategic issues in cyber security (Rain Ottis)

Cyber security and national security. Decision-making on cyber at national level. (Kristjan Prikk)

International system and decision-making on cyber at International level (TBC)

=== 12.11 ===
State actors in cyberspace (TBC)

International actors in cyberspace, role of small states in international arena (Liina Areng)

E-Diplomacy (Tanel Sepp)

=== 19.11 ===
EU and cyber security. EU Cyber Security Structure. The functioning of EU(Heli Tiirmaa-Klaar, EEAS)

NATO and Cyber Security (Christian-Marc Liflander, NATO)

UN and Cyber Security (TBC)

=== 26.11 ===
General principles of International law applicable in cyberspace

Role of Defense Forces in national and International cyber security

Law of Armed Conflict in cyber

Countermeasures and sanctions

Writing policy briefs

=== 03.12 ===
Territorial Sovereignity and integrity in cyberspace (TBC)

International cooperation in solving crisis of cyber nature (Tanya Collingridge, Head of International Cyber Policy, UK FCO Cyber Policy Dept)

=== 10.12 ===
Critical Infrastructure and Critical Information Infrastructure (TBC)

Crisis Management in Cyber (Lauri Luht, EISA)

Media involvement/ role in cyber crisis (Raul Rebane)

ITX8050

2014-02-05T12:54:13Z

Kaur:

* Topic: Exercise Locked Shields 2014. Student's role: Test Run Blue Team, Execution White Team support
* Limitation: 2 Student Blue Teams, (up to) 10 + 10 students
* First meeting: '''12 Feb 2014''' at '''18:00 - 19:30''' in '''ICT-411'''
* All other information will be provided through another collaboration environment. In case you have registered but have not received the invitation by '''09 Feb 2014''', please contact kaur.kasak [ at ] gmail.com

ITX8050

2014-02-05T00:07:19Z

Kaur: Uus lehekülg: ' * Topic: Exercise Locked Shields 2014. Student's role: Test Run Blue Team, Execution White Team support * Limitation: 2 Student Blue Teams, (up to) 10 + 10 students * First meet...'

* Topic: Exercise Locked Shields 2014. Student's role: Test Run Blue Team, Execution White Team support
* Limitation: 2 Student Blue Teams, (up to) 10 + 10 students
* First meeting: '''12 Feb 2014''' at '''18:00 - 19:30''' in ICT-TBD.
* All other information will be provided through another collaboration environment. In case you have registered but have not received the invitation by '''09 Feb 2014''', please contact kaur.kasak [ at ] gmail.com

Cyber second year

2014-02-05T00:00:46Z

Kaur:

== Courses ==

* '''ITX8080''' Simulation of Attacks and Defense

* '''ITV8060''' Computer Network Security (4 EAP) is available and free on Fall for cybersecurity 2. year students and can be moved to Specialization module after you have got a grade.

* '''ITX8071''' Cyber Defense Monitoring Solutions replaces the course ITX8070 Log Mining and Disc Forensics.

* '''ITX8040''' [http://courses.cs.ttu.ee/pages/ITX8040 Cyber Defence seminar] (spring semester)

* '''ITX8042''' [http://lambda.ee/w/index.php?title=Malware:ITX8042:2013 Malware]

* '''ITX8042''' [http://lambda.ee/w/index.php?title=Malware:ITX8060:2013 Malware II]

* '''ITX8062''' [[ITX8062 | Information Systems Mass Attacks and Defence]]

* '''ITX8063''' [[ITX8063 | Information Systems Hacking Attacks and Defence]]

* '''ITX8050''' [[ITX8050 | Special Course in Cyber Security]]

The courses are free to cybersecurity RE students (the invoices are cancelled) and can be moved to Specialization module after you get a grade.

== Writing a Thesis ==

=== Topic and advisor ===
Almost any professor and lecturer you have met in your curricula can act as an advisor of you thesis. Some of them have some open problems suitable for doing research and writing a thesis, but many don't have a topic to offer. It is usually more helpful to have an initial idea of a topic of your thesis and ask someone with interests in the related field to advise you. You can have an advisor not related to the university, but he can act only as a co-advisor and you need to agree to somebody related to the curricula or the [http://www.ttu.ee/faculty-of-information-technology/faculty-of-information-technology-1/about-faculty-2/departments/department-of-computer-science-2/ leading institute] of the curricula to be an official advisor.

When refining topic ideas, make sure it has a clear connection with cyber security.

The topics or keywords below are offered by potential (co-)supervisors. The list is updated as new offers emerge.

===== From the TUT IT office =====
Infrastructure
* Migrating TUT Campus LAN to IPv6; Edgars Zigurs
* Implementing a freeware SIEM solution in TUT; Edgars Zigurs
* Campus WiFi quality and signal strength modeling (3D); Edgars Zigurs

Development
* electronic door signs, room calendars, etc.; Thomas Lepik
* VoIP solutions - softphone, integration with existing information systems; Thomas Lepik
* integrating last generation BMS (Building Management System); Thomas Lepik
* the student view of OIS (usability, security, re-design); Enn Rebane

===== From Arnis Paršovs, University of Tartu, arnis@ut.ee =====
* Topic: On-the-fly encryption for car DVR
Task: Implement on-the-fly encryption functionality for Prestigio car DVR (by patching publicly available firmware - possibly by hooking write calls).
Use of hybrid encryption is recommended, however, implementation of scrambling (e.g., XORing with a fixed key) might already be considered success.
Describe the threat model, how it was done and how to use it.

* Topic: Parallel tallying for Estonian i-voting
Task: Describe security risks that could be reduced if election observers would be allowed to perform vote verification and counting using their computers. Propose changes to the i-voting procedures and develop parallel tallying reference implementation and test data set. Analyse new risks introduced and propose counter measures.

* Topic: Perfect Secrecy for TLS
Task: Create an Internet Draft proposing a TLS cipher suite or extension that would ensure perfect secrecy using one-time pad. Develop a proof-of-concept patch for OpenSSL/mod_ssl and Firefox. Analyze the security and usability, describe the use cases.

* Topic: TLS Session Resumption and ID card Authentication
Task: Study how TLS session resumption is implemented in browsers. Measure and compare the performance improvement TLS session resumption provides. Measure the performance impact if the TLS client certificate authentication is performed using a smart card.

===== TREsPASS project =====
* Research project: [http://www.trespass-project.eu/ Technology-supported Risk Estimation by Predictive Assessment of Socio-technical Security]
The project is also suitable for PhD research, following the completion of the Master's studies.
Contacts: Dr Peeter Laud, Dr Jan Willemson

=== Formal Requirements and recommendations ===
There are no strict rules on formatting your thesis. Some general advices that are good to follow for a master thesis:
* a title page, an author declaration, an annotation in english and estonian, a list of contents, and references are required in the thesis
* around 50 pages + appendixes if needed
* Times New Roman (or similar), font size 12, 1.5 spacing used for the ordinary text
* headings are numbered and no more than 3 levels used
* 2 copies are submitted, you will get one back afterwards.

'''The [http://www.lambda.ee/wiki/ITX8045 Cyber Security Seminar] is designed to provide advice on the thesis requirements and writing process to Cyber Security Master's students.

=== Dates (2013 spring) ===
* May 13 deadline for application of defending the thesis
* May 27, 9.00 - 11.00 and 15.00 - 17.00, submission of the thesis (two copies to ICT-411)
* June 3 ([http://www.ttu.ee/infotehnoloogia-teaduskond/arvutiteaduse-instituut/at-tudengile/lopetamine-2/ Schedule]) defenses of the thesis (presentation 15 minutes + discussion)
* After defense, please, visit Dean's Office for more information about final formalities
* June 19 - 28 final ceremony
* [http://lab.cs.ttu.ee/theses Upload your thesis if you would like to have it public]
Your advisor may have different suggestions, but if they don't say anything then you should plan to have a first draft ready by the end of April.

=== Links ===
[http://www.cs.ut.ee/en/node/3301/mid/1046 Some advises and requirements for writing a thesis in UT]

[http://www.ttu.ee/infotehnoloogia-teaduskond/arvutiteaduse-instituut/at-tudengile/lopetamine-2/ Some advises and requirements for writing a thesis in TTU (in Estonian)]

[http://www.lib.ttu.ee/dbs/abaasid.asp Databases, books, research papers accessible from the TTU network]

ITX8063

2013-10-29T20:29:22Z

Kaur:

All information related with this course will be provided through separate collaboration environment. To get access, send an e-mail to Sten
* emailsten[-at-]gmail.com

ITX8063

2013-10-29T15:39:02Z

Kaur:

All information related with this course will be provided through separate collaboration environment. To get access, send an e-mail to course instructor
* kaur.kasak[-at-]gmail.com

ITX8063

2013-10-27T15:08:13Z

Kaur: Uus lehekülg: '= IT Systems Hacking Attacks and Defence ='

= IT Systems Hacking Attacks and Defence =

Cyber second year

2013-10-27T15:06:33Z

Kaur:

== Courses ==

* '''ITX8080''' Simulation of Attacks and Defense

* '''ITV8060''' Computer Network Security (4 EAP) is available and free on Fall for cybersecurity 2. year students and can be moved to Specialization module after you have got a grade.

* '''ITX8071''' Cyber Defense Monitoring Solutions replaces the course ITX8070 Log Mining and Disc Forensics.
* '''ITX8040''' Cyberdefence seminar will take place on Spring semester

* '''ITX8042''' [http://lambda.ee/w/index.php?title=Malware:ITX8042:2013 Malware]

* '''ITX8042''' [http://lambda.ee/w/index.php?title=Malware:ITX8060:2013 Malware II]

* '''ITX8062''' [[ITX8062 | Information Systems Mass Attacks and Defence]]

* '''ITX8063''' [[ITX8063 | Information Systems Hacking Attacks and Defence]]

The courses are free to cybersecurity RE students (the invoices are cancelled) and can be moved to Specialization module after you get a grade.

== Writing a Thesis ==

=== Topic and advisor ===
Almost any professor and lecturer you have met in your curricula can act as an advisor of you thesis. Some of them have some open problems suitable for doing research and writing a thesis, but many don't have a topic to offer. It is usually more helpful to have an initial idea of a topic of your thesis and ask someone with interests in the related field to advise you. You can have an advisor not related to the university, but he can act only as a co-advisor and you need to agree to somebody related to the curricula or the [http://www.ttu.ee/faculty-of-information-technology/faculty-of-information-technology-1/about-faculty-2/departments/department-of-computer-science-2/ leading institute] of the curricula to be an official advisor.

When refining topic ideas, make sure it has a clear connection with cyber security.

The topics or keywords below are offered by potential (co-)supervisors. The list is updated as new offers emerge.

===== From the TUT IT office =====
Infrastructure
* Migrating TUT Campus LAN to IPv6; Edgars Zigurs
* Implementing a freeware SIEM solution in TUT; Edgars Zigurs
* Campus WiFi quality and signal strength modeling (3D); Edgars Zigurs

Development
* electronic door signs, room calendars, etc.; Thomas Lepik
* VoIP solutions - softphone, integration with existing information systems; Thomas Lepik
* integrating last generation BMS (Building Management System); Thomas Lepik
* the student view of OIS (usability, security, re-design); Enn Rebane

===== From Arnis Paršovs, University of Tartu, arnis@ut.ee =====
* Topic: Security analysis of peer-to-peer messaging protocol TorChat.
Task: Find out and describe how secure message exchange is established and what is the threat model it protects against.
Describe how it could possibly be attacked and review if secure coding practices are followed.

* Topic: On-the-fly encryption for car DVR
Task: Implement on-the-fly encryption functionality for Prestigio car DVR (by patching publicly available firmware - possibly by hooking write calls).
Use of hybrid encryption is recommended, however, implementation of scrambling (e.g., XORing with a fixed key) might already be considered success.
Describe the threat model, how it was done and how to use it.

===== TREsPASS project =====
* Research project: [http://www.trespass-project.eu/ Technology-supported Risk Estimation by Predictive Assessment of Socio-technical Security]
The project is also suitable for PhD research, following the completion of the Master's studies.
Contacts: Dr Peeter Laud, Dr Jan Willemson

=== Formal Requirements and recommendations ===
There are no strict rules on formatting your thesis. Some general advices that are good to follow for a master thesis:
* a title page, an author declaration, an annotation in english and estonian, a list of contents, and references are required in the thesis
* around 50 pages + appendixes if needed
* Times New Roman (or similar), font size 12, 1.5 spacing used for the ordinary text
* headings are numbered and no more than 3 levels used
* 2 copies are submitted, you will get one back afterwards.

'''The [http://www.lambda.ee/wiki/ITX8045 Cyber Security Seminar] is designed to provide advice on the thesis requirements and writing process to Cyber Security Master's students.

=== Dates (2013 spring) ===
* May 13 deadline for application of defending the thesis
* May 27, 9.00 - 11.00 and 15.00 - 17.00, submission of the thesis (two copies to ICT-411)
* June 3 ([http://www.ttu.ee/infotehnoloogia-teaduskond/arvutiteaduse-instituut/at-tudengile/lopetamine-2/ Schedule]) defenses of the thesis (presentation 15 minutes + discussion)
* After defense, please, visit Dean's Office for more information about final formalities
* June 19 - 28 final ceremony
* [http://lab.cs.ttu.ee/theses Upload your thesis if you would like to have it public]
Your advisor may have different suggestions, but if they don't say anything then you should plan to have a first draft ready by the end of April.

=== Links ===
[http://www.cs.ut.ee/en/node/3301/mid/1046 Some advises and requirements for writing a thesis in UT]

[http://www.ttu.ee/infotehnoloogia-teaduskond/arvutiteaduse-instituut/at-tudengile/lopetamine-2/ Some advises and requirements for writing a thesis in TTU (in Estonian)]

[http://www.lib.ttu.ee/dbs/abaasid.asp Databases, books, research papers accessible from the TTU network]