http://courses.cs.taltech.ee/w/api.php?action=feedcontributions&feedformat=atom&user=KristiKursused - Kasutaja kaastöö [et]2026-05-21T20:01:11ZKasutaja kaastööMediaWiki 1.35.9http://courses.cs.taltech.ee/w/index.php?title=Thesis&diff=10343Thesis2022-01-12T09:52:46Z<p>Kristi: /* Important Deadlines for May/June 2022 Defence */</p>
<hr />
<div>=Thesis info for Cyber Security students=<br />
<br />
== Important Deadlines for January 2022 Defence ==<br />
* Submission of problem statement and research design document: 15th August 2021 <br />
* Submission of the thesis to the reviewer: 14 December 2021 <br />
* OIS declaration: 13 December 2021<br />
* Submission of the final version of the thesis: 3 January 2022<br />
* Defences: 10 January 2022<br />
<br />
== Important Deadlines for May/June 2022 Defence ==<br />
<br />
* Submission of problem statement and research design document: 14 December 2021 <br />
* Submission of the thesis to the reviewer: 25 April 2022<br />
* OIS declaration: 9 May 2022<br />
* Submission of the final version of the thesis: 16 May 2022<br />
* Defences: 30-31 May, 2-3 June 2022<br />
<br />
== Thesis Defence Overview ==<br />
<br />
Writing and defending an MSc thesis is an important part of the Cyber Security curriculum, as it shows that you can go deep into a specific cyber security research area. This page gives a rough overview of the process, but details should be discussed with your supervisor. This overview part is given according to the assumption that you are following a 4-semester study plan and aim to defend in the May period. If you want to defend in January, then you can adjust the planning phases accordingly.<br />
<br />
Generally, the process should start during the first year, by finding a topic-area of interest and by identifying a suitable supervisor. At the end of the second semester, it is highly recommended to have an idea about your topic and have discussed this with your supervisor.<br />
<br />
In early December, you should submit a problem statement and research design document (please, find the details, below). Sending this document is considered as a registration to the defence that will take place in next term. <br />
<br />
The next step in the process would be conducting the research. As the thesis submission deadline is around the third week of April (for students aiming to defend in January, this deadline is early December), please, plan to finish your work early April, so that your supervisor can review your thesis, give you feedback and you have time to address the feedback before your thesis is being sent to the reviewer/opponent. Jointly with your supervisor, you should then make a decision if your work is ready to be submitted for May defence (or if you need more time and prefer to submit for a January defence). The reviewer will review your thesis and give you feedback. Expect that you should receive the review about a week before the final deadline. You can continue to update your work until the final submission date. You can and should, however, incorporate the review feedback into the final copy of your thesis and defence presentation. This will allow you to make modifications, e.g., fix some typos or clarify some sections, which the reviewer pointed out.<br />
<br />
At the final submission deadline, you will have to submit your thesis. On the day of defence, you are expected to give a 15-minute presentation of your work, followed by Q&A from the opponent, committee, supervisor & audience. Make sure you prepare your 15-minute presentation well, this should not be left for the evening before the defence. <br />
<br />
Below some more detailed information. <br />
<br />
Good luck! <br />
<br />
=== Registration and submission of problem statement and research design document ===<br />
Each student is required to submit a problem statement and research design document having a length up to 10 pages. '''The document must include your name and also the names of thesis and supervisor''' (and co-supervisor if exists).<br />
<br />
About half a year before the defence, the students are required to indicate their intent to defend by this document. See deadlines above set for each semester. Typically this will be around Early December for May defences and Mid June for January defences. You will need to submit this via the TTU Moodle link given in "important deadlines" section of relevant defence period. You'll have to self-enrol yourself in that link. Feedback on the problem statement and research design document should be received within 3-4 weeks via the email account that you defined in TTU Moodle.<br />
<br />
The document should include the following sections and content:<br />
<br />
• The topic of the thesis<br />
<br />
• The name of the author<br />
<br />
• The name of the supervisor<br />
<br />
• Motivation: An overview of the addressed problem is given here. It should be explained why the problem is important and deserves a research study.<br />
<br />
• Research Problem/Hypothesis/Question: It is imperative to write a proper research problem/hypothesis/question statement(s).<br />
<br />
• Scope and Goal: This section defines the goal of the study and describes the main outcomes. It is required to specify the scope, limitations and key assumptions of the study.<br />
<br />
• Literature Review: This section includes the analysis of similar studies in the literature and gives a discussion of the research gap. It is important to link this research gap explanation with the research problem.<br />
<br />
• Novelty: This section justifies the novelty of your study, explains what the main contribution is and what the differences are when compared to similar studies.<br />
<br />
• Research Methods: The research methods that you will apply in your study are given here. The data collection and analysis methods are also covered in this section. It is needed to explain how your research outcome will be validated.<br />
<br />
• References: The resources referenced in the document are listed here. <br />
<br />
This document is evaluated according to the following criteria:<br />
<br />
Whether the author<br />
<br />
• has a well-defined problem statement,<br />
<br />
• successfully presents the significance of the problem,<br />
<br />
• knows the literature and the limits of existing solutions,<br />
<br />
• have thought about possible methods,<br />
<br />
• have thought about how to validate the proposed solution,<br />
<br />
• brings a novelty to the literature.<br />
<br />
You can find detailed information about research methods [https://courses.cs.ttu.ee/pages/Research_Method here.]<br />
<br />
=== Submission to Reviewer ===<br />
Each thesis will be assigned a reviewer or sometimes called opponent. The reviewer must have at least a Master's degree and relevant knowledge or experience in the field of the thesis topic, and they must not have a conflict of interest (such as being members in the same research group). Students and supervisor may recommend reviewer candidates, but the final assignment will be done by the thesis defence committee. <br />
<br />
A reviewer will provide written feedback (typically about two pages) on the thesis. The review should cover the following points:<br />
* short description of the thesis<br />
* strengths and weaknesses of the thesis<br />
* recommended grade (0-5, where 0 is a failing thesis and 5 is an excellent thesis) based on the clarity of the problem and the solution, complexity of the problem, suitability of the chosen solution, proper execution of the solution, and the proper formatting and language use in the thesis.<br />
* at least three questions that can be asked during the defence.<br />
<br />
Based on the student's performance at the defence the reviewer may change the recommended grade.<br />
<br />
The reviewer will receive a copy of the thesis about two-three weeks before the final/hard university deadline for submitting the thesis. The reason for this is that typically reviewers point out the typos and small factual mistakes that can be fixed in short time (about a week). The student will receive the review one week before the final submission deadline and therefore is able to address some of the comments before submitting the final version. The student can also still decide not to submit the thesis this round, but rather work on improving the quality and then submit an improved version in the next defence period.<br />
<br />
=== OIS declaration===<br />
Before a student can proceed to the thesis defence, they have to declare the thesis topic in OIS and get approval from their supervisor. Please pay careful attention to the OIS declaration deadline, as without this you will not be permitted to attend the defence. If you will defend your thesis in Tartu University, then you should do your OIS declaration to their systems according to their deadlines.<br />
<br />
=== Submission of Final Copy===<br />
<br />
Each student will submit the pdf version of the thesis, the relevant thesis metadata and licence information via moodle course page link given in "important deadlines" section of relevant defence period. Please complete the steps 1, 2 and 3 of the thesis submission on this page. <br />
<br />
In addition to submission of above materials via Moodle, one paper copy of your thesis will be collected before defence, which you will get back after defence. The details will be announced one or two weeks before the deadline. <br />
<br />
If you will defend your thesis in Tartu University, then you should submit final copy according to the procedures and deadlines of Tartu University. <br />
<br />
<br />
NB! Do not forget that you need to prepare a '''15 min presentation for your defence'''. This should really not be left to the evening before the defence!<br />
<br />
=== The defence procedure ===<br />
On the day of defence, students will present their theses according to the announced schedule. Generally, the results will be announced at the end of the day.<br />
<br />
The defence procedure for each student consists of the following steps:<br />
* the committee Chairman announces the name of the student, the topic of the thesis, and the names of the supervisor(s) and reviewer.<br />
* the student presents his or her thesis in 15 minutes.<br />
* the student answers the reviewer's questions and the reviewer recommends a grade. This recommendation may differ from the preliminary recommendation, based on how successful the defence was.<br />
* the student answers questions from the committee. <br />
* the student answers questions from the audience.<br />
* the supervisor gives his or her opinion of the thesis and recommends a grade.<br />
<br />
NB! The recommended grades by the reviewer and the supervisor are not binding to the committee, who makes the final decision.<br />
<br />
* After the thesis defence, please visit the Dean's Office for more information about final formalities.<br />
* [http://lab.cs.ttu.ee/theses Upload your thesis if you would like to have it public]<br />
<br />
== Formal Requirements and recommendations ==<br />
<br />
Until further notice, please use the formatting guide from the School of Information Technologies (link to the guide is given [https://www.taltech.ee/en/thesis-and-graduation-it#p43359 here]). Please note that you will have to change the title page as of 01.01.2017:<br />
* write "School of Information Technology" instead of "Faculty of Information Technology"<br />
* write "Department of Software Science" instead of "Department of Computer Engineering".<br />
<br />
The thesis code for IVCM is ITC70LT.<br />
<br />
The following advices can be considered for a master thesis<br />
* a title page, an author declaration, an annotation in English and Estonian, a list of contents, and references are required in the thesis<br />
* 50-80 pages + appendices if needed<br />
* Times New Roman (or similar), font size 12, 1.5 spacing used for the ordinary text<br />
* Headings are numbered and no more than 3 levels used<br />
* Don't forget page numbers<br />
<br />
== Topic and supervisor ==<br />
Every student must have a supervisor when writing the thesis. The supervisor's role is to provide guidance on topic selection and research methods, as well as to give feedback on your work. It is not the supervisor's duty to correct spelling mistakes or formatting errors - they may point such things out, but the responsibility remains with you. Before a thesis will be accepted for defence, the supervisor has to agree that it is of sufficient quality.<br />
<br />
Almost any professor and lecturer you have met in your curriculum can act as an supervisor of your thesis. Some of them have some open problems suitable for doing research and writing a thesis, but many may not have a topic to offer right away. It is usually more helpful to have an initial idea of a topic of your thesis and ask someone with interests in the related field to advise you. You can have a supervisor not related to the university, but he can act only as a co-supervisor and you need to agree to somebody related to the curricula or the [http://www.ttu.ee/faculty-of-information-technology/faculty-of-information-technology-1/about-faculty-2/departments/department-of-computer-science-2/ leading institute] of the curriculum to be an official co-supervisor. All (co-)supervisors must have at least a Master's degree.<br />
<br />
When refining a topic idea, make sure it has a clear connection with cyber security.<br />
<br />
NB!<br />
Theses supervised by supervisors from the University of Tartu (UT) have to be defended in UT. Exceptions are possible, but need do be approved by the program manager.<br />
<br />
If you will defend your thesis in UT, then you should do your thesis declaration according to the procedures and deadlines of UT. Thesis related guidelines and regulations are available at: https://www.cs.ut.ee/en/studying/guidelines-regulations In case of any questions contact UT Institute of Computer Science Academic Affairs Specialist Maarja Kungla (maarja.kungla@ut.ee).<br />
<br />
== Potential supervisors & proposed topics ==<br />
<br />
'''The topics below are offered by potential (co-)supervisors (in alphabetical order). The list is updated as new offers emerge.'''<br />
<br />
==== From Marko Arik, Industry PhD student, Talgen Cybersecurity Ltd. marko.arik@taltech.ee ==== <br />
<br />
* Cyber Operations<br />
* Informational Environment<br />
* Individual competences in Cyber<br />
* GNSS jamming and spoofing of the unmanned vehicles<br />
<br />
==== From Hayretdin Bahsi, Tallinn University of Technology, hayretdin.bahsi@taltech.ee ====<br />
<br />
I am interested in various topics which can be categorized as technical and organizational. If you already have specific topics in your mind, we can discuss them and decide to work together. <br />
<br />
Technical Topics<br />
<br />
* Application of machine learning and data mining methods to the following cyber security problems: Malware detection, botnet identification, code security review, intrusion detection in cyber-physical systems, IoT network or robotic systems <br />
* Cyber security of IoT, cyber-physical systems: Development of a security testbed, threat modelling, honeypots, intrusion detection systems<br />
* Digital Forensics: Forensics issues in cyber-physical systems, IoT networks or robotics systems, mobile forensics, blockchain forensics<br />
<br />
Organizational Topics<br />
<br />
* Security operation center (SOC) models<br />
* Case studies for the improvement of SOC processes such as threat monitoring, incident handling, vulnerability management or situational awareness<br />
<br />
==== From Aivo Kalu, Cybernetica AS ====<br />
<br />
1. Comparison of identity/authentication/signing APIs from security and architecture viewpoint<br />
<br />
This might be suitable for student, who is more interested about software developing/architecture aspects, but still related to security as well. In short, there are many competing API-s in the Baltic/Nordic region, which are used in practice, to request the authentication or signatures. For example: <br />
<br />
* https://github.com/SK-EID/smart-id-documentation/blob/master/README.md<br />
* https://github.com/SK-EID/MID<br />
* https://developers.dokobit.com<br />
* https://developer.signicat.com/apis/sign-api/sign-api-v1/<br />
* https://github.com/open-eid/SiGa/wiki/Hashcode-API-description<br />
<br />
and also, there are the “canonical” or “standard" ones like OIDC and SAML and DSS (http://docs.oasis-open.org/dss/v1.0/oasis-dss-core-spec-v1.0-os.html). Which one is good? Which one has the best properties from software point of view or security point of view? Which one to use for future integrations? How do we even compare them?<br />
<br />
2. Apply Smart-ID authentication and digital signatures (or underlying SplitKey technology) in novel bitcoin/blockchain/SSI/DID use cases.<br />
<br />
For example, last year, there was the master thesis https://www.semanticscholar.org/paper/Aleksandr-Ts%C3%B5ganov-Integrating-User-Identity-with-Ts%C3%B5ganov-Pintado/30c653214f5a30ed46343058039d4b53a8d326f9?utm_source=email. <br />
<br />
If there’s some additional ideas, about where to apply the Smart-ID authentication services or perhaps to do more deeper integration with the SplitKey technology, we could discuss and see, if some interesting project might come out of this. <br />
<br />
3. Compare the attack model of the FIDO with the attack model of Smart-ID. <br />
<br />
The current Smart-ID authentication API (https://github.com/SK-EID/smart-id-documentation/blob/master/README.md) specifies how the anonymous session with the web-site becomes the authenticated session. Compare the security properties of this authentication flow with https://www.w3.org/TR/webauthn-2/ and https://fidoalliance.org/specs/fido-v2.0-id-20180227/fido-security-ref-v2.0-id-20180227.html<br />
<br />
4. Compare the properties of Smart-ID with framework by Bonneau et al.<br />
<br />
Take the https://www.cl.cam.ac.uk/~fms27/papers/2012-BonneauHerOorSta-password--oakland.pdf and the properties described there and analyse, which ones are satisfied by Smart-ID, which ones are not satisfied, which ones are already pointless in the year 2020. Compare with http://fc16.ifca.ai/preproceedings/25_Lang.pdf, which does the same kind exercise for FIDO in the section 6.1.<br />
<br />
==== From Jüri Kivimaa, Tallinn University of Technology ====<br />
* IT security economics<br />
* security cost optimization<br />
<br />
==== From Shaymaa Khalil, TalTech ====<br />
<br />
Interested in (but not limited to) topics related to:<br />
<br />
Industrial control systems: threat modeling, security, threat detection, testbeds, and education programs<br />
<br />
Digital Forensics topics, especially topics related to Industrial control systems, Windows OS and Digital Forensics tools benchmarking<br />
<br />
==== From Toomas Lepik, Tallinn University of Technology ====<br />
<br />
toomas.lepik@taltech.ee<br />
<br />
General areas:<br />
<br />
* Network Forensic (related data analysis)<br />
* Reverse engineering (including malware analysis)<br />
* SCADA security <br />
* Incident Handling.<br />
<br />
[https://courses.cs.ttu.ee/pages/Thesis/tl/ A bit more specific research ideas ]<br />
<br />
==== From Birgy Lorenz, Tallinn University of Technology ====<br />
birgy.lorenz@ttu.ee<br />
<br />
* human factors in cybersecurity<br />
* cyber awareness and training (kindergarten, schools, laypersons)<br />
* cybersecurity young talents skills and its development and testing<br />
* women in cybersecurity<br />
<br />
==== From Kaie Maennel, Tallinn University of Technology ====<br />
(kaie.maennel@ttu.ee)<br />
<br />
- cyber awareness and hygiene<br />
<br />
- cyber security learning and teaching (e.g., serious games, cyber defense exercises, etc.)<br />
<br />
- learning analytics in cyber security training context<br />
<br />
- human factors in cyber security<br />
<br />
- cybersecurity risk assessment and management<br />
<br />
- IT and cybersecurity audits<br />
<br />
==== From [https://maennel.net Olaf Maennel], Tallinn University of Technology, olaf.maennel@ttu.ee ====<br />
<br />
* Network security & network measurements (active & passive)<br />
* WAN-routing & security (IPv6, BGP/BGPsec,...)<br />
<br />
==== From Sten Mäses, Tallinn University of Technology ====<br />
<br />
* Creating educational hands-on virtual labs in rangeforce.com platform<br />
<br />
==== From Andrew Roberts, Tallinn University of Technology ====<br />
Topics: <br />
1. Evaluation of Methods for Threat and Risk Assessment of Autonomous Self-Driving Vehicles<br />
2. Design and Development of a cyber range for Autonomous self-driving vehicles <br />
Contribution: <br />
<br />
Topic 1: The outcome of this work will form part of TUT contribution to standards and methods research within the International Alliance for Mobility Testing and Standardisation (IAMTS). <br />
<br />
Topic 2: The developed cyber range will be integrated into the EU ECHO-Federated Cyber Range.<br />
<br />
==== From Anna-Maria Osula, Tallinn University of Technology ====<br />
<br />
* legal aspects of cyber security <br />
* international law<br />
<br />
==== From Rain Ottis, Tallinn University of Technology ====<br />
<br />
* national cyber security<br />
* serious games in cyber security/cyber security exercises<br />
<br />
==== From Mauno Pihelgas NATO CCDCOE ==== <br />
* system monitoring<br />
* network monitoring<br />
* IDS/IPS systems<br />
* insider threat detection<br />
<br />
==== From Jaan Priisalu, Tallinn University of Technology ====<br />
<br />
* TBD<br />
<br />
==== From Matthew Sorell, Tallinn University of Technology / Adelaide University Australia ====<br />
<br />
Matthew James Sorell <matthew.sorell@taltech.ee> <br />
<br />
1. A risk-based decision approach for handling digital devices at a crime scene.<br />
<br />
It is common for electronic devices such as mobile phones to be discovered at a crime scene, but the means for securing the device is becoming increasingly complex. In spite of this, evidence handling procedures are often static and increasingly out of date, leading to the loss of critical evidence in serious crime.<br />
<br />
The phone may be remotely wiped; picking it up may activate motion sensors; and in some cases (such as missing persons) the urgency of the evidence needs to be weighed against securing forensic evidence for investigation and prosecution. <br />
<br />
In this research, we consider the development of a risk-based approach to advising crime scene investigators to handle digital devices in the least-worst way.<br />
<br />
<br />
2. Feasible route mapping<br />
<br />
When examining timestamped geolocation data, it is often useful to determine feasible routes which could be taken from one location to another. <br />
<br />
Google Maps, for example, provides directions and sometimes provides a small number of alternatives. For criminal investigation, a heatmap of feasible routes would support investigators with a means to rapidly evaluate the context of movement in and around a crime. <br />
<br />
In this project, we propose to use the Google Maps Platform (https://developers.google.com/maps/gmp-get-started) to build, through statistical sampling, a heatmap of feasible routes subject to time and modes-of-transportation constraints.<br />
<br />
==== From Tiia Sõmer, Tallinn University of Technology ==== <br />
<br />
Currently no topics on offer.<br />
<br />
<br />
==== From Stefan Sütterlin, Tallinn University of Technology & Østfold University College ====<br />
(stefan.sutterlin@hiof.no)<br />
<br />
- cognitive science and performance in cyber defence<br />
<br />
- human factors in cyber security<br />
<br />
- cyberpsychology<br />
<br />
- decision-making<br />
<br />
- cognitive biases <br />
<br />
- cybersecurity awareness<br />
<br />
==== From Eneken Tikk, Tallinn University of Technology ====<br />
* Technical and organizational implementation of the GDPR <br />
* Monetization of personal data <br />
* Economics of cybersecurity (the cost of implementation relative to the anticipated and evidenced gains) <br />
* Cyber insurance<br />
* Non-military strategies for national and international cybersecurity<br />
* Legal aspects of cybersecurity<br />
<br />
==== From Risto Vaarandi, Tallinn University of Technology ====<br />
<br />
Here are potential areas for selecting a thesis topic:<br />
<br />
* event log collection<br />
* event log analysis<br />
* event correlation<br />
* network monitoring<br />
* intrusion detection<br />
* any area that is connected to security monitoring<br />
* various other system security engineering topics (for example, system hardening or firewalling)<br />
<br />
When applying for supervision, preference is given to students who have either passed the Cyber Defense Monitoring Solutions course with grade 4 or 5, or have previous engineering experience in the research area (for example, writing a thesis on network intrusion detection requires previous experience with network IDS systems). Before applying, make sure you have selected at least one initial thesis topic suggestion with a background research about its validity.<br />
<br />
==== From Adrian Venables, Tallinn University of Technology ====<br />
<br />
* Cyber security aspects of Information Warfare<br />
* Information Advantage doctrine development<br />
* Influence Operations<br />
<br />
Note: a background in International Relations, Political Science or Strategic Studies is required<br />
<br />
<br />
==== From Gabor Visky, NATO CCDCOE / TalTech ====<br />
<br />
Gabor Visky <gabor.visky@ccdcoe.org><br />
<br />
* Network traffic analysis in the maritime cyber-lab<br />
<br />
<br />
<br />
==== From the TalTech IT office ====<br />
Infrastructure<br />
* Migrating TUT Campus LAN to IPv6; Edgars Zigurs<br />
* Implementing a freeware SIEM solution in TUT; Edgars Zigurs<br />
* Campus WiFi quality and signal strength modeling (3D); Edgars Zigurs<br />
<br />
Development<br />
* electronic door signs, room calendars, etc.; Thomas Lepik<br />
* VoIP solutions - softphone, integration with existing information systems; Thomas Lepik<br />
* integrating last generation BMS (Building Management System); Thomas Lepik<br />
* the student view of OIS (usability, security, re-design); Enn Rebane<br />
<br />
==== From the Tartu University thesis topic registry ====<br />
NB! Theses supervised by supervisors from the University of Tartu (UT) have to be defended in UT. Exceptions are possible, but need do be approved by the program manager. If you will defend your thesis in UT, then you should do your thesis declaration according to the procedures and deadlines of UT. Thesis related guidelines and regulations are available at: https://www.cs.ut.ee/en/studying/guidelines-regulations<br />
In case of any questions contact UT Institute of Computer Science Academic Affairs Specialist Maarja Kungla (maarja.kungla@ut.ee).<br />
<br />
- Arnis Paršovs, University of Tartu, arnis@ut.ee<br />
* eID<br />
* PKI<br />
* TLS<br />
* Smart cards<br />
<br />
A full list of thesis topics offered by the [https://acs.cs.ut.ee/ Applied Cyber Security Group (UT)] is available in the [https://comserv.cs.ut.ee/ati_thesis_offers/index.php?year=all&keywords=acs thesis topics database].<br />
<br />
Students can also get access to various [https://acs.cs.ut.ee/hardware/ hardware] that can be used for research experiments.<br />
<br />
- Dominique Unruh, University of Tartu, <dominique.unruh@ut.ee> <br />
<br />
- Vitaly Skachek, University of Tartu, <vitaly.skachek@ut.ee><br />
<br />
- Meelis Roos, University of Tartu, <meelis.roos@ut.ee><br />
<br />
- Mubashar Iqbal, University of Tartu, <mubashar.iqbal@ut.ee><br />
<br />
- Abasi-Amefon Obot Affia, University of Tartu, <amefon.affia@ut.ee><br />
<br />
- Mari Seeba, University of Tartu, <mari.seeba@ut.ee><br />
<br />
- Sabah Suhail, University of Tartu,<br />
<br />
- Raimundas Matulevicius, University of Tartu, <raimundas.matulevicius@ut.ee><br />
<br />
<br />
Some topics are provided at <https://infosec.cs.ut.ee/Main/ThesisTopics><br />
<br />
For other topics, students can contact directly the supervisors and course lecturers.<br />
<br />
==== From Estonian Police ====<br />
* Vaatlustarkvarade EnCase ja Autopsy võrdlus (selgituseks, et Autopsy on EnCase analoog, kuid tasuta. Vajalik oleks täpne analüüs, et mida Autopsy võimaldab ja mida mitte võrreldes EnCase ja/või FTKga).<br />
<br />
* Erinevate suhtlustarkvarade (WhatsApp, Viber, FB Messenger, Skype jt) jäljed mobiiltelefonides ja nende analüüsimine (selgituseks, et üldjuhul loovad suhtlustarkvarad mingi andmebaasi vestlustega ka telefoni, kas see on krüpteeritud või mitte? Osad vestlused XRY tuvastab, aga millistel juhtudel? Millised võimalused oleks neid faile nö käsitsi uurida?).<br />
<br />
* Tõendiahela kirjeldamine elektrooniliste tõendite fikseerimisel (chain of custody)/Elektroonilise sisu erikohtlemine asitõendi vaatlusel/Digitaaltõendite vaatluse kord – erinevate riikid analüüs ja võrdlus.<br />
<br />
* P2P võrkudes lastest ebasündsate piltide levitajate tuvastamine/P2P võrkudes illegaalse internetisisu levitajate tuvastamine.<br />
<br />
* Koolituskava väljatöötamine uurijale/menetlejale, kes puutub kokku digitaalsete tõenditega- erinevate riikide praktika võrdlus.<br />
<br />
* Ask Rain Ottis for a POC on these topics.<br />
<br />
== Useful links ==<br />
[https://drive.google.com/file/d/0B7yq33Gize8ydEh5X0NxeWtZc3c/edit ITX8040 Thesis advice slides]<br />
<br />
[https://www.taltech.ee/en/thesis-and-graduation-it#p43359 Format requirements of a thesis and MS-Word Template (TalTech)]<br />
<br />
[https://gitlab.cs.ttu.ee/templates/phd-thesis LATEX template for master thesis (TalTech) (accessible by UNI-ID)]<br />
<br />
[http://www.lib.ttu.ee/dbs/abaasid.asp Databases, books, research papers accessible from the TTU network]<br />
<br />
[https://courses.cs.ttu.ee/pages/Research_Method An Overview of Research Methods]<br />
<br />
[https://courses.cs.ttu.ee/pages/Defended_thesis_cyber Previously Defended Theses]</div>Kristihttp://courses.cs.taltech.ee/w/index.php?title=Thesis&diff=10342Thesis2022-01-12T09:52:35Z<p>Kristi: /* Important Deadlines for January 2022 Defence */</p>
<hr />
<div>=Thesis info for Cyber Security students=<br />
<br />
== Important Deadlines for January 2022 Defence ==<br />
* Submission of problem statement and research design document: 15th August 2021 <br />
* Submission of the thesis to the reviewer: 14 December 2021 <br />
* OIS declaration: 13 December 2021<br />
* Submission of the final version of the thesis: 3 January 2022<br />
* Defences: 10 January 2022<br />
<br />
== Important Deadlines for May/June 2022 Defence ==<br />
<br />
* Submission of problem statement and research design document: 14 December 2021 https://moodle.taltech.ee/course/view.php?id=31426. There is no enrollment key for the students.<br />
* Submission of the thesis to the reviewer: 25 April 2022<br />
* OIS declaration: 9 May 2022<br />
* Submission of the final version of the thesis: 16 May 2022<br />
* Defences: 30-31 May, 2-3 June 2022<br />
<br />
== Thesis Defence Overview ==<br />
<br />
Writing and defending an MSc thesis is an important part of the Cyber Security curriculum, as it shows that you can go deep into a specific cyber security research area. This page gives a rough overview of the process, but details should be discussed with your supervisor. This overview part is given according to the assumption that you are following a 4-semester study plan and aim to defend in the May period. If you want to defend in January, then you can adjust the planning phases accordingly.<br />
<br />
Generally, the process should start during the first year, by finding a topic-area of interest and by identifying a suitable supervisor. At the end of the second semester, it is highly recommended to have an idea about your topic and have discussed this with your supervisor.<br />
<br />
In early December, you should submit a problem statement and research design document (please, find the details, below). Sending this document is considered as a registration to the defence that will take place in next term. <br />
<br />
The next step in the process would be conducting the research. As the thesis submission deadline is around the third week of April (for students aiming to defend in January, this deadline is early December), please, plan to finish your work early April, so that your supervisor can review your thesis, give you feedback and you have time to address the feedback before your thesis is being sent to the reviewer/opponent. Jointly with your supervisor, you should then make a decision if your work is ready to be submitted for May defence (or if you need more time and prefer to submit for a January defence). The reviewer will review your thesis and give you feedback. Expect that you should receive the review about a week before the final deadline. You can continue to update your work until the final submission date. You can and should, however, incorporate the review feedback into the final copy of your thesis and defence presentation. This will allow you to make modifications, e.g., fix some typos or clarify some sections, which the reviewer pointed out.<br />
<br />
At the final submission deadline, you will have to submit your thesis. On the day of defence, you are expected to give a 15-minute presentation of your work, followed by Q&A from the opponent, committee, supervisor & audience. Make sure you prepare your 15-minute presentation well, this should not be left for the evening before the defence. <br />
<br />
Below some more detailed information. <br />
<br />
Good luck! <br />
<br />
=== Registration and submission of problem statement and research design document ===<br />
Each student is required to submit a problem statement and research design document having a length up to 10 pages. '''The document must include your name and also the names of thesis and supervisor''' (and co-supervisor if exists).<br />
<br />
About half a year before the defence, the students are required to indicate their intent to defend by this document. See deadlines above set for each semester. Typically this will be around Early December for May defences and Mid June for January defences. You will need to submit this via the TTU Moodle link given in "important deadlines" section of relevant defence period. You'll have to self-enrol yourself in that link. Feedback on the problem statement and research design document should be received within 3-4 weeks via the email account that you defined in TTU Moodle.<br />
<br />
The document should include the following sections and content:<br />
<br />
• The topic of the thesis<br />
<br />
• The name of the author<br />
<br />
• The name of the supervisor<br />
<br />
• Motivation: An overview of the addressed problem is given here. It should be explained why the problem is important and deserves a research study.<br />
<br />
• Research Problem/Hypothesis/Question: It is imperative to write a proper research problem/hypothesis/question statement(s).<br />
<br />
• Scope and Goal: This section defines the goal of the study and describes the main outcomes. It is required to specify the scope, limitations and key assumptions of the study.<br />
<br />
• Literature Review: This section includes the analysis of similar studies in the literature and gives a discussion of the research gap. It is important to link this research gap explanation with the research problem.<br />
<br />
• Novelty: This section justifies the novelty of your study, explains what the main contribution is and what the differences are when compared to similar studies.<br />
<br />
• Research Methods: The research methods that you will apply in your study are given here. The data collection and analysis methods are also covered in this section. It is needed to explain how your research outcome will be validated.<br />
<br />
• References: The resources referenced in the document are listed here. <br />
<br />
This document is evaluated according to the following criteria:<br />
<br />
Whether the author<br />
<br />
• has a well-defined problem statement,<br />
<br />
• successfully presents the significance of the problem,<br />
<br />
• knows the literature and the limits of existing solutions,<br />
<br />
• have thought about possible methods,<br />
<br />
• have thought about how to validate the proposed solution,<br />
<br />
• brings a novelty to the literature.<br />
<br />
You can find detailed information about research methods [https://courses.cs.ttu.ee/pages/Research_Method here.]<br />
<br />
=== Submission to Reviewer ===<br />
Each thesis will be assigned a reviewer or sometimes called opponent. The reviewer must have at least a Master's degree and relevant knowledge or experience in the field of the thesis topic, and they must not have a conflict of interest (such as being members in the same research group). Students and supervisor may recommend reviewer candidates, but the final assignment will be done by the thesis defence committee. <br />
<br />
A reviewer will provide written feedback (typically about two pages) on the thesis. The review should cover the following points:<br />
* short description of the thesis<br />
* strengths and weaknesses of the thesis<br />
* recommended grade (0-5, where 0 is a failing thesis and 5 is an excellent thesis) based on the clarity of the problem and the solution, complexity of the problem, suitability of the chosen solution, proper execution of the solution, and the proper formatting and language use in the thesis.<br />
* at least three questions that can be asked during the defence.<br />
<br />
Based on the student's performance at the defence the reviewer may change the recommended grade.<br />
<br />
The reviewer will receive a copy of the thesis about two-three weeks before the final/hard university deadline for submitting the thesis. The reason for this is that typically reviewers point out the typos and small factual mistakes that can be fixed in short time (about a week). The student will receive the review one week before the final submission deadline and therefore is able to address some of the comments before submitting the final version. The student can also still decide not to submit the thesis this round, but rather work on improving the quality and then submit an improved version in the next defence period.<br />
<br />
=== OIS declaration===<br />
Before a student can proceed to the thesis defence, they have to declare the thesis topic in OIS and get approval from their supervisor. Please pay careful attention to the OIS declaration deadline, as without this you will not be permitted to attend the defence. If you will defend your thesis in Tartu University, then you should do your OIS declaration to their systems according to their deadlines.<br />
<br />
=== Submission of Final Copy===<br />
<br />
Each student will submit the pdf version of the thesis, the relevant thesis metadata and licence information via moodle course page link given in "important deadlines" section of relevant defence period. Please complete the steps 1, 2 and 3 of the thesis submission on this page. <br />
<br />
In addition to submission of above materials via Moodle, one paper copy of your thesis will be collected before defence, which you will get back after defence. The details will be announced one or two weeks before the deadline. <br />
<br />
If you will defend your thesis in Tartu University, then you should submit final copy according to the procedures and deadlines of Tartu University. <br />
<br />
<br />
NB! Do not forget that you need to prepare a '''15 min presentation for your defence'''. This should really not be left to the evening before the defence!<br />
<br />
=== The defence procedure ===<br />
On the day of defence, students will present their theses according to the announced schedule. Generally, the results will be announced at the end of the day.<br />
<br />
The defence procedure for each student consists of the following steps:<br />
* the committee Chairman announces the name of the student, the topic of the thesis, and the names of the supervisor(s) and reviewer.<br />
* the student presents his or her thesis in 15 minutes.<br />
* the student answers the reviewer's questions and the reviewer recommends a grade. This recommendation may differ from the preliminary recommendation, based on how successful the defence was.<br />
* the student answers questions from the committee. <br />
* the student answers questions from the audience.<br />
* the supervisor gives his or her opinion of the thesis and recommends a grade.<br />
<br />
NB! The recommended grades by the reviewer and the supervisor are not binding to the committee, who makes the final decision.<br />
<br />
* After the thesis defence, please visit the Dean's Office for more information about final formalities.<br />
* [http://lab.cs.ttu.ee/theses Upload your thesis if you would like to have it public]<br />
<br />
== Formal Requirements and recommendations ==<br />
<br />
Until further notice, please use the formatting guide from the School of Information Technologies (link to the guide is given [https://www.taltech.ee/en/thesis-and-graduation-it#p43359 here]). Please note that you will have to change the title page as of 01.01.2017:<br />
* write "School of Information Technology" instead of "Faculty of Information Technology"<br />
* write "Department of Software Science" instead of "Department of Computer Engineering".<br />
<br />
The thesis code for IVCM is ITC70LT.<br />
<br />
The following advices can be considered for a master thesis<br />
* a title page, an author declaration, an annotation in English and Estonian, a list of contents, and references are required in the thesis<br />
* 50-80 pages + appendices if needed<br />
* Times New Roman (or similar), font size 12, 1.5 spacing used for the ordinary text<br />
* Headings are numbered and no more than 3 levels used<br />
* Don't forget page numbers<br />
<br />
== Topic and supervisor ==<br />
Every student must have a supervisor when writing the thesis. The supervisor's role is to provide guidance on topic selection and research methods, as well as to give feedback on your work. It is not the supervisor's duty to correct spelling mistakes or formatting errors - they may point such things out, but the responsibility remains with you. Before a thesis will be accepted for defence, the supervisor has to agree that it is of sufficient quality.<br />
<br />
Almost any professor and lecturer you have met in your curriculum can act as an supervisor of your thesis. Some of them have some open problems suitable for doing research and writing a thesis, but many may not have a topic to offer right away. It is usually more helpful to have an initial idea of a topic of your thesis and ask someone with interests in the related field to advise you. You can have a supervisor not related to the university, but he can act only as a co-supervisor and you need to agree to somebody related to the curricula or the [http://www.ttu.ee/faculty-of-information-technology/faculty-of-information-technology-1/about-faculty-2/departments/department-of-computer-science-2/ leading institute] of the curriculum to be an official co-supervisor. All (co-)supervisors must have at least a Master's degree.<br />
<br />
When refining a topic idea, make sure it has a clear connection with cyber security.<br />
<br />
NB!<br />
Theses supervised by supervisors from the University of Tartu (UT) have to be defended in UT. Exceptions are possible, but need do be approved by the program manager.<br />
<br />
If you will defend your thesis in UT, then you should do your thesis declaration according to the procedures and deadlines of UT. Thesis related guidelines and regulations are available at: https://www.cs.ut.ee/en/studying/guidelines-regulations In case of any questions contact UT Institute of Computer Science Academic Affairs Specialist Maarja Kungla (maarja.kungla@ut.ee).<br />
<br />
== Potential supervisors & proposed topics ==<br />
<br />
'''The topics below are offered by potential (co-)supervisors (in alphabetical order). The list is updated as new offers emerge.'''<br />
<br />
==== From Marko Arik, Industry PhD student, Talgen Cybersecurity Ltd. marko.arik@taltech.ee ==== <br />
<br />
* Cyber Operations<br />
* Informational Environment<br />
* Individual competences in Cyber<br />
* GNSS jamming and spoofing of the unmanned vehicles<br />
<br />
==== From Hayretdin Bahsi, Tallinn University of Technology, hayretdin.bahsi@taltech.ee ====<br />
<br />
I am interested in various topics which can be categorized as technical and organizational. If you already have specific topics in your mind, we can discuss them and decide to work together. <br />
<br />
Technical Topics<br />
<br />
* Application of machine learning and data mining methods to the following cyber security problems: Malware detection, botnet identification, code security review, intrusion detection in cyber-physical systems, IoT network or robotic systems <br />
* Cyber security of IoT, cyber-physical systems: Development of a security testbed, threat modelling, honeypots, intrusion detection systems<br />
* Digital Forensics: Forensics issues in cyber-physical systems, IoT networks or robotics systems, mobile forensics, blockchain forensics<br />
<br />
Organizational Topics<br />
<br />
* Security operation center (SOC) models<br />
* Case studies for the improvement of SOC processes such as threat monitoring, incident handling, vulnerability management or situational awareness<br />
<br />
==== From Aivo Kalu, Cybernetica AS ====<br />
<br />
1. Comparison of identity/authentication/signing APIs from security and architecture viewpoint<br />
<br />
This might be suitable for student, who is more interested about software developing/architecture aspects, but still related to security as well. In short, there are many competing API-s in the Baltic/Nordic region, which are used in practice, to request the authentication or signatures. For example: <br />
<br />
* https://github.com/SK-EID/smart-id-documentation/blob/master/README.md<br />
* https://github.com/SK-EID/MID<br />
* https://developers.dokobit.com<br />
* https://developer.signicat.com/apis/sign-api/sign-api-v1/<br />
* https://github.com/open-eid/SiGa/wiki/Hashcode-API-description<br />
<br />
and also, there are the “canonical” or “standard" ones like OIDC and SAML and DSS (http://docs.oasis-open.org/dss/v1.0/oasis-dss-core-spec-v1.0-os.html). Which one is good? Which one has the best properties from software point of view or security point of view? Which one to use for future integrations? How do we even compare them?<br />
<br />
2. Apply Smart-ID authentication and digital signatures (or underlying SplitKey technology) in novel bitcoin/blockchain/SSI/DID use cases.<br />
<br />
For example, last year, there was the master thesis https://www.semanticscholar.org/paper/Aleksandr-Ts%C3%B5ganov-Integrating-User-Identity-with-Ts%C3%B5ganov-Pintado/30c653214f5a30ed46343058039d4b53a8d326f9?utm_source=email. <br />
<br />
If there’s some additional ideas, about where to apply the Smart-ID authentication services or perhaps to do more deeper integration with the SplitKey technology, we could discuss and see, if some interesting project might come out of this. <br />
<br />
3. Compare the attack model of the FIDO with the attack model of Smart-ID. <br />
<br />
The current Smart-ID authentication API (https://github.com/SK-EID/smart-id-documentation/blob/master/README.md) specifies how the anonymous session with the web-site becomes the authenticated session. Compare the security properties of this authentication flow with https://www.w3.org/TR/webauthn-2/ and https://fidoalliance.org/specs/fido-v2.0-id-20180227/fido-security-ref-v2.0-id-20180227.html<br />
<br />
4. Compare the properties of Smart-ID with framework by Bonneau et al.<br />
<br />
Take the https://www.cl.cam.ac.uk/~fms27/papers/2012-BonneauHerOorSta-password--oakland.pdf and the properties described there and analyse, which ones are satisfied by Smart-ID, which ones are not satisfied, which ones are already pointless in the year 2020. Compare with http://fc16.ifca.ai/preproceedings/25_Lang.pdf, which does the same kind exercise for FIDO in the section 6.1.<br />
<br />
==== From Jüri Kivimaa, Tallinn University of Technology ====<br />
* IT security economics<br />
* security cost optimization<br />
<br />
==== From Shaymaa Khalil, TalTech ====<br />
<br />
Interested in (but not limited to) topics related to:<br />
<br />
Industrial control systems: threat modeling, security, threat detection, testbeds, and education programs<br />
<br />
Digital Forensics topics, especially topics related to Industrial control systems, Windows OS and Digital Forensics tools benchmarking<br />
<br />
==== From Toomas Lepik, Tallinn University of Technology ====<br />
<br />
toomas.lepik@taltech.ee<br />
<br />
General areas:<br />
<br />
* Network Forensic (related data analysis)<br />
* Reverse engineering (including malware analysis)<br />
* SCADA security <br />
* Incident Handling.<br />
<br />
[https://courses.cs.ttu.ee/pages/Thesis/tl/ A bit more specific research ideas ]<br />
<br />
==== From Birgy Lorenz, Tallinn University of Technology ====<br />
birgy.lorenz@ttu.ee<br />
<br />
* human factors in cybersecurity<br />
* cyber awareness and training (kindergarten, schools, laypersons)<br />
* cybersecurity young talents skills and its development and testing<br />
* women in cybersecurity<br />
<br />
==== From Kaie Maennel, Tallinn University of Technology ====<br />
(kaie.maennel@ttu.ee)<br />
<br />
- cyber awareness and hygiene<br />
<br />
- cyber security learning and teaching (e.g., serious games, cyber defense exercises, etc.)<br />
<br />
- learning analytics in cyber security training context<br />
<br />
- human factors in cyber security<br />
<br />
- cybersecurity risk assessment and management<br />
<br />
- IT and cybersecurity audits<br />
<br />
==== From [https://maennel.net Olaf Maennel], Tallinn University of Technology, olaf.maennel@ttu.ee ====<br />
<br />
* Network security & network measurements (active & passive)<br />
* WAN-routing & security (IPv6, BGP/BGPsec,...)<br />
<br />
==== From Sten Mäses, Tallinn University of Technology ====<br />
<br />
* Creating educational hands-on virtual labs in rangeforce.com platform<br />
<br />
==== From Andrew Roberts, Tallinn University of Technology ====<br />
Topics: <br />
1. Evaluation of Methods for Threat and Risk Assessment of Autonomous Self-Driving Vehicles<br />
2. Design and Development of a cyber range for Autonomous self-driving vehicles <br />
Contribution: <br />
<br />
Topic 1: The outcome of this work will form part of TUT contribution to standards and methods research within the International Alliance for Mobility Testing and Standardisation (IAMTS). <br />
<br />
Topic 2: The developed cyber range will be integrated into the EU ECHO-Federated Cyber Range.<br />
<br />
==== From Anna-Maria Osula, Tallinn University of Technology ====<br />
<br />
* legal aspects of cyber security <br />
* international law<br />
<br />
==== From Rain Ottis, Tallinn University of Technology ====<br />
<br />
* national cyber security<br />
* serious games in cyber security/cyber security exercises<br />
<br />
==== From Mauno Pihelgas NATO CCDCOE ==== <br />
* system monitoring<br />
* network monitoring<br />
* IDS/IPS systems<br />
* insider threat detection<br />
<br />
==== From Jaan Priisalu, Tallinn University of Technology ====<br />
<br />
* TBD<br />
<br />
==== From Matthew Sorell, Tallinn University of Technology / Adelaide University Australia ====<br />
<br />
Matthew James Sorell <matthew.sorell@taltech.ee> <br />
<br />
1. A risk-based decision approach for handling digital devices at a crime scene.<br />
<br />
It is common for electronic devices such as mobile phones to be discovered at a crime scene, but the means for securing the device is becoming increasingly complex. In spite of this, evidence handling procedures are often static and increasingly out of date, leading to the loss of critical evidence in serious crime.<br />
<br />
The phone may be remotely wiped; picking it up may activate motion sensors; and in some cases (such as missing persons) the urgency of the evidence needs to be weighed against securing forensic evidence for investigation and prosecution. <br />
<br />
In this research, we consider the development of a risk-based approach to advising crime scene investigators to handle digital devices in the least-worst way.<br />
<br />
<br />
2. Feasible route mapping<br />
<br />
When examining timestamped geolocation data, it is often useful to determine feasible routes which could be taken from one location to another. <br />
<br />
Google Maps, for example, provides directions and sometimes provides a small number of alternatives. For criminal investigation, a heatmap of feasible routes would support investigators with a means to rapidly evaluate the context of movement in and around a crime. <br />
<br />
In this project, we propose to use the Google Maps Platform (https://developers.google.com/maps/gmp-get-started) to build, through statistical sampling, a heatmap of feasible routes subject to time and modes-of-transportation constraints.<br />
<br />
==== From Tiia Sõmer, Tallinn University of Technology ==== <br />
<br />
Currently no topics on offer.<br />
<br />
<br />
==== From Stefan Sütterlin, Tallinn University of Technology & Østfold University College ====<br />
(stefan.sutterlin@hiof.no)<br />
<br />
- cognitive science and performance in cyber defence<br />
<br />
- human factors in cyber security<br />
<br />
- cyberpsychology<br />
<br />
- decision-making<br />
<br />
- cognitive biases <br />
<br />
- cybersecurity awareness<br />
<br />
==== From Eneken Tikk, Tallinn University of Technology ====<br />
* Technical and organizational implementation of the GDPR <br />
* Monetization of personal data <br />
* Economics of cybersecurity (the cost of implementation relative to the anticipated and evidenced gains) <br />
* Cyber insurance<br />
* Non-military strategies for national and international cybersecurity<br />
* Legal aspects of cybersecurity<br />
<br />
==== From Risto Vaarandi, Tallinn University of Technology ====<br />
<br />
Here are potential areas for selecting a thesis topic:<br />
<br />
* event log collection<br />
* event log analysis<br />
* event correlation<br />
* network monitoring<br />
* intrusion detection<br />
* any area that is connected to security monitoring<br />
* various other system security engineering topics (for example, system hardening or firewalling)<br />
<br />
When applying for supervision, preference is given to students who have either passed the Cyber Defense Monitoring Solutions course with grade 4 or 5, or have previous engineering experience in the research area (for example, writing a thesis on network intrusion detection requires previous experience with network IDS systems). Before applying, make sure you have selected at least one initial thesis topic suggestion with a background research about its validity.<br />
<br />
==== From Adrian Venables, Tallinn University of Technology ====<br />
<br />
* Cyber security aspects of Information Warfare<br />
* Information Advantage doctrine development<br />
* Influence Operations<br />
<br />
Note: a background in International Relations, Political Science or Strategic Studies is required<br />
<br />
<br />
==== From Gabor Visky, NATO CCDCOE / TalTech ====<br />
<br />
Gabor Visky <gabor.visky@ccdcoe.org><br />
<br />
* Network traffic analysis in the maritime cyber-lab<br />
<br />
<br />
<br />
==== From the TalTech IT office ====<br />
Infrastructure<br />
* Migrating TUT Campus LAN to IPv6; Edgars Zigurs<br />
* Implementing a freeware SIEM solution in TUT; Edgars Zigurs<br />
* Campus WiFi quality and signal strength modeling (3D); Edgars Zigurs<br />
<br />
Development<br />
* electronic door signs, room calendars, etc.; Thomas Lepik<br />
* VoIP solutions - softphone, integration with existing information systems; Thomas Lepik<br />
* integrating last generation BMS (Building Management System); Thomas Lepik<br />
* the student view of OIS (usability, security, re-design); Enn Rebane<br />
<br />
==== From the Tartu University thesis topic registry ====<br />
NB! Theses supervised by supervisors from the University of Tartu (UT) have to be defended in UT. Exceptions are possible, but need do be approved by the program manager. If you will defend your thesis in UT, then you should do your thesis declaration according to the procedures and deadlines of UT. Thesis related guidelines and regulations are available at: https://www.cs.ut.ee/en/studying/guidelines-regulations<br />
In case of any questions contact UT Institute of Computer Science Academic Affairs Specialist Maarja Kungla (maarja.kungla@ut.ee).<br />
<br />
- Arnis Paršovs, University of Tartu, arnis@ut.ee<br />
* eID<br />
* PKI<br />
* TLS<br />
* Smart cards<br />
<br />
A full list of thesis topics offered by the [https://acs.cs.ut.ee/ Applied Cyber Security Group (UT)] is available in the [https://comserv.cs.ut.ee/ati_thesis_offers/index.php?year=all&keywords=acs thesis topics database].<br />
<br />
Students can also get access to various [https://acs.cs.ut.ee/hardware/ hardware] that can be used for research experiments.<br />
<br />
- Dominique Unruh, University of Tartu, <dominique.unruh@ut.ee> <br />
<br />
- Vitaly Skachek, University of Tartu, <vitaly.skachek@ut.ee><br />
<br />
- Meelis Roos, University of Tartu, <meelis.roos@ut.ee><br />
<br />
- Mubashar Iqbal, University of Tartu, <mubashar.iqbal@ut.ee><br />
<br />
- Abasi-Amefon Obot Affia, University of Tartu, <amefon.affia@ut.ee><br />
<br />
- Mari Seeba, University of Tartu, <mari.seeba@ut.ee><br />
<br />
- Sabah Suhail, University of Tartu,<br />
<br />
- Raimundas Matulevicius, University of Tartu, <raimundas.matulevicius@ut.ee><br />
<br />
<br />
Some topics are provided at <https://infosec.cs.ut.ee/Main/ThesisTopics><br />
<br />
For other topics, students can contact directly the supervisors and course lecturers.<br />
<br />
==== From Estonian Police ====<br />
* Vaatlustarkvarade EnCase ja Autopsy võrdlus (selgituseks, et Autopsy on EnCase analoog, kuid tasuta. Vajalik oleks täpne analüüs, et mida Autopsy võimaldab ja mida mitte võrreldes EnCase ja/või FTKga).<br />
<br />
* Erinevate suhtlustarkvarade (WhatsApp, Viber, FB Messenger, Skype jt) jäljed mobiiltelefonides ja nende analüüsimine (selgituseks, et üldjuhul loovad suhtlustarkvarad mingi andmebaasi vestlustega ka telefoni, kas see on krüpteeritud või mitte? Osad vestlused XRY tuvastab, aga millistel juhtudel? Millised võimalused oleks neid faile nö käsitsi uurida?).<br />
<br />
* Tõendiahela kirjeldamine elektrooniliste tõendite fikseerimisel (chain of custody)/Elektroonilise sisu erikohtlemine asitõendi vaatlusel/Digitaaltõendite vaatluse kord – erinevate riikid analüüs ja võrdlus.<br />
<br />
* P2P võrkudes lastest ebasündsate piltide levitajate tuvastamine/P2P võrkudes illegaalse internetisisu levitajate tuvastamine.<br />
<br />
* Koolituskava väljatöötamine uurijale/menetlejale, kes puutub kokku digitaalsete tõenditega- erinevate riikide praktika võrdlus.<br />
<br />
* Ask Rain Ottis for a POC on these topics.<br />
<br />
== Useful links ==<br />
[https://drive.google.com/file/d/0B7yq33Gize8ydEh5X0NxeWtZc3c/edit ITX8040 Thesis advice slides]<br />
<br />
[https://www.taltech.ee/en/thesis-and-graduation-it#p43359 Format requirements of a thesis and MS-Word Template (TalTech)]<br />
<br />
[https://gitlab.cs.ttu.ee/templates/phd-thesis LATEX template for master thesis (TalTech) (accessible by UNI-ID)]<br />
<br />
[http://www.lib.ttu.ee/dbs/abaasid.asp Databases, books, research papers accessible from the TTU network]<br />
<br />
[https://courses.cs.ttu.ee/pages/Research_Method An Overview of Research Methods]<br />
<br />
[https://courses.cs.ttu.ee/pages/Defended_thesis_cyber Previously Defended Theses]</div>Kristihttp://courses.cs.taltech.ee/w/index.php?title=Thesis&diff=10332Thesis2022-01-03T16:34:26Z<p>Kristi: /* From Marko Arik, Industry PhD student, Talgen Cybersecurity Ltd. marko.arik@taltech.ee */</p>
<hr />
<div>=Thesis info for Cyber Security students=<br />
<br />
== Important Deadlines for January 2022 Defence ==<br />
* Submission of problem statement and research design document: 15th August 2021 <br />
* Submission of the thesis to the reviewer: 14 December 2021 <br />
* OIS declaration: 13 December 2021<br />
* Submission of the final version of the thesis: 3 January 2022 https://moodle.taltech.ee/course/view.php?id=31686, No enrolment key is needed for the students. <br />
* Defences: 10 January 2022<br />
<br />
== Important Deadlines for May/June 2022 Defence ==<br />
<br />
* Submission of problem statement and research design document: 14 December 2021 https://moodle.taltech.ee/course/view.php?id=31426. There is no enrollment key for the students.<br />
* Submission of the thesis to the reviewer: 25 April 2022<br />
* OIS declaration: 9 May 2022<br />
* Submission of the final version of the thesis: 16 May 2022<br />
* Defences: 30-31 May, 2-3 June 2022<br />
<br />
== Thesis Defence Overview ==<br />
<br />
Writing and defending an MSc thesis is an important part of the Cyber Security curriculum, as it shows that you can go deep into a specific cyber security research area. This page gives a rough overview of the process, but details should be discussed with your supervisor. This overview part is given according to the assumption that you are following a 4-semester study plan and aim to defend in the May period. If you want to defend in January, then you can adjust the planning phases accordingly.<br />
<br />
Generally, the process should start during the first year, by finding a topic-area of interest and by identifying a suitable supervisor. At the end of the second semester, it is highly recommended to have an idea about your topic and have discussed this with your supervisor.<br />
<br />
In early December, you should submit a problem statement and research design document (please, find the details, below). Sending this document is considered as a registration to the defence that will take place in next term. <br />
<br />
The next step in the process would be conducting the research. As the thesis submission deadline is around the third week of April (for students aiming to defend in January, this deadline is early December), please, plan to finish your work early April, so that your supervisor can review your thesis, give you feedback and you have time to address the feedback before your thesis is being sent to the reviewer/opponent. Jointly with your supervisor, you should then make a decision if your work is ready to be submitted for May defence (or if you need more time and prefer to submit for a January defence). The reviewer will review your thesis and give you feedback. Expect that you should receive the review about a week before the final deadline. You can continue to update your work until the final submission date. You can and should, however, incorporate the review feedback into the final copy of your thesis and defence presentation. This will allow you to make modifications, e.g., fix some typos or clarify some sections, which the reviewer pointed out.<br />
<br />
At the final submission deadline, you will have to submit your thesis. On the day of defence, you are expected to give a 15-minute presentation of your work, followed by Q&A from the opponent, committee, supervisor & audience. Make sure you prepare your 15-minute presentation well, this should not be left for the evening before the defence. <br />
<br />
Below some more detailed information. <br />
<br />
Good luck! <br />
<br />
=== Registration and submission of problem statement and research design document ===<br />
Each student is required to submit a problem statement and research design document having a length up to 10 pages. '''The document must include your name and also the names of thesis and supervisor''' (and co-supervisor if exists).<br />
<br />
About half a year before the defence, the students are required to indicate their intent to defend by this document. See deadlines above set for each semester. Typically this will be around Early December for May defences and Mid June for January defences. You will need to submit this via the TTU Moodle link given in "important deadlines" section of relevant defence period. You'll have to self-enrol yourself in that link. Feedback on the problem statement and research design document should be received within 3-4 weeks via the email account that you defined in TTU Moodle.<br />
<br />
The document should include the following sections and content:<br />
<br />
• The topic of the thesis<br />
<br />
• The name of the author<br />
<br />
• The name of the supervisor<br />
<br />
• Motivation: An overview of the addressed problem is given here. It should be explained why the problem is important and deserves a research study.<br />
<br />
• Research Problem/Hypothesis/Question: It is imperative to write a proper research problem/hypothesis/question statement(s).<br />
<br />
• Scope and Goal: This section defines the goal of the study and describes the main outcomes. It is required to specify the scope, limitations and key assumptions of the study.<br />
<br />
• Literature Review: This section includes the analysis of similar studies in the literature and gives a discussion of the research gap. It is important to link this research gap explanation with the research problem.<br />
<br />
• Novelty: This section justifies the novelty of your study, explains what the main contribution is and what the differences are when compared to similar studies.<br />
<br />
• Research Methods: The research methods that you will apply in your study are given here. The data collection and analysis methods are also covered in this section. It is needed to explain how your research outcome will be validated.<br />
<br />
• References: The resources referenced in the document are listed here. <br />
<br />
This document is evaluated according to the following criteria:<br />
<br />
Whether the author<br />
<br />
• has a well-defined problem statement,<br />
<br />
• successfully presents the significance of the problem,<br />
<br />
• knows the literature and the limits of existing solutions,<br />
<br />
• have thought about possible methods,<br />
<br />
• have thought about how to validate the proposed solution,<br />
<br />
• brings a novelty to the literature.<br />
<br />
You can find detailed information about research methods [https://courses.cs.ttu.ee/pages/Research_Method here.]<br />
<br />
=== Submission to Reviewer ===<br />
Each thesis will be assigned a reviewer or sometimes called opponent. The reviewer must have at least a Master's degree and relevant knowledge or experience in the field of the thesis topic, and they must not have a conflict of interest (such as being members in the same research group). Students and supervisor may recommend reviewer candidates, but the final assignment will be done by the thesis defence committee. <br />
<br />
A reviewer will provide written feedback (typically about two pages) on the thesis. The review should cover the following points:<br />
* short description of the thesis<br />
* strengths and weaknesses of the thesis<br />
* recommended grade (0-5, where 0 is a failing thesis and 5 is an excellent thesis) based on the clarity of the problem and the solution, complexity of the problem, suitability of the chosen solution, proper execution of the solution, and the proper formatting and language use in the thesis.<br />
* at least three questions that can be asked during the defence.<br />
<br />
Based on the student's performance at the defence the reviewer may change the recommended grade.<br />
<br />
The reviewer will receive a copy of the thesis about two-three weeks before the final/hard university deadline for submitting the thesis. The reason for this is that typically reviewers point out the typos and small factual mistakes that can be fixed in short time (about a week). The student will receive the review one week before the final submission deadline and therefore is able to address some of the comments before submitting the final version. The student can also still decide not to submit the thesis this round, but rather work on improving the quality and then submit an improved version in the next defence period.<br />
<br />
=== OIS declaration===<br />
Before a student can proceed to the thesis defence, they have to declare the thesis topic in OIS and get approval from their supervisor. Please pay careful attention to the OIS declaration deadline, as without this you will not be permitted to attend the defence. If you will defend your thesis in Tartu University, then you should do your OIS declaration to their systems according to their deadlines.<br />
<br />
=== Submission of Final Copy===<br />
<br />
Each student will submit the pdf version of the thesis, the relevant thesis metadata and licence information via moodle course page link given in "important deadlines" section of relevant defence period. Please complete the steps 1, 2 and 3 of the thesis submission on this page. <br />
<br />
In addition to submission of above materials via Moodle, one paper copy of your thesis will be collected before defence, which you will get back after defence. The details will be announced one or two weeks before the deadline. <br />
<br />
If you will defend your thesis in Tartu University, then you should submit final copy according to the procedures and deadlines of Tartu University. <br />
<br />
<br />
NB! Do not forget that you need to prepare a '''15 min presentation for your defence'''. This should really not be left to the evening before the defence!<br />
<br />
=== The defence procedure ===<br />
On the day of defence, students will present their theses according to the announced schedule. Generally, the results will be announced at the end of the day.<br />
<br />
The defence procedure for each student consists of the following steps:<br />
* the committee Chairman announces the name of the student, the topic of the thesis, and the names of the supervisor(s) and reviewer.<br />
* the student presents his or her thesis in 15 minutes.<br />
* the student answers the reviewer's questions and the reviewer recommends a grade. This recommendation may differ from the preliminary recommendation, based on how successful the defence was.<br />
* the student answers questions from the committee. <br />
* the student answers questions from the audience.<br />
* the supervisor gives his or her opinion of the thesis and recommends a grade.<br />
<br />
NB! The recommended grades by the reviewer and the supervisor are not binding to the committee, who makes the final decision.<br />
<br />
* After the thesis defence, please visit the Dean's Office for more information about final formalities.<br />
* [http://lab.cs.ttu.ee/theses Upload your thesis if you would like to have it public]<br />
<br />
== Formal Requirements and recommendations ==<br />
<br />
Until further notice, please use the formatting guide from the School of Information Technologies (link to the guide is given [https://www.taltech.ee/en/thesis-and-graduation-it#p43359 here]). Please note that you will have to change the title page as of 01.01.2017:<br />
* write "School of Information Technology" instead of "Faculty of Information Technology"<br />
* write "Department of Software Science" instead of "Department of Computer Engineering".<br />
<br />
The thesis code for IVCM is ITC70LT.<br />
<br />
The following advices can be considered for a master thesis<br />
* a title page, an author declaration, an annotation in English and Estonian, a list of contents, and references are required in the thesis<br />
* 50-80 pages + appendices if needed<br />
* Times New Roman (or similar), font size 12, 1.5 spacing used for the ordinary text<br />
* Headings are numbered and no more than 3 levels used<br />
* Don't forget page numbers<br />
<br />
== Topic and supervisor ==<br />
Every student must have a supervisor when writing the thesis. The supervisor's role is to provide guidance on topic selection and research methods, as well as to give feedback on your work. It is not the supervisor's duty to correct spelling mistakes or formatting errors - they may point such things out, but the responsibility remains with you. Before a thesis will be accepted for defence, the supervisor has to agree that it is of sufficient quality.<br />
<br />
Almost any professor and lecturer you have met in your curriculum can act as an supervisor of your thesis. Some of them have some open problems suitable for doing research and writing a thesis, but many may not have a topic to offer right away. It is usually more helpful to have an initial idea of a topic of your thesis and ask someone with interests in the related field to advise you. You can have a supervisor not related to the university, but he can act only as a co-supervisor and you need to agree to somebody related to the curricula or the [http://www.ttu.ee/faculty-of-information-technology/faculty-of-information-technology-1/about-faculty-2/departments/department-of-computer-science-2/ leading institute] of the curriculum to be an official co-supervisor. All (co-)supervisors must have at least a Master's degree.<br />
<br />
When refining a topic idea, make sure it has a clear connection with cyber security.<br />
<br />
NB!<br />
Theses supervised by supervisors from the University of Tartu (UT) have to be defended in UT. Exceptions are possible, but need do be approved by the program manager.<br />
<br />
If you will defend your thesis in UT, then you should do your thesis declaration according to the procedures and deadlines of UT. Thesis related guidelines and regulations are available at: https://www.cs.ut.ee/en/studying/guidelines-regulations In case of any questions contact UT Institute of Computer Science Academic Affairs Specialist Maarja Kungla (maarja.kungla@ut.ee).<br />
<br />
== Potential supervisors & proposed topics ==<br />
<br />
'''The topics below are offered by potential (co-)supervisors (in alphabetical order). The list is updated as new offers emerge.'''<br />
<br />
==== From Marko Arik, Industry PhD student, Talgen Cybersecurity Ltd. marko.arik@taltech.ee ==== <br />
<br />
* Cyber Operations<br />
* Informational Environment<br />
* Individual competences in Cyber<br />
* GNSS jamming and spoofing of the unmanned vehicles<br />
<br />
==== From Hayretdin Bahsi, Tallinn University of Technology, hayretdin.bahsi@taltech.ee ====<br />
<br />
I am interested in various topics which can be categorized as technical and organizational. If you already have specific topics in your mind, we can discuss them and decide to work together. <br />
<br />
Technical Topics<br />
<br />
* Application of machine learning and data mining methods to the following cyber security problems: Malware detection, botnet identification, code security review, intrusion detection in cyber-physical systems, IoT network or robotic systems <br />
* Cyber security of IoT, cyber-physical systems: Development of a security testbed, threat modelling, honeypots, intrusion detection systems<br />
* Digital Forensics: Forensics issues in cyber-physical systems, IoT networks or robotics systems, mobile forensics, blockchain forensics<br />
<br />
Organizational Topics<br />
<br />
* Security operation center (SOC) models<br />
* Case studies for the improvement of SOC processes such as threat monitoring, incident handling, vulnerability management or situational awareness<br />
<br />
==== From Aivo Kalu, Cybernetica AS ====<br />
<br />
1. Comparison of identity/authentication/signing APIs from security and architecture viewpoint<br />
<br />
This might be suitable for student, who is more interested about software developing/architecture aspects, but still related to security as well. In short, there are many competing API-s in the Baltic/Nordic region, which are used in practice, to request the authentication or signatures. For example: <br />
<br />
* https://github.com/SK-EID/smart-id-documentation/blob/master/README.md<br />
* https://github.com/SK-EID/MID<br />
* https://developers.dokobit.com<br />
* https://developer.signicat.com/apis/sign-api/sign-api-v1/<br />
* https://github.com/open-eid/SiGa/wiki/Hashcode-API-description<br />
<br />
and also, there are the “canonical” or “standard" ones like OIDC and SAML and DSS (http://docs.oasis-open.org/dss/v1.0/oasis-dss-core-spec-v1.0-os.html). Which one is good? Which one has the best properties from software point of view or security point of view? Which one to use for future integrations? How do we even compare them?<br />
<br />
2. Apply Smart-ID authentication and digital signatures (or underlying SplitKey technology) in novel bitcoin/blockchain/SSI/DID use cases.<br />
<br />
For example, last year, there was the master thesis https://www.semanticscholar.org/paper/Aleksandr-Ts%C3%B5ganov-Integrating-User-Identity-with-Ts%C3%B5ganov-Pintado/30c653214f5a30ed46343058039d4b53a8d326f9?utm_source=email. <br />
<br />
If there’s some additional ideas, about where to apply the Smart-ID authentication services or perhaps to do more deeper integration with the SplitKey technology, we could discuss and see, if some interesting project might come out of this. <br />
<br />
3. Compare the attack model of the FIDO with the attack model of Smart-ID. <br />
<br />
The current Smart-ID authentication API (https://github.com/SK-EID/smart-id-documentation/blob/master/README.md) specifies how the anonymous session with the web-site becomes the authenticated session. Compare the security properties of this authentication flow with https://www.w3.org/TR/webauthn-2/ and https://fidoalliance.org/specs/fido-v2.0-id-20180227/fido-security-ref-v2.0-id-20180227.html<br />
<br />
4. Compare the properties of Smart-ID with framework by Bonneau et al.<br />
<br />
Take the https://www.cl.cam.ac.uk/~fms27/papers/2012-BonneauHerOorSta-password--oakland.pdf and the properties described there and analyse, which ones are satisfied by Smart-ID, which ones are not satisfied, which ones are already pointless in the year 2020. Compare with http://fc16.ifca.ai/preproceedings/25_Lang.pdf, which does the same kind exercise for FIDO in the section 6.1.<br />
<br />
==== From Jüri Kivimaa, Tallinn University of Technology ====<br />
* IT security economics<br />
* security cost optimization<br />
<br />
==== From Shaymaa Khalil, TalTech ====<br />
<br />
Interested in (but not limited to) topics related to:<br />
<br />
Industrial control systems: threat modeling, security, threat detection, testbeds, and education programs<br />
<br />
Digital Forensics topics, especially topics related to Industrial control systems, Windows OS and Digital Forensics tools benchmarking<br />
<br />
==== From Toomas Lepik, Tallinn University of Technology ====<br />
<br />
toomas.lepik@taltech.ee<br />
<br />
General areas:<br />
<br />
* Network Forensic (related data analysis)<br />
* Reverse engineering (including malware analysis)<br />
* SCADA security <br />
* Incident Handling.<br />
<br />
[https://courses.cs.ttu.ee/pages/Thesis/tl/ A bit more specific research ideas ]<br />
<br />
==== From Birgy Lorenz, Tallinn University of Technology ====<br />
birgy.lorenz@ttu.ee<br />
<br />
* human factors in cybersecurity<br />
* cyber awareness and training (kindergarten, schools, laypersons)<br />
* cybersecurity young talents skills and its development and testing<br />
* women in cybersecurity<br />
<br />
==== From Kaie Maennel, Tallinn University of Technology ====<br />
(kaie.maennel@ttu.ee)<br />
<br />
- cyber awareness and hygiene<br />
<br />
- cyber security learning and teaching (e.g., serious games, cyber defense exercises, etc.)<br />
<br />
- learning analytics in cyber security training context<br />
<br />
- human factors in cyber security<br />
<br />
- cybersecurity risk assessment and management<br />
<br />
- IT and cybersecurity audits<br />
<br />
==== From [https://maennel.net Olaf Maennel], Tallinn University of Technology, olaf.maennel@ttu.ee ====<br />
<br />
* Network security & network measurements (active & passive)<br />
* WAN-routing & security (IPv6, BGP/BGPsec,...)<br />
<br />
==== From Sten Mäses, Tallinn University of Technology ====<br />
<br />
* Creating educational hands-on virtual labs in rangeforce.com platform<br />
<br />
==== From Andrew Roberts, Tallinn University of Technology ====<br />
Topics: <br />
1. Evaluation of Methods for Threat and Risk Assessment of Autonomous Self-Driving Vehicles<br />
2. Design and Development of a cyber range for Autonomous self-driving vehicles <br />
Contribution: <br />
<br />
Topic 1: The outcome of this work will form part of TUT contribution to standards and methods research within the International Alliance for Mobility Testing and Standardisation (IAMTS). <br />
<br />
Topic 2: The developed cyber range will be integrated into the EU ECHO-Federated Cyber Range.<br />
<br />
==== From Anna-Maria Osula, Tallinn University of Technology ====<br />
<br />
* legal aspects of cyber security <br />
* international law<br />
<br />
==== From Rain Ottis, Tallinn University of Technology ====<br />
<br />
* national cyber security<br />
* serious games in cyber security/cyber security exercises<br />
<br />
==== From Mauno Pihelgas NATO CCDCOE ==== <br />
* system monitoring<br />
* network monitoring<br />
* IDS/IPS systems<br />
* insider threat detection<br />
<br />
==== From Jaan Priisalu, Tallinn University of Technology ====<br />
<br />
* TBD<br />
<br />
==== From Matthew Sorell, Tallinn University of Technology / Adelaide University Australia ====<br />
<br />
Matthew James Sorell <matthew.sorell@taltech.ee> <br />
<br />
1. A risk-based decision approach for handling digital devices at a crime scene.<br />
<br />
It is common for electronic devices such as mobile phones to be discovered at a crime scene, but the means for securing the device is becoming increasingly complex. In spite of this, evidence handling procedures are often static and increasingly out of date, leading to the loss of critical evidence in serious crime.<br />
<br />
The phone may be remotely wiped; picking it up may activate motion sensors; and in some cases (such as missing persons) the urgency of the evidence needs to be weighed against securing forensic evidence for investigation and prosecution. <br />
<br />
In this research, we consider the development of a risk-based approach to advising crime scene investigators to handle digital devices in the least-worst way.<br />
<br />
<br />
2. Feasible route mapping<br />
<br />
When examining timestamped geolocation data, it is often useful to determine feasible routes which could be taken from one location to another. <br />
<br />
Google Maps, for example, provides directions and sometimes provides a small number of alternatives. For criminal investigation, a heatmap of feasible routes would support investigators with a means to rapidly evaluate the context of movement in and around a crime. <br />
<br />
In this project, we propose to use the Google Maps Platform (https://developers.google.com/maps/gmp-get-started) to build, through statistical sampling, a heatmap of feasible routes subject to time and modes-of-transportation constraints.<br />
<br />
==== From Tiia Sõmer, Tallinn University of Technology ==== <br />
<br />
Currently no topics on offer.<br />
<br />
<br />
==== From Stefan Sütterlin, Tallinn University of Technology & Østfold University College ====<br />
(stefan.sutterlin@hiof.no)<br />
<br />
- cognitive science and performance in cyber defence<br />
<br />
- human factors in cyber security<br />
<br />
- cyberpsychology<br />
<br />
- decision-making<br />
<br />
- cognitive biases <br />
<br />
- cybersecurity awareness<br />
<br />
==== From Eneken Tikk, Tallinn University of Technology ====<br />
* Technical and organizational implementation of the GDPR <br />
* Monetization of personal data <br />
* Economics of cybersecurity (the cost of implementation relative to the anticipated and evidenced gains) <br />
* Cyber insurance<br />
* Non-military strategies for national and international cybersecurity<br />
* Legal aspects of cybersecurity<br />
<br />
==== From Risto Vaarandi, Tallinn University of Technology ====<br />
<br />
Here are potential areas for selecting a thesis topic:<br />
<br />
* event log collection<br />
* event log analysis<br />
* event correlation<br />
* network monitoring<br />
* intrusion detection<br />
* any area that is connected to security monitoring<br />
* various other system security engineering topics (for example, system hardening or firewalling)<br />
<br />
When applying for supervision, preference is given to students who have either passed the Cyber Defense Monitoring Solutions course with grade 4 or 5, or have previous engineering experience in the research area (for example, writing a thesis on network intrusion detection requires previous experience with network IDS systems). Before applying, make sure you have selected at least one initial thesis topic suggestion with a background research about its validity.<br />
<br />
==== From Adrian Venables, Tallinn University of Technology ====<br />
<br />
* Cyber security aspects of Information Warfare<br />
* Information Advantage doctrine development<br />
* Influence Operations<br />
<br />
Note: a background in International Relations, Political Science or Strategic Studies is required<br />
<br />
<br />
==== From Gabor Visky, NATO CCDCOE / TalTech ====<br />
<br />
Gabor Visky <gabor.visky@ccdcoe.org><br />
<br />
* Network traffic analysis in the maritime cyber-lab<br />
<br />
<br />
<br />
==== From the TalTech IT office ====<br />
Infrastructure<br />
* Migrating TUT Campus LAN to IPv6; Edgars Zigurs<br />
* Implementing a freeware SIEM solution in TUT; Edgars Zigurs<br />
* Campus WiFi quality and signal strength modeling (3D); Edgars Zigurs<br />
<br />
Development<br />
* electronic door signs, room calendars, etc.; Thomas Lepik<br />
* VoIP solutions - softphone, integration with existing information systems; Thomas Lepik<br />
* integrating last generation BMS (Building Management System); Thomas Lepik<br />
* the student view of OIS (usability, security, re-design); Enn Rebane<br />
<br />
==== From the Tartu University thesis topic registry ====<br />
NB! Theses supervised by supervisors from the University of Tartu (UT) have to be defended in UT. Exceptions are possible, but need do be approved by the program manager. If you will defend your thesis in UT, then you should do your thesis declaration according to the procedures and deadlines of UT. Thesis related guidelines and regulations are available at: https://www.cs.ut.ee/en/studying/guidelines-regulations<br />
In case of any questions contact UT Institute of Computer Science Academic Affairs Specialist Maarja Kungla (maarja.kungla@ut.ee).<br />
<br />
- Arnis Paršovs, University of Tartu, arnis@ut.ee<br />
* eID<br />
* PKI<br />
* TLS<br />
* Smart cards<br />
<br />
A full list of thesis topics offered by the [https://acs.cs.ut.ee/ Applied Cyber Security Group (UT)] is available in the [https://comserv.cs.ut.ee/ati_thesis_offers/index.php?year=all&keywords=acs thesis topics database].<br />
<br />
Students can also get access to various [https://acs.cs.ut.ee/hardware/ hardware] that can be used for research experiments.<br />
<br />
- Dominique Unruh, University of Tartu, <dominique.unruh@ut.ee> <br />
<br />
- Vitaly Skachek, University of Tartu, <vitaly.skachek@ut.ee><br />
<br />
- Meelis Roos, University of Tartu, <meelis.roos@ut.ee><br />
<br />
- Mubashar Iqbal, University of Tartu, <mubashar.iqbal@ut.ee><br />
<br />
- Abasi-Amefon Obot Affia, University of Tartu, <amefon.affia@ut.ee><br />
<br />
- Mari Seeba, University of Tartu, <mari.seeba@ut.ee><br />
<br />
- Sabah Suhail, University of Tartu,<br />
<br />
- Raimundas Matulevicius, University of Tartu, <raimundas.matulevicius@ut.ee><br />
<br />
<br />
Some topics are provided at <https://infosec.cs.ut.ee/Main/ThesisTopics><br />
<br />
For other topics, students can contact directly the supervisors and course lecturers.<br />
<br />
==== From Estonian Police ====<br />
* Vaatlustarkvarade EnCase ja Autopsy võrdlus (selgituseks, et Autopsy on EnCase analoog, kuid tasuta. Vajalik oleks täpne analüüs, et mida Autopsy võimaldab ja mida mitte võrreldes EnCase ja/või FTKga).<br />
<br />
* Erinevate suhtlustarkvarade (WhatsApp, Viber, FB Messenger, Skype jt) jäljed mobiiltelefonides ja nende analüüsimine (selgituseks, et üldjuhul loovad suhtlustarkvarad mingi andmebaasi vestlustega ka telefoni, kas see on krüpteeritud või mitte? Osad vestlused XRY tuvastab, aga millistel juhtudel? Millised võimalused oleks neid faile nö käsitsi uurida?).<br />
<br />
* Tõendiahela kirjeldamine elektrooniliste tõendite fikseerimisel (chain of custody)/Elektroonilise sisu erikohtlemine asitõendi vaatlusel/Digitaaltõendite vaatluse kord – erinevate riikid analüüs ja võrdlus.<br />
<br />
* P2P võrkudes lastest ebasündsate piltide levitajate tuvastamine/P2P võrkudes illegaalse internetisisu levitajate tuvastamine.<br />
<br />
* Koolituskava väljatöötamine uurijale/menetlejale, kes puutub kokku digitaalsete tõenditega- erinevate riikide praktika võrdlus.<br />
<br />
* Ask Rain Ottis for a POC on these topics.<br />
<br />
== Useful links ==<br />
[https://drive.google.com/file/d/0B7yq33Gize8ydEh5X0NxeWtZc3c/edit ITX8040 Thesis advice slides]<br />
<br />
[https://www.taltech.ee/en/thesis-and-graduation-it#p43359 Format requirements of a thesis and MS-Word Template (TalTech)]<br />
<br />
[https://gitlab.cs.ttu.ee/templates/phd-thesis LATEX template for master thesis (TalTech) (accessible by UNI-ID)]<br />
<br />
[http://www.lib.ttu.ee/dbs/abaasid.asp Databases, books, research papers accessible from the TTU network]<br />
<br />
[https://courses.cs.ttu.ee/pages/Research_Method An Overview of Research Methods]<br />
<br />
[https://courses.cs.ttu.ee/pages/Defended_thesis_cyber Previously Defended Theses]</div>Kristihttp://courses.cs.taltech.ee/w/index.php?title=Thesis&diff=10330Thesis2021-12-27T14:32:56Z<p>Kristi: /* Important Deadlines for January 2022 Defence */</p>
<hr />
<div>=Thesis info for Cyber Security students=<br />
<br />
== Important Deadlines for January 2022 Defence ==<br />
* Submission of problem statement and research design document: 15th August 2021 <br />
* Submission of the thesis to the reviewer: 14 December 2021 <br />
* OIS declaration: 13 December 2021<br />
* Submission of the final version of the thesis: 3 January 2022 https://moodle.taltech.ee/course/view.php?id=31686, No enrolment key is needed for the students. <br />
* Defences: 10 January 2022<br />
<br />
== Important Deadlines for May/June 2022 Defence ==<br />
<br />
* Submission of problem statement and research design document: 14 December 2021 https://moodle.taltech.ee/course/view.php?id=31426. There is no enrollment key for the students.<br />
* Submission of the thesis to the reviewer: 25 April 2022<br />
* OIS declaration: 9 May 2022<br />
* Submission of the final version of the thesis: 16 May 2022<br />
* Defences: 30-31 May, 2-3 June 2022<br />
<br />
== Thesis Defence Overview ==<br />
<br />
Writing and defending an MSc thesis is an important part of the Cyber Security curriculum, as it shows that you can go deep into a specific cyber security research area. This page gives a rough overview of the process, but details should be discussed with your supervisor. This overview part is given according to the assumption that you are following a 4-semester study plan and aim to defend in the May period. If you want to defend in January, then you can adjust the planning phases accordingly.<br />
<br />
Generally, the process should start during the first year, by finding a topic-area of interest and by identifying a suitable supervisor. At the end of the second semester, it is highly recommended to have an idea about your topic and have discussed this with your supervisor.<br />
<br />
In early December, you should submit a problem statement and research design document (please, find the details, below). Sending this document is considered as a registration to the defence that will take place in next term. <br />
<br />
The next step in the process would be conducting the research. As the thesis submission deadline is around the third week of April (for students aiming to defend in January, this deadline is early December), please, plan to finish your work early April, so that your supervisor can review your thesis, give you feedback and you have time to address the feedback before your thesis is being sent to the reviewer/opponent. Jointly with your supervisor, you should then make a decision if your work is ready to be submitted for May defence (or if you need more time and prefer to submit for a January defence). The reviewer will review your thesis and give you feedback. Expect that you should receive the review about a week before the final deadline. You can continue to update your work until the final submission date. You can and should, however, incorporate the review feedback into the final copy of your thesis and defence presentation. This will allow you to make modifications, e.g., fix some typos or clarify some sections, which the reviewer pointed out.<br />
<br />
At the final submission deadline, you will have to submit your thesis. On the day of defence, you are expected to give a 15-minute presentation of your work, followed by Q&A from the opponent, committee, supervisor & audience. Make sure you prepare your 15-minute presentation well, this should not be left for the evening before the defence. <br />
<br />
Below some more detailed information. <br />
<br />
Good luck! <br />
<br />
=== Registration and submission of problem statement and research design document ===<br />
Each student is required to submit a problem statement and research design document having a length up to 10 pages. '''The document must include your name and also the names of thesis and supervisor''' (and co-supervisor if exists).<br />
<br />
About half a year before the defence, the students are required to indicate their intent to defend by this document. See deadlines above set for each semester. Typically this will be around Early December for May defences and Mid June for January defences. You will need to submit this via the TTU Moodle link given in "important deadlines" section of relevant defence period. You'll have to self-enrol yourself in that link. Feedback on the problem statement and research design document should be received within 3-4 weeks via the email account that you defined in TTU Moodle.<br />
<br />
The document should include the following sections and content:<br />
<br />
• The topic of the thesis<br />
<br />
• The name of the author<br />
<br />
• The name of the supervisor<br />
<br />
• Motivation: An overview of the addressed problem is given here. It should be explained why the problem is important and deserves a research study.<br />
<br />
• Research Problem/Hypothesis/Question: It is imperative to write a proper research problem/hypothesis/question statement(s).<br />
<br />
• Scope and Goal: This section defines the goal of the study and describes the main outcomes. It is required to specify the scope, limitations and key assumptions of the study.<br />
<br />
• Literature Review: This section includes the analysis of similar studies in the literature and gives a discussion of the research gap. It is important to link this research gap explanation with the research problem.<br />
<br />
• Novelty: This section justifies the novelty of your study, explains what the main contribution is and what the differences are when compared to similar studies.<br />
<br />
• Research Methods: The research methods that you will apply in your study are given here. The data collection and analysis methods are also covered in this section. It is needed to explain how your research outcome will be validated.<br />
<br />
• References: The resources referenced in the document are listed here. <br />
<br />
This document is evaluated according to the following criteria:<br />
<br />
Whether the author<br />
<br />
• has a well-defined problem statement,<br />
<br />
• successfully presents the significance of the problem,<br />
<br />
• knows the literature and the limits of existing solutions,<br />
<br />
• have thought about possible methods,<br />
<br />
• have thought about how to validate the proposed solution,<br />
<br />
• brings a novelty to the literature.<br />
<br />
You can find detailed information about research methods [https://courses.cs.ttu.ee/pages/Research_Method here.]<br />
<br />
=== Submission to Reviewer ===<br />
Each thesis will be assigned a reviewer or sometimes called opponent. The reviewer must have at least a Master's degree and relevant knowledge or experience in the field of the thesis topic, and they must not have a conflict of interest (such as being members in the same research group). Students and supervisor may recommend reviewer candidates, but the final assignment will be done by the thesis defence committee. <br />
<br />
A reviewer will provide written feedback (typically about two pages) on the thesis. The review should cover the following points:<br />
* short description of the thesis<br />
* strengths and weaknesses of the thesis<br />
* recommended grade (0-5, where 0 is a failing thesis and 5 is an excellent thesis) based on the clarity of the problem and the solution, complexity of the problem, suitability of the chosen solution, proper execution of the solution, and the proper formatting and language use in the thesis.<br />
* at least three questions that can be asked during the defence.<br />
<br />
Based on the student's performance at the defence the reviewer may change the recommended grade.<br />
<br />
The reviewer will receive a copy of the thesis about two-three weeks before the final/hard university deadline for submitting the thesis. The reason for this is that typically reviewers point out the typos and small factual mistakes that can be fixed in short time (about a week). The student will receive the review one week before the final submission deadline and therefore is able to address some of the comments before submitting the final version. The student can also still decide not to submit the thesis this round, but rather work on improving the quality and then submit an improved version in the next defence period.<br />
<br />
=== OIS declaration===<br />
Before a student can proceed to the thesis defence, they have to declare the thesis topic in OIS and get approval from their supervisor. Please pay careful attention to the OIS declaration deadline, as without this you will not be permitted to attend the defence. If you will defend your thesis in Tartu University, then you should do your OIS declaration to their systems according to their deadlines.<br />
<br />
=== Submission of Final Copy===<br />
<br />
Each student will submit the pdf version of the thesis, the relevant thesis metadata and licence information via moodle course page link given in "important deadlines" section of relevant defence period. Please complete the steps 1, 2 and 3 of the thesis submission on this page. <br />
<br />
In addition to submission of above materials via Moodle, one paper copy of your thesis will be collected before defence, which you will get back after defence. The details will be announced one or two weeks before the deadline. <br />
<br />
If you will defend your thesis in Tartu University, then you should submit final copy according to the procedures and deadlines of Tartu University. <br />
<br />
<br />
NB! Do not forget that you need to prepare a '''15 min presentation for your defence'''. This should really not be left to the evening before the defence!<br />
<br />
=== The defence procedure ===<br />
On the day of defence, students will present their theses according to the announced schedule. Generally, the results will be announced at the end of the day.<br />
<br />
The defence procedure for each student consists of the following steps:<br />
* the committee Chairman announces the name of the student, the topic of the thesis, and the names of the supervisor(s) and reviewer.<br />
* the student presents his or her thesis in 15 minutes.<br />
* the student answers the reviewer's questions and the reviewer recommends a grade. This recommendation may differ from the preliminary recommendation, based on how successful the defence was.<br />
* the student answers questions from the committee. <br />
* the student answers questions from the audience.<br />
* the supervisor gives his or her opinion of the thesis and recommends a grade.<br />
<br />
NB! The recommended grades by the reviewer and the supervisor are not binding to the committee, who makes the final decision.<br />
<br />
* After the thesis defence, please visit the Dean's Office for more information about final formalities.<br />
* [http://lab.cs.ttu.ee/theses Upload your thesis if you would like to have it public]<br />
<br />
== Formal Requirements and recommendations ==<br />
<br />
Until further notice, please use the formatting guide from the School of Information Technologies (link to the guide is given [https://www.taltech.ee/en/thesis-and-graduation-it#p43359 here]). Please note that you will have to change the title page as of 01.01.2017:<br />
* write "School of Information Technology" instead of "Faculty of Information Technology"<br />
* write "Department of Software Science" instead of "Department of Computer Engineering".<br />
<br />
The thesis code for IVCM is ITC70LT.<br />
<br />
The following advices can be considered for a master thesis<br />
* a title page, an author declaration, an annotation in English and Estonian, a list of contents, and references are required in the thesis<br />
* 50-80 pages + appendices if needed<br />
* Times New Roman (or similar), font size 12, 1.5 spacing used for the ordinary text<br />
* Headings are numbered and no more than 3 levels used<br />
* Don't forget page numbers<br />
<br />
== Topic and supervisor ==<br />
Every student must have a supervisor when writing the thesis. The supervisor's role is to provide guidance on topic selection and research methods, as well as to give feedback on your work. It is not the supervisor's duty to correct spelling mistakes or formatting errors - they may point such things out, but the responsibility remains with you. Before a thesis will be accepted for defence, the supervisor has to agree that it is of sufficient quality.<br />
<br />
Almost any professor and lecturer you have met in your curriculum can act as an supervisor of your thesis. Some of them have some open problems suitable for doing research and writing a thesis, but many may not have a topic to offer right away. It is usually more helpful to have an initial idea of a topic of your thesis and ask someone with interests in the related field to advise you. You can have a supervisor not related to the university, but he can act only as a co-supervisor and you need to agree to somebody related to the curricula or the [http://www.ttu.ee/faculty-of-information-technology/faculty-of-information-technology-1/about-faculty-2/departments/department-of-computer-science-2/ leading institute] of the curriculum to be an official co-supervisor. All (co-)supervisors must have at least a Master's degree.<br />
<br />
When refining a topic idea, make sure it has a clear connection with cyber security.<br />
<br />
NB!<br />
Theses supervised by supervisors from the University of Tartu (UT) have to be defended in UT. Exceptions are possible, but need do be approved by the program manager.<br />
<br />
If you will defend your thesis in UT, then you should do your thesis declaration according to the procedures and deadlines of UT. Thesis related guidelines and regulations are available at: https://www.cs.ut.ee/en/studying/guidelines-regulations In case of any questions contact UT Institute of Computer Science Academic Affairs Specialist Maarja Kungla (maarja.kungla@ut.ee).<br />
<br />
== Potential supervisors & proposed topics ==<br />
<br />
'''The topics below are offered by potential (co-)supervisors (in alphabetical order). The list is updated as new offers emerge.'''<br />
<br />
==== From Marko Arik, Industry PhD student, Talgen Cybersecurity Ltd. marko.arik@taltech.ee ==== <br />
<br />
* Cyber Operations<br />
* Informational Environment<br />
* Individual competences in Cyber<br />
<br />
==== From Hayretdin Bahsi, Tallinn University of Technology, hayretdin.bahsi@taltech.ee ====<br />
<br />
I am interested in various topics which can be categorized as technical and organizational. If you already have specific topics in your mind, we can discuss them and decide to work together. <br />
<br />
Technical Topics<br />
<br />
* Application of machine learning and data mining methods to the following cyber security problems: Malware detection, botnet identification, code security review, intrusion detection in cyber-physical systems, IoT network or robotic systems <br />
* Cyber security of IoT, cyber-physical systems: Development of a security testbed, threat modelling, honeypots, intrusion detection systems<br />
* Digital Forensics: Forensics issues in cyber-physical systems, IoT networks or robotics systems, mobile forensics, blockchain forensics<br />
<br />
Organizational Topics<br />
<br />
* Security operation center (SOC) models<br />
* Case studies for the improvement of SOC processes such as threat monitoring, incident handling, vulnerability management or situational awareness<br />
<br />
==== From Aivo Kalu, Cybernetica AS ====<br />
<br />
1. Comparison of identity/authentication/signing APIs from security and architecture viewpoint<br />
<br />
This might be suitable for student, who is more interested about software developing/architecture aspects, but still related to security as well. In short, there are many competing API-s in the Baltic/Nordic region, which are used in practice, to request the authentication or signatures. For example: <br />
<br />
* https://github.com/SK-EID/smart-id-documentation/blob/master/README.md<br />
* https://github.com/SK-EID/MID<br />
* https://developers.dokobit.com<br />
* https://developer.signicat.com/apis/sign-api/sign-api-v1/<br />
* https://github.com/open-eid/SiGa/wiki/Hashcode-API-description<br />
<br />
and also, there are the “canonical” or “standard" ones like OIDC and SAML and DSS (http://docs.oasis-open.org/dss/v1.0/oasis-dss-core-spec-v1.0-os.html). Which one is good? Which one has the best properties from software point of view or security point of view? Which one to use for future integrations? How do we even compare them?<br />
<br />
2. Apply Smart-ID authentication and digital signatures (or underlying SplitKey technology) in novel bitcoin/blockchain/SSI/DID use cases.<br />
<br />
For example, last year, there was the master thesis https://www.semanticscholar.org/paper/Aleksandr-Ts%C3%B5ganov-Integrating-User-Identity-with-Ts%C3%B5ganov-Pintado/30c653214f5a30ed46343058039d4b53a8d326f9?utm_source=email. <br />
<br />
If there’s some additional ideas, about where to apply the Smart-ID authentication services or perhaps to do more deeper integration with the SplitKey technology, we could discuss and see, if some interesting project might come out of this. <br />
<br />
3. Compare the attack model of the FIDO with the attack model of Smart-ID. <br />
<br />
The current Smart-ID authentication API (https://github.com/SK-EID/smart-id-documentation/blob/master/README.md) specifies how the anonymous session with the web-site becomes the authenticated session. Compare the security properties of this authentication flow with https://www.w3.org/TR/webauthn-2/ and https://fidoalliance.org/specs/fido-v2.0-id-20180227/fido-security-ref-v2.0-id-20180227.html<br />
<br />
4. Compare the properties of Smart-ID with framework by Bonneau et al.<br />
<br />
Take the https://www.cl.cam.ac.uk/~fms27/papers/2012-BonneauHerOorSta-password--oakland.pdf and the properties described there and analyse, which ones are satisfied by Smart-ID, which ones are not satisfied, which ones are already pointless in the year 2020. Compare with http://fc16.ifca.ai/preproceedings/25_Lang.pdf, which does the same kind exercise for FIDO in the section 6.1.<br />
<br />
==== From Jüri Kivimaa, Tallinn University of Technology ====<br />
* IT security economics<br />
* security cost optimization<br />
<br />
==== From Shaymaa Khalil, TalTech ====<br />
<br />
Interested in (but not limited to) topics related to:<br />
<br />
Industrial control systems: threat modeling, security, threat detection, testbeds, and education programs<br />
<br />
Digital Forensics topics, especially topics related to Industrial control systems, Windows OS and Digital Forensics tools benchmarking<br />
<br />
==== From Toomas Lepik, Tallinn University of Technology ====<br />
<br />
toomas.lepik@taltech.ee<br />
<br />
General areas:<br />
<br />
* Network Forensic (related data analysis)<br />
* Reverse engineering (including malware analysis)<br />
* SCADA security <br />
* Incident Handling.<br />
<br />
[https://courses.cs.ttu.ee/pages/Thesis/tl/ A bit more specific research ideas ]<br />
<br />
==== From Birgy Lorenz, Tallinn University of Technology ====<br />
birgy.lorenz@ttu.ee<br />
<br />
* human factors in cybersecurity<br />
* cyber awareness and training (kindergarten, schools, laypersons)<br />
* cybersecurity young talents skills and its development and testing<br />
* women in cybersecurity<br />
<br />
==== From Kaie Maennel, Tallinn University of Technology ====<br />
(kaie.maennel@ttu.ee)<br />
<br />
- cyber awareness and hygiene<br />
<br />
- cyber security learning and teaching (e.g., serious games, cyber defense exercises, etc.)<br />
<br />
- learning analytics in cyber security training context<br />
<br />
- human factors in cyber security<br />
<br />
- cybersecurity risk assessment and management<br />
<br />
- IT and cybersecurity audits<br />
<br />
==== From [https://maennel.net Olaf Maennel], Tallinn University of Technology, olaf.maennel@ttu.ee ====<br />
<br />
* Network security & network measurements (active & passive)<br />
* WAN-routing & security (IPv6, BGP/BGPsec,...)<br />
<br />
==== From Sten Mäses, Tallinn University of Technology ====<br />
<br />
* Creating educational hands-on virtual labs in rangeforce.com platform<br />
<br />
==== From Andrew Roberts, Tallinn University of Technology ====<br />
Topics: <br />
1. Evaluation of Methods for Threat and Risk Assessment of Autonomous Self-Driving Vehicles<br />
2. Design and Development of a cyber range for Autonomous self-driving vehicles <br />
Contribution: <br />
<br />
Topic 1: The outcome of this work will form part of TUT contribution to standards and methods research within the International Alliance for Mobility Testing and Standardisation (IAMTS). <br />
<br />
Topic 2: The developed cyber range will be integrated into the EU ECHO-Federated Cyber Range.<br />
<br />
==== From Anna-Maria Osula, Tallinn University of Technology ====<br />
<br />
* legal aspects of cyber security <br />
* international law<br />
<br />
==== From Rain Ottis, Tallinn University of Technology ====<br />
<br />
* national cyber security<br />
* serious games in cyber security/cyber security exercises<br />
<br />
==== From Mauno Pihelgas NATO CCDCOE ==== <br />
* system monitoring<br />
* network monitoring<br />
* IDS/IPS systems<br />
* insider threat detection<br />
<br />
==== From Jaan Priisalu, Tallinn University of Technology ====<br />
<br />
* TBD<br />
<br />
==== From Matthew Sorell, Tallinn University of Technology / Adelaide University Australia ====<br />
<br />
Matthew James Sorell <matthew.sorell@taltech.ee> <br />
<br />
1. A risk-based decision approach for handling digital devices at a crime scene.<br />
<br />
It is common for electronic devices such as mobile phones to be discovered at a crime scene, but the means for securing the device is becoming increasingly complex. In spite of this, evidence handling procedures are often static and increasingly out of date, leading to the loss of critical evidence in serious crime.<br />
<br />
The phone may be remotely wiped; picking it up may activate motion sensors; and in some cases (such as missing persons) the urgency of the evidence needs to be weighed against securing forensic evidence for investigation and prosecution. <br />
<br />
In this research, we consider the development of a risk-based approach to advising crime scene investigators to handle digital devices in the least-worst way.<br />
<br />
<br />
2. Feasible route mapping<br />
<br />
When examining timestamped geolocation data, it is often useful to determine feasible routes which could be taken from one location to another. <br />
<br />
Google Maps, for example, provides directions and sometimes provides a small number of alternatives. For criminal investigation, a heatmap of feasible routes would support investigators with a means to rapidly evaluate the context of movement in and around a crime. <br />
<br />
In this project, we propose to use the Google Maps Platform (https://developers.google.com/maps/gmp-get-started) to build, through statistical sampling, a heatmap of feasible routes subject to time and modes-of-transportation constraints.<br />
<br />
==== From Tiia Sõmer, Tallinn University of Technology ==== <br />
<br />
Currently no topics on offer.<br />
<br />
<br />
==== From Stefan Sütterlin, Tallinn University of Technology & Østfold University College ====<br />
(stefan.sutterlin@hiof.no)<br />
<br />
- cognitive science and performance in cyber defence<br />
<br />
- human factors in cyber security<br />
<br />
- cyberpsychology<br />
<br />
- decision-making<br />
<br />
- cognitive biases <br />
<br />
- cybersecurity awareness<br />
<br />
==== From Eneken Tikk, Tallinn University of Technology ====<br />
* Technical and organizational implementation of the GDPR <br />
* Monetization of personal data <br />
* Economics of cybersecurity (the cost of implementation relative to the anticipated and evidenced gains) <br />
* Cyber insurance<br />
* Non-military strategies for national and international cybersecurity<br />
* Legal aspects of cybersecurity<br />
<br />
==== From Risto Vaarandi, Tallinn University of Technology ====<br />
<br />
Here are potential areas for selecting a thesis topic:<br />
<br />
* event log collection<br />
* event log analysis<br />
* event correlation<br />
* network monitoring<br />
* intrusion detection<br />
* any area that is connected to security monitoring<br />
* various other system security engineering topics (for example, system hardening or firewalling)<br />
<br />
When applying for supervision, preference is given to students who have either passed the Cyber Defense Monitoring Solutions course with grade 4 or 5, or have previous engineering experience in the research area (for example, writing a thesis on network intrusion detection requires previous experience with network IDS systems). Before applying, make sure you have selected at least one initial thesis topic suggestion with a background research about its validity.<br />
<br />
==== From Adrian Venables, Tallinn University of Technology ====<br />
<br />
* Cyber security aspects of Information Warfare<br />
* Information Advantage doctrine development<br />
* Influence Operations<br />
<br />
Note: a background in International Relations, Political Science or Strategic Studies is required<br />
<br />
<br />
==== From Gabor Visky, NATO CCDCOE / TalTech ====<br />
<br />
Gabor Visky <gabor.visky@ccdcoe.org><br />
<br />
* Network traffic analysis in the maritime cyber-lab<br />
<br />
<br />
<br />
==== From the TalTech IT office ====<br />
Infrastructure<br />
* Migrating TUT Campus LAN to IPv6; Edgars Zigurs<br />
* Implementing a freeware SIEM solution in TUT; Edgars Zigurs<br />
* Campus WiFi quality and signal strength modeling (3D); Edgars Zigurs<br />
<br />
Development<br />
* electronic door signs, room calendars, etc.; Thomas Lepik<br />
* VoIP solutions - softphone, integration with existing information systems; Thomas Lepik<br />
* integrating last generation BMS (Building Management System); Thomas Lepik<br />
* the student view of OIS (usability, security, re-design); Enn Rebane<br />
<br />
==== From the Tartu University thesis topic registry ====<br />
NB! Theses supervised by supervisors from the University of Tartu (UT) have to be defended in UT. Exceptions are possible, but need do be approved by the program manager. If you will defend your thesis in UT, then you should do your thesis declaration according to the procedures and deadlines of UT. Thesis related guidelines and regulations are available at: https://www.cs.ut.ee/en/studying/guidelines-regulations<br />
In case of any questions contact UT Institute of Computer Science Academic Affairs Specialist Maarja Kungla (maarja.kungla@ut.ee).<br />
<br />
- Arnis Paršovs, University of Tartu, arnis@ut.ee<br />
* eID<br />
* PKI<br />
* TLS<br />
* Smart cards<br />
<br />
A full list of thesis topics offered by the [https://acs.cs.ut.ee/ Applied Cyber Security Group (UT)] is available in the [https://comserv.cs.ut.ee/ati_thesis_offers/index.php?year=all&keywords=acs thesis topics database].<br />
<br />
Students can also get access to various [https://acs.cs.ut.ee/hardware/ hardware] that can be used for research experiments.<br />
<br />
- Dominique Unruh, University of Tartu, <dominique.unruh@ut.ee> <br />
<br />
- Vitaly Skachek, University of Tartu, <vitaly.skachek@ut.ee><br />
<br />
- Meelis Roos, University of Tartu, <meelis.roos@ut.ee><br />
<br />
- Mubashar Iqbal, University of Tartu, <mubashar.iqbal@ut.ee><br />
<br />
- Abasi-Amefon Obot Affia, University of Tartu, <amefon.affia@ut.ee><br />
<br />
- Mari Seeba, University of Tartu, <mari.seeba@ut.ee><br />
<br />
- Sabah Suhail, University of Tartu,<br />
<br />
- Raimundas Matulevicius, University of Tartu, <raimundas.matulevicius@ut.ee><br />
<br />
<br />
Some topics are provided at <https://infosec.cs.ut.ee/Main/ThesisTopics><br />
<br />
For other topics, students can contact directly the supervisors and course lecturers.<br />
<br />
==== From Estonian Police ====<br />
* Vaatlustarkvarade EnCase ja Autopsy võrdlus (selgituseks, et Autopsy on EnCase analoog, kuid tasuta. Vajalik oleks täpne analüüs, et mida Autopsy võimaldab ja mida mitte võrreldes EnCase ja/või FTKga).<br />
<br />
* Erinevate suhtlustarkvarade (WhatsApp, Viber, FB Messenger, Skype jt) jäljed mobiiltelefonides ja nende analüüsimine (selgituseks, et üldjuhul loovad suhtlustarkvarad mingi andmebaasi vestlustega ka telefoni, kas see on krüpteeritud või mitte? Osad vestlused XRY tuvastab, aga millistel juhtudel? Millised võimalused oleks neid faile nö käsitsi uurida?).<br />
<br />
* Tõendiahela kirjeldamine elektrooniliste tõendite fikseerimisel (chain of custody)/Elektroonilise sisu erikohtlemine asitõendi vaatlusel/Digitaaltõendite vaatluse kord – erinevate riikid analüüs ja võrdlus.<br />
<br />
* P2P võrkudes lastest ebasündsate piltide levitajate tuvastamine/P2P võrkudes illegaalse internetisisu levitajate tuvastamine.<br />
<br />
* Koolituskava väljatöötamine uurijale/menetlejale, kes puutub kokku digitaalsete tõenditega- erinevate riikide praktika võrdlus.<br />
<br />
* Ask Rain Ottis for a POC on these topics.<br />
<br />
== Useful links ==<br />
[https://drive.google.com/file/d/0B7yq33Gize8ydEh5X0NxeWtZc3c/edit ITX8040 Thesis advice slides]<br />
<br />
[https://www.taltech.ee/en/thesis-and-graduation-it#p43359 Format requirements of a thesis and MS-Word Template (TalTech)]<br />
<br />
[https://gitlab.cs.ttu.ee/templates/phd-thesis LATEX template for master thesis (TalTech) (accessible by UNI-ID)]<br />
<br />
[http://www.lib.ttu.ee/dbs/abaasid.asp Databases, books, research papers accessible from the TTU network]<br />
<br />
[https://courses.cs.ttu.ee/pages/Research_Method An Overview of Research Methods]<br />
<br />
[https://courses.cs.ttu.ee/pages/Defended_thesis_cyber Previously Defended Theses]</div>Kristihttp://courses.cs.taltech.ee/w/index.php?title=Thesis&diff=10314Thesis2021-12-03T12:28:23Z<p>Kristi: /* Important Deadlines for May/June 2022 Defence */</p>
<hr />
<div>=Thesis info for Cyber Security students=<br />
<br />
== Important Deadlines for January 2022 Defence ==<br />
* Submission of problem statement and research design document: 15th August 2021 <br />
* Submission of the thesis to the reviewer: 14 December 2021 https://moodle.taltech.ee/course/view.php?id=31686, No enrolment key is needed for the students. <br />
* OIS declaration: 13 December 2021<br />
* Submission of the final version of the thesis: 3 January 2022<br />
* Defences: 10 - 11 January 2022<br />
<br />
== Important Deadlines for May/June 2022 Defence ==<br />
<br />
* Submission of problem statement and research design document: 14 December 2021 https://moodle.taltech.ee/course/view.php?id=31426. There is no enrollment key for the students.<br />
* Submission of the thesis to the reviewer: 25 April 2022<br />
* OIS declaration: 9 May 2022<br />
* Submission of the final version of the thesis: 16 May 2022<br />
* Defences: 30-31 May, 2-3 June 2022<br />
<br />
== Thesis Defence Overview ==<br />
<br />
Writing and defending an MSc thesis is an important part of the Cyber Security curriculum, as it shows that you can go deep into a specific cyber security research area. This page gives a rough overview of the process, but details should be discussed with your supervisor. This overview part is given according to the assumption that you are following a 4-semester study plan and aim to defend in the May period. If you want to defend in January, then you can adjust the planning phases accordingly.<br />
<br />
Generally, the process should start during the first year, by finding a topic-area of interest and by identifying a suitable supervisor. At the end of the second semester, it is highly recommended to have an idea about your topic and have discussed this with your supervisor.<br />
<br />
In early December, you should submit a problem statement and research design document (please, find the details, below). Sending this document is considered as a registration to the defence that will take place in next term. <br />
<br />
The next step in the process would be conducting the research. As the thesis submission deadline is around the third week of April (for students aiming to defend in January, this deadline is early December), please, plan to finish your work early April, so that your supervisor can review your thesis, give you feedback and you have time to address the feedback before your thesis is being sent to the reviewer/opponent. Jointly with your supervisor, you should then make a decision if your work is ready to be submitted for May defence (or if you need more time and prefer to submit for a January defence). The reviewer will review your thesis and give you feedback. Expect that you should receive the review about a week before the final deadline. You can continue to update your work until the final submission date. You can and should, however, incorporate the review feedback into the final copy of your thesis and defence presentation. This will allow you to make modifications, e.g., fix some typos or clarify some sections, which the reviewer pointed out.<br />
<br />
At the final submission deadline, you will have to submit your thesis. On the day of defence, you are expected to give a 15-minute presentation of your work, followed by Q&A from the opponent, committee, supervisor & audience. Make sure you prepare your 15-minute presentation well, this should not be left for the evening before the defence. <br />
<br />
Below some more detailed information. <br />
<br />
Good luck! <br />
<br />
=== Registration and submission of problem statement and research design document ===<br />
Each student is required to submit a problem statement and research design document having a length up to 10 pages. '''The document must include your name and also the names of thesis and supervisor''' (and co-supervisor if exists).<br />
<br />
About half a year before the defence, the students are required to indicate their intent to defend by this document. See deadlines above set for each semester. Typically this will be around Early December for May defences and Mid June for January defences. You will need to submit this via the TTU Moodle link given in "important deadlines" section of relevant defence period. You'll have to self-enrol yourself in that link. Feedback on the problem statement and research design document should be received within 3-4 weeks via the email account that you defined in TTU Moodle.<br />
<br />
The document should include the following sections and content:<br />
<br />
• The topic of the thesis<br />
<br />
• The name of the author<br />
<br />
• The name of the supervisor<br />
<br />
• Motivation: An overview of the addressed problem is given here. It should be explained why the problem is important and deserves a research study.<br />
<br />
• Research Problem/Hypothesis/Question: It is imperative to write a proper research problem/hypothesis/question statement(s).<br />
<br />
• Scope and Goal: This section defines the goal of the study and describes the main outcomes. It is required to specify the scope, limitations and key assumptions of the study.<br />
<br />
• Literature Review: This section includes the analysis of similar studies in the literature and gives a discussion of the research gap. It is important to link this research gap explanation with the research problem.<br />
<br />
• Novelty: This section justifies the novelty of your study, explains what the main contribution is and what the differences are when compared to similar studies.<br />
<br />
• Research Methods: The research methods that you will apply in your study are given here. The data collection and analysis methods are also covered in this section. It is needed to explain how your research outcome will be validated.<br />
<br />
• References: The resources referenced in the document are listed here. <br />
<br />
This document is evaluated according to the following criteria:<br />
<br />
Whether the author<br />
<br />
• has a well-defined problem statement,<br />
<br />
• successfully presents the significance of the problem,<br />
<br />
• knows the literature and the limits of existing solutions,<br />
<br />
• have thought about possible methods,<br />
<br />
• have thought about how to validate the proposed solution,<br />
<br />
• brings a novelty to the literature.<br />
<br />
You can find detailed information about research methods [https://courses.cs.ttu.ee/pages/Research_Method here.]<br />
<br />
=== Submission to Reviewer ===<br />
Each thesis will be assigned a reviewer or sometimes called opponent. The reviewer must have at least a Master's degree and relevant knowledge or experience in the field of the thesis topic, and they must not have a conflict of interest (such as being members in the same research group). Students and supervisor may recommend reviewer candidates, but the final assignment will be done by the thesis defence committee. <br />
<br />
A reviewer will provide written feedback (typically about two pages) on the thesis. The review should cover the following points:<br />
* short description of the thesis<br />
* strengths and weaknesses of the thesis<br />
* recommended grade (0-5, where 0 is a failing thesis and 5 is an excellent thesis) based on the clarity of the problem and the solution, complexity of the problem, suitability of the chosen solution, proper execution of the solution, and the proper formatting and language use in the thesis.<br />
* at least three questions that can be asked during the defence.<br />
<br />
Based on the student's performance at the defence the reviewer may change the recommended grade.<br />
<br />
The reviewer will receive a copy of the thesis about two-three weeks before the final/hard university deadline for submitting the thesis. The reason for this is that typically reviewers point out the typos and small factual mistakes that can be fixed in short time (about a week). The student will receive the review one week before the final submission deadline and therefore is able to address some of the comments before submitting the final version. The student can also still decide not to submit the thesis this round, but rather work on improving the quality and then submit an improved version in the next defence period.<br />
<br />
=== OIS declaration===<br />
Before a student can proceed to the thesis defence, they have to declare the thesis topic in OIS and get approval from their supervisor. Please pay careful attention to the OIS declaration deadline, as without this you will not be permitted to attend the defence. If you will defend your thesis in Tartu University, then you should do your OIS declaration to their systems according to their deadlines.<br />
<br />
=== Submission of Final Copy===<br />
<br />
Each student will submit the pdf version of the thesis, the relevant thesis metadata and licence information via moodle course page link given in "important deadlines" section of relevant defence period. Please complete the steps 1, 2 and 3 of the thesis submission on this page. <br />
<br />
In addition to submission of above materials via Moodle, one paper copy of your thesis will be collected before defence, which you will get back after defence. The details will be announced one or two weeks before the deadline. <br />
<br />
If you will defend your thesis in Tartu University, then you should submit final copy according to the procedures and deadlines of Tartu University. <br />
<br />
<br />
NB! Do not forget that you need to prepare a '''15 min presentation for your defence'''. This should really not be left to the evening before the defence!<br />
<br />
=== The defence procedure ===<br />
On the day of defence, students will present their theses according to the announced schedule. Generally, the results will be announced at the end of the day.<br />
<br />
The defence procedure for each student consists of the following steps:<br />
* the committee Chairman announces the name of the student, the topic of the thesis, and the names of the supervisor(s) and reviewer.<br />
* the student presents his or her thesis in 15 minutes.<br />
* the student answers the reviewer's questions and the reviewer recommends a grade. This recommendation may differ from the preliminary recommendation, based on how successful the defence was.<br />
* the student answers questions from the committee. <br />
* the student answers questions from the audience.<br />
* the supervisor gives his or her opinion of the thesis and recommends a grade.<br />
<br />
NB! The recommended grades by the reviewer and the supervisor are not binding to the committee, who makes the final decision.<br />
<br />
* After the thesis defence, please visit the Dean's Office for more information about final formalities.<br />
* [http://lab.cs.ttu.ee/theses Upload your thesis if you would like to have it public]<br />
<br />
== Formal Requirements and recommendations ==<br />
<br />
Until further notice, please use the formatting guide from the School of Information Technologies (link to the guide is given [https://www.taltech.ee/en/thesis-and-graduation-it#p43359 here]). Please note that you will have to change the title page as of 01.01.2017:<br />
* write "School of Information Technology" instead of "Faculty of Information Technology"<br />
* write "Department of Software Science" instead of "Department of Computer Engineering".<br />
<br />
The thesis code for IVCM is ITC70LT.<br />
<br />
The following advices can be considered for a master thesis<br />
* a title page, an author declaration, an annotation in English and Estonian, a list of contents, and references are required in the thesis<br />
* 50-80 pages + appendices if needed<br />
* Times New Roman (or similar), font size 12, 1.5 spacing used for the ordinary text<br />
* Headings are numbered and no more than 3 levels used<br />
* Don't forget page numbers<br />
<br />
== Topic and supervisor ==<br />
Every student must have a supervisor when writing the thesis. The supervisor's role is to provide guidance on topic selection and research methods, as well as to give feedback on your work. It is not the supervisor's duty to correct spelling mistakes or formatting errors - they may point such things out, but the responsibility remains with you. Before a thesis will be accepted for defence, the supervisor has to agree that it is of sufficient quality.<br />
<br />
Almost any professor and lecturer you have met in your curriculum can act as an supervisor of your thesis. Some of them have some open problems suitable for doing research and writing a thesis, but many may not have a topic to offer right away. It is usually more helpful to have an initial idea of a topic of your thesis and ask someone with interests in the related field to advise you. You can have a supervisor not related to the university, but he can act only as a co-supervisor and you need to agree to somebody related to the curricula or the [http://www.ttu.ee/faculty-of-information-technology/faculty-of-information-technology-1/about-faculty-2/departments/department-of-computer-science-2/ leading institute] of the curriculum to be an official co-supervisor. All (co-)supervisors must have at least a Master's degree.<br />
<br />
When refining a topic idea, make sure it has a clear connection with cyber security.<br />
<br />
NB!<br />
Theses supervised by supervisors from the University of Tartu (UT) have to be defended in UT. Exceptions are possible, but need do be approved by the program manager.<br />
<br />
If you will defend your thesis in UT, then you should do your thesis declaration according to the procedures and deadlines of UT. Thesis related guidelines and regulations are available at: https://www.cs.ut.ee/en/studying/guidelines-regulations In case of any questions contact UT Institute of Computer Science Academic Affairs Specialist Maarja Kungla (maarja.kungla@ut.ee).<br />
<br />
== Potential supervisors & proposed topics ==<br />
<br />
'''The topics below are offered by potential (co-)supervisors (in alphabetical order). The list is updated as new offers emerge.'''<br />
<br />
==== From Marko Arik, Industry PhD student, Talgen Cybersecurity Ltd. marko.arik@taltech.ee ==== <br />
<br />
* Cyber Operations<br />
* Informational Environment<br />
* Individual competences in Cyber<br />
<br />
==== From Hayretdin Bahsi, Tallinn University of Technology, hayretdin.bahsi@taltech.ee ====<br />
<br />
I am interested in various topics which can be categorized as technical and organizational. If you already have specific topics in your mind, we can discuss them and decide to work together. <br />
<br />
Technical Topics<br />
<br />
* Application of machine learning and data mining methods to the following cyber security problems: Malware detection, botnet identification, code security review, intrusion detection in cyber-physical systems, IoT network or robotic systems <br />
* Cyber security of IoT, cyber-physical systems: Development of a security testbed, threat modelling, honeypots, intrusion detection systems<br />
* Digital Forensics: Forensics issues in cyber-physical systems, IoT networks or robotics systems, mobile forensics, blockchain forensics<br />
<br />
Organizational Topics<br />
<br />
* Security operation center (SOC) models<br />
* Case studies for the improvement of SOC processes such as threat monitoring, incident handling, vulnerability management or situational awareness<br />
<br />
==== From Aivo Kalu, Cybernetica AS ====<br />
<br />
1. Comparison of identity/authentication/signing APIs from security and architecture viewpoint<br />
<br />
This might be suitable for student, who is more interested about software developing/architecture aspects, but still related to security as well. In short, there are many competing API-s in the Baltic/Nordic region, which are used in practice, to request the authentication or signatures. For example: <br />
<br />
* https://github.com/SK-EID/smart-id-documentation/blob/master/README.md<br />
* https://github.com/SK-EID/MID<br />
* https://developers.dokobit.com<br />
* https://developer.signicat.com/apis/sign-api/sign-api-v1/<br />
* https://github.com/open-eid/SiGa/wiki/Hashcode-API-description<br />
<br />
and also, there are the “canonical” or “standard" ones like OIDC and SAML and DSS (http://docs.oasis-open.org/dss/v1.0/oasis-dss-core-spec-v1.0-os.html). Which one is good? Which one has the best properties from software point of view or security point of view? Which one to use for future integrations? How do we even compare them?<br />
<br />
2. Apply Smart-ID authentication and digital signatures (or underlying SplitKey technology) in novel bitcoin/blockchain/SSI/DID use cases.<br />
<br />
For example, last year, there was the master thesis https://www.semanticscholar.org/paper/Aleksandr-Ts%C3%B5ganov-Integrating-User-Identity-with-Ts%C3%B5ganov-Pintado/30c653214f5a30ed46343058039d4b53a8d326f9?utm_source=email. <br />
<br />
If there’s some additional ideas, about where to apply the Smart-ID authentication services or perhaps to do more deeper integration with the SplitKey technology, we could discuss and see, if some interesting project might come out of this. <br />
<br />
3. Compare the attack model of the FIDO with the attack model of Smart-ID. <br />
<br />
The current Smart-ID authentication API (https://github.com/SK-EID/smart-id-documentation/blob/master/README.md) specifies how the anonymous session with the web-site becomes the authenticated session. Compare the security properties of this authentication flow with https://www.w3.org/TR/webauthn-2/ and https://fidoalliance.org/specs/fido-v2.0-id-20180227/fido-security-ref-v2.0-id-20180227.html<br />
<br />
4. Compare the properties of Smart-ID with framework by Bonneau et al.<br />
<br />
Take the https://www.cl.cam.ac.uk/~fms27/papers/2012-BonneauHerOorSta-password--oakland.pdf and the properties described there and analyse, which ones are satisfied by Smart-ID, which ones are not satisfied, which ones are already pointless in the year 2020. Compare with http://fc16.ifca.ai/preproceedings/25_Lang.pdf, which does the same kind exercise for FIDO in the section 6.1.<br />
<br />
==== From Jüri Kivimaa, Tallinn University of Technology ====<br />
* IT security economics<br />
* security cost optimization<br />
<br />
==== From Shaymaa Khalil, TalTech ====<br />
<br />
Interested in (but not limited to) topics related to:<br />
<br />
Industrial control systems: threat modeling, security, threat detection, testbeds, and education programs<br />
<br />
Digital Forensics topics, especially topics related to Industrial control systems, Windows OS and Digital Forensics tools benchmarking<br />
<br />
==== From Toomas Lepik, Tallinn University of Technology ====<br />
<br />
toomas.lepik@taltech.ee<br />
<br />
General areas:<br />
<br />
* Network Forensic (related data analysis)<br />
* Reverse engineering (including malware analysis)<br />
* SCADA security <br />
* Incident Handling.<br />
<br />
[https://courses.cs.ttu.ee/pages/Thesis/tl/ A bit more specific research ideas ]<br />
<br />
==== From Birgy Lorenz, Tallinn University of Technology ====<br />
birgy.lorenz@ttu.ee<br />
<br />
* human factors in cybersecurity<br />
* cyber awareness and training (kindergarten, schools, laypersons)<br />
* cybersecurity young talents skills and its development and testing<br />
* women in cybersecurity<br />
<br />
==== From Kaie Maennel, Tallinn University of Technology ====<br />
(kaie.maennel@ttu.ee)<br />
<br />
- cyber awareness and hygiene<br />
<br />
- cyber security learning and teaching (e.g., serious games, cyber defense exercises, etc.)<br />
<br />
- learning analytics in cyber security training context<br />
<br />
- human factors in cyber security<br />
<br />
- cybersecurity risk assessment and management<br />
<br />
- IT and cybersecurity audits<br />
<br />
==== From [https://maennel.net Olaf Maennel], Tallinn University of Technology, olaf.maennel@ttu.ee ====<br />
<br />
* Network security & network measurements (active & passive)<br />
* WAN-routing & security (IPv6, BGP/BGPsec,...)<br />
<br />
==== From Sten Mäses, Tallinn University of Technology ====<br />
<br />
* Creating educational hands-on virtual labs in rangeforce.com platform<br />
<br />
==== From Andrew Roberts, Tallinn University of Technology ====<br />
Topics: <br />
1. Evaluation of Methods for Threat and Risk Assessment of Autonomous Self-Driving Vehicles<br />
2. Design and Development of a cyber range for Autonomous self-driving vehicles <br />
Contribution: <br />
<br />
Topic 1: The outcome of this work will form part of TUT contribution to standards and methods research within the International Alliance for Mobility Testing and Standardisation (IAMTS). <br />
<br />
Topic 2: The developed cyber range will be integrated into the EU ECHO-Federated Cyber Range.<br />
<br />
==== From Anna-Maria Osula, Tallinn University of Technology ====<br />
<br />
* legal aspects of cyber security <br />
* international law<br />
<br />
==== From Rain Ottis, Tallinn University of Technology ====<br />
<br />
* national cyber security<br />
* serious games in cyber security/cyber security exercises<br />
<br />
==== From Mauno Pihelgas NATO CCDCOE ==== <br />
* system monitoring<br />
* network monitoring<br />
* IDS/IPS systems<br />
* insider threat detection<br />
<br />
==== From Jaan Priisalu, Tallinn University of Technology ====<br />
<br />
* TBD<br />
<br />
==== From Matthew Sorell, Tallinn University of Technology / Adelaide University Australia ====<br />
<br />
Matthew James Sorell <matthew.sorell@taltech.ee> <br />
<br />
1. A risk-based decision approach for handling digital devices at a crime scene.<br />
<br />
It is common for electronic devices such as mobile phones to be discovered at a crime scene, but the means for securing the device is becoming increasingly complex. In spite of this, evidence handling procedures are often static and increasingly out of date, leading to the loss of critical evidence in serious crime.<br />
<br />
The phone may be remotely wiped; picking it up may activate motion sensors; and in some cases (such as missing persons) the urgency of the evidence needs to be weighed against securing forensic evidence for investigation and prosecution. <br />
<br />
In this research, we consider the development of a risk-based approach to advising crime scene investigators to handle digital devices in the least-worst way.<br />
<br />
<br />
2. Feasible route mapping<br />
<br />
When examining timestamped geolocation data, it is often useful to determine feasible routes which could be taken from one location to another. <br />
<br />
Google Maps, for example, provides directions and sometimes provides a small number of alternatives. For criminal investigation, a heatmap of feasible routes would support investigators with a means to rapidly evaluate the context of movement in and around a crime. <br />
<br />
In this project, we propose to use the Google Maps Platform (https://developers.google.com/maps/gmp-get-started) to build, through statistical sampling, a heatmap of feasible routes subject to time and modes-of-transportation constraints.<br />
<br />
==== From Tiia Sõmer, Tallinn University of Technology ==== <br />
<br />
Currently no topics on offer.<br />
<br />
<br />
==== From Stefan Sütterlin, Tallinn University of Technology & Østfold University College ====<br />
(stefan.sutterlin@hiof.no)<br />
<br />
- cognitive science and performance in cyber defence<br />
<br />
- human factors in cyber security<br />
<br />
- cyberpsychology<br />
<br />
- decision-making<br />
<br />
- cognitive biases <br />
<br />
- cybersecurity awareness<br />
<br />
==== From Eneken Tikk, Tallinn University of Technology ====<br />
* Technical and organizational implementation of the GDPR <br />
* Monetization of personal data <br />
* Economics of cybersecurity (the cost of implementation relative to the anticipated and evidenced gains) <br />
* Cyber insurance<br />
* Non-military strategies for national and international cybersecurity<br />
* Legal aspects of cybersecurity<br />
<br />
==== From Risto Vaarandi, Tallinn University of Technology ====<br />
<br />
Here are potential areas for selecting a thesis topic:<br />
<br />
* event log collection<br />
* event log analysis<br />
* event correlation<br />
* network monitoring<br />
* intrusion detection<br />
* any area that is connected to security monitoring<br />
* various other system security engineering topics (for example, system hardening or firewalling)<br />
<br />
When applying for supervision, preference is given to students who have either passed the Cyber Defense Monitoring Solutions course with grade 4 or 5, or have previous engineering experience in the research area (for example, writing a thesis on network intrusion detection requires previous experience with network IDS systems). Before applying, make sure you have selected at least one initial thesis topic suggestion with a background research about its validity.<br />
<br />
==== From Adrian Venables, Tallinn University of Technology ====<br />
<br />
* Cyber security aspects of Information Warfare<br />
* Information Advantage doctrine development<br />
* Influence Operations<br />
<br />
Note: a background in International Relations, Political Science or Strategic Studies is required<br />
<br />
<br />
==== From Gabor Visky, NATO CCDCOE / TalTech ====<br />
<br />
Gabor Visky <gabor.visky@ccdcoe.org><br />
<br />
* Network traffic analysis in the maritime cyber-lab<br />
<br />
<br />
<br />
==== From the TalTech IT office ====<br />
Infrastructure<br />
* Migrating TUT Campus LAN to IPv6; Edgars Zigurs<br />
* Implementing a freeware SIEM solution in TUT; Edgars Zigurs<br />
* Campus WiFi quality and signal strength modeling (3D); Edgars Zigurs<br />
<br />
Development<br />
* electronic door signs, room calendars, etc.; Thomas Lepik<br />
* VoIP solutions - softphone, integration with existing information systems; Thomas Lepik<br />
* integrating last generation BMS (Building Management System); Thomas Lepik<br />
* the student view of OIS (usability, security, re-design); Enn Rebane<br />
<br />
==== From the Tartu University thesis topic registry ====<br />
NB! Theses supervised by supervisors from the University of Tartu (UT) have to be defended in UT. Exceptions are possible, but need do be approved by the program manager. If you will defend your thesis in UT, then you should do your thesis declaration according to the procedures and deadlines of UT. Thesis related guidelines and regulations are available at: https://www.cs.ut.ee/en/studying/guidelines-regulations<br />
In case of any questions contact UT Institute of Computer Science Academic Affairs Specialist Maarja Kungla (maarja.kungla@ut.ee).<br />
<br />
- Arnis Paršovs, University of Tartu, arnis@ut.ee<br />
* eID<br />
* PKI<br />
* TLS<br />
* Smart cards<br />
<br />
A full list of thesis topics offered by the [https://acs.cs.ut.ee/ Applied Cyber Security Group (UT)] is available in the [https://comserv.cs.ut.ee/ati_thesis_offers/index.php?year=all&keywords=acs thesis topics database].<br />
<br />
Students can also get access to various [https://acs.cs.ut.ee/hardware/ hardware] that can be used for research experiments.<br />
<br />
- Dominique Unruh, University of Tartu, <dominique.unruh@ut.ee> <br />
<br />
- Vitaly Skachek, University of Tartu, <vitaly.skachek@ut.ee><br />
<br />
- Meelis Roos, University of Tartu, <meelis.roos@ut.ee><br />
<br />
- Mubashar Iqbal, University of Tartu, <mubashar.iqbal@ut.ee><br />
<br />
- Abasi-Amefon Obot Affia, University of Tartu, <amefon.affia@ut.ee><br />
<br />
- Mari Seeba, University of Tartu, <mari.seeba@ut.ee><br />
<br />
- Sabah Suhail, University of Tartu,<br />
<br />
- Raimundas Matulevicius, University of Tartu, <raimundas.matulevicius@ut.ee><br />
<br />
<br />
Some topics are provided at <https://infosec.cs.ut.ee/Main/ThesisTopics><br />
<br />
For other topics, students can contact directly the supervisors and course lecturers.<br />
<br />
==== From Estonian Police ====<br />
* Vaatlustarkvarade EnCase ja Autopsy võrdlus (selgituseks, et Autopsy on EnCase analoog, kuid tasuta. Vajalik oleks täpne analüüs, et mida Autopsy võimaldab ja mida mitte võrreldes EnCase ja/või FTKga).<br />
<br />
* Erinevate suhtlustarkvarade (WhatsApp, Viber, FB Messenger, Skype jt) jäljed mobiiltelefonides ja nende analüüsimine (selgituseks, et üldjuhul loovad suhtlustarkvarad mingi andmebaasi vestlustega ka telefoni, kas see on krüpteeritud või mitte? Osad vestlused XRY tuvastab, aga millistel juhtudel? Millised võimalused oleks neid faile nö käsitsi uurida?).<br />
<br />
* Tõendiahela kirjeldamine elektrooniliste tõendite fikseerimisel (chain of custody)/Elektroonilise sisu erikohtlemine asitõendi vaatlusel/Digitaaltõendite vaatluse kord – erinevate riikid analüüs ja võrdlus.<br />
<br />
* P2P võrkudes lastest ebasündsate piltide levitajate tuvastamine/P2P võrkudes illegaalse internetisisu levitajate tuvastamine.<br />
<br />
* Koolituskava väljatöötamine uurijale/menetlejale, kes puutub kokku digitaalsete tõenditega- erinevate riikide praktika võrdlus.<br />
<br />
* Ask Rain Ottis for a POC on these topics.<br />
<br />
== Useful links ==<br />
[https://drive.google.com/file/d/0B7yq33Gize8ydEh5X0NxeWtZc3c/edit ITX8040 Thesis advice slides]<br />
<br />
[https://www.taltech.ee/en/thesis-and-graduation-it#p43359 Format requirements of a thesis and MS-Word Template (TalTech)]<br />
<br />
[https://gitlab.cs.ttu.ee/templates/phd-thesis LATEX template for master thesis (TalTech) (accessible by UNI-ID)]<br />
<br />
[http://www.lib.ttu.ee/dbs/abaasid.asp Databases, books, research papers accessible from the TTU network]<br />
<br />
[https://courses.cs.ttu.ee/pages/Research_Method An Overview of Research Methods]<br />
<br />
[https://courses.cs.ttu.ee/pages/Defended_thesis_cyber Previously Defended Theses]</div>Kristihttp://courses.cs.taltech.ee/w/index.php?title=Thesis&diff=10311Thesis2021-12-02T13:54:38Z<p>Kristi: /* Important Deadlines for May/June 2022 Defence */</p>
<hr />
<div>=Thesis info for Cyber Security students=<br />
<br />
== Important Deadlines for January 2022 Defence ==<br />
* Submission of problem statement and research design document: 15th August 2021 <br />
* Submission of the thesis to the reviewer: 14 December 2021 https://moodle.taltech.ee/course/view.php?id=31686, No enrolment key is needed for the students. <br />
* OIS declaration: 13 December 2021<br />
* Submission of the final version of the thesis: 3 January 2022<br />
* Defences: 10 - 11 January 2022<br />
<br />
== Important Deadlines for May/June 2022 Defence ==<br />
<br />
* Submission of problem statement and research design document: 14 December 2021 https://moodle.taltech.ee/course/view.php?id=31426. There is no enrollment key for the students.<br />
* Submission of the thesis to the reviewer: 25 April 2022<br />
* OIS declaration: 9 May 2022<br />
* Submission of the final version of the thesis: 16 May 2022<br />
* Defences: 30-31 May, 1-2 June 2022<br />
<br />
== Thesis Defence Overview ==<br />
<br />
Writing and defending an MSc thesis is an important part of the Cyber Security curriculum, as it shows that you can go deep into a specific cyber security research area. This page gives a rough overview of the process, but details should be discussed with your supervisor. This overview part is given according to the assumption that you are following a 4-semester study plan and aim to defend in the May period. If you want to defend in January, then you can adjust the planning phases accordingly.<br />
<br />
Generally, the process should start during the first year, by finding a topic-area of interest and by identifying a suitable supervisor. At the end of the second semester, it is highly recommended to have an idea about your topic and have discussed this with your supervisor.<br />
<br />
In early December, you should submit a problem statement and research design document (please, find the details, below). Sending this document is considered as a registration to the defence that will take place in next term. <br />
<br />
The next step in the process would be conducting the research. As the thesis submission deadline is around the third week of April (for students aiming to defend in January, this deadline is early December), please, plan to finish your work early April, so that your supervisor can review your thesis, give you feedback and you have time to address the feedback before your thesis is being sent to the reviewer/opponent. Jointly with your supervisor, you should then make a decision if your work is ready to be submitted for May defence (or if you need more time and prefer to submit for a January defence). The reviewer will review your thesis and give you feedback. Expect that you should receive the review about a week before the final deadline. You can continue to update your work until the final submission date. You can and should, however, incorporate the review feedback into the final copy of your thesis and defence presentation. This will allow you to make modifications, e.g., fix some typos or clarify some sections, which the reviewer pointed out.<br />
<br />
At the final submission deadline, you will have to submit your thesis. On the day of defence, you are expected to give a 15-minute presentation of your work, followed by Q&A from the opponent, committee, supervisor & audience. Make sure you prepare your 15-minute presentation well, this should not be left for the evening before the defence. <br />
<br />
Below some more detailed information. <br />
<br />
Good luck! <br />
<br />
=== Registration and submission of problem statement and research design document ===<br />
Each student is required to submit a problem statement and research design document having a length up to 10 pages. '''The document must include your name and also the names of thesis and supervisor''' (and co-supervisor if exists).<br />
<br />
About half a year before the defence, the students are required to indicate their intent to defend by this document. See deadlines above set for each semester. Typically this will be around Early December for May defences and Mid June for January defences. You will need to submit this via the TTU Moodle link given in "important deadlines" section of relevant defence period. You'll have to self-enrol yourself in that link. Feedback on the problem statement and research design document should be received within 3-4 weeks via the email account that you defined in TTU Moodle.<br />
<br />
The document should include the following sections and content:<br />
<br />
• The topic of the thesis<br />
<br />
• The name of the author<br />
<br />
• The name of the supervisor<br />
<br />
• Motivation: An overview of the addressed problem is given here. It should be explained why the problem is important and deserves a research study.<br />
<br />
• Research Problem/Hypothesis/Question: It is imperative to write a proper research problem/hypothesis/question statement(s).<br />
<br />
• Scope and Goal: This section defines the goal of the study and describes the main outcomes. It is required to specify the scope, limitations and key assumptions of the study.<br />
<br />
• Literature Review: This section includes the analysis of similar studies in the literature and gives a discussion of the research gap. It is important to link this research gap explanation with the research problem.<br />
<br />
• Novelty: This section justifies the novelty of your study, explains what the main contribution is and what the differences are when compared to similar studies.<br />
<br />
• Research Methods: The research methods that you will apply in your study are given here. The data collection and analysis methods are also covered in this section. It is needed to explain how your research outcome will be validated.<br />
<br />
• References: The resources referenced in the document are listed here. <br />
<br />
This document is evaluated according to the following criteria:<br />
<br />
Whether the author<br />
<br />
• has a well-defined problem statement,<br />
<br />
• successfully presents the significance of the problem,<br />
<br />
• knows the literature and the limits of existing solutions,<br />
<br />
• have thought about possible methods,<br />
<br />
• have thought about how to validate the proposed solution,<br />
<br />
• brings a novelty to the literature.<br />
<br />
You can find detailed information about research methods [https://courses.cs.ttu.ee/pages/Research_Method here.]<br />
<br />
=== Submission to Reviewer ===<br />
Each thesis will be assigned a reviewer or sometimes called opponent. The reviewer must have at least a Master's degree and relevant knowledge or experience in the field of the thesis topic, and they must not have a conflict of interest (such as being members in the same research group). Students and supervisor may recommend reviewer candidates, but the final assignment will be done by the thesis defence committee. <br />
<br />
A reviewer will provide written feedback (typically about two pages) on the thesis. The review should cover the following points:<br />
* short description of the thesis<br />
* strengths and weaknesses of the thesis<br />
* recommended grade (0-5, where 0 is a failing thesis and 5 is an excellent thesis) based on the clarity of the problem and the solution, complexity of the problem, suitability of the chosen solution, proper execution of the solution, and the proper formatting and language use in the thesis.<br />
* at least three questions that can be asked during the defence.<br />
<br />
Based on the student's performance at the defence the reviewer may change the recommended grade.<br />
<br />
The reviewer will receive a copy of the thesis about two-three weeks before the final/hard university deadline for submitting the thesis. The reason for this is that typically reviewers point out the typos and small factual mistakes that can be fixed in short time (about a week). The student will receive the review one week before the final submission deadline and therefore is able to address some of the comments before submitting the final version. The student can also still decide not to submit the thesis this round, but rather work on improving the quality and then submit an improved version in the next defence period.<br />
<br />
=== OIS declaration===<br />
Before a student can proceed to the thesis defence, they have to declare the thesis topic in OIS and get approval from their supervisor. Please pay careful attention to the OIS declaration deadline, as without this you will not be permitted to attend the defence. If you will defend your thesis in Tartu University, then you should do your OIS declaration to their systems according to their deadlines.<br />
<br />
=== Submission of Final Copy===<br />
<br />
Each student will submit the pdf version of the thesis, the relevant thesis metadata and licence information via moodle course page link given in "important deadlines" section of relevant defence period. Please complete the steps 1, 2 and 3 of the thesis submission on this page. <br />
<br />
In addition to submission of above materials via Moodle, one paper copy of your thesis will be collected before defence, which you will get back after defence. The details will be announced one or two weeks before the deadline. <br />
<br />
If you will defend your thesis in Tartu University, then you should submit final copy according to the procedures and deadlines of Tartu University. <br />
<br />
<br />
NB! Do not forget that you need to prepare a '''15 min presentation for your defence'''. This should really not be left to the evening before the defence!<br />
<br />
=== The defence procedure ===<br />
On the day of defence, students will present their theses according to the announced schedule. Generally, the results will be announced at the end of the day.<br />
<br />
The defence procedure for each student consists of the following steps:<br />
* the committee Chairman announces the name of the student, the topic of the thesis, and the names of the supervisor(s) and reviewer.<br />
* the student presents his or her thesis in 15 minutes.<br />
* the student answers the reviewer's questions and the reviewer recommends a grade. This recommendation may differ from the preliminary recommendation, based on how successful the defence was.<br />
* the student answers questions from the committee. <br />
* the student answers questions from the audience.<br />
* the supervisor gives his or her opinion of the thesis and recommends a grade.<br />
<br />
NB! The recommended grades by the reviewer and the supervisor are not binding to the committee, who makes the final decision.<br />
<br />
* After the thesis defence, please visit the Dean's Office for more information about final formalities.<br />
* [http://lab.cs.ttu.ee/theses Upload your thesis if you would like to have it public]<br />
<br />
== Formal Requirements and recommendations ==<br />
<br />
Until further notice, please use the formatting guide from the School of Information Technologies (link to the guide is given [https://www.taltech.ee/en/thesis-and-graduation-it#p43359 here]). Please note that you will have to change the title page as of 01.01.2017:<br />
* write "School of Information Technology" instead of "Faculty of Information Technology"<br />
* write "Department of Software Science" instead of "Department of Computer Engineering".<br />
<br />
The thesis code for IVCM is ITC70LT.<br />
<br />
The following advices can be considered for a master thesis<br />
* a title page, an author declaration, an annotation in English and Estonian, a list of contents, and references are required in the thesis<br />
* 50-80 pages + appendices if needed<br />
* Times New Roman (or similar), font size 12, 1.5 spacing used for the ordinary text<br />
* Headings are numbered and no more than 3 levels used<br />
* Don't forget page numbers<br />
<br />
== Topic and supervisor ==<br />
Every student must have a supervisor when writing the thesis. The supervisor's role is to provide guidance on topic selection and research methods, as well as to give feedback on your work. It is not the supervisor's duty to correct spelling mistakes or formatting errors - they may point such things out, but the responsibility remains with you. Before a thesis will be accepted for defence, the supervisor has to agree that it is of sufficient quality.<br />
<br />
Almost any professor and lecturer you have met in your curriculum can act as an supervisor of your thesis. Some of them have some open problems suitable for doing research and writing a thesis, but many may not have a topic to offer right away. It is usually more helpful to have an initial idea of a topic of your thesis and ask someone with interests in the related field to advise you. You can have a supervisor not related to the university, but he can act only as a co-supervisor and you need to agree to somebody related to the curricula or the [http://www.ttu.ee/faculty-of-information-technology/faculty-of-information-technology-1/about-faculty-2/departments/department-of-computer-science-2/ leading institute] of the curriculum to be an official co-supervisor. All (co-)supervisors must have at least a Master's degree.<br />
<br />
When refining a topic idea, make sure it has a clear connection with cyber security.<br />
<br />
NB!<br />
Theses supervised by supervisors from the University of Tartu (UT) have to be defended in UT. Exceptions are possible, but need do be approved by the program manager.<br />
<br />
If you will defend your thesis in UT, then you should do your thesis declaration according to the procedures and deadlines of UT. Thesis related guidelines and regulations are available at: https://www.cs.ut.ee/en/studying/guidelines-regulations In case of any questions contact UT Institute of Computer Science Academic Affairs Specialist Maarja Kungla (maarja.kungla@ut.ee).<br />
<br />
== Potential supervisors & proposed topics ==<br />
<br />
'''The topics below are offered by potential (co-)supervisors (in alphabetical order). The list is updated as new offers emerge.'''<br />
<br />
==== From Marko Arik, Industry PhD student, Talgen Cybersecurity Ltd. marko.arik@taltech.ee ==== <br />
<br />
* Cyber Operations<br />
* Informational Environment<br />
* Individual competences in Cyber<br />
<br />
==== From Hayretdin Bahsi, Tallinn University of Technology, hayretdin.bahsi@taltech.ee ====<br />
<br />
I am interested in various topics which can be categorized as technical and organizational. If you already have specific topics in your mind, we can discuss them and decide to work together. <br />
<br />
Technical Topics<br />
<br />
* Application of machine learning and data mining methods to the following cyber security problems: Malware detection, botnet identification, code security review, intrusion detection in cyber-physical systems, IoT network or robotic systems <br />
* Cyber security of IoT, cyber-physical systems: Development of a security testbed, threat modelling, honeypots, intrusion detection systems<br />
* Digital Forensics: Forensics issues in cyber-physical systems, IoT networks or robotics systems, mobile forensics, blockchain forensics<br />
<br />
Organizational Topics<br />
<br />
* Security operation center (SOC) models<br />
* Case studies for the improvement of SOC processes such as threat monitoring, incident handling, vulnerability management or situational awareness<br />
<br />
==== From Aivo Kalu, Cybernetica AS ====<br />
<br />
1. Comparison of identity/authentication/signing APIs from security and architecture viewpoint<br />
<br />
This might be suitable for student, who is more interested about software developing/architecture aspects, but still related to security as well. In short, there are many competing API-s in the Baltic/Nordic region, which are used in practice, to request the authentication or signatures. For example: <br />
<br />
* https://github.com/SK-EID/smart-id-documentation/blob/master/README.md<br />
* https://github.com/SK-EID/MID<br />
* https://developers.dokobit.com<br />
* https://developer.signicat.com/apis/sign-api/sign-api-v1/<br />
* https://github.com/open-eid/SiGa/wiki/Hashcode-API-description<br />
<br />
and also, there are the “canonical” or “standard" ones like OIDC and SAML and DSS (http://docs.oasis-open.org/dss/v1.0/oasis-dss-core-spec-v1.0-os.html). Which one is good? Which one has the best properties from software point of view or security point of view? Which one to use for future integrations? How do we even compare them?<br />
<br />
2. Apply Smart-ID authentication and digital signatures (or underlying SplitKey technology) in novel bitcoin/blockchain/SSI/DID use cases.<br />
<br />
For example, last year, there was the master thesis https://www.semanticscholar.org/paper/Aleksandr-Ts%C3%B5ganov-Integrating-User-Identity-with-Ts%C3%B5ganov-Pintado/30c653214f5a30ed46343058039d4b53a8d326f9?utm_source=email. <br />
<br />
If there’s some additional ideas, about where to apply the Smart-ID authentication services or perhaps to do more deeper integration with the SplitKey technology, we could discuss and see, if some interesting project might come out of this. <br />
<br />
3. Compare the attack model of the FIDO with the attack model of Smart-ID. <br />
<br />
The current Smart-ID authentication API (https://github.com/SK-EID/smart-id-documentation/blob/master/README.md) specifies how the anonymous session with the web-site becomes the authenticated session. Compare the security properties of this authentication flow with https://www.w3.org/TR/webauthn-2/ and https://fidoalliance.org/specs/fido-v2.0-id-20180227/fido-security-ref-v2.0-id-20180227.html<br />
<br />
4. Compare the properties of Smart-ID with framework by Bonneau et al.<br />
<br />
Take the https://www.cl.cam.ac.uk/~fms27/papers/2012-BonneauHerOorSta-password--oakland.pdf and the properties described there and analyse, which ones are satisfied by Smart-ID, which ones are not satisfied, which ones are already pointless in the year 2020. Compare with http://fc16.ifca.ai/preproceedings/25_Lang.pdf, which does the same kind exercise for FIDO in the section 6.1.<br />
<br />
==== From Jüri Kivimaa, Tallinn University of Technology ====<br />
* IT security economics<br />
* security cost optimization<br />
<br />
==== From Shaymaa Khalil, TalTech ====<br />
<br />
Interested in (but not limited to) topics related to:<br />
<br />
Industrial control systems: threat modeling, security, threat detection, testbeds, and education programs<br />
<br />
Digital Forensics topics, especially topics related to Industrial control systems, Windows OS and Digital Forensics tools benchmarking<br />
<br />
==== From Toomas Lepik, Tallinn University of Technology ====<br />
<br />
toomas.lepik@taltech.ee<br />
<br />
General areas:<br />
<br />
* Network Forensic (related data analysis)<br />
* Reverse engineering (including malware analysis)<br />
* SCADA security <br />
* Incident Handling.<br />
<br />
[https://courses.cs.ttu.ee/pages/Thesis/tl/ A bit more specific research ideas ]<br />
<br />
==== From Birgy Lorenz, Tallinn University of Technology ====<br />
birgy.lorenz@ttu.ee<br />
<br />
* human factors in cybersecurity<br />
* cyber awareness and training (kindergarten, schools, laypersons)<br />
* cybersecurity young talents skills and its development and testing<br />
* women in cybersecurity<br />
<br />
==== From Kaie Maennel, Tallinn University of Technology ====<br />
(kaie.maennel@ttu.ee)<br />
<br />
- cyber awareness and hygiene<br />
<br />
- cyber security learning and teaching (e.g., serious games, cyber defense exercises, etc.)<br />
<br />
- learning analytics in cyber security training context<br />
<br />
- human factors in cyber security<br />
<br />
- cybersecurity risk assessment and management<br />
<br />
- IT and cybersecurity audits<br />
<br />
==== From [https://maennel.net Olaf Maennel], Tallinn University of Technology, olaf.maennel@ttu.ee ====<br />
<br />
* Network security & network measurements (active & passive)<br />
* WAN-routing & security (IPv6, BGP/BGPsec,...)<br />
<br />
==== From Sten Mäses, Tallinn University of Technology ====<br />
<br />
* Creating educational hands-on virtual labs in rangeforce.com platform<br />
<br />
==== From Andrew Roberts, Tallinn University of Technology ====<br />
Topics: <br />
1. Evaluation of Methods for Threat and Risk Assessment of Autonomous Self-Driving Vehicles<br />
2. Design and Development of a cyber range for Autonomous self-driving vehicles <br />
Contribution: <br />
<br />
Topic 1: The outcome of this work will form part of TUT contribution to standards and methods research within the International Alliance for Mobility Testing and Standardisation (IAMTS). <br />
<br />
Topic 2: The developed cyber range will be integrated into the EU ECHO-Federated Cyber Range.<br />
<br />
==== From Anna-Maria Osula, Tallinn University of Technology ====<br />
<br />
* legal aspects of cyber security <br />
* international law<br />
<br />
==== From Rain Ottis, Tallinn University of Technology ====<br />
<br />
* national cyber security<br />
* serious games in cyber security/cyber security exercises<br />
<br />
==== From Mauno Pihelgas NATO CCDCOE ==== <br />
* system monitoring<br />
* network monitoring<br />
* IDS/IPS systems<br />
* insider threat detection<br />
<br />
==== From Jaan Priisalu, Tallinn University of Technology ====<br />
<br />
* TBD<br />
<br />
==== From Matthew Sorell, Tallinn University of Technology / Adelaide University Australia ====<br />
<br />
Matthew James Sorell <matthew.sorell@taltech.ee> <br />
<br />
1. A risk-based decision approach for handling digital devices at a crime scene.<br />
<br />
It is common for electronic devices such as mobile phones to be discovered at a crime scene, but the means for securing the device is becoming increasingly complex. In spite of this, evidence handling procedures are often static and increasingly out of date, leading to the loss of critical evidence in serious crime.<br />
<br />
The phone may be remotely wiped; picking it up may activate motion sensors; and in some cases (such as missing persons) the urgency of the evidence needs to be weighed against securing forensic evidence for investigation and prosecution. <br />
<br />
In this research, we consider the development of a risk-based approach to advising crime scene investigators to handle digital devices in the least-worst way.<br />
<br />
<br />
2. Feasible route mapping<br />
<br />
When examining timestamped geolocation data, it is often useful to determine feasible routes which could be taken from one location to another. <br />
<br />
Google Maps, for example, provides directions and sometimes provides a small number of alternatives. For criminal investigation, a heatmap of feasible routes would support investigators with a means to rapidly evaluate the context of movement in and around a crime. <br />
<br />
In this project, we propose to use the Google Maps Platform (https://developers.google.com/maps/gmp-get-started) to build, through statistical sampling, a heatmap of feasible routes subject to time and modes-of-transportation constraints.<br />
<br />
==== From Tiia Sõmer, Tallinn University of Technology ==== <br />
<br />
Currently no topics on offer.<br />
<br />
<br />
==== From Stefan Sütterlin, Tallinn University of Technology & Østfold University College ====<br />
(stefan.sutterlin@hiof.no)<br />
<br />
- cognitive science and performance in cyber defence<br />
<br />
- human factors in cyber security<br />
<br />
- cyberpsychology<br />
<br />
- decision-making<br />
<br />
- cognitive biases <br />
<br />
- cybersecurity awareness<br />
<br />
==== From Eneken Tikk, Tallinn University of Technology ====<br />
* Technical and organizational implementation of the GDPR <br />
* Monetization of personal data <br />
* Economics of cybersecurity (the cost of implementation relative to the anticipated and evidenced gains) <br />
* Cyber insurance<br />
* Non-military strategies for national and international cybersecurity<br />
* Legal aspects of cybersecurity<br />
<br />
==== From Risto Vaarandi, Tallinn University of Technology ====<br />
<br />
Here are potential areas for selecting a thesis topic:<br />
<br />
* event log collection<br />
* event log analysis<br />
* event correlation<br />
* network monitoring<br />
* intrusion detection<br />
* any area that is connected to security monitoring<br />
* various other system security engineering topics (for example, system hardening or firewalling)<br />
<br />
When applying for supervision, preference is given to students who have either passed the Cyber Defense Monitoring Solutions course with grade 4 or 5, or have previous engineering experience in the research area (for example, writing a thesis on network intrusion detection requires previous experience with network IDS systems). Before applying, make sure you have selected at least one initial thesis topic suggestion with a background research about its validity.<br />
<br />
==== From Adrian Venables, Tallinn University of Technology ====<br />
<br />
* Cyber security aspects of Information Warfare<br />
* Information Advantage doctrine development<br />
* Influence Operations<br />
<br />
Note: a background in International Relations, Political Science or Strategic Studies is required<br />
<br />
<br />
==== From Gabor Visky, NATO CCDCOE / TalTech ====<br />
<br />
Gabor Visky <gabor.visky@ccdcoe.org><br />
<br />
* Network traffic analysis in the maritime cyber-lab<br />
<br />
<br />
<br />
==== From the TalTech IT office ====<br />
Infrastructure<br />
* Migrating TUT Campus LAN to IPv6; Edgars Zigurs<br />
* Implementing a freeware SIEM solution in TUT; Edgars Zigurs<br />
* Campus WiFi quality and signal strength modeling (3D); Edgars Zigurs<br />
<br />
Development<br />
* electronic door signs, room calendars, etc.; Thomas Lepik<br />
* VoIP solutions - softphone, integration with existing information systems; Thomas Lepik<br />
* integrating last generation BMS (Building Management System); Thomas Lepik<br />
* the student view of OIS (usability, security, re-design); Enn Rebane<br />
<br />
==== From the Tartu University thesis topic registry ====<br />
NB! Theses supervised by supervisors from the University of Tartu (UT) have to be defended in UT. Exceptions are possible, but need do be approved by the program manager. If you will defend your thesis in UT, then you should do your thesis declaration according to the procedures and deadlines of UT. Thesis related guidelines and regulations are available at: https://www.cs.ut.ee/en/studying/guidelines-regulations<br />
In case of any questions contact UT Institute of Computer Science Academic Affairs Specialist Maarja Kungla (maarja.kungla@ut.ee).<br />
<br />
- Arnis Paršovs, University of Tartu, arnis@ut.ee<br />
* eID<br />
* PKI<br />
* TLS<br />
* Smart cards<br />
<br />
A full list of thesis topics offered by the [https://acs.cs.ut.ee/ Applied Cyber Security Group (UT)] is available in the [https://comserv.cs.ut.ee/ati_thesis_offers/index.php?year=all&keywords=acs thesis topics database].<br />
<br />
Students can also get access to various [https://acs.cs.ut.ee/hardware/ hardware] that can be used for research experiments.<br />
<br />
- Dominique Unruh, University of Tartu, <dominique.unruh@ut.ee> <br />
<br />
- Vitaly Skachek, University of Tartu, <vitaly.skachek@ut.ee><br />
<br />
- Meelis Roos, University of Tartu, <meelis.roos@ut.ee><br />
<br />
- Mubashar Iqbal, University of Tartu, <mubashar.iqbal@ut.ee><br />
<br />
- Abasi-Amefon Obot Affia, University of Tartu, <amefon.affia@ut.ee><br />
<br />
- Mari Seeba, University of Tartu, <mari.seeba@ut.ee><br />
<br />
- Sabah Suhail, University of Tartu,<br />
<br />
- Raimundas Matulevicius, University of Tartu, <raimundas.matulevicius@ut.ee><br />
<br />
<br />
Some topics are provided at <https://infosec.cs.ut.ee/Main/ThesisTopics><br />
<br />
For other topics, students can contact directly the supervisors and course lecturers.<br />
<br />
==== From Estonian Police ====<br />
* Vaatlustarkvarade EnCase ja Autopsy võrdlus (selgituseks, et Autopsy on EnCase analoog, kuid tasuta. Vajalik oleks täpne analüüs, et mida Autopsy võimaldab ja mida mitte võrreldes EnCase ja/või FTKga).<br />
<br />
* Erinevate suhtlustarkvarade (WhatsApp, Viber, FB Messenger, Skype jt) jäljed mobiiltelefonides ja nende analüüsimine (selgituseks, et üldjuhul loovad suhtlustarkvarad mingi andmebaasi vestlustega ka telefoni, kas see on krüpteeritud või mitte? Osad vestlused XRY tuvastab, aga millistel juhtudel? Millised võimalused oleks neid faile nö käsitsi uurida?).<br />
<br />
* Tõendiahela kirjeldamine elektrooniliste tõendite fikseerimisel (chain of custody)/Elektroonilise sisu erikohtlemine asitõendi vaatlusel/Digitaaltõendite vaatluse kord – erinevate riikid analüüs ja võrdlus.<br />
<br />
* P2P võrkudes lastest ebasündsate piltide levitajate tuvastamine/P2P võrkudes illegaalse internetisisu levitajate tuvastamine.<br />
<br />
* Koolituskava väljatöötamine uurijale/menetlejale, kes puutub kokku digitaalsete tõenditega- erinevate riikide praktika võrdlus.<br />
<br />
* Ask Rain Ottis for a POC on these topics.<br />
<br />
== Useful links ==<br />
[https://drive.google.com/file/d/0B7yq33Gize8ydEh5X0NxeWtZc3c/edit ITX8040 Thesis advice slides]<br />
<br />
[https://www.taltech.ee/en/thesis-and-graduation-it#p43359 Format requirements of a thesis and MS-Word Template (TalTech)]<br />
<br />
[https://gitlab.cs.ttu.ee/templates/phd-thesis LATEX template for master thesis (TalTech) (accessible by UNI-ID)]<br />
<br />
[http://www.lib.ttu.ee/dbs/abaasid.asp Databases, books, research papers accessible from the TTU network]<br />
<br />
[https://courses.cs.ttu.ee/pages/Research_Method An Overview of Research Methods]<br />
<br />
[https://courses.cs.ttu.ee/pages/Defended_thesis_cyber Previously Defended Theses]</div>Kristihttp://courses.cs.taltech.ee/w/index.php?title=Thesis&diff=10310Thesis2021-12-02T13:53:52Z<p>Kristi: /* Important Deadlines for January 2022 Defence */</p>
<hr />
<div>=Thesis info for Cyber Security students=<br />
<br />
== Important Deadlines for January 2022 Defence ==<br />
* Submission of problem statement and research design document: 15th August 2021 <br />
* Submission of the thesis to the reviewer: 14 December 2021 https://moodle.taltech.ee/course/view.php?id=31686, No enrolment key is needed for the students. <br />
* OIS declaration: 13 December 2021<br />
* Submission of the final version of the thesis: 3 January 2022<br />
* Defences: 10 - 11 January 2022<br />
<br />
== Important Deadlines for May/June 2022 Defence ==<br />
<br />
* Submission of problem statement and research design document: 14 December 2021<br />
* Submission of the thesis to the reviewer: 25 April 2022<br />
* OIS declaration: 9 May 2022<br />
* Submission of the final version of the thesis: 16 May 2022<br />
* Defences: 30-31 May, 1-2 June 2022<br />
<br />
== Thesis Defence Overview ==<br />
<br />
Writing and defending an MSc thesis is an important part of the Cyber Security curriculum, as it shows that you can go deep into a specific cyber security research area. This page gives a rough overview of the process, but details should be discussed with your supervisor. This overview part is given according to the assumption that you are following a 4-semester study plan and aim to defend in the May period. If you want to defend in January, then you can adjust the planning phases accordingly.<br />
<br />
Generally, the process should start during the first year, by finding a topic-area of interest and by identifying a suitable supervisor. At the end of the second semester, it is highly recommended to have an idea about your topic and have discussed this with your supervisor.<br />
<br />
In early December, you should submit a problem statement and research design document (please, find the details, below). Sending this document is considered as a registration to the defence that will take place in next term. <br />
<br />
The next step in the process would be conducting the research. As the thesis submission deadline is around the third week of April (for students aiming to defend in January, this deadline is early December), please, plan to finish your work early April, so that your supervisor can review your thesis, give you feedback and you have time to address the feedback before your thesis is being sent to the reviewer/opponent. Jointly with your supervisor, you should then make a decision if your work is ready to be submitted for May defence (or if you need more time and prefer to submit for a January defence). The reviewer will review your thesis and give you feedback. Expect that you should receive the review about a week before the final deadline. You can continue to update your work until the final submission date. You can and should, however, incorporate the review feedback into the final copy of your thesis and defence presentation. This will allow you to make modifications, e.g., fix some typos or clarify some sections, which the reviewer pointed out.<br />
<br />
At the final submission deadline, you will have to submit your thesis. On the day of defence, you are expected to give a 15-minute presentation of your work, followed by Q&A from the opponent, committee, supervisor & audience. Make sure you prepare your 15-minute presentation well, this should not be left for the evening before the defence. <br />
<br />
Below some more detailed information. <br />
<br />
Good luck! <br />
<br />
=== Registration and submission of problem statement and research design document ===<br />
Each student is required to submit a problem statement and research design document having a length up to 10 pages. '''The document must include your name and also the names of thesis and supervisor''' (and co-supervisor if exists).<br />
<br />
About half a year before the defence, the students are required to indicate their intent to defend by this document. See deadlines above set for each semester. Typically this will be around Early December for May defences and Mid June for January defences. You will need to submit this via the TTU Moodle link given in "important deadlines" section of relevant defence period. You'll have to self-enrol yourself in that link. Feedback on the problem statement and research design document should be received within 3-4 weeks via the email account that you defined in TTU Moodle.<br />
<br />
The document should include the following sections and content:<br />
<br />
• The topic of the thesis<br />
<br />
• The name of the author<br />
<br />
• The name of the supervisor<br />
<br />
• Motivation: An overview of the addressed problem is given here. It should be explained why the problem is important and deserves a research study.<br />
<br />
• Research Problem/Hypothesis/Question: It is imperative to write a proper research problem/hypothesis/question statement(s).<br />
<br />
• Scope and Goal: This section defines the goal of the study and describes the main outcomes. It is required to specify the scope, limitations and key assumptions of the study.<br />
<br />
• Literature Review: This section includes the analysis of similar studies in the literature and gives a discussion of the research gap. It is important to link this research gap explanation with the research problem.<br />
<br />
• Novelty: This section justifies the novelty of your study, explains what the main contribution is and what the differences are when compared to similar studies.<br />
<br />
• Research Methods: The research methods that you will apply in your study are given here. The data collection and analysis methods are also covered in this section. It is needed to explain how your research outcome will be validated.<br />
<br />
• References: The resources referenced in the document are listed here. <br />
<br />
This document is evaluated according to the following criteria:<br />
<br />
Whether the author<br />
<br />
• has a well-defined problem statement,<br />
<br />
• successfully presents the significance of the problem,<br />
<br />
• knows the literature and the limits of existing solutions,<br />
<br />
• have thought about possible methods,<br />
<br />
• have thought about how to validate the proposed solution,<br />
<br />
• brings a novelty to the literature.<br />
<br />
You can find detailed information about research methods [https://courses.cs.ttu.ee/pages/Research_Method here.]<br />
<br />
=== Submission to Reviewer ===<br />
Each thesis will be assigned a reviewer or sometimes called opponent. The reviewer must have at least a Master's degree and relevant knowledge or experience in the field of the thesis topic, and they must not have a conflict of interest (such as being members in the same research group). Students and supervisor may recommend reviewer candidates, but the final assignment will be done by the thesis defence committee. <br />
<br />
A reviewer will provide written feedback (typically about two pages) on the thesis. The review should cover the following points:<br />
* short description of the thesis<br />
* strengths and weaknesses of the thesis<br />
* recommended grade (0-5, where 0 is a failing thesis and 5 is an excellent thesis) based on the clarity of the problem and the solution, complexity of the problem, suitability of the chosen solution, proper execution of the solution, and the proper formatting and language use in the thesis.<br />
* at least three questions that can be asked during the defence.<br />
<br />
Based on the student's performance at the defence the reviewer may change the recommended grade.<br />
<br />
The reviewer will receive a copy of the thesis about two-three weeks before the final/hard university deadline for submitting the thesis. The reason for this is that typically reviewers point out the typos and small factual mistakes that can be fixed in short time (about a week). The student will receive the review one week before the final submission deadline and therefore is able to address some of the comments before submitting the final version. The student can also still decide not to submit the thesis this round, but rather work on improving the quality and then submit an improved version in the next defence period.<br />
<br />
=== OIS declaration===<br />
Before a student can proceed to the thesis defence, they have to declare the thesis topic in OIS and get approval from their supervisor. Please pay careful attention to the OIS declaration deadline, as without this you will not be permitted to attend the defence. If you will defend your thesis in Tartu University, then you should do your OIS declaration to their systems according to their deadlines.<br />
<br />
=== Submission of Final Copy===<br />
<br />
Each student will submit the pdf version of the thesis, the relevant thesis metadata and licence information via moodle course page link given in "important deadlines" section of relevant defence period. Please complete the steps 1, 2 and 3 of the thesis submission on this page. <br />
<br />
In addition to submission of above materials via Moodle, one paper copy of your thesis will be collected before defence, which you will get back after defence. The details will be announced one or two weeks before the deadline. <br />
<br />
If you will defend your thesis in Tartu University, then you should submit final copy according to the procedures and deadlines of Tartu University. <br />
<br />
<br />
NB! Do not forget that you need to prepare a '''15 min presentation for your defence'''. This should really not be left to the evening before the defence!<br />
<br />
=== The defence procedure ===<br />
On the day of defence, students will present their theses according to the announced schedule. Generally, the results will be announced at the end of the day.<br />
<br />
The defence procedure for each student consists of the following steps:<br />
* the committee Chairman announces the name of the student, the topic of the thesis, and the names of the supervisor(s) and reviewer.<br />
* the student presents his or her thesis in 15 minutes.<br />
* the student answers the reviewer's questions and the reviewer recommends a grade. This recommendation may differ from the preliminary recommendation, based on how successful the defence was.<br />
* the student answers questions from the committee. <br />
* the student answers questions from the audience.<br />
* the supervisor gives his or her opinion of the thesis and recommends a grade.<br />
<br />
NB! The recommended grades by the reviewer and the supervisor are not binding to the committee, who makes the final decision.<br />
<br />
* After the thesis defence, please visit the Dean's Office for more information about final formalities.<br />
* [http://lab.cs.ttu.ee/theses Upload your thesis if you would like to have it public]<br />
<br />
== Formal Requirements and recommendations ==<br />
<br />
Until further notice, please use the formatting guide from the School of Information Technologies (link to the guide is given [https://www.taltech.ee/en/thesis-and-graduation-it#p43359 here]). Please note that you will have to change the title page as of 01.01.2017:<br />
* write "School of Information Technology" instead of "Faculty of Information Technology"<br />
* write "Department of Software Science" instead of "Department of Computer Engineering".<br />
<br />
The thesis code for IVCM is ITC70LT.<br />
<br />
The following advices can be considered for a master thesis<br />
* a title page, an author declaration, an annotation in English and Estonian, a list of contents, and references are required in the thesis<br />
* 50-80 pages + appendices if needed<br />
* Times New Roman (or similar), font size 12, 1.5 spacing used for the ordinary text<br />
* Headings are numbered and no more than 3 levels used<br />
* Don't forget page numbers<br />
<br />
== Topic and supervisor ==<br />
Every student must have a supervisor when writing the thesis. The supervisor's role is to provide guidance on topic selection and research methods, as well as to give feedback on your work. It is not the supervisor's duty to correct spelling mistakes or formatting errors - they may point such things out, but the responsibility remains with you. Before a thesis will be accepted for defence, the supervisor has to agree that it is of sufficient quality.<br />
<br />
Almost any professor and lecturer you have met in your curriculum can act as an supervisor of your thesis. Some of them have some open problems suitable for doing research and writing a thesis, but many may not have a topic to offer right away. It is usually more helpful to have an initial idea of a topic of your thesis and ask someone with interests in the related field to advise you. You can have a supervisor not related to the university, but he can act only as a co-supervisor and you need to agree to somebody related to the curricula or the [http://www.ttu.ee/faculty-of-information-technology/faculty-of-information-technology-1/about-faculty-2/departments/department-of-computer-science-2/ leading institute] of the curriculum to be an official co-supervisor. All (co-)supervisors must have at least a Master's degree.<br />
<br />
When refining a topic idea, make sure it has a clear connection with cyber security.<br />
<br />
NB!<br />
Theses supervised by supervisors from the University of Tartu (UT) have to be defended in UT. Exceptions are possible, but need do be approved by the program manager.<br />
<br />
If you will defend your thesis in UT, then you should do your thesis declaration according to the procedures and deadlines of UT. Thesis related guidelines and regulations are available at: https://www.cs.ut.ee/en/studying/guidelines-regulations In case of any questions contact UT Institute of Computer Science Academic Affairs Specialist Maarja Kungla (maarja.kungla@ut.ee).<br />
<br />
== Potential supervisors & proposed topics ==<br />
<br />
'''The topics below are offered by potential (co-)supervisors (in alphabetical order). The list is updated as new offers emerge.'''<br />
<br />
==== From Marko Arik, Industry PhD student, Talgen Cybersecurity Ltd. marko.arik@taltech.ee ==== <br />
<br />
* Cyber Operations<br />
* Informational Environment<br />
* Individual competences in Cyber<br />
<br />
==== From Hayretdin Bahsi, Tallinn University of Technology, hayretdin.bahsi@taltech.ee ====<br />
<br />
I am interested in various topics which can be categorized as technical and organizational. If you already have specific topics in your mind, we can discuss them and decide to work together. <br />
<br />
Technical Topics<br />
<br />
* Application of machine learning and data mining methods to the following cyber security problems: Malware detection, botnet identification, code security review, intrusion detection in cyber-physical systems, IoT network or robotic systems <br />
* Cyber security of IoT, cyber-physical systems: Development of a security testbed, threat modelling, honeypots, intrusion detection systems<br />
* Digital Forensics: Forensics issues in cyber-physical systems, IoT networks or robotics systems, mobile forensics, blockchain forensics<br />
<br />
Organizational Topics<br />
<br />
* Security operation center (SOC) models<br />
* Case studies for the improvement of SOC processes such as threat monitoring, incident handling, vulnerability management or situational awareness<br />
<br />
==== From Aivo Kalu, Cybernetica AS ====<br />
<br />
1. Comparison of identity/authentication/signing APIs from security and architecture viewpoint<br />
<br />
This might be suitable for student, who is more interested about software developing/architecture aspects, but still related to security as well. In short, there are many competing API-s in the Baltic/Nordic region, which are used in practice, to request the authentication or signatures. For example: <br />
<br />
* https://github.com/SK-EID/smart-id-documentation/blob/master/README.md<br />
* https://github.com/SK-EID/MID<br />
* https://developers.dokobit.com<br />
* https://developer.signicat.com/apis/sign-api/sign-api-v1/<br />
* https://github.com/open-eid/SiGa/wiki/Hashcode-API-description<br />
<br />
and also, there are the “canonical” or “standard" ones like OIDC and SAML and DSS (http://docs.oasis-open.org/dss/v1.0/oasis-dss-core-spec-v1.0-os.html). Which one is good? Which one has the best properties from software point of view or security point of view? Which one to use for future integrations? How do we even compare them?<br />
<br />
2. Apply Smart-ID authentication and digital signatures (or underlying SplitKey technology) in novel bitcoin/blockchain/SSI/DID use cases.<br />
<br />
For example, last year, there was the master thesis https://www.semanticscholar.org/paper/Aleksandr-Ts%C3%B5ganov-Integrating-User-Identity-with-Ts%C3%B5ganov-Pintado/30c653214f5a30ed46343058039d4b53a8d326f9?utm_source=email. <br />
<br />
If there’s some additional ideas, about where to apply the Smart-ID authentication services or perhaps to do more deeper integration with the SplitKey technology, we could discuss and see, if some interesting project might come out of this. <br />
<br />
3. Compare the attack model of the FIDO with the attack model of Smart-ID. <br />
<br />
The current Smart-ID authentication API (https://github.com/SK-EID/smart-id-documentation/blob/master/README.md) specifies how the anonymous session with the web-site becomes the authenticated session. Compare the security properties of this authentication flow with https://www.w3.org/TR/webauthn-2/ and https://fidoalliance.org/specs/fido-v2.0-id-20180227/fido-security-ref-v2.0-id-20180227.html<br />
<br />
4. Compare the properties of Smart-ID with framework by Bonneau et al.<br />
<br />
Take the https://www.cl.cam.ac.uk/~fms27/papers/2012-BonneauHerOorSta-password--oakland.pdf and the properties described there and analyse, which ones are satisfied by Smart-ID, which ones are not satisfied, which ones are already pointless in the year 2020. Compare with http://fc16.ifca.ai/preproceedings/25_Lang.pdf, which does the same kind exercise for FIDO in the section 6.1.<br />
<br />
==== From Jüri Kivimaa, Tallinn University of Technology ====<br />
* IT security economics<br />
* security cost optimization<br />
<br />
==== From Shaymaa Khalil, TalTech ====<br />
<br />
Interested in (but not limited to) topics related to:<br />
<br />
Industrial control systems: threat modeling, security, threat detection, testbeds, and education programs<br />
<br />
Digital Forensics topics, especially topics related to Industrial control systems, Windows OS and Digital Forensics tools benchmarking<br />
<br />
==== From Toomas Lepik, Tallinn University of Technology ====<br />
<br />
toomas.lepik@taltech.ee<br />
<br />
General areas:<br />
<br />
* Network Forensic (related data analysis)<br />
* Reverse engineering (including malware analysis)<br />
* SCADA security <br />
* Incident Handling.<br />
<br />
[https://courses.cs.ttu.ee/pages/Thesis/tl/ A bit more specific research ideas ]<br />
<br />
==== From Birgy Lorenz, Tallinn University of Technology ====<br />
birgy.lorenz@ttu.ee<br />
<br />
* human factors in cybersecurity<br />
* cyber awareness and training (kindergarten, schools, laypersons)<br />
* cybersecurity young talents skills and its development and testing<br />
* women in cybersecurity<br />
<br />
==== From Kaie Maennel, Tallinn University of Technology ====<br />
(kaie.maennel@ttu.ee)<br />
<br />
- cyber awareness and hygiene<br />
<br />
- cyber security learning and teaching (e.g., serious games, cyber defense exercises, etc.)<br />
<br />
- learning analytics in cyber security training context<br />
<br />
- human factors in cyber security<br />
<br />
- cybersecurity risk assessment and management<br />
<br />
- IT and cybersecurity audits<br />
<br />
==== From [https://maennel.net Olaf Maennel], Tallinn University of Technology, olaf.maennel@ttu.ee ====<br />
<br />
* Network security & network measurements (active & passive)<br />
* WAN-routing & security (IPv6, BGP/BGPsec,...)<br />
<br />
==== From Sten Mäses, Tallinn University of Technology ====<br />
<br />
* Creating educational hands-on virtual labs in rangeforce.com platform<br />
<br />
==== From Andrew Roberts, Tallinn University of Technology ====<br />
Topics: <br />
1. Evaluation of Methods for Threat and Risk Assessment of Autonomous Self-Driving Vehicles<br />
2. Design and Development of a cyber range for Autonomous self-driving vehicles <br />
Contribution: <br />
<br />
Topic 1: The outcome of this work will form part of TUT contribution to standards and methods research within the International Alliance for Mobility Testing and Standardisation (IAMTS). <br />
<br />
Topic 2: The developed cyber range will be integrated into the EU ECHO-Federated Cyber Range.<br />
<br />
==== From Anna-Maria Osula, Tallinn University of Technology ====<br />
<br />
* legal aspects of cyber security <br />
* international law<br />
<br />
==== From Rain Ottis, Tallinn University of Technology ====<br />
<br />
* national cyber security<br />
* serious games in cyber security/cyber security exercises<br />
<br />
==== From Mauno Pihelgas NATO CCDCOE ==== <br />
* system monitoring<br />
* network monitoring<br />
* IDS/IPS systems<br />
* insider threat detection<br />
<br />
==== From Jaan Priisalu, Tallinn University of Technology ====<br />
<br />
* TBD<br />
<br />
==== From Matthew Sorell, Tallinn University of Technology / Adelaide University Australia ====<br />
<br />
Matthew James Sorell <matthew.sorell@taltech.ee> <br />
<br />
1. A risk-based decision approach for handling digital devices at a crime scene.<br />
<br />
It is common for electronic devices such as mobile phones to be discovered at a crime scene, but the means for securing the device is becoming increasingly complex. In spite of this, evidence handling procedures are often static and increasingly out of date, leading to the loss of critical evidence in serious crime.<br />
<br />
The phone may be remotely wiped; picking it up may activate motion sensors; and in some cases (such as missing persons) the urgency of the evidence needs to be weighed against securing forensic evidence for investigation and prosecution. <br />
<br />
In this research, we consider the development of a risk-based approach to advising crime scene investigators to handle digital devices in the least-worst way.<br />
<br />
<br />
2. Feasible route mapping<br />
<br />
When examining timestamped geolocation data, it is often useful to determine feasible routes which could be taken from one location to another. <br />
<br />
Google Maps, for example, provides directions and sometimes provides a small number of alternatives. For criminal investigation, a heatmap of feasible routes would support investigators with a means to rapidly evaluate the context of movement in and around a crime. <br />
<br />
In this project, we propose to use the Google Maps Platform (https://developers.google.com/maps/gmp-get-started) to build, through statistical sampling, a heatmap of feasible routes subject to time and modes-of-transportation constraints.<br />
<br />
==== From Tiia Sõmer, Tallinn University of Technology ==== <br />
<br />
Currently no topics on offer.<br />
<br />
<br />
==== From Stefan Sütterlin, Tallinn University of Technology & Østfold University College ====<br />
(stefan.sutterlin@hiof.no)<br />
<br />
- cognitive science and performance in cyber defence<br />
<br />
- human factors in cyber security<br />
<br />
- cyberpsychology<br />
<br />
- decision-making<br />
<br />
- cognitive biases <br />
<br />
- cybersecurity awareness<br />
<br />
==== From Eneken Tikk, Tallinn University of Technology ====<br />
* Technical and organizational implementation of the GDPR <br />
* Monetization of personal data <br />
* Economics of cybersecurity (the cost of implementation relative to the anticipated and evidenced gains) <br />
* Cyber insurance<br />
* Non-military strategies for national and international cybersecurity<br />
* Legal aspects of cybersecurity<br />
<br />
==== From Risto Vaarandi, Tallinn University of Technology ====<br />
<br />
Here are potential areas for selecting a thesis topic:<br />
<br />
* event log collection<br />
* event log analysis<br />
* event correlation<br />
* network monitoring<br />
* intrusion detection<br />
* any area that is connected to security monitoring<br />
* various other system security engineering topics (for example, system hardening or firewalling)<br />
<br />
When applying for supervision, preference is given to students who have either passed the Cyber Defense Monitoring Solutions course with grade 4 or 5, or have previous engineering experience in the research area (for example, writing a thesis on network intrusion detection requires previous experience with network IDS systems). Before applying, make sure you have selected at least one initial thesis topic suggestion with a background research about its validity.<br />
<br />
==== From Adrian Venables, Tallinn University of Technology ====<br />
<br />
* Cyber security aspects of Information Warfare<br />
* Information Advantage doctrine development<br />
* Influence Operations<br />
<br />
Note: a background in International Relations, Political Science or Strategic Studies is required<br />
<br />
<br />
==== From Gabor Visky, NATO CCDCOE / TalTech ====<br />
<br />
Gabor Visky <gabor.visky@ccdcoe.org><br />
<br />
* Network traffic analysis in the maritime cyber-lab<br />
<br />
<br />
<br />
==== From the TalTech IT office ====<br />
Infrastructure<br />
* Migrating TUT Campus LAN to IPv6; Edgars Zigurs<br />
* Implementing a freeware SIEM solution in TUT; Edgars Zigurs<br />
* Campus WiFi quality and signal strength modeling (3D); Edgars Zigurs<br />
<br />
Development<br />
* electronic door signs, room calendars, etc.; Thomas Lepik<br />
* VoIP solutions - softphone, integration with existing information systems; Thomas Lepik<br />
* integrating last generation BMS (Building Management System); Thomas Lepik<br />
* the student view of OIS (usability, security, re-design); Enn Rebane<br />
<br />
==== From the Tartu University thesis topic registry ====<br />
NB! Theses supervised by supervisors from the University of Tartu (UT) have to be defended in UT. Exceptions are possible, but need do be approved by the program manager. If you will defend your thesis in UT, then you should do your thesis declaration according to the procedures and deadlines of UT. Thesis related guidelines and regulations are available at: https://www.cs.ut.ee/en/studying/guidelines-regulations<br />
In case of any questions contact UT Institute of Computer Science Academic Affairs Specialist Maarja Kungla (maarja.kungla@ut.ee).<br />
<br />
- Arnis Paršovs, University of Tartu, arnis@ut.ee<br />
* eID<br />
* PKI<br />
* TLS<br />
* Smart cards<br />
<br />
A full list of thesis topics offered by the [https://acs.cs.ut.ee/ Applied Cyber Security Group (UT)] is available in the [https://comserv.cs.ut.ee/ati_thesis_offers/index.php?year=all&keywords=acs thesis topics database].<br />
<br />
Students can also get access to various [https://acs.cs.ut.ee/hardware/ hardware] that can be used for research experiments.<br />
<br />
- Dominique Unruh, University of Tartu, <dominique.unruh@ut.ee> <br />
<br />
- Vitaly Skachek, University of Tartu, <vitaly.skachek@ut.ee><br />
<br />
- Meelis Roos, University of Tartu, <meelis.roos@ut.ee><br />
<br />
- Mubashar Iqbal, University of Tartu, <mubashar.iqbal@ut.ee><br />
<br />
- Abasi-Amefon Obot Affia, University of Tartu, <amefon.affia@ut.ee><br />
<br />
- Mari Seeba, University of Tartu, <mari.seeba@ut.ee><br />
<br />
- Sabah Suhail, University of Tartu,<br />
<br />
- Raimundas Matulevicius, University of Tartu, <raimundas.matulevicius@ut.ee><br />
<br />
<br />
Some topics are provided at <https://infosec.cs.ut.ee/Main/ThesisTopics><br />
<br />
For other topics, students can contact directly the supervisors and course lecturers.<br />
<br />
==== From Estonian Police ====<br />
* Vaatlustarkvarade EnCase ja Autopsy võrdlus (selgituseks, et Autopsy on EnCase analoog, kuid tasuta. Vajalik oleks täpne analüüs, et mida Autopsy võimaldab ja mida mitte võrreldes EnCase ja/või FTKga).<br />
<br />
* Erinevate suhtlustarkvarade (WhatsApp, Viber, FB Messenger, Skype jt) jäljed mobiiltelefonides ja nende analüüsimine (selgituseks, et üldjuhul loovad suhtlustarkvarad mingi andmebaasi vestlustega ka telefoni, kas see on krüpteeritud või mitte? Osad vestlused XRY tuvastab, aga millistel juhtudel? Millised võimalused oleks neid faile nö käsitsi uurida?).<br />
<br />
* Tõendiahela kirjeldamine elektrooniliste tõendite fikseerimisel (chain of custody)/Elektroonilise sisu erikohtlemine asitõendi vaatlusel/Digitaaltõendite vaatluse kord – erinevate riikid analüüs ja võrdlus.<br />
<br />
* P2P võrkudes lastest ebasündsate piltide levitajate tuvastamine/P2P võrkudes illegaalse internetisisu levitajate tuvastamine.<br />
<br />
* Koolituskava väljatöötamine uurijale/menetlejale, kes puutub kokku digitaalsete tõenditega- erinevate riikide praktika võrdlus.<br />
<br />
* Ask Rain Ottis for a POC on these topics.<br />
<br />
== Useful links ==<br />
[https://drive.google.com/file/d/0B7yq33Gize8ydEh5X0NxeWtZc3c/edit ITX8040 Thesis advice slides]<br />
<br />
[https://www.taltech.ee/en/thesis-and-graduation-it#p43359 Format requirements of a thesis and MS-Word Template (TalTech)]<br />
<br />
[https://gitlab.cs.ttu.ee/templates/phd-thesis LATEX template for master thesis (TalTech) (accessible by UNI-ID)]<br />
<br />
[http://www.lib.ttu.ee/dbs/abaasid.asp Databases, books, research papers accessible from the TTU network]<br />
<br />
[https://courses.cs.ttu.ee/pages/Research_Method An Overview of Research Methods]<br />
<br />
[https://courses.cs.ttu.ee/pages/Defended_thesis_cyber Previously Defended Theses]</div>Kristihttp://courses.cs.taltech.ee/w/index.php?title=Thesis&diff=10309Thesis2021-12-02T12:57:25Z<p>Kristi: /* Important Deadlines for May/June 2022 Defence */</p>
<hr />
<div>=Thesis info for Cyber Security students=<br />
<br />
== Important Deadlines for January 2022 Defence ==<br />
* Submission of problem statement and research design document: 15th August 2021 https://moodle.taltech.ee/course/view.php?id=31686, Student key: qv374MdM<br />
<br />
* Submission of the thesis to the reviewer: 14 December 2021<br />
* OIS declaration: 13 December 2021<br />
* Submission of the final version of the thesis: 3 January 2022<br />
* Defences: 10 - 11 January 2022<br />
<br />
== Important Deadlines for May/June 2022 Defence ==<br />
<br />
* Submission of problem statement and research design document: 14 December 2021<br />
* Submission of the thesis to the reviewer: 25 April 2022<br />
* OIS declaration: 9 May 2022<br />
* Submission of the final version of the thesis: 16 May 2022<br />
* Defences: 30-31 May, 1-2 June 2022<br />
<br />
== Thesis Defence Overview ==<br />
<br />
Writing and defending an MSc thesis is an important part of the Cyber Security curriculum, as it shows that you can go deep into a specific cyber security research area. This page gives a rough overview of the process, but details should be discussed with your supervisor. This overview part is given according to the assumption that you are following a 4-semester study plan and aim to defend in the May period. If you want to defend in January, then you can adjust the planning phases accordingly.<br />
<br />
Generally, the process should start during the first year, by finding a topic-area of interest and by identifying a suitable supervisor. At the end of the second semester, it is highly recommended to have an idea about your topic and have discussed this with your supervisor.<br />
<br />
In early December, you should submit a problem statement and research design document (please, find the details, below). Sending this document is considered as a registration to the defence that will take place in next term. <br />
<br />
The next step in the process would be conducting the research. As the thesis submission deadline is around the third week of April (for students aiming to defend in January, this deadline is early December), please, plan to finish your work early April, so that your supervisor can review your thesis, give you feedback and you have time to address the feedback before your thesis is being sent to the reviewer/opponent. Jointly with your supervisor, you should then make a decision if your work is ready to be submitted for May defence (or if you need more time and prefer to submit for a January defence). The reviewer will review your thesis and give you feedback. Expect that you should receive the review about a week before the final deadline. You can continue to update your work until the final submission date. You can and should, however, incorporate the review feedback into the final copy of your thesis and defence presentation. This will allow you to make modifications, e.g., fix some typos or clarify some sections, which the reviewer pointed out.<br />
<br />
At the final submission deadline, you will have to submit your thesis. On the day of defence, you are expected to give a 15-minute presentation of your work, followed by Q&A from the opponent, committee, supervisor & audience. Make sure you prepare your 15-minute presentation well, this should not be left for the evening before the defence. <br />
<br />
Below some more detailed information. <br />
<br />
Good luck! <br />
<br />
=== Registration and submission of problem statement and research design document ===<br />
Each student is required to submit a problem statement and research design document having a length up to 10 pages. '''The document must include your name and also the names of thesis and supervisor''' (and co-supervisor if exists).<br />
<br />
About half a year before the defence, the students are required to indicate their intent to defend by this document. See deadlines above set for each semester. Typically this will be around Early December for May defences and Mid June for January defences. You will need to submit this via the TTU Moodle link given in "important deadlines" section of relevant defence period. You'll have to self-enrol yourself in that link. Feedback on the problem statement and research design document should be received within 3-4 weeks via the email account that you defined in TTU Moodle.<br />
<br />
The document should include the following sections and content:<br />
<br />
• The topic of the thesis<br />
<br />
• The name of the author<br />
<br />
• The name of the supervisor<br />
<br />
• Motivation: An overview of the addressed problem is given here. It should be explained why the problem is important and deserves a research study.<br />
<br />
• Research Problem/Hypothesis/Question: It is imperative to write a proper research problem/hypothesis/question statement(s).<br />
<br />
• Scope and Goal: This section defines the goal of the study and describes the main outcomes. It is required to specify the scope, limitations and key assumptions of the study.<br />
<br />
• Literature Review: This section includes the analysis of similar studies in the literature and gives a discussion of the research gap. It is important to link this research gap explanation with the research problem.<br />
<br />
• Novelty: This section justifies the novelty of your study, explains what the main contribution is and what the differences are when compared to similar studies.<br />
<br />
• Research Methods: The research methods that you will apply in your study are given here. The data collection and analysis methods are also covered in this section. It is needed to explain how your research outcome will be validated.<br />
<br />
• References: The resources referenced in the document are listed here. <br />
<br />
This document is evaluated according to the following criteria:<br />
<br />
Whether the author<br />
<br />
• has a well-defined problem statement,<br />
<br />
• successfully presents the significance of the problem,<br />
<br />
• knows the literature and the limits of existing solutions,<br />
<br />
• have thought about possible methods,<br />
<br />
• have thought about how to validate the proposed solution,<br />
<br />
• brings a novelty to the literature.<br />
<br />
You can find detailed information about research methods [https://courses.cs.ttu.ee/pages/Research_Method here.]<br />
<br />
=== Submission to Reviewer ===<br />
Each thesis will be assigned a reviewer or sometimes called opponent. The reviewer must have at least a Master's degree and relevant knowledge or experience in the field of the thesis topic, and they must not have a conflict of interest (such as being members in the same research group). Students and supervisor may recommend reviewer candidates, but the final assignment will be done by the thesis defence committee. <br />
<br />
A reviewer will provide written feedback (typically about two pages) on the thesis. The review should cover the following points:<br />
* short description of the thesis<br />
* strengths and weaknesses of the thesis<br />
* recommended grade (0-5, where 0 is a failing thesis and 5 is an excellent thesis) based on the clarity of the problem and the solution, complexity of the problem, suitability of the chosen solution, proper execution of the solution, and the proper formatting and language use in the thesis.<br />
* at least three questions that can be asked during the defence.<br />
<br />
Based on the student's performance at the defence the reviewer may change the recommended grade.<br />
<br />
The reviewer will receive a copy of the thesis about two-three weeks before the final/hard university deadline for submitting the thesis. The reason for this is that typically reviewers point out the typos and small factual mistakes that can be fixed in short time (about a week). The student will receive the review one week before the final submission deadline and therefore is able to address some of the comments before submitting the final version. The student can also still decide not to submit the thesis this round, but rather work on improving the quality and then submit an improved version in the next defence period.<br />
<br />
=== OIS declaration===<br />
Before a student can proceed to the thesis defence, they have to declare the thesis topic in OIS and get approval from their supervisor. Please pay careful attention to the OIS declaration deadline, as without this you will not be permitted to attend the defence. If you will defend your thesis in Tartu University, then you should do your OIS declaration to their systems according to their deadlines.<br />
<br />
=== Submission of Final Copy===<br />
<br />
Each student will submit the pdf version of the thesis, the relevant thesis metadata and licence information via moodle course page link given in "important deadlines" section of relevant defence period. Please complete the steps 1, 2 and 3 of the thesis submission on this page. <br />
<br />
In addition to submission of above materials via Moodle, one paper copy of your thesis will be collected before defence, which you will get back after defence. The details will be announced one or two weeks before the deadline. <br />
<br />
If you will defend your thesis in Tartu University, then you should submit final copy according to the procedures and deadlines of Tartu University. <br />
<br />
<br />
NB! Do not forget that you need to prepare a '''15 min presentation for your defence'''. This should really not be left to the evening before the defence!<br />
<br />
=== The defence procedure ===<br />
On the day of defence, students will present their theses according to the announced schedule. Generally, the results will be announced at the end of the day.<br />
<br />
The defence procedure for each student consists of the following steps:<br />
* the committee Chairman announces the name of the student, the topic of the thesis, and the names of the supervisor(s) and reviewer.<br />
* the student presents his or her thesis in 15 minutes.<br />
* the student answers the reviewer's questions and the reviewer recommends a grade. This recommendation may differ from the preliminary recommendation, based on how successful the defence was.<br />
* the student answers questions from the committee. <br />
* the student answers questions from the audience.<br />
* the supervisor gives his or her opinion of the thesis and recommends a grade.<br />
<br />
NB! The recommended grades by the reviewer and the supervisor are not binding to the committee, who makes the final decision.<br />
<br />
* After the thesis defence, please visit the Dean's Office for more information about final formalities.<br />
* [http://lab.cs.ttu.ee/theses Upload your thesis if you would like to have it public]<br />
<br />
== Formal Requirements and recommendations ==<br />
<br />
Until further notice, please use the formatting guide from the School of Information Technologies (link to the guide is given [https://www.taltech.ee/en/thesis-and-graduation-it#p43359 here]). Please note that you will have to change the title page as of 01.01.2017:<br />
* write "School of Information Technology" instead of "Faculty of Information Technology"<br />
* write "Department of Software Science" instead of "Department of Computer Engineering".<br />
<br />
The thesis code for IVCM is ITC70LT.<br />
<br />
The following advices can be considered for a master thesis<br />
* a title page, an author declaration, an annotation in English and Estonian, a list of contents, and references are required in the thesis<br />
* 50-80 pages + appendices if needed<br />
* Times New Roman (or similar), font size 12, 1.5 spacing used for the ordinary text<br />
* Headings are numbered and no more than 3 levels used<br />
* Don't forget page numbers<br />
<br />
== Topic and supervisor ==<br />
Every student must have a supervisor when writing the thesis. The supervisor's role is to provide guidance on topic selection and research methods, as well as to give feedback on your work. It is not the supervisor's duty to correct spelling mistakes or formatting errors - they may point such things out, but the responsibility remains with you. Before a thesis will be accepted for defence, the supervisor has to agree that it is of sufficient quality.<br />
<br />
Almost any professor and lecturer you have met in your curriculum can act as an supervisor of your thesis. Some of them have some open problems suitable for doing research and writing a thesis, but many may not have a topic to offer right away. It is usually more helpful to have an initial idea of a topic of your thesis and ask someone with interests in the related field to advise you. You can have a supervisor not related to the university, but he can act only as a co-supervisor and you need to agree to somebody related to the curricula or the [http://www.ttu.ee/faculty-of-information-technology/faculty-of-information-technology-1/about-faculty-2/departments/department-of-computer-science-2/ leading institute] of the curriculum to be an official co-supervisor. All (co-)supervisors must have at least a Master's degree.<br />
<br />
When refining a topic idea, make sure it has a clear connection with cyber security.<br />
<br />
NB!<br />
Theses supervised by supervisors from the University of Tartu (UT) have to be defended in UT. Exceptions are possible, but need do be approved by the program manager.<br />
<br />
If you will defend your thesis in UT, then you should do your thesis declaration according to the procedures and deadlines of UT. Thesis related guidelines and regulations are available at: https://www.cs.ut.ee/en/studying/guidelines-regulations In case of any questions contact UT Institute of Computer Science Academic Affairs Specialist Maarja Kungla (maarja.kungla@ut.ee).<br />
<br />
== Potential supervisors & proposed topics ==<br />
<br />
'''The topics below are offered by potential (co-)supervisors (in alphabetical order). The list is updated as new offers emerge.'''<br />
<br />
==== From Marko Arik, Industry PhD student, Talgen Cybersecurity Ltd. marko.arik@taltech.ee ==== <br />
<br />
* Cyber Operations<br />
* Informational Environment<br />
* Individual competences in Cyber<br />
<br />
==== From Hayretdin Bahsi, Tallinn University of Technology, hayretdin.bahsi@taltech.ee ====<br />
<br />
I am interested in various topics which can be categorized as technical and organizational. If you already have specific topics in your mind, we can discuss them and decide to work together. <br />
<br />
Technical Topics<br />
<br />
* Application of machine learning and data mining methods to the following cyber security problems: Malware detection, botnet identification, code security review, intrusion detection in cyber-physical systems, IoT network or robotic systems <br />
* Cyber security of IoT, cyber-physical systems: Development of a security testbed, threat modelling, honeypots, intrusion detection systems<br />
* Digital Forensics: Forensics issues in cyber-physical systems, IoT networks or robotics systems, mobile forensics, blockchain forensics<br />
<br />
Organizational Topics<br />
<br />
* Security operation center (SOC) models<br />
* Case studies for the improvement of SOC processes such as threat monitoring, incident handling, vulnerability management or situational awareness<br />
<br />
==== From Aivo Kalu, Cybernetica AS ====<br />
<br />
1. Comparison of identity/authentication/signing APIs from security and architecture viewpoint<br />
<br />
This might be suitable for student, who is more interested about software developing/architecture aspects, but still related to security as well. In short, there are many competing API-s in the Baltic/Nordic region, which are used in practice, to request the authentication or signatures. For example: <br />
<br />
* https://github.com/SK-EID/smart-id-documentation/blob/master/README.md<br />
* https://github.com/SK-EID/MID<br />
* https://developers.dokobit.com<br />
* https://developer.signicat.com/apis/sign-api/sign-api-v1/<br />
* https://github.com/open-eid/SiGa/wiki/Hashcode-API-description<br />
<br />
and also, there are the “canonical” or “standard" ones like OIDC and SAML and DSS (http://docs.oasis-open.org/dss/v1.0/oasis-dss-core-spec-v1.0-os.html). Which one is good? Which one has the best properties from software point of view or security point of view? Which one to use for future integrations? How do we even compare them?<br />
<br />
2. Apply Smart-ID authentication and digital signatures (or underlying SplitKey technology) in novel bitcoin/blockchain/SSI/DID use cases.<br />
<br />
For example, last year, there was the master thesis https://www.semanticscholar.org/paper/Aleksandr-Ts%C3%B5ganov-Integrating-User-Identity-with-Ts%C3%B5ganov-Pintado/30c653214f5a30ed46343058039d4b53a8d326f9?utm_source=email. <br />
<br />
If there’s some additional ideas, about where to apply the Smart-ID authentication services or perhaps to do more deeper integration with the SplitKey technology, we could discuss and see, if some interesting project might come out of this. <br />
<br />
3. Compare the attack model of the FIDO with the attack model of Smart-ID. <br />
<br />
The current Smart-ID authentication API (https://github.com/SK-EID/smart-id-documentation/blob/master/README.md) specifies how the anonymous session with the web-site becomes the authenticated session. Compare the security properties of this authentication flow with https://www.w3.org/TR/webauthn-2/ and https://fidoalliance.org/specs/fido-v2.0-id-20180227/fido-security-ref-v2.0-id-20180227.html<br />
<br />
4. Compare the properties of Smart-ID with framework by Bonneau et al.<br />
<br />
Take the https://www.cl.cam.ac.uk/~fms27/papers/2012-BonneauHerOorSta-password--oakland.pdf and the properties described there and analyse, which ones are satisfied by Smart-ID, which ones are not satisfied, which ones are already pointless in the year 2020. Compare with http://fc16.ifca.ai/preproceedings/25_Lang.pdf, which does the same kind exercise for FIDO in the section 6.1.<br />
<br />
==== From Jüri Kivimaa, Tallinn University of Technology ====<br />
* IT security economics<br />
* security cost optimization<br />
<br />
==== From Shaymaa Khalil, TalTech ====<br />
<br />
Interested in (but not limited to) topics related to:<br />
<br />
Industrial control systems: threat modeling, security, threat detection, testbeds, and education programs<br />
<br />
Digital Forensics topics, especially topics related to Industrial control systems, Windows OS and Digital Forensics tools benchmarking<br />
<br />
==== From Toomas Lepik, Tallinn University of Technology ====<br />
<br />
toomas.lepik@taltech.ee<br />
<br />
General areas:<br />
<br />
* Network Forensic (related data analysis)<br />
* Reverse engineering (including malware analysis)<br />
* SCADA security <br />
* Incident Handling.<br />
<br />
[https://courses.cs.ttu.ee/pages/Thesis/tl/ A bit more specific research ideas ]<br />
<br />
==== From Birgy Lorenz, Tallinn University of Technology ====<br />
birgy.lorenz@ttu.ee<br />
<br />
* human factors in cybersecurity<br />
* cyber awareness and training (kindergarten, schools, laypersons)<br />
* cybersecurity young talents skills and its development and testing<br />
* women in cybersecurity<br />
<br />
==== From Kaie Maennel, Tallinn University of Technology ====<br />
(kaie.maennel@ttu.ee)<br />
<br />
- cyber awareness and hygiene<br />
<br />
- cyber security learning and teaching (e.g., serious games, cyber defense exercises, etc.)<br />
<br />
- learning analytics in cyber security training context<br />
<br />
- human factors in cyber security<br />
<br />
- cybersecurity risk assessment and management<br />
<br />
- IT and cybersecurity audits<br />
<br />
==== From [https://maennel.net Olaf Maennel], Tallinn University of Technology, olaf.maennel@ttu.ee ====<br />
<br />
* Network security & network measurements (active & passive)<br />
* WAN-routing & security (IPv6, BGP/BGPsec,...)<br />
<br />
==== From Sten Mäses, Tallinn University of Technology ====<br />
<br />
* Creating educational hands-on virtual labs in rangeforce.com platform<br />
<br />
==== From Andrew Roberts, Tallinn University of Technology ====<br />
Topics: <br />
1. Evaluation of Methods for Threat and Risk Assessment of Autonomous Self-Driving Vehicles<br />
2. Design and Development of a cyber range for Autonomous self-driving vehicles <br />
Contribution: <br />
<br />
Topic 1: The outcome of this work will form part of TUT contribution to standards and methods research within the International Alliance for Mobility Testing and Standardisation (IAMTS). <br />
<br />
Topic 2: The developed cyber range will be integrated into the EU ECHO-Federated Cyber Range.<br />
<br />
==== From Anna-Maria Osula, Tallinn University of Technology ====<br />
<br />
* legal aspects of cyber security <br />
* international law<br />
<br />
==== From Rain Ottis, Tallinn University of Technology ====<br />
<br />
* national cyber security<br />
* serious games in cyber security/cyber security exercises<br />
<br />
==== From Mauno Pihelgas NATO CCDCOE ==== <br />
* system monitoring<br />
* network monitoring<br />
* IDS/IPS systems<br />
* insider threat detection<br />
<br />
==== From Jaan Priisalu, Tallinn University of Technology ====<br />
<br />
* TBD<br />
<br />
==== From Matthew Sorell, Tallinn University of Technology / Adelaide University Australia ====<br />
<br />
Matthew James Sorell <matthew.sorell@taltech.ee> <br />
<br />
1. A risk-based decision approach for handling digital devices at a crime scene.<br />
<br />
It is common for electronic devices such as mobile phones to be discovered at a crime scene, but the means for securing the device is becoming increasingly complex. In spite of this, evidence handling procedures are often static and increasingly out of date, leading to the loss of critical evidence in serious crime.<br />
<br />
The phone may be remotely wiped; picking it up may activate motion sensors; and in some cases (such as missing persons) the urgency of the evidence needs to be weighed against securing forensic evidence for investigation and prosecution. <br />
<br />
In this research, we consider the development of a risk-based approach to advising crime scene investigators to handle digital devices in the least-worst way.<br />
<br />
<br />
2. Feasible route mapping<br />
<br />
When examining timestamped geolocation data, it is often useful to determine feasible routes which could be taken from one location to another. <br />
<br />
Google Maps, for example, provides directions and sometimes provides a small number of alternatives. For criminal investigation, a heatmap of feasible routes would support investigators with a means to rapidly evaluate the context of movement in and around a crime. <br />
<br />
In this project, we propose to use the Google Maps Platform (https://developers.google.com/maps/gmp-get-started) to build, through statistical sampling, a heatmap of feasible routes subject to time and modes-of-transportation constraints.<br />
<br />
==== From Tiia Sõmer, Tallinn University of Technology ==== <br />
<br />
Currently no topics on offer.<br />
<br />
<br />
==== From Stefan Sütterlin, Tallinn University of Technology & Østfold University College ====<br />
(stefan.sutterlin@hiof.no)<br />
<br />
- cognitive science and performance in cyber defence<br />
<br />
- human factors in cyber security<br />
<br />
- cyberpsychology<br />
<br />
- decision-making<br />
<br />
- cognitive biases <br />
<br />
- cybersecurity awareness<br />
<br />
==== From Eneken Tikk, Tallinn University of Technology ====<br />
* Technical and organizational implementation of the GDPR <br />
* Monetization of personal data <br />
* Economics of cybersecurity (the cost of implementation relative to the anticipated and evidenced gains) <br />
* Cyber insurance<br />
* Non-military strategies for national and international cybersecurity<br />
* Legal aspects of cybersecurity<br />
<br />
==== From Risto Vaarandi, Tallinn University of Technology ====<br />
<br />
Here are potential areas for selecting a thesis topic:<br />
<br />
* event log collection<br />
* event log analysis<br />
* event correlation<br />
* network monitoring<br />
* intrusion detection<br />
* any area that is connected to security monitoring<br />
* various other system security engineering topics (for example, system hardening or firewalling)<br />
<br />
When applying for supervision, preference is given to students who have either passed the Cyber Defense Monitoring Solutions course with grade 4 or 5, or have previous engineering experience in the research area (for example, writing a thesis on network intrusion detection requires previous experience with network IDS systems). Before applying, make sure you have selected at least one initial thesis topic suggestion with a background research about its validity.<br />
<br />
==== From Adrian Venables, Tallinn University of Technology ====<br />
<br />
* Cyber security aspects of Information Warfare<br />
* Information Advantage doctrine development<br />
* Influence Operations<br />
<br />
Note: a background in International Relations, Political Science or Strategic Studies is required<br />
<br />
<br />
==== From Gabor Visky, NATO CCDCOE / TalTech ====<br />
<br />
Gabor Visky <gabor.visky@ccdcoe.org><br />
<br />
* Network traffic analysis in the maritime cyber-lab<br />
<br />
<br />
<br />
==== From the TalTech IT office ====<br />
Infrastructure<br />
* Migrating TUT Campus LAN to IPv6; Edgars Zigurs<br />
* Implementing a freeware SIEM solution in TUT; Edgars Zigurs<br />
* Campus WiFi quality and signal strength modeling (3D); Edgars Zigurs<br />
<br />
Development<br />
* electronic door signs, room calendars, etc.; Thomas Lepik<br />
* VoIP solutions - softphone, integration with existing information systems; Thomas Lepik<br />
* integrating last generation BMS (Building Management System); Thomas Lepik<br />
* the student view of OIS (usability, security, re-design); Enn Rebane<br />
<br />
==== From the Tartu University thesis topic registry ====<br />
NB! Theses supervised by supervisors from the University of Tartu (UT) have to be defended in UT. Exceptions are possible, but need do be approved by the program manager. If you will defend your thesis in UT, then you should do your thesis declaration according to the procedures and deadlines of UT. Thesis related guidelines and regulations are available at: https://www.cs.ut.ee/en/studying/guidelines-regulations<br />
In case of any questions contact UT Institute of Computer Science Academic Affairs Specialist Maarja Kungla (maarja.kungla@ut.ee).<br />
<br />
- Arnis Paršovs, University of Tartu, arnis@ut.ee<br />
* eID<br />
* PKI<br />
* TLS<br />
* Smart cards<br />
<br />
A full list of thesis topics offered by the [https://acs.cs.ut.ee/ Applied Cyber Security Group (UT)] is available in the [https://comserv.cs.ut.ee/ati_thesis_offers/index.php?year=all&keywords=acs thesis topics database].<br />
<br />
Students can also get access to various [https://acs.cs.ut.ee/hardware/ hardware] that can be used for research experiments.<br />
<br />
- Dominique Unruh, University of Tartu, <dominique.unruh@ut.ee> <br />
<br />
- Vitaly Skachek, University of Tartu, <vitaly.skachek@ut.ee><br />
<br />
- Meelis Roos, University of Tartu, <meelis.roos@ut.ee><br />
<br />
- Mubashar Iqbal, University of Tartu, <mubashar.iqbal@ut.ee><br />
<br />
- Abasi-Amefon Obot Affia, University of Tartu, <amefon.affia@ut.ee><br />
<br />
- Mari Seeba, University of Tartu, <mari.seeba@ut.ee><br />
<br />
- Sabah Suhail, University of Tartu,<br />
<br />
- Raimundas Matulevicius, University of Tartu, <raimundas.matulevicius@ut.ee><br />
<br />
<br />
Some topics are provided at <https://infosec.cs.ut.ee/Main/ThesisTopics><br />
<br />
For other topics, students can contact directly the supervisors and course lecturers.<br />
<br />
==== From Estonian Police ====<br />
* Vaatlustarkvarade EnCase ja Autopsy võrdlus (selgituseks, et Autopsy on EnCase analoog, kuid tasuta. Vajalik oleks täpne analüüs, et mida Autopsy võimaldab ja mida mitte võrreldes EnCase ja/või FTKga).<br />
<br />
* Erinevate suhtlustarkvarade (WhatsApp, Viber, FB Messenger, Skype jt) jäljed mobiiltelefonides ja nende analüüsimine (selgituseks, et üldjuhul loovad suhtlustarkvarad mingi andmebaasi vestlustega ka telefoni, kas see on krüpteeritud või mitte? Osad vestlused XRY tuvastab, aga millistel juhtudel? Millised võimalused oleks neid faile nö käsitsi uurida?).<br />
<br />
* Tõendiahela kirjeldamine elektrooniliste tõendite fikseerimisel (chain of custody)/Elektroonilise sisu erikohtlemine asitõendi vaatlusel/Digitaaltõendite vaatluse kord – erinevate riikid analüüs ja võrdlus.<br />
<br />
* P2P võrkudes lastest ebasündsate piltide levitajate tuvastamine/P2P võrkudes illegaalse internetisisu levitajate tuvastamine.<br />
<br />
* Koolituskava väljatöötamine uurijale/menetlejale, kes puutub kokku digitaalsete tõenditega- erinevate riikide praktika võrdlus.<br />
<br />
* Ask Rain Ottis for a POC on these topics.<br />
<br />
== Useful links ==<br />
[https://drive.google.com/file/d/0B7yq33Gize8ydEh5X0NxeWtZc3c/edit ITX8040 Thesis advice slides]<br />
<br />
[https://www.taltech.ee/en/thesis-and-graduation-it#p43359 Format requirements of a thesis and MS-Word Template (TalTech)]<br />
<br />
[https://gitlab.cs.ttu.ee/templates/phd-thesis LATEX template for master thesis (TalTech) (accessible by UNI-ID)]<br />
<br />
[http://www.lib.ttu.ee/dbs/abaasid.asp Databases, books, research papers accessible from the TTU network]<br />
<br />
[https://courses.cs.ttu.ee/pages/Research_Method An Overview of Research Methods]<br />
<br />
[https://courses.cs.ttu.ee/pages/Defended_thesis_cyber Previously Defended Theses]</div>Kristihttp://courses.cs.taltech.ee/w/index.php?title=Thesis&diff=10240Thesis2021-10-25T09:10:28Z<p>Kristi: /* Important Deadlines for May/June 2022 Defence */</p>
<hr />
<div>=Thesis info for Cyber Security students=<br />
<br />
== Important Deadlines for January 2022 Defence ==<br />
* Submission of problem statement and research design document: 15th August 2021 https://moodle.taltech.ee/course/view.php?id=31686, Student key: qv374MdM<br />
<br />
* Submission of the thesis to the reviewer: 14 December 2021<br />
* OIS declaration: 13 December 2021<br />
* Submission of the final version of the thesis: 3 January 2022<br />
* Defences: 10 - 11 January 2022<br />
<br />
== Important Deadlines for May/June 2022 Defence ==<br />
<br />
* Submission of problem statement and research design document: 14 December 2021<br />
* Submission of the thesis to the reviewer: TBD<br />
* OIS declaration: 9 May 2022<br />
* Submission of the final version of the thesis: TBD<br />
* Defences: TBD<br />
<br />
== Thesis Defence Overview ==<br />
<br />
Writing and defending an MSc thesis is an important part of the Cyber Security curriculum, as it shows that you can go deep into a specific cyber security research area. This page gives a rough overview of the process, but details should be discussed with your supervisor. This overview part is given according to the assumption that you are following a 4-semester study plan and aim to defend in the May period. If you want to defend in January, then you can adjust the planning phases accordingly.<br />
<br />
Generally, the process should start during the first year, by finding a topic-area of interest and by identifying a suitable supervisor. At the end of the second semester, it is highly recommended to have an idea about your topic and have discussed this with your supervisor.<br />
<br />
In early December, you should submit a problem statement and research design document (please, find the details, below). Sending this document is considered as a registration to the defence that will take place in next term. <br />
<br />
The next step in the process would be conducting the research. As the thesis submission deadline is around the third week of April (for students aiming to defend in January, this deadline is early December), please, plan to finish your work early April, so that your supervisor can review your thesis, give you feedback and you have time to address the feedback before your thesis is being sent to the reviewer/opponent. Jointly with your supervisor, you should then make a decision if your work is ready to be submitted for May defence (or if you need more time and prefer to submit for a January defence). The reviewer will review your thesis and give you feedback. Expect that you should receive the review about a week before the final deadline. You can continue to update your work until the final submission date. You can and should, however, incorporate the review feedback into the final copy of your thesis and defence presentation. This will allow you to make modifications, e.g., fix some typos or clarify some sections, which the reviewer pointed out.<br />
<br />
At the final submission deadline, you will have to submit your thesis. On the day of defence, you are expected to give a 15-minute presentation of your work, followed by Q&A from the opponent, committee, supervisor & audience. Make sure you prepare your 15-minute presentation well, this should not be left for the evening before the defence. <br />
<br />
Below some more detailed information. <br />
<br />
Good luck! <br />
<br />
=== Registration and submission of problem statement and research design document ===<br />
Each student is required to submit a problem statement and research design document having a length up to 10 pages. '''The document must include your name and also the names of thesis and supervisor''' (and co-supervisor if exists).<br />
<br />
About half a year before the defence, the students are required to indicate their intent to defend by this document. See deadlines above set for each semester. Typically this will be around Early December for May defences and Mid June for January defences. You will need to submit this via the TTU Moodle link given in "important deadlines" section of relevant defence period. You'll have to self-enrol yourself in that link. Feedback on the problem statement and research design document should be received within 3-4 weeks via the email account that you defined in TTU Moodle.<br />
<br />
The document should include the following sections and content:<br />
<br />
• The topic of the thesis<br />
<br />
• The name of the author<br />
<br />
• The name of the supervisor<br />
<br />
• Motivation: An overview of the addressed problem is given here. It should be explained why the problem is important and deserves a research study.<br />
<br />
• Research Problem/Hypothesis/Question: It is imperative to write a proper research problem/hypothesis/question statement(s).<br />
<br />
• Scope and Goal: This section defines the goal of the study and describes the main outcomes. It is required to specify the scope, limitations and key assumptions of the study.<br />
<br />
• Literature Review: This section includes the analysis of similar studies in the literature and gives a discussion of the research gap. It is important to link this research gap explanation with the research problem.<br />
<br />
• Novelty: This section justifies the novelty of your study, explains what the main contribution is and what the differences are when compared to similar studies.<br />
<br />
• Research Methods: The research methods that you will apply in your study are given here. The data collection and analysis methods are also covered in this section. It is needed to explain how your research outcome will be validated.<br />
<br />
• References: The resources referenced in the document are listed here. <br />
<br />
This document is evaluated according to the following criteria:<br />
<br />
Whether the author<br />
<br />
• has a well-defined problem statement,<br />
<br />
• successfully presents the significance of the problem,<br />
<br />
• knows the literature and the limits of existing solutions,<br />
<br />
• have thought about possible methods,<br />
<br />
• have thought about how to validate the proposed solution,<br />
<br />
• brings a novelty to the literature.<br />
<br />
You can find detailed information about research methods [https://courses.cs.ttu.ee/pages/Research_Method here.]<br />
<br />
=== Submission to Reviewer ===<br />
Each thesis will be assigned a reviewer or sometimes called opponent. The reviewer must have at least a Master's degree and relevant knowledge or experience in the field of the thesis topic, and they must not have a conflict of interest (such as being members in the same research group). Students and supervisor may recommend reviewer candidates, but the final assignment will be done by the thesis defence committee. <br />
<br />
A reviewer will provide written feedback (typically about two pages) on the thesis. The review should cover the following points:<br />
* short description of the thesis<br />
* strengths and weaknesses of the thesis<br />
* recommended grade (0-5, where 0 is a failing thesis and 5 is an excellent thesis) based on the clarity of the problem and the solution, complexity of the problem, suitability of the chosen solution, proper execution of the solution, and the proper formatting and language use in the thesis.<br />
* at least three questions that can be asked during the defence.<br />
<br />
Based on the student's performance at the defence the reviewer may change the recommended grade.<br />
<br />
The reviewer will receive a copy of the thesis about two-three weeks before the final/hard university deadline for submitting the thesis. The reason for this is that typically reviewers point out the typos and small factual mistakes that can be fixed in short time (about a week). The student will receive the review one week before the final submission deadline and therefore is able to address some of the comments before submitting the final version. The student can also still decide not to submit the thesis this round, but rather work on improving the quality and then submit an improved version in the next defence period.<br />
<br />
=== OIS declaration===<br />
Before a student can proceed to the thesis defence, they have to declare the thesis topic in OIS and get approval from their supervisor. Please pay careful attention to the OIS declaration deadline, as without this you will not be permitted to attend the defence. If you will defend your thesis in Tartu University, then you should do your OIS declaration to their systems according to their deadlines.<br />
<br />
=== Submission of Final Copy===<br />
<br />
Each student will submit the pdf version of the thesis, the relevant thesis metadata and licence information via moodle course page link given in "important deadlines" section of relevant defence period. Please complete the steps 1, 2 and 3 of the thesis submission on this page. <br />
<br />
In addition to submission of above materials via Moodle, one paper copy of your thesis will be collected before defence, which you will get back after defence. The details will be announced one or two weeks before the deadline. <br />
<br />
If you will defend your thesis in Tartu University, then you should submit final copy according to the procedures and deadlines of Tartu University. <br />
<br />
<br />
NB! Do not forget that you need to prepare a '''15 min presentation for your defence'''. This should really not be left to the evening before the defence!<br />
<br />
=== The defence procedure ===<br />
On the day of defence, students will present their theses according to the announced schedule. Generally, the results will be announced at the end of the day.<br />
<br />
The defence procedure for each student consists of the following steps:<br />
* the committee Chairman announces the name of the student, the topic of the thesis, and the names of the supervisor(s) and reviewer.<br />
* the student presents his or her thesis in 15 minutes.<br />
* the student answers the reviewer's questions and the reviewer recommends a grade. This recommendation may differ from the preliminary recommendation, based on how successful the defence was.<br />
* the student answers questions from the committee. <br />
* the student answers questions from the audience.<br />
* the supervisor gives his or her opinion of the thesis and recommends a grade.<br />
<br />
NB! The recommended grades by the reviewer and the supervisor are not binding to the committee, who makes the final decision.<br />
<br />
* After the thesis defence, please visit the Dean's Office for more information about final formalities.<br />
* [http://lab.cs.ttu.ee/theses Upload your thesis if you would like to have it public]<br />
<br />
== Formal Requirements and recommendations ==<br />
<br />
Until further notice, please use the formatting guide from the School of Information Technologies (link to the guide is given [https://www.taltech.ee/en/thesis-and-graduation-it#p43359 here]). Please note that you will have to change the title page as of 01.01.2017:<br />
* write "School of Information Technology" instead of "Faculty of Information Technology"<br />
* write "Department of Software Science" instead of "Department of Computer Engineering".<br />
<br />
The thesis code for IVCM is ITC70LT.<br />
<br />
The following advices can be considered for a master thesis<br />
* a title page, an author declaration, an annotation in English and Estonian, a list of contents, and references are required in the thesis<br />
* 50-80 pages + appendices if needed<br />
* Times New Roman (or similar), font size 12, 1.5 spacing used for the ordinary text<br />
* Headings are numbered and no more than 3 levels used<br />
* Don't forget page numbers<br />
<br />
== Topic and supervisor ==<br />
Every student must have a supervisor when writing the thesis. The supervisor's role is to provide guidance on topic selection and research methods, as well as to give feedback on your work. It is not the supervisor's duty to correct spelling mistakes or formatting errors - they may point such things out, but the responsibility remains with you. Before a thesis will be accepted for defence, the supervisor has to agree that it is of sufficient quality.<br />
<br />
Almost any professor and lecturer you have met in your curriculum can act as an supervisor of your thesis. Some of them have some open problems suitable for doing research and writing a thesis, but many may not have a topic to offer right away. It is usually more helpful to have an initial idea of a topic of your thesis and ask someone with interests in the related field to advise you. You can have a supervisor not related to the university, but he can act only as a co-supervisor and you need to agree to somebody related to the curricula or the [http://www.ttu.ee/faculty-of-information-technology/faculty-of-information-technology-1/about-faculty-2/departments/department-of-computer-science-2/ leading institute] of the curriculum to be an official co-supervisor. All (co-)supervisors must have at least a Master's degree.<br />
<br />
When refining a topic idea, make sure it has a clear connection with cyber security.<br />
<br />
NB!<br />
Theses supervised by supervisors from the University of Tartu (UT) have to be defended in UT. Exceptions are possible, but need do be approved by the program manager.<br />
<br />
If you will defend your thesis in UT, then you should do your thesis declaration according to the procedures and deadlines of UT. Thesis related guidelines and regulations are available at: https://www.cs.ut.ee/en/studying/guidelines-regulations In case of any questions contact UT Institute of Computer Science Academic Affairs Specialist Maarja Kungla (maarja.kungla@ut.ee).<br />
<br />
== Potential supervisors & proposed topics ==<br />
<br />
'''The topics below are offered by potential (co-)supervisors (in alphabetical order). The list is updated as new offers emerge.'''<br />
<br />
==== From Marko Arik, Industry PhD student, Talgen Cybersecurity Ltd. marko.arik@taltech.ee ==== <br />
<br />
* Cyber Operations<br />
* Informational Environment<br />
* Individual competences in Cyber<br />
<br />
==== From Hayretdin Bahsi, Tallinn University of Technology, hayretdin.bahsi@taltech.ee ====<br />
<br />
I am interested in various topics which can be categorized as technical and organizational. If you already have specific topics in your mind, we can discuss them and decide to work together. <br />
<br />
Technical Topics<br />
<br />
* Application of machine learning and data mining methods to the following cyber security problems: Malware detection, botnet identification, code security review, intrusion detection in cyber-physical systems, IoT network or robotic systems <br />
* Cyber security of IoT, cyber-physical systems: Development of a security testbed, threat modelling, honeypots, intrusion detection systems<br />
* Digital Forensics: Forensics issues in cyber-physical systems, IoT networks or robotics systems, mobile forensics, blockchain forensics<br />
<br />
Organizational Topics<br />
<br />
* Security operation center (SOC) models<br />
* Case studies for the improvement of SOC processes such as threat monitoring, incident handling, vulnerability management or situational awareness<br />
<br />
==== From Aivo Kalu, Cybernetica AS ====<br />
<br />
1. Comparison of identity/authentication/signing APIs from security and architecture viewpoint<br />
<br />
This might be suitable for student, who is more interested about software developing/architecture aspects, but still related to security as well. In short, there are many competing API-s in the Baltic/Nordic region, which are used in practice, to request the authentication or signatures. For example: <br />
<br />
* https://github.com/SK-EID/smart-id-documentation/blob/master/README.md<br />
* https://github.com/SK-EID/MID<br />
* https://developers.dokobit.com<br />
* https://developer.signicat.com/apis/sign-api/sign-api-v1/<br />
* https://github.com/open-eid/SiGa/wiki/Hashcode-API-description<br />
<br />
and also, there are the “canonical” or “standard" ones like OIDC and SAML and DSS (http://docs.oasis-open.org/dss/v1.0/oasis-dss-core-spec-v1.0-os.html). Which one is good? Which one has the best properties from software point of view or security point of view? Which one to use for future integrations? How do we even compare them?<br />
<br />
2. Apply Smart-ID authentication and digital signatures (or underlying SplitKey technology) in novel bitcoin/blockchain/SSI/DID use cases.<br />
<br />
For example, last year, there was the master thesis https://www.semanticscholar.org/paper/Aleksandr-Ts%C3%B5ganov-Integrating-User-Identity-with-Ts%C3%B5ganov-Pintado/30c653214f5a30ed46343058039d4b53a8d326f9?utm_source=email. <br />
<br />
If there’s some additional ideas, about where to apply the Smart-ID authentication services or perhaps to do more deeper integration with the SplitKey technology, we could discuss and see, if some interesting project might come out of this. <br />
<br />
3. Compare the attack model of the FIDO with the attack model of Smart-ID. <br />
<br />
The current Smart-ID authentication API (https://github.com/SK-EID/smart-id-documentation/blob/master/README.md) specifies how the anonymous session with the web-site becomes the authenticated session. Compare the security properties of this authentication flow with https://www.w3.org/TR/webauthn-2/ and https://fidoalliance.org/specs/fido-v2.0-id-20180227/fido-security-ref-v2.0-id-20180227.html<br />
<br />
4. Compare the properties of Smart-ID with framework by Bonneau et al.<br />
<br />
Take the https://www.cl.cam.ac.uk/~fms27/papers/2012-BonneauHerOorSta-password--oakland.pdf and the properties described there and analyse, which ones are satisfied by Smart-ID, which ones are not satisfied, which ones are already pointless in the year 2020. Compare with http://fc16.ifca.ai/preproceedings/25_Lang.pdf, which does the same kind exercise for FIDO in the section 6.1.<br />
<br />
==== From Jüri Kivimaa, Tallinn University of Technology ====<br />
* IT security economics<br />
* security cost optimization<br />
<br />
==== From Shaymaa Khalil, TalTech ====<br />
<br />
Interested in (but not limited to) topics related to:<br />
<br />
Industrial control systems: threat modeling, security, threat detection, testbeds, and education programs<br />
<br />
Digital Forensics topics, especially topics related to Industrial control systems, Windows OS and Digital Forensics tools benchmarking<br />
<br />
==== From Toomas Lepik, Tallinn University of Technology ====<br />
<br />
toomas.lepik@taltech.ee<br />
<br />
General areas:<br />
<br />
* Network Forensic (related data analysis)<br />
* Reverse engineering (including malware analysis)<br />
* SCADA security <br />
* Incident Handling.<br />
<br />
[https://courses.cs.ttu.ee/pages/Thesis/tl/ A bit more specific research ideas ]<br />
<br />
==== From Birgy Lorenz, Tallinn University of Technology ====<br />
birgy.lorenz@ttu.ee<br />
<br />
* human factors in cybersecurity<br />
* cyber awareness and training (kindergarten, schools, laypersons)<br />
* cybersecurity young talents skills and its development and testing<br />
* women in cybersecurity<br />
<br />
==== From Kaie Maennel, Tallinn University of Technology ====<br />
(kaie.maennel@ttu.ee)<br />
<br />
- cyber awareness and hygiene<br />
<br />
- cyber security learning and teaching (e.g., serious games, cyber defense exercises, etc.)<br />
<br />
- learning analytics in cyber security training context<br />
<br />
- human factors in cyber security<br />
<br />
- cybersecurity risk assessment and management<br />
<br />
- IT and cybersecurity audits<br />
<br />
==== From [https://maennel.net Olaf Maennel], Tallinn University of Technology, olaf.maennel@ttu.ee ====<br />
<br />
* Network security & network measurements (active & passive)<br />
* WAN-routing & security (IPv6, BGP/BGPsec,...)<br />
<br />
==== From Sten Mäses, Tallinn University of Technology ====<br />
<br />
* Creating educational hands-on virtual labs in rangeforce.com platform<br />
<br />
==== From Andrew Roberts, Tallinn University of Technology ====<br />
Topics: <br />
1. Evaluation of Methods for Threat and Risk Assessment of Autonomous Self-Driving Vehicles<br />
2. Design and Development of a cyber range for Autonomous self-driving vehicles <br />
Contribution: <br />
<br />
Topic 1: The outcome of this work will form part of TUT contribution to standards and methods research within the International Alliance for Mobility Testing and Standardisation (IAMTS). <br />
<br />
Topic 2: The developed cyber range will be integrated into the EU ECHO-Federated Cyber Range.<br />
<br />
==== From Anna-Maria Osula, Tallinn University of Technology ====<br />
<br />
* legal aspects of cyber security <br />
* international law<br />
<br />
==== From Rain Ottis, Tallinn University of Technology ====<br />
<br />
* national cyber security<br />
* serious games in cyber security/cyber security exercises<br />
<br />
==== From Mauno Pihelgas NATO CCDCOE ==== <br />
* system monitoring<br />
* network monitoring<br />
* IDS/IPS systems<br />
* insider threat detection<br />
<br />
==== From Jaan Priisalu, Tallinn University of Technology ====<br />
<br />
* TBD<br />
<br />
==== From Matthew Sorell, Tallinn University of Technology / Adelaide University Australia ====<br />
<br />
Matthew James Sorell <matthew.sorell@taltech.ee> <br />
<br />
1. A risk-based decision approach for handling digital devices at a crime scene.<br />
<br />
It is common for electronic devices such as mobile phones to be discovered at a crime scene, but the means for securing the device is becoming increasingly complex. In spite of this, evidence handling procedures are often static and increasingly out of date, leading to the loss of critical evidence in serious crime.<br />
<br />
The phone may be remotely wiped; picking it up may activate motion sensors; and in some cases (such as missing persons) the urgency of the evidence needs to be weighed against securing forensic evidence for investigation and prosecution. <br />
<br />
In this research, we consider the development of a risk-based approach to advising crime scene investigators to handle digital devices in the least-worst way.<br />
<br />
<br />
2. Feasible route mapping<br />
<br />
When examining timestamped geolocation data, it is often useful to determine feasible routes which could be taken from one location to another. <br />
<br />
Google Maps, for example, provides directions and sometimes provides a small number of alternatives. For criminal investigation, a heatmap of feasible routes would support investigators with a means to rapidly evaluate the context of movement in and around a crime. <br />
<br />
In this project, we propose to use the Google Maps Platform (https://developers.google.com/maps/gmp-get-started) to build, through statistical sampling, a heatmap of feasible routes subject to time and modes-of-transportation constraints.<br />
<br />
==== From Tiia Sõmer, Tallinn University of Technology ==== <br />
<br />
Currently no topics on offer.<br />
<br />
<br />
==== From Stefan Sütterlin, Tallinn University of Technology & Østfold University College ====<br />
(stefan.sutterlin@hiof.no)<br />
<br />
- cognitive science and performance in cyber defence<br />
<br />
- human factors in cyber security<br />
<br />
- cyberpsychology<br />
<br />
- decision-making<br />
<br />
- cognitive biases <br />
<br />
- cybersecurity awareness<br />
<br />
==== From Eneken Tikk, Tallinn University of Technology ====<br />
* Technical and organizational implementation of the GDPR <br />
* Monetization of personal data <br />
* Economics of cybersecurity (the cost of implementation relative to the anticipated and evidenced gains) <br />
* Cyber insurance<br />
* Non-military strategies for national and international cybersecurity<br />
* Legal aspects of cybersecurity<br />
<br />
==== From Risto Vaarandi, Tallinn University of Technology ====<br />
<br />
Here are potential areas for selecting a thesis topic:<br />
<br />
* event log collection<br />
* event log analysis<br />
* event correlation<br />
* network monitoring<br />
* intrusion detection<br />
* any area that is connected to security monitoring<br />
* various other system security engineering topics (for example, system hardening or firewalling)<br />
<br />
When applying for supervision, preference is given to students who have either passed the Cyber Defense Monitoring Solutions course with grade 4 or 5, or have previous engineering experience in the research area (for example, writing a thesis on network intrusion detection requires previous experience with network IDS systems). Before applying, make sure you have selected at least one initial thesis topic suggestion with a background research about its validity.<br />
<br />
==== From Adrian Venables, Tallinn University of Technology ====<br />
<br />
* Cyber security aspects of Information Warfare<br />
* Information Advantage doctrine development<br />
* Influence Operations<br />
<br />
Note: a background in International Relations, Political Science or Strategic Studies is required<br />
<br />
<br />
==== From Gabor Visky, NATO CCDCOE / TalTech ====<br />
<br />
Gabor Visky <gabor.visky@ccdcoe.org><br />
<br />
* Network traffic analysis in the maritime cyber-lab<br />
<br />
<br />
<br />
==== From the TalTech IT office ====<br />
Infrastructure<br />
* Migrating TUT Campus LAN to IPv6; Edgars Zigurs<br />
* Implementing a freeware SIEM solution in TUT; Edgars Zigurs<br />
* Campus WiFi quality and signal strength modeling (3D); Edgars Zigurs<br />
<br />
Development<br />
* electronic door signs, room calendars, etc.; Thomas Lepik<br />
* VoIP solutions - softphone, integration with existing information systems; Thomas Lepik<br />
* integrating last generation BMS (Building Management System); Thomas Lepik<br />
* the student view of OIS (usability, security, re-design); Enn Rebane<br />
<br />
==== From the Tartu University thesis topic registry ====<br />
NB! Theses supervised by supervisors from the University of Tartu (UT) have to be defended in UT. Exceptions are possible, but need do be approved by the program manager. If you will defend your thesis in UT, then you should do your thesis declaration according to the procedures and deadlines of UT. Thesis related guidelines and regulations are available at: https://www.cs.ut.ee/en/studying/guidelines-regulations<br />
In case of any questions contact UT Institute of Computer Science Academic Affairs Specialist Maarja Kungla (maarja.kungla@ut.ee).<br />
<br />
- Arnis Paršovs, University of Tartu, arnis@ut.ee<br />
* eID<br />
* PKI<br />
* TLS<br />
* Smart cards<br />
<br />
A full list of thesis topics offered by the [https://acs.cs.ut.ee/ Applied Cyber Security Group (UT)] is available in the [https://comserv.cs.ut.ee/ati_thesis_offers/index.php?year=all&keywords=acs thesis topics database].<br />
<br />
Students can also get access to various [https://acs.cs.ut.ee/hardware/ hardware] that can be used for research experiments.<br />
<br />
- Dominique Unruh, University of Tartu, <dominique.unruh@ut.ee> <br />
<br />
- Vitaly Skachek, University of Tartu, <vitaly.skachek@ut.ee><br />
<br />
- Meelis Roos, University of Tartu, <meelis.roos@ut.ee><br />
<br />
- Mubashar Iqbal, University of Tartu, <mubashar.iqbal@ut.ee><br />
<br />
- Abasi-Amefon Obot Affia, University of Tartu, <amefon.affia@ut.ee><br />
<br />
- Mari Seeba, University of Tartu, <mari.seeba@ut.ee><br />
<br />
- Sabah Suhail, University of Tartu,<br />
<br />
- Raimundas Matulevicius, University of Tartu, <raimundas.matulevicius@ut.ee><br />
<br />
<br />
Some topics are provided at <https://infosec.cs.ut.ee/Main/ThesisTopics><br />
<br />
For other topics, students can contact directly the supervisors and course lecturers.<br />
<br />
==== From Estonian Police ====<br />
* Vaatlustarkvarade EnCase ja Autopsy võrdlus (selgituseks, et Autopsy on EnCase analoog, kuid tasuta. Vajalik oleks täpne analüüs, et mida Autopsy võimaldab ja mida mitte võrreldes EnCase ja/või FTKga).<br />
<br />
* Erinevate suhtlustarkvarade (WhatsApp, Viber, FB Messenger, Skype jt) jäljed mobiiltelefonides ja nende analüüsimine (selgituseks, et üldjuhul loovad suhtlustarkvarad mingi andmebaasi vestlustega ka telefoni, kas see on krüpteeritud või mitte? Osad vestlused XRY tuvastab, aga millistel juhtudel? Millised võimalused oleks neid faile nö käsitsi uurida?).<br />
<br />
* Tõendiahela kirjeldamine elektrooniliste tõendite fikseerimisel (chain of custody)/Elektroonilise sisu erikohtlemine asitõendi vaatlusel/Digitaaltõendite vaatluse kord – erinevate riikid analüüs ja võrdlus.<br />
<br />
* P2P võrkudes lastest ebasündsate piltide levitajate tuvastamine/P2P võrkudes illegaalse internetisisu levitajate tuvastamine.<br />
<br />
* Koolituskava väljatöötamine uurijale/menetlejale, kes puutub kokku digitaalsete tõenditega- erinevate riikide praktika võrdlus.<br />
<br />
* Ask Rain Ottis for a POC on these topics.<br />
<br />
== Useful links ==<br />
[https://drive.google.com/file/d/0B7yq33Gize8ydEh5X0NxeWtZc3c/edit ITX8040 Thesis advice slides]<br />
<br />
[https://www.taltech.ee/en/thesis-and-graduation-it#p43359 Format requirements of a thesis and MS-Word Template (TalTech)]<br />
<br />
[https://gitlab.cs.ttu.ee/templates/phd-thesis LATEX template for master thesis (TalTech) (accessible by UNI-ID)]<br />
<br />
[http://www.lib.ttu.ee/dbs/abaasid.asp Databases, books, research papers accessible from the TTU network]<br />
<br />
[https://courses.cs.ttu.ee/pages/Research_Method An Overview of Research Methods]<br />
<br />
[https://courses.cs.ttu.ee/pages/Defended_thesis_cyber Previously Defended Theses]</div>Kristihttp://courses.cs.taltech.ee/w/index.php?title=Thesis&diff=10226Thesis2021-10-12T15:20:08Z<p>Kristi: /* Important Deadlines for May/June 2022 Defence */</p>
<hr />
<div>=Thesis info for Cyber Security students=<br />
<br />
== Important Deadlines for January 2022 Defence ==<br />
* Submission of problem statement and research design document: 15th August 2021 https://moodle.taltech.ee/course/view.php?id=31686, Student key: qv374MdM<br />
<br />
* Submission of the thesis to the reviewer: 14 December 2021<br />
* OIS declaration: 13 December 2021<br />
* Submission of the final version of the thesis: 3 January 2022<br />
* Defences: 10 - 11 January 2022<br />
<br />
== Important Deadlines for May/June 2022 Defence ==<br />
<br />
* Submission of problem statement and research design document: 14 December 2021<br />
* Submission of the thesis to the reviewer: TBD<br />
* OIS declaration: TBD<br />
* Submission of the final version of the thesis: TBD<br />
* Defences: TBD<br />
<br />
== Thesis Defence Overview ==<br />
<br />
Writing and defending an MSc thesis is an important part of the Cyber Security curriculum, as it shows that you can go deep into a specific cyber security research area. This page gives a rough overview of the process, but details should be discussed with your supervisor. This overview part is given according to the assumption that you are following a 4-semester study plan and aim to defend in the May period. If you want to defend in January, then you can adjust the planning phases accordingly.<br />
<br />
Generally, the process should start during the first year, by finding a topic-area of interest and by identifying a suitable supervisor. At the end of the second semester, it is highly recommended to have an idea about your topic and have discussed this with your supervisor.<br />
<br />
In early December, you should submit a problem statement and research design document (please, find the details, below). Sending this document is considered as a registration to the defence that will take place in next term. <br />
<br />
The next step in the process would be conducting the research. As the thesis submission deadline is around the third week of April (for students aiming to defend in January, this deadline is early December), please, plan to finish your work early April, so that your supervisor can review your thesis, give you feedback and you have time to address the feedback before your thesis is being sent to the reviewer/opponent. Jointly with your supervisor, you should then make a decision if your work is ready to be submitted for May defence (or if you need more time and prefer to submit for a January defence). The reviewer will review your thesis and give you feedback. Expect that you should receive the review about a week before the final deadline. You can continue to update your work until the final submission date. You can and should, however, incorporate the review feedback into the final copy of your thesis and defence presentation. This will allow you to make modifications, e.g., fix some typos or clarify some sections, which the reviewer pointed out.<br />
<br />
At the final submission deadline, you will have to submit your thesis. On the day of defence, you are expected to give a 15-minute presentation of your work, followed by Q&A from the opponent, committee, supervisor & audience. Make sure you prepare your 15-minute presentation well, this should not be left for the evening before the defence. <br />
<br />
Below some more detailed information. <br />
<br />
Good luck! <br />
<br />
=== Registration and submission of problem statement and research design document ===<br />
Each student is required to submit a problem statement and research design document having a length up to 10 pages. '''The document must include your name and also the names of thesis and supervisor''' (and co-supervisor if exists).<br />
<br />
About half a year before the defence, the students are required to indicate their intent to defend by this document. See deadlines above set for each semester. Typically this will be around Early December for May defences and Mid June for January defences. You will need to submit this via the TTU Moodle link given in "important deadlines" section of relevant defence period. You'll have to self-enrol yourself in that link. Feedback on the problem statement and research design document should be received within 3-4 weeks via the email account that you defined in TTU Moodle.<br />
<br />
The document should include the following sections and content:<br />
<br />
• The topic of the thesis<br />
<br />
• The name of the author<br />
<br />
• The name of the supervisor<br />
<br />
• Motivation: An overview of the addressed problem is given here. It should be explained why the problem is important and deserves a research study.<br />
<br />
• Research Problem/Hypothesis/Question: It is imperative to write a proper research problem/hypothesis/question statement(s).<br />
<br />
• Scope and Goal: This section defines the goal of the study and describes the main outcomes. It is required to specify the scope, limitations and key assumptions of the study.<br />
<br />
• Literature Review: This section includes the analysis of similar studies in the literature and gives a discussion of the research gap. It is important to link this research gap explanation with the research problem.<br />
<br />
• Novelty: This section justifies the novelty of your study, explains what the main contribution is and what the differences are when compared to similar studies.<br />
<br />
• Research Methods: The research methods that you will apply in your study are given here. The data collection and analysis methods are also covered in this section. It is needed to explain how your research outcome will be validated.<br />
<br />
• References: The resources referenced in the document are listed here. <br />
<br />
This document is evaluated according to the following criteria:<br />
<br />
Whether the author<br />
<br />
• has a well-defined problem statement,<br />
<br />
• successfully presents the significance of the problem,<br />
<br />
• knows the literature and the limits of existing solutions,<br />
<br />
• have thought about possible methods,<br />
<br />
• have thought about how to validate the proposed solution,<br />
<br />
• brings a novelty to the literature.<br />
<br />
You can find detailed information about research methods [https://courses.cs.ttu.ee/pages/Research_Method here.]<br />
<br />
=== Submission to Reviewer ===<br />
Each thesis will be assigned a reviewer or sometimes called opponent. The reviewer must have at least a Master's degree and relevant knowledge or experience in the field of the thesis topic, and they must not have a conflict of interest (such as being members in the same research group). Students and supervisor may recommend reviewer candidates, but the final assignment will be done by the thesis defence committee. <br />
<br />
A reviewer will provide written feedback (typically about two pages) on the thesis. The review should cover the following points:<br />
* short description of the thesis<br />
* strengths and weaknesses of the thesis<br />
* recommended grade (0-5, where 0 is a failing thesis and 5 is an excellent thesis) based on the clarity of the problem and the solution, complexity of the problem, suitability of the chosen solution, proper execution of the solution, and the proper formatting and language use in the thesis.<br />
* at least three questions that can be asked during the defence.<br />
<br />
Based on the student's performance at the defence the reviewer may change the recommended grade.<br />
<br />
The reviewer will receive a copy of the thesis about two-three weeks before the final/hard university deadline for submitting the thesis. The reason for this is that typically reviewers point out the typos and small factual mistakes that can be fixed in short time (about a week). The student will receive the review one week before the final submission deadline and therefore is able to address some of the comments before submitting the final version. The student can also still decide not to submit the thesis this round, but rather work on improving the quality and then submit an improved version in the next defence period.<br />
<br />
=== OIS declaration===<br />
Before a student can proceed to the thesis defence, they have to declare the thesis topic in OIS and get approval from their supervisor. Please pay careful attention to the OIS declaration deadline, as without this you will not be permitted to attend the defence. If you will defend your thesis in Tartu University, then you should do your OIS declaration to their systems according to their deadlines.<br />
<br />
=== Submission of Final Copy===<br />
<br />
Each student will submit the pdf version of the thesis, the relevant thesis metadata and licence information via moodle course page link given in "important deadlines" section of relevant defence period. Please complete the steps 1, 2 and 3 of the thesis submission on this page. <br />
<br />
In addition to submission of above materials via Moodle, one paper copy of your thesis will be collected before defence, which you will get back after defence. The details will be announced one or two weeks before the deadline. <br />
<br />
If you will defend your thesis in Tartu University, then you should submit final copy according to the procedures and deadlines of Tartu University. <br />
<br />
<br />
NB! Do not forget that you need to prepare a '''15 min presentation for your defence'''. This should really not be left to the evening before the defence!<br />
<br />
=== The defence procedure ===<br />
On the day of defence, students will present their theses according to the announced schedule. Generally, the results will be announced at the end of the day.<br />
<br />
The defence procedure for each student consists of the following steps:<br />
* the committee Chairman announces the name of the student, the topic of the thesis, and the names of the supervisor(s) and reviewer.<br />
* the student presents his or her thesis in 15 minutes.<br />
* the student answers the reviewer's questions and the reviewer recommends a grade. This recommendation may differ from the preliminary recommendation, based on how successful the defence was.<br />
* the student answers questions from the committee. <br />
* the student answers questions from the audience.<br />
* the supervisor gives his or her opinion of the thesis and recommends a grade.<br />
<br />
NB! The recommended grades by the reviewer and the supervisor are not binding to the committee, who makes the final decision.<br />
<br />
* After the thesis defence, please visit the Dean's Office for more information about final formalities.<br />
* [http://lab.cs.ttu.ee/theses Upload your thesis if you would like to have it public]<br />
<br />
== Formal Requirements and recommendations ==<br />
<br />
Until further notice, please use the formatting guide from the School of Information Technologies (link to the guide is given [https://www.taltech.ee/en/thesis-and-graduation-it#p43359 here]). Please note that you will have to change the title page as of 01.01.2017:<br />
* write "School of Information Technology" instead of "Faculty of Information Technology"<br />
* write "Department of Software Science" instead of "Department of Computer Engineering".<br />
<br />
The thesis code for IVCM is ITC70LT.<br />
<br />
The following advices can be considered for a master thesis<br />
* a title page, an author declaration, an annotation in English and Estonian, a list of contents, and references are required in the thesis<br />
* 50-80 pages + appendices if needed<br />
* Times New Roman (or similar), font size 12, 1.5 spacing used for the ordinary text<br />
* Headings are numbered and no more than 3 levels used<br />
* Don't forget page numbers<br />
<br />
== Topic and supervisor ==<br />
Every student must have a supervisor when writing the thesis. The supervisor's role is to provide guidance on topic selection and research methods, as well as to give feedback on your work. It is not the supervisor's duty to correct spelling mistakes or formatting errors - they may point such things out, but the responsibility remains with you. Before a thesis will be accepted for defence, the supervisor has to agree that it is of sufficient quality.<br />
<br />
Almost any professor and lecturer you have met in your curriculum can act as an supervisor of your thesis. Some of them have some open problems suitable for doing research and writing a thesis, but many may not have a topic to offer right away. It is usually more helpful to have an initial idea of a topic of your thesis and ask someone with interests in the related field to advise you. You can have a supervisor not related to the university, but he can act only as a co-supervisor and you need to agree to somebody related to the curricula or the [http://www.ttu.ee/faculty-of-information-technology/faculty-of-information-technology-1/about-faculty-2/departments/department-of-computer-science-2/ leading institute] of the curriculum to be an official co-supervisor. All (co-)supervisors must have at least a Master's degree.<br />
<br />
When refining a topic idea, make sure it has a clear connection with cyber security.<br />
<br />
NB!<br />
Theses supervised by supervisors from the University of Tartu (UT) have to be defended in UT. Exceptions are possible, but need do be approved by the program manager.<br />
<br />
If you will defend your thesis in UT, then you should do your thesis declaration according to the procedures and deadlines of UT. Thesis related guidelines and regulations are available at: https://www.cs.ut.ee/en/studying/guidelines-regulations In case of any questions contact UT Institute of Computer Science Academic Affairs Specialist Maarja Kungla (maarja.kungla@ut.ee).<br />
<br />
== Potential supervisors & proposed topics ==<br />
<br />
'''The topics below are offered by potential (co-)supervisors (in alphabetical order). The list is updated as new offers emerge.'''<br />
<br />
==== From Marko Arik, Industry PhD student, Talgen Cybersecurity Ltd. marko.arik@taltech.ee ==== <br />
<br />
* Cyber Operations<br />
* Informational Environment<br />
* Individual competences in Cyber<br />
<br />
==== From Hayretdin Bahsi, Tallinn University of Technology, hayretdin.bahsi@taltech.ee ====<br />
<br />
I am interested in various topics which can be categorized as technical and organizational. If you already have specific topics in your mind, we can discuss them and decide to work together. <br />
<br />
Technical Topics<br />
<br />
* Application of machine learning and data mining methods to the following cyber security problems: Malware detection, botnet identification, code security review, intrusion detection in cyber-physical systems, IoT network or robotic systems <br />
* Cyber security of IoT, cyber-physical systems: Development of a security testbed, threat modelling, honeypots, intrusion detection systems<br />
* Digital Forensics: Forensics issues in cyber-physical systems, IoT networks or robotics systems, mobile forensics, blockchain forensics<br />
<br />
Organizational Topics<br />
<br />
* Security operation center (SOC) models<br />
* Case studies for the improvement of SOC processes such as threat monitoring, incident handling, vulnerability management or situational awareness<br />
<br />
==== From Aivo Kalu, Cybernetica AS ====<br />
<br />
1. Comparison of identity/authentication/signing APIs from security and architecture viewpoint<br />
<br />
This might be suitable for student, who is more interested about software developing/architecture aspects, but still related to security as well. In short, there are many competing API-s in the Baltic/Nordic region, which are used in practice, to request the authentication or signatures. For example: <br />
<br />
* https://github.com/SK-EID/smart-id-documentation/blob/master/README.md<br />
* https://github.com/SK-EID/MID<br />
* https://developers.dokobit.com<br />
* https://developer.signicat.com/apis/sign-api/sign-api-v1/<br />
* https://github.com/open-eid/SiGa/wiki/Hashcode-API-description<br />
<br />
and also, there are the “canonical” or “standard" ones like OIDC and SAML and DSS (http://docs.oasis-open.org/dss/v1.0/oasis-dss-core-spec-v1.0-os.html). Which one is good? Which one has the best properties from software point of view or security point of view? Which one to use for future integrations? How do we even compare them?<br />
<br />
2. Apply Smart-ID authentication and digital signatures (or underlying SplitKey technology) in novel bitcoin/blockchain/SSI/DID use cases.<br />
<br />
For example, last year, there was the master thesis https://www.semanticscholar.org/paper/Aleksandr-Ts%C3%B5ganov-Integrating-User-Identity-with-Ts%C3%B5ganov-Pintado/30c653214f5a30ed46343058039d4b53a8d326f9?utm_source=email. <br />
<br />
If there’s some additional ideas, about where to apply the Smart-ID authentication services or perhaps to do more deeper integration with the SplitKey technology, we could discuss and see, if some interesting project might come out of this. <br />
<br />
3. Compare the attack model of the FIDO with the attack model of Smart-ID. <br />
<br />
The current Smart-ID authentication API (https://github.com/SK-EID/smart-id-documentation/blob/master/README.md) specifies how the anonymous session with the web-site becomes the authenticated session. Compare the security properties of this authentication flow with https://www.w3.org/TR/webauthn-2/ and https://fidoalliance.org/specs/fido-v2.0-id-20180227/fido-security-ref-v2.0-id-20180227.html<br />
<br />
4. Compare the properties of Smart-ID with framework by Bonneau et al.<br />
<br />
Take the https://www.cl.cam.ac.uk/~fms27/papers/2012-BonneauHerOorSta-password--oakland.pdf and the properties described there and analyse, which ones are satisfied by Smart-ID, which ones are not satisfied, which ones are already pointless in the year 2020. Compare with http://fc16.ifca.ai/preproceedings/25_Lang.pdf, which does the same kind exercise for FIDO in the section 6.1.<br />
<br />
==== From Jüri Kivimaa, Tallinn University of Technology ====<br />
* IT security economics<br />
* security cost optimization<br />
<br />
==== From Shaymaa Khalil, TalTech ====<br />
<br />
Interested in (but not limited to) topics related to:<br />
<br />
Industrial control systems: threat modeling, security, threat detection, testbeds, and education programs<br />
<br />
Digital Forensics topics, especially topics related to Industrial control systems, Windows OS and Digital Forensics tools benchmarking<br />
<br />
==== From Toomas Lepik, Tallinn University of Technology ====<br />
<br />
toomas.lepik@taltech.ee<br />
<br />
General areas:<br />
<br />
* Network Forensic (related data analysis)<br />
* Reverse engineering (including malware analysis)<br />
* SCADA security <br />
* Incident Handling.<br />
<br />
[https://courses.cs.ttu.ee/pages/Thesis/tl/ A bit more specific research ideas ]<br />
<br />
==== From Birgy Lorenz, Tallinn University of Technology ====<br />
birgy.lorenz@ttu.ee<br />
<br />
* human factors in cybersecurity<br />
* cyber awareness and training (kindergarten, schools, laypersons)<br />
* cybersecurity young talents skills and its development and testing<br />
* women in cybersecurity<br />
<br />
==== From Kaie Maennel, Tallinn University of Technology ====<br />
(kaie.maennel@ttu.ee)<br />
<br />
- cyber awareness and hygiene<br />
<br />
- cyber security learning and teaching (e.g., serious games, cyber defense exercises, etc.)<br />
<br />
- learning analytics in cyber security training context<br />
<br />
- human factors in cyber security<br />
<br />
- cybersecurity risk assessment and management<br />
<br />
- IT and cybersecurity audits<br />
<br />
==== From [https://maennel.net Olaf Maennel], Tallinn University of Technology, olaf.maennel@ttu.ee ====<br />
<br />
* Network security & network measurements (active & passive)<br />
* WAN-routing & security (IPv6, BGP/BGPsec,...)<br />
<br />
==== From Sten Mäses, Tallinn University of Technology ====<br />
<br />
* Creating educational hands-on virtual labs in rangeforce.com platform<br />
<br />
==== From Andrew Roberts, Tallinn University of Technology ====<br />
Topics: <br />
1. Evaluation of Methods for Threat and Risk Assessment of Autonomous Self-Driving Vehicles<br />
2. Design and Development of a cyber range for Autonomous self-driving vehicles <br />
Contribution: <br />
<br />
Topic 1: The outcome of this work will form part of TUT contribution to standards and methods research within the International Alliance for Mobility Testing and Standardisation (IAMTS). <br />
<br />
Topic 2: The developed cyber range will be integrated into the EU ECHO-Federated Cyber Range.<br />
<br />
==== From Anna-Maria Osula, Tallinn University of Technology ====<br />
<br />
* legal aspects of cyber security <br />
* international law<br />
<br />
==== From Rain Ottis, Tallinn University of Technology ====<br />
<br />
* national cyber security<br />
* serious games in cyber security/cyber security exercises<br />
<br />
==== From Mauno Pihelgas NATO CCDCOE ==== <br />
* system monitoring<br />
* network monitoring<br />
* IDS/IPS systems<br />
* insider threat detection<br />
<br />
==== From Jaan Priisalu, Tallinn University of Technology ====<br />
<br />
* TBD<br />
<br />
==== From Matthew Sorell, Tallinn University of Technology / Adelaide University Australia ====<br />
<br />
Matthew James Sorell <matthew.sorell@taltech.ee> <br />
<br />
1. A risk-based decision approach for handling digital devices at a crime scene.<br />
<br />
It is common for electronic devices such as mobile phones to be discovered at a crime scene, but the means for securing the device is becoming increasingly complex. In spite of this, evidence handling procedures are often static and increasingly out of date, leading to the loss of critical evidence in serious crime.<br />
<br />
The phone may be remotely wiped; picking it up may activate motion sensors; and in some cases (such as missing persons) the urgency of the evidence needs to be weighed against securing forensic evidence for investigation and prosecution. <br />
<br />
In this research, we consider the development of a risk-based approach to advising crime scene investigators to handle digital devices in the least-worst way.<br />
<br />
<br />
2. Feasible route mapping<br />
<br />
When examining timestamped geolocation data, it is often useful to determine feasible routes which could be taken from one location to another. <br />
<br />
Google Maps, for example, provides directions and sometimes provides a small number of alternatives. For criminal investigation, a heatmap of feasible routes would support investigators with a means to rapidly evaluate the context of movement in and around a crime. <br />
<br />
In this project, we propose to use the Google Maps Platform (https://developers.google.com/maps/gmp-get-started) to build, through statistical sampling, a heatmap of feasible routes subject to time and modes-of-transportation constraints.<br />
<br />
==== From Tiia Sõmer, Tallinn University of Technology ==== <br />
<br />
Currently no topics on offer.<br />
<br />
<br />
==== From Stefan Sütterlin, Tallinn University of Technology & Østfold University College ====<br />
(stefan.sutterlin@hiof.no)<br />
<br />
- cognitive science and performance in cyber defence<br />
<br />
- human factors in cyber security<br />
<br />
- cyberpsychology<br />
<br />
- decision-making<br />
<br />
- cognitive biases <br />
<br />
- cybersecurity awareness<br />
<br />
==== From Eneken Tikk, Tallinn University of Technology ====<br />
* Technical and organizational implementation of the GDPR <br />
* Monetization of personal data <br />
* Economics of cybersecurity (the cost of implementation relative to the anticipated and evidenced gains) <br />
* Cyber insurance<br />
* Non-military strategies for national and international cybersecurity<br />
* Legal aspects of cybersecurity<br />
<br />
==== From Risto Vaarandi, Tallinn University of Technology ====<br />
<br />
Here are potential areas for selecting a thesis topic:<br />
<br />
* event log collection<br />
* event log analysis<br />
* event correlation<br />
* network monitoring<br />
* intrusion detection<br />
* any area that is connected to security monitoring<br />
* various other system security engineering topics (for example, system hardening or firewalling)<br />
<br />
When applying for supervision, preference is given to students who have either passed the Cyber Defense Monitoring Solutions course with grade 4 or 5, or have previous engineering experience in the research area (for example, writing a thesis on network intrusion detection requires previous experience with network IDS systems). Before applying, make sure you have selected at least one initial thesis topic suggestion with a background research about its validity.<br />
<br />
==== From Adrian Venables, Tallinn University of Technology ====<br />
<br />
* Cyber security aspects of Information Warfare<br />
* Information Advantage doctrine development<br />
* Influence Operations<br />
<br />
Note: a background in International Relations, Political Science or Strategic Studies is required<br />
<br />
<br />
==== From Gabor Visky, NATO CCDCOE / TalTech ====<br />
<br />
Gabor Visky <gabor.visky@ccdcoe.org><br />
<br />
* Network traffic analysis in the maritime cyber-lab<br />
<br />
<br />
<br />
==== From the TalTech IT office ====<br />
Infrastructure<br />
* Migrating TUT Campus LAN to IPv6; Edgars Zigurs<br />
* Implementing a freeware SIEM solution in TUT; Edgars Zigurs<br />
* Campus WiFi quality and signal strength modeling (3D); Edgars Zigurs<br />
<br />
Development<br />
* electronic door signs, room calendars, etc.; Thomas Lepik<br />
* VoIP solutions - softphone, integration with existing information systems; Thomas Lepik<br />
* integrating last generation BMS (Building Management System); Thomas Lepik<br />
* the student view of OIS (usability, security, re-design); Enn Rebane<br />
<br />
==== From the Tartu University thesis topic registry ====<br />
NB! Theses supervised by supervisors from the University of Tartu (UT) have to be defended in UT. Exceptions are possible, but need do be approved by the program manager. If you will defend your thesis in UT, then you should do your thesis declaration according to the procedures and deadlines of UT. Thesis related guidelines and regulations are available at: https://www.cs.ut.ee/en/studying/guidelines-regulations<br />
In case of any questions contact UT Institute of Computer Science Academic Affairs Specialist Maarja Kungla (maarja.kungla@ut.ee).<br />
<br />
- Arnis Paršovs, University of Tartu, arnis@ut.ee<br />
* eID<br />
* PKI<br />
* TLS<br />
* Smart cards<br />
<br />
A full list of thesis topics offered by the [https://acs.cs.ut.ee/ Applied Cyber Security Group (UT)] is available in the [https://comserv.cs.ut.ee/ati_thesis_offers/index.php?year=all&keywords=acs thesis topics database].<br />
<br />
Students can also get access to various [https://acs.cs.ut.ee/hardware/ hardware] that can be used for research experiments.<br />
<br />
- Dominique Unruh, University of Tartu, <dominique.unruh@ut.ee> <br />
<br />
- Vitaly Skachek, University of Tartu, <vitaly.skachek@ut.ee><br />
<br />
- Meelis Roos, University of Tartu, <meelis.roos@ut.ee><br />
<br />
- Mubashar Iqbal, University of Tartu, <mubashar.iqbal@ut.ee><br />
<br />
- Abasi-Amefon Obot Affia, University of Tartu, <amefon.affia@ut.ee><br />
<br />
- Mari Seeba, University of Tartu, <mari.seeba@ut.ee><br />
<br />
- Sabah Suhail, University of Tartu,<br />
<br />
- Raimundas Matulevicius, University of Tartu, <raimundas.matulevicius@ut.ee><br />
<br />
<br />
Some topics are provided at <https://infosec.cs.ut.ee/Main/ThesisTopics><br />
<br />
For other topics, students can contact directly the supervisors and course lecturers.<br />
<br />
==== From Estonian Police ====<br />
* Vaatlustarkvarade EnCase ja Autopsy võrdlus (selgituseks, et Autopsy on EnCase analoog, kuid tasuta. Vajalik oleks täpne analüüs, et mida Autopsy võimaldab ja mida mitte võrreldes EnCase ja/või FTKga).<br />
<br />
* Erinevate suhtlustarkvarade (WhatsApp, Viber, FB Messenger, Skype jt) jäljed mobiiltelefonides ja nende analüüsimine (selgituseks, et üldjuhul loovad suhtlustarkvarad mingi andmebaasi vestlustega ka telefoni, kas see on krüpteeritud või mitte? Osad vestlused XRY tuvastab, aga millistel juhtudel? Millised võimalused oleks neid faile nö käsitsi uurida?).<br />
<br />
* Tõendiahela kirjeldamine elektrooniliste tõendite fikseerimisel (chain of custody)/Elektroonilise sisu erikohtlemine asitõendi vaatlusel/Digitaaltõendite vaatluse kord – erinevate riikid analüüs ja võrdlus.<br />
<br />
* P2P võrkudes lastest ebasündsate piltide levitajate tuvastamine/P2P võrkudes illegaalse internetisisu levitajate tuvastamine.<br />
<br />
* Koolituskava väljatöötamine uurijale/menetlejale, kes puutub kokku digitaalsete tõenditega- erinevate riikide praktika võrdlus.<br />
<br />
* Ask Rain Ottis for a POC on these topics.<br />
<br />
== Useful links ==<br />
[https://drive.google.com/file/d/0B7yq33Gize8ydEh5X0NxeWtZc3c/edit ITX8040 Thesis advice slides]<br />
<br />
[https://www.taltech.ee/en/thesis-and-graduation-it#p43359 Format requirements of a thesis and MS-Word Template (TalTech)]<br />
<br />
[https://gitlab.cs.ttu.ee/templates/phd-thesis LATEX template for master thesis (TalTech) (accessible by UNI-ID)]<br />
<br />
[http://www.lib.ttu.ee/dbs/abaasid.asp Databases, books, research papers accessible from the TTU network]<br />
<br />
[https://courses.cs.ttu.ee/pages/Research_Method An Overview of Research Methods]<br />
<br />
[https://courses.cs.ttu.ee/pages/Defended_thesis_cyber Previously Defended Theses]</div>Kristihttp://courses.cs.taltech.ee/w/index.php?title=Thesis&diff=10225Thesis2021-10-12T15:19:45Z<p>Kristi: /* Important Deadlines for January 2022 Defence */</p>
<hr />
<div>=Thesis info for Cyber Security students=<br />
<br />
== Important Deadlines for January 2022 Defence ==<br />
* Submission of problem statement and research design document: 15th August 2021 https://moodle.taltech.ee/course/view.php?id=31686, Student key: qv374MdM<br />
<br />
* Submission of the thesis to the reviewer: 14 December 2021<br />
* OIS declaration: 13 December 2021<br />
* Submission of the final version of the thesis: 3 January 2022<br />
* Defences: 10 - 11 January 2022<br />
<br />
== Important Deadlines for May/June 2022 Defence ==<br />
<br />
* Submission of problem statement and research design document: TBD<br />
* Submission of the thesis to the reviewer: TBD<br />
* OIS declaration: TBD<br />
* Submission of the final version of the thesis: TBD<br />
* Defences: TBD<br />
<br />
<br />
<br />
== Thesis Defence Overview ==<br />
<br />
Writing and defending an MSc thesis is an important part of the Cyber Security curriculum, as it shows that you can go deep into a specific cyber security research area. This page gives a rough overview of the process, but details should be discussed with your supervisor. This overview part is given according to the assumption that you are following a 4-semester study plan and aim to defend in the May period. If you want to defend in January, then you can adjust the planning phases accordingly.<br />
<br />
Generally, the process should start during the first year, by finding a topic-area of interest and by identifying a suitable supervisor. At the end of the second semester, it is highly recommended to have an idea about your topic and have discussed this with your supervisor.<br />
<br />
In early December, you should submit a problem statement and research design document (please, find the details, below). Sending this document is considered as a registration to the defence that will take place in next term. <br />
<br />
The next step in the process would be conducting the research. As the thesis submission deadline is around the third week of April (for students aiming to defend in January, this deadline is early December), please, plan to finish your work early April, so that your supervisor can review your thesis, give you feedback and you have time to address the feedback before your thesis is being sent to the reviewer/opponent. Jointly with your supervisor, you should then make a decision if your work is ready to be submitted for May defence (or if you need more time and prefer to submit for a January defence). The reviewer will review your thesis and give you feedback. Expect that you should receive the review about a week before the final deadline. You can continue to update your work until the final submission date. You can and should, however, incorporate the review feedback into the final copy of your thesis and defence presentation. This will allow you to make modifications, e.g., fix some typos or clarify some sections, which the reviewer pointed out.<br />
<br />
At the final submission deadline, you will have to submit your thesis. On the day of defence, you are expected to give a 15-minute presentation of your work, followed by Q&A from the opponent, committee, supervisor & audience. Make sure you prepare your 15-minute presentation well, this should not be left for the evening before the defence. <br />
<br />
Below some more detailed information. <br />
<br />
Good luck! <br />
<br />
=== Registration and submission of problem statement and research design document ===<br />
Each student is required to submit a problem statement and research design document having a length up to 10 pages. '''The document must include your name and also the names of thesis and supervisor''' (and co-supervisor if exists).<br />
<br />
About half a year before the defence, the students are required to indicate their intent to defend by this document. See deadlines above set for each semester. Typically this will be around Early December for May defences and Mid June for January defences. You will need to submit this via the TTU Moodle link given in "important deadlines" section of relevant defence period. You'll have to self-enrol yourself in that link. Feedback on the problem statement and research design document should be received within 3-4 weeks via the email account that you defined in TTU Moodle.<br />
<br />
The document should include the following sections and content:<br />
<br />
• The topic of the thesis<br />
<br />
• The name of the author<br />
<br />
• The name of the supervisor<br />
<br />
• Motivation: An overview of the addressed problem is given here. It should be explained why the problem is important and deserves a research study.<br />
<br />
• Research Problem/Hypothesis/Question: It is imperative to write a proper research problem/hypothesis/question statement(s).<br />
<br />
• Scope and Goal: This section defines the goal of the study and describes the main outcomes. It is required to specify the scope, limitations and key assumptions of the study.<br />
<br />
• Literature Review: This section includes the analysis of similar studies in the literature and gives a discussion of the research gap. It is important to link this research gap explanation with the research problem.<br />
<br />
• Novelty: This section justifies the novelty of your study, explains what the main contribution is and what the differences are when compared to similar studies.<br />
<br />
• Research Methods: The research methods that you will apply in your study are given here. The data collection and analysis methods are also covered in this section. It is needed to explain how your research outcome will be validated.<br />
<br />
• References: The resources referenced in the document are listed here. <br />
<br />
This document is evaluated according to the following criteria:<br />
<br />
Whether the author<br />
<br />
• has a well-defined problem statement,<br />
<br />
• successfully presents the significance of the problem,<br />
<br />
• knows the literature and the limits of existing solutions,<br />
<br />
• have thought about possible methods,<br />
<br />
• have thought about how to validate the proposed solution,<br />
<br />
• brings a novelty to the literature.<br />
<br />
You can find detailed information about research methods [https://courses.cs.ttu.ee/pages/Research_Method here.]<br />
<br />
=== Submission to Reviewer ===<br />
Each thesis will be assigned a reviewer or sometimes called opponent. The reviewer must have at least a Master's degree and relevant knowledge or experience in the field of the thesis topic, and they must not have a conflict of interest (such as being members in the same research group). Students and supervisor may recommend reviewer candidates, but the final assignment will be done by the thesis defence committee. <br />
<br />
A reviewer will provide written feedback (typically about two pages) on the thesis. The review should cover the following points:<br />
* short description of the thesis<br />
* strengths and weaknesses of the thesis<br />
* recommended grade (0-5, where 0 is a failing thesis and 5 is an excellent thesis) based on the clarity of the problem and the solution, complexity of the problem, suitability of the chosen solution, proper execution of the solution, and the proper formatting and language use in the thesis.<br />
* at least three questions that can be asked during the defence.<br />
<br />
Based on the student's performance at the defence the reviewer may change the recommended grade.<br />
<br />
The reviewer will receive a copy of the thesis about two-three weeks before the final/hard university deadline for submitting the thesis. The reason for this is that typically reviewers point out the typos and small factual mistakes that can be fixed in short time (about a week). The student will receive the review one week before the final submission deadline and therefore is able to address some of the comments before submitting the final version. The student can also still decide not to submit the thesis this round, but rather work on improving the quality and then submit an improved version in the next defence period.<br />
<br />
=== OIS declaration===<br />
Before a student can proceed to the thesis defence, they have to declare the thesis topic in OIS and get approval from their supervisor. Please pay careful attention to the OIS declaration deadline, as without this you will not be permitted to attend the defence. If you will defend your thesis in Tartu University, then you should do your OIS declaration to their systems according to their deadlines.<br />
<br />
=== Submission of Final Copy===<br />
<br />
Each student will submit the pdf version of the thesis, the relevant thesis metadata and licence information via moodle course page link given in "important deadlines" section of relevant defence period. Please complete the steps 1, 2 and 3 of the thesis submission on this page. <br />
<br />
In addition to submission of above materials via Moodle, one paper copy of your thesis will be collected before defence, which you will get back after defence. The details will be announced one or two weeks before the deadline. <br />
<br />
If you will defend your thesis in Tartu University, then you should submit final copy according to the procedures and deadlines of Tartu University. <br />
<br />
<br />
NB! Do not forget that you need to prepare a '''15 min presentation for your defence'''. This should really not be left to the evening before the defence!<br />
<br />
=== The defence procedure ===<br />
On the day of defence, students will present their theses according to the announced schedule. Generally, the results will be announced at the end of the day.<br />
<br />
The defence procedure for each student consists of the following steps:<br />
* the committee Chairman announces the name of the student, the topic of the thesis, and the names of the supervisor(s) and reviewer.<br />
* the student presents his or her thesis in 15 minutes.<br />
* the student answers the reviewer's questions and the reviewer recommends a grade. This recommendation may differ from the preliminary recommendation, based on how successful the defence was.<br />
* the student answers questions from the committee. <br />
* the student answers questions from the audience.<br />
* the supervisor gives his or her opinion of the thesis and recommends a grade.<br />
<br />
NB! The recommended grades by the reviewer and the supervisor are not binding to the committee, who makes the final decision.<br />
<br />
* After the thesis defence, please visit the Dean's Office for more information about final formalities.<br />
* [http://lab.cs.ttu.ee/theses Upload your thesis if you would like to have it public]<br />
<br />
== Formal Requirements and recommendations ==<br />
<br />
Until further notice, please use the formatting guide from the School of Information Technologies (link to the guide is given [https://www.taltech.ee/en/thesis-and-graduation-it#p43359 here]). Please note that you will have to change the title page as of 01.01.2017:<br />
* write "School of Information Technology" instead of "Faculty of Information Technology"<br />
* write "Department of Software Science" instead of "Department of Computer Engineering".<br />
<br />
The thesis code for IVCM is ITC70LT.<br />
<br />
The following advices can be considered for a master thesis<br />
* a title page, an author declaration, an annotation in English and Estonian, a list of contents, and references are required in the thesis<br />
* 50-80 pages + appendices if needed<br />
* Times New Roman (or similar), font size 12, 1.5 spacing used for the ordinary text<br />
* Headings are numbered and no more than 3 levels used<br />
* Don't forget page numbers<br />
<br />
== Topic and supervisor ==<br />
Every student must have a supervisor when writing the thesis. The supervisor's role is to provide guidance on topic selection and research methods, as well as to give feedback on your work. It is not the supervisor's duty to correct spelling mistakes or formatting errors - they may point such things out, but the responsibility remains with you. Before a thesis will be accepted for defence, the supervisor has to agree that it is of sufficient quality.<br />
<br />
Almost any professor and lecturer you have met in your curriculum can act as an supervisor of your thesis. Some of them have some open problems suitable for doing research and writing a thesis, but many may not have a topic to offer right away. It is usually more helpful to have an initial idea of a topic of your thesis and ask someone with interests in the related field to advise you. You can have a supervisor not related to the university, but he can act only as a co-supervisor and you need to agree to somebody related to the curricula or the [http://www.ttu.ee/faculty-of-information-technology/faculty-of-information-technology-1/about-faculty-2/departments/department-of-computer-science-2/ leading institute] of the curriculum to be an official co-supervisor. All (co-)supervisors must have at least a Master's degree.<br />
<br />
When refining a topic idea, make sure it has a clear connection with cyber security.<br />
<br />
NB!<br />
Theses supervised by supervisors from the University of Tartu (UT) have to be defended in UT. Exceptions are possible, but need do be approved by the program manager.<br />
<br />
If you will defend your thesis in UT, then you should do your thesis declaration according to the procedures and deadlines of UT. Thesis related guidelines and regulations are available at: https://www.cs.ut.ee/en/studying/guidelines-regulations In case of any questions contact UT Institute of Computer Science Academic Affairs Specialist Maarja Kungla (maarja.kungla@ut.ee).<br />
<br />
== Potential supervisors & proposed topics ==<br />
<br />
'''The topics below are offered by potential (co-)supervisors (in alphabetical order). The list is updated as new offers emerge.'''<br />
<br />
==== From Marko Arik, Industry PhD student, Talgen Cybersecurity Ltd. marko.arik@taltech.ee ==== <br />
<br />
* Cyber Operations<br />
* Informational Environment<br />
* Individual competences in Cyber<br />
<br />
==== From Hayretdin Bahsi, Tallinn University of Technology, hayretdin.bahsi@taltech.ee ====<br />
<br />
I am interested in various topics which can be categorized as technical and organizational. If you already have specific topics in your mind, we can discuss them and decide to work together. <br />
<br />
Technical Topics<br />
<br />
* Application of machine learning and data mining methods to the following cyber security problems: Malware detection, botnet identification, code security review, intrusion detection in cyber-physical systems, IoT network or robotic systems <br />
* Cyber security of IoT, cyber-physical systems: Development of a security testbed, threat modelling, honeypots, intrusion detection systems<br />
* Digital Forensics: Forensics issues in cyber-physical systems, IoT networks or robotics systems, mobile forensics, blockchain forensics<br />
<br />
Organizational Topics<br />
<br />
* Security operation center (SOC) models<br />
* Case studies for the improvement of SOC processes such as threat monitoring, incident handling, vulnerability management or situational awareness<br />
<br />
==== From Aivo Kalu, Cybernetica AS ====<br />
<br />
1. Comparison of identity/authentication/signing APIs from security and architecture viewpoint<br />
<br />
This might be suitable for student, who is more interested about software developing/architecture aspects, but still related to security as well. In short, there are many competing API-s in the Baltic/Nordic region, which are used in practice, to request the authentication or signatures. For example: <br />
<br />
* https://github.com/SK-EID/smart-id-documentation/blob/master/README.md<br />
* https://github.com/SK-EID/MID<br />
* https://developers.dokobit.com<br />
* https://developer.signicat.com/apis/sign-api/sign-api-v1/<br />
* https://github.com/open-eid/SiGa/wiki/Hashcode-API-description<br />
<br />
and also, there are the “canonical” or “standard" ones like OIDC and SAML and DSS (http://docs.oasis-open.org/dss/v1.0/oasis-dss-core-spec-v1.0-os.html). Which one is good? Which one has the best properties from software point of view or security point of view? Which one to use for future integrations? How do we even compare them?<br />
<br />
2. Apply Smart-ID authentication and digital signatures (or underlying SplitKey technology) in novel bitcoin/blockchain/SSI/DID use cases.<br />
<br />
For example, last year, there was the master thesis https://www.semanticscholar.org/paper/Aleksandr-Ts%C3%B5ganov-Integrating-User-Identity-with-Ts%C3%B5ganov-Pintado/30c653214f5a30ed46343058039d4b53a8d326f9?utm_source=email. <br />
<br />
If there’s some additional ideas, about where to apply the Smart-ID authentication services or perhaps to do more deeper integration with the SplitKey technology, we could discuss and see, if some interesting project might come out of this. <br />
<br />
3. Compare the attack model of the FIDO with the attack model of Smart-ID. <br />
<br />
The current Smart-ID authentication API (https://github.com/SK-EID/smart-id-documentation/blob/master/README.md) specifies how the anonymous session with the web-site becomes the authenticated session. Compare the security properties of this authentication flow with https://www.w3.org/TR/webauthn-2/ and https://fidoalliance.org/specs/fido-v2.0-id-20180227/fido-security-ref-v2.0-id-20180227.html<br />
<br />
4. Compare the properties of Smart-ID with framework by Bonneau et al.<br />
<br />
Take the https://www.cl.cam.ac.uk/~fms27/papers/2012-BonneauHerOorSta-password--oakland.pdf and the properties described there and analyse, which ones are satisfied by Smart-ID, which ones are not satisfied, which ones are already pointless in the year 2020. Compare with http://fc16.ifca.ai/preproceedings/25_Lang.pdf, which does the same kind exercise for FIDO in the section 6.1.<br />
<br />
==== From Jüri Kivimaa, Tallinn University of Technology ====<br />
* IT security economics<br />
* security cost optimization<br />
<br />
==== From Shaymaa Khalil, TalTech ====<br />
<br />
Interested in (but not limited to) topics related to:<br />
<br />
Industrial control systems: threat modeling, security, threat detection, testbeds, and education programs<br />
<br />
Digital Forensics topics, especially topics related to Industrial control systems, Windows OS and Digital Forensics tools benchmarking<br />
<br />
==== From Toomas Lepik, Tallinn University of Technology ====<br />
<br />
toomas.lepik@taltech.ee<br />
<br />
General areas:<br />
<br />
* Network Forensic (related data analysis)<br />
* Reverse engineering (including malware analysis)<br />
* SCADA security <br />
* Incident Handling.<br />
<br />
[https://courses.cs.ttu.ee/pages/Thesis/tl/ A bit more specific research ideas ]<br />
<br />
==== From Birgy Lorenz, Tallinn University of Technology ====<br />
birgy.lorenz@ttu.ee<br />
<br />
* human factors in cybersecurity<br />
* cyber awareness and training (kindergarten, schools, laypersons)<br />
* cybersecurity young talents skills and its development and testing<br />
* women in cybersecurity<br />
<br />
==== From Kaie Maennel, Tallinn University of Technology ====<br />
(kaie.maennel@ttu.ee)<br />
<br />
- cyber awareness and hygiene<br />
<br />
- cyber security learning and teaching (e.g., serious games, cyber defense exercises, etc.)<br />
<br />
- learning analytics in cyber security training context<br />
<br />
- human factors in cyber security<br />
<br />
- cybersecurity risk assessment and management<br />
<br />
- IT and cybersecurity audits<br />
<br />
==== From [https://maennel.net Olaf Maennel], Tallinn University of Technology, olaf.maennel@ttu.ee ====<br />
<br />
* Network security & network measurements (active & passive)<br />
* WAN-routing & security (IPv6, BGP/BGPsec,...)<br />
<br />
==== From Sten Mäses, Tallinn University of Technology ====<br />
<br />
* Creating educational hands-on virtual labs in rangeforce.com platform<br />
<br />
==== From Andrew Roberts, Tallinn University of Technology ====<br />
Topics: <br />
1. Evaluation of Methods for Threat and Risk Assessment of Autonomous Self-Driving Vehicles<br />
2. Design and Development of a cyber range for Autonomous self-driving vehicles <br />
Contribution: <br />
<br />
Topic 1: The outcome of this work will form part of TUT contribution to standards and methods research within the International Alliance for Mobility Testing and Standardisation (IAMTS). <br />
<br />
Topic 2: The developed cyber range will be integrated into the EU ECHO-Federated Cyber Range.<br />
<br />
==== From Anna-Maria Osula, Tallinn University of Technology ====<br />
<br />
* legal aspects of cyber security <br />
* international law<br />
<br />
==== From Rain Ottis, Tallinn University of Technology ====<br />
<br />
* national cyber security<br />
* serious games in cyber security/cyber security exercises<br />
<br />
==== From Mauno Pihelgas NATO CCDCOE ==== <br />
* system monitoring<br />
* network monitoring<br />
* IDS/IPS systems<br />
* insider threat detection<br />
<br />
==== From Jaan Priisalu, Tallinn University of Technology ====<br />
<br />
* TBD<br />
<br />
==== From Matthew Sorell, Tallinn University of Technology / Adelaide University Australia ====<br />
<br />
Matthew James Sorell <matthew.sorell@taltech.ee> <br />
<br />
1. A risk-based decision approach for handling digital devices at a crime scene.<br />
<br />
It is common for electronic devices such as mobile phones to be discovered at a crime scene, but the means for securing the device is becoming increasingly complex. In spite of this, evidence handling procedures are often static and increasingly out of date, leading to the loss of critical evidence in serious crime.<br />
<br />
The phone may be remotely wiped; picking it up may activate motion sensors; and in some cases (such as missing persons) the urgency of the evidence needs to be weighed against securing forensic evidence for investigation and prosecution. <br />
<br />
In this research, we consider the development of a risk-based approach to advising crime scene investigators to handle digital devices in the least-worst way.<br />
<br />
<br />
2. Feasible route mapping<br />
<br />
When examining timestamped geolocation data, it is often useful to determine feasible routes which could be taken from one location to another. <br />
<br />
Google Maps, for example, provides directions and sometimes provides a small number of alternatives. For criminal investigation, a heatmap of feasible routes would support investigators with a means to rapidly evaluate the context of movement in and around a crime. <br />
<br />
In this project, we propose to use the Google Maps Platform (https://developers.google.com/maps/gmp-get-started) to build, through statistical sampling, a heatmap of feasible routes subject to time and modes-of-transportation constraints.<br />
<br />
==== From Tiia Sõmer, Tallinn University of Technology ==== <br />
<br />
Currently no topics on offer.<br />
<br />
<br />
==== From Stefan Sütterlin, Tallinn University of Technology & Østfold University College ====<br />
(stefan.sutterlin@hiof.no)<br />
<br />
- cognitive science and performance in cyber defence<br />
<br />
- human factors in cyber security<br />
<br />
- cyberpsychology<br />
<br />
- decision-making<br />
<br />
- cognitive biases <br />
<br />
- cybersecurity awareness<br />
<br />
==== From Eneken Tikk, Tallinn University of Technology ====<br />
* Technical and organizational implementation of the GDPR <br />
* Monetization of personal data <br />
* Economics of cybersecurity (the cost of implementation relative to the anticipated and evidenced gains) <br />
* Cyber insurance<br />
* Non-military strategies for national and international cybersecurity<br />
* Legal aspects of cybersecurity<br />
<br />
==== From Risto Vaarandi, Tallinn University of Technology ====<br />
<br />
Here are potential areas for selecting a thesis topic:<br />
<br />
* event log collection<br />
* event log analysis<br />
* event correlation<br />
* network monitoring<br />
* intrusion detection<br />
* any area that is connected to security monitoring<br />
* various other system security engineering topics (for example, system hardening or firewalling)<br />
<br />
When applying for supervision, preference is given to students who have either passed the Cyber Defense Monitoring Solutions course with grade 4 or 5, or have previous engineering experience in the research area (for example, writing a thesis on network intrusion detection requires previous experience with network IDS systems). Before applying, make sure you have selected at least one initial thesis topic suggestion with a background research about its validity.<br />
<br />
==== From Adrian Venables, Tallinn University of Technology ====<br />
<br />
* Cyber security aspects of Information Warfare<br />
* Information Advantage doctrine development<br />
* Influence Operations<br />
<br />
Note: a background in International Relations, Political Science or Strategic Studies is required<br />
<br />
<br />
==== From Gabor Visky, NATO CCDCOE / TalTech ====<br />
<br />
Gabor Visky <gabor.visky@ccdcoe.org><br />
<br />
* Network traffic analysis in the maritime cyber-lab<br />
<br />
<br />
<br />
==== From the TalTech IT office ====<br />
Infrastructure<br />
* Migrating TUT Campus LAN to IPv6; Edgars Zigurs<br />
* Implementing a freeware SIEM solution in TUT; Edgars Zigurs<br />
* Campus WiFi quality and signal strength modeling (3D); Edgars Zigurs<br />
<br />
Development<br />
* electronic door signs, room calendars, etc.; Thomas Lepik<br />
* VoIP solutions - softphone, integration with existing information systems; Thomas Lepik<br />
* integrating last generation BMS (Building Management System); Thomas Lepik<br />
* the student view of OIS (usability, security, re-design); Enn Rebane<br />
<br />
==== From the Tartu University thesis topic registry ====<br />
NB! Theses supervised by supervisors from the University of Tartu (UT) have to be defended in UT. Exceptions are possible, but need do be approved by the program manager. If you will defend your thesis in UT, then you should do your thesis declaration according to the procedures and deadlines of UT. Thesis related guidelines and regulations are available at: https://www.cs.ut.ee/en/studying/guidelines-regulations<br />
In case of any questions contact UT Institute of Computer Science Academic Affairs Specialist Maarja Kungla (maarja.kungla@ut.ee).<br />
<br />
- Arnis Paršovs, University of Tartu, arnis@ut.ee<br />
* eID<br />
* PKI<br />
* TLS<br />
* Smart cards<br />
<br />
A full list of thesis topics offered by the [https://acs.cs.ut.ee/ Applied Cyber Security Group (UT)] is available in the [https://comserv.cs.ut.ee/ati_thesis_offers/index.php?year=all&keywords=acs thesis topics database].<br />
<br />
Students can also get access to various [https://acs.cs.ut.ee/hardware/ hardware] that can be used for research experiments.<br />
<br />
- Dominique Unruh, University of Tartu, <dominique.unruh@ut.ee> <br />
<br />
- Vitaly Skachek, University of Tartu, <vitaly.skachek@ut.ee><br />
<br />
- Meelis Roos, University of Tartu, <meelis.roos@ut.ee><br />
<br />
- Mubashar Iqbal, University of Tartu, <mubashar.iqbal@ut.ee><br />
<br />
- Abasi-Amefon Obot Affia, University of Tartu, <amefon.affia@ut.ee><br />
<br />
- Mari Seeba, University of Tartu, <mari.seeba@ut.ee><br />
<br />
- Sabah Suhail, University of Tartu,<br />
<br />
- Raimundas Matulevicius, University of Tartu, <raimundas.matulevicius@ut.ee><br />
<br />
<br />
Some topics are provided at <https://infosec.cs.ut.ee/Main/ThesisTopics><br />
<br />
For other topics, students can contact directly the supervisors and course lecturers.<br />
<br />
==== From Estonian Police ====<br />
* Vaatlustarkvarade EnCase ja Autopsy võrdlus (selgituseks, et Autopsy on EnCase analoog, kuid tasuta. Vajalik oleks täpne analüüs, et mida Autopsy võimaldab ja mida mitte võrreldes EnCase ja/või FTKga).<br />
<br />
* Erinevate suhtlustarkvarade (WhatsApp, Viber, FB Messenger, Skype jt) jäljed mobiiltelefonides ja nende analüüsimine (selgituseks, et üldjuhul loovad suhtlustarkvarad mingi andmebaasi vestlustega ka telefoni, kas see on krüpteeritud või mitte? Osad vestlused XRY tuvastab, aga millistel juhtudel? Millised võimalused oleks neid faile nö käsitsi uurida?).<br />
<br />
* Tõendiahela kirjeldamine elektrooniliste tõendite fikseerimisel (chain of custody)/Elektroonilise sisu erikohtlemine asitõendi vaatlusel/Digitaaltõendite vaatluse kord – erinevate riikid analüüs ja võrdlus.<br />
<br />
* P2P võrkudes lastest ebasündsate piltide levitajate tuvastamine/P2P võrkudes illegaalse internetisisu levitajate tuvastamine.<br />
<br />
* Koolituskava väljatöötamine uurijale/menetlejale, kes puutub kokku digitaalsete tõenditega- erinevate riikide praktika võrdlus.<br />
<br />
* Ask Rain Ottis for a POC on these topics.<br />
<br />
== Useful links ==<br />
[https://drive.google.com/file/d/0B7yq33Gize8ydEh5X0NxeWtZc3c/edit ITX8040 Thesis advice slides]<br />
<br />
[https://www.taltech.ee/en/thesis-and-graduation-it#p43359 Format requirements of a thesis and MS-Word Template (TalTech)]<br />
<br />
[https://gitlab.cs.ttu.ee/templates/phd-thesis LATEX template for master thesis (TalTech) (accessible by UNI-ID)]<br />
<br />
[http://www.lib.ttu.ee/dbs/abaasid.asp Databases, books, research papers accessible from the TTU network]<br />
<br />
[https://courses.cs.ttu.ee/pages/Research_Method An Overview of Research Methods]<br />
<br />
[https://courses.cs.ttu.ee/pages/Defended_thesis_cyber Previously Defended Theses]</div>Kristihttp://courses.cs.taltech.ee/w/index.php?title=Thesis&diff=10220Thesis2021-10-06T12:31:46Z<p>Kristi: /* Potential supervisors & proposed topics */</p>
<hr />
<div>=Thesis info for Cyber Security students=<br />
<br />
== Important Deadlines for January 2022 Defence ==<br />
* Submission of problem statement and research design document: 15th August 2021 https://moodle.taltech.ee/course/view.php?id=31686, Student key: qv374MdM<br />
<br />
* Submission of the thesis to the reviewer: TBD<br />
* OIS declaration: TBD<br />
* Submission of the final version of the thesis: TBD<br />
* Defences: TBD<br />
<br />
== Important Deadlines for May/June 2022 Defence ==<br />
<br />
* Submission of problem statement and research design document: TBD<br />
* Submission of the thesis to the reviewer: TBD<br />
* OIS declaration: TBD<br />
* Submission of the final version of the thesis: TBD<br />
* Defences: TBD<br />
<br />
<br />
<br />
== Thesis Defence Overview ==<br />
<br />
Writing and defending an MSc thesis is an important part of the Cyber Security curriculum, as it shows that you can go deep into a specific cyber security research area. This page gives a rough overview of the process, but details should be discussed with your supervisor. This overview part is given according to the assumption that you are following a 4-semester study plan and aim to defend in the May period. If you want to defend in January, then you can adjust the planning phases accordingly.<br />
<br />
Generally, the process should start during the first year, by finding a topic-area of interest and by identifying a suitable supervisor. At the end of the second semester, it is highly recommended to have an idea about your topic and have discussed this with your supervisor.<br />
<br />
In early December, you should submit a problem statement and research design document (please, find the details, below). Sending this document is considered as a registration to the defence that will take place in next term. <br />
<br />
The next step in the process would be conducting the research. As the thesis submission deadline is around the third week of April (for students aiming to defend in January, this deadline is early December), please, plan to finish your work early April, so that your supervisor can review your thesis, give you feedback and you have time to address the feedback before your thesis is being sent to the reviewer/opponent. Jointly with your supervisor, you should then make a decision if your work is ready to be submitted for May defence (or if you need more time and prefer to submit for a January defence). The reviewer will review your thesis and give you feedback. Expect that you should receive the review about a week before the final deadline. You can continue to update your work until the final submission date. You can and should, however, incorporate the review feedback into the final copy of your thesis and defence presentation. This will allow you to make modifications, e.g., fix some typos or clarify some sections, which the reviewer pointed out.<br />
<br />
At the final submission deadline, you will have to submit your thesis. On the day of defence, you are expected to give a 15-minute presentation of your work, followed by Q&A from the opponent, committee, supervisor & audience. Make sure you prepare your 15-minute presentation well, this should not be left for the evening before the defence. <br />
<br />
Below some more detailed information. <br />
<br />
Good luck! <br />
<br />
=== Registration and submission of problem statement and research design document ===<br />
Each student is required to submit a problem statement and research design document having a length up to 10 pages. '''The document must include your name and also the names of thesis and supervisor''' (and co-supervisor if exists).<br />
<br />
About half a year before the defence, the students are required to indicate their intent to defend by this document. See deadlines above set for each semester. Typically this will be around Early December for May defences and Mid June for January defences. You will need to submit this via the TTU Moodle link given in "important deadlines" section of relevant defence period. You'll have to self-enrol yourself in that link. Feedback on the problem statement and research design document should be received within 3-4 weeks via the email account that you defined in TTU Moodle.<br />
<br />
The document should include the following sections and content:<br />
<br />
• The topic of the thesis<br />
<br />
• The name of the author<br />
<br />
• The name of the supervisor<br />
<br />
• Motivation: An overview of the addressed problem is given here. It should be explained why the problem is important and deserves a research study.<br />
<br />
• Research Problem/Hypothesis/Question: It is imperative to write a proper research problem/hypothesis/question statement(s).<br />
<br />
• Scope and Goal: This section defines the goal of the study and describes the main outcomes. It is required to specify the scope, limitations and key assumptions of the study.<br />
<br />
• Literature Review: This section includes the analysis of similar studies in the literature and gives a discussion of the research gap. It is important to link this research gap explanation with the research problem.<br />
<br />
• Novelty: This section justifies the novelty of your study, explains what the main contribution is and what the differences are when compared to similar studies.<br />
<br />
• Research Methods: The research methods that you will apply in your study are given here. The data collection and analysis methods are also covered in this section. It is needed to explain how your research outcome will be validated.<br />
<br />
• References: The resources referenced in the document are listed here. <br />
<br />
This document is evaluated according to the following criteria:<br />
<br />
Whether the author<br />
<br />
• has a well-defined problem statement,<br />
<br />
• successfully presents the significance of the problem,<br />
<br />
• knows the literature and the limits of existing solutions,<br />
<br />
• have thought about possible methods,<br />
<br />
• have thought about how to validate the proposed solution,<br />
<br />
• brings a novelty to the literature.<br />
<br />
You can find detailed information about research methods [https://courses.cs.ttu.ee/pages/Research_Method here.]<br />
<br />
=== Submission to Reviewer ===<br />
Each thesis will be assigned a reviewer or sometimes called opponent. The reviewer must have at least a Master's degree and relevant knowledge or experience in the field of the thesis topic, and they must not have a conflict of interest (such as being members in the same research group). Students and supervisor may recommend reviewer candidates, but the final assignment will be done by the thesis defence committee. <br />
<br />
A reviewer will provide written feedback (typically about two pages) on the thesis. The review should cover the following points:<br />
* short description of the thesis<br />
* strengths and weaknesses of the thesis<br />
* recommended grade (0-5, where 0 is a failing thesis and 5 is an excellent thesis) based on the clarity of the problem and the solution, complexity of the problem, suitability of the chosen solution, proper execution of the solution, and the proper formatting and language use in the thesis.<br />
* at least three questions that can be asked during the defence.<br />
<br />
Based on the student's performance at the defence the reviewer may change the recommended grade.<br />
<br />
The reviewer will receive a copy of the thesis about two-three weeks before the final/hard university deadline for submitting the thesis. The reason for this is that typically reviewers point out the typos and small factual mistakes that can be fixed in short time (about a week). The student will receive the review one week before the final submission deadline and therefore is able to address some of the comments before submitting the final version. The student can also still decide not to submit the thesis this round, but rather work on improving the quality and then submit an improved version in the next defence period.<br />
<br />
=== OIS declaration===<br />
Before a student can proceed to the thesis defence, they have to declare the thesis topic in OIS and get approval from their supervisor. Please pay careful attention to the OIS declaration deadline, as without this you will not be permitted to attend the defence. If you will defend your thesis in Tartu University, then you should do your OIS declaration to their systems according to their deadlines.<br />
<br />
=== Submission of Final Copy===<br />
<br />
Each student will submit the pdf version of the thesis, the relevant thesis metadata and licence information via moodle course page link given in "important deadlines" section of relevant defence period. Please complete the steps 1, 2 and 3 of the thesis submission on this page. <br />
<br />
In addition to submission of above materials via Moodle, one paper copy of your thesis will be collected before defence, which you will get back after defence. The details will be announced one or two weeks before the deadline. <br />
<br />
If you will defend your thesis in Tartu University, then you should submit final copy according to the procedures and deadlines of Tartu University. <br />
<br />
<br />
NB! Do not forget that you need to prepare a '''15 min presentation for your defence'''. This should really not be left to the evening before the defence!<br />
<br />
=== The defence procedure ===<br />
On the day of defence, students will present their theses according to the announced schedule. Generally, the results will be announced at the end of the day.<br />
<br />
The defence procedure for each student consists of the following steps:<br />
* the committee Chairman announces the name of the student, the topic of the thesis, and the names of the supervisor(s) and reviewer.<br />
* the student presents his or her thesis in 15 minutes.<br />
* the student answers the reviewer's questions and the reviewer recommends a grade. This recommendation may differ from the preliminary recommendation, based on how successful the defence was.<br />
* the student answers questions from the committee. <br />
* the student answers questions from the audience.<br />
* the supervisor gives his or her opinion of the thesis and recommends a grade.<br />
<br />
NB! The recommended grades by the reviewer and the supervisor are not binding to the committee, who makes the final decision.<br />
<br />
* After the thesis defence, please visit the Dean's Office for more information about final formalities.<br />
* [http://lab.cs.ttu.ee/theses Upload your thesis if you would like to have it public]<br />
<br />
== Formal Requirements and recommendations ==<br />
<br />
Until further notice, please use the formatting guide from the School of Information Technologies (link to the guide is given [https://www.taltech.ee/en/thesis-and-graduation-it#p43359 here]). Please note that you will have to change the title page as of 01.01.2017:<br />
* write "School of Information Technology" instead of "Faculty of Information Technology"<br />
* write "Department of Software Science" instead of "Department of Computer Engineering".<br />
<br />
The thesis code for IVCM is ITC70LT.<br />
<br />
The following advices can be considered for a master thesis<br />
* a title page, an author declaration, an annotation in English and Estonian, a list of contents, and references are required in the thesis<br />
* 50-80 pages + appendices if needed<br />
* Times New Roman (or similar), font size 12, 1.5 spacing used for the ordinary text<br />
* Headings are numbered and no more than 3 levels used<br />
* Don't forget page numbers<br />
<br />
== Topic and supervisor ==<br />
Every student must have a supervisor when writing the thesis. The supervisor's role is to provide guidance on topic selection and research methods, as well as to give feedback on your work. It is not the supervisor's duty to correct spelling mistakes or formatting errors - they may point such things out, but the responsibility remains with you. Before a thesis will be accepted for defence, the supervisor has to agree that it is of sufficient quality.<br />
<br />
Almost any professor and lecturer you have met in your curriculum can act as an supervisor of your thesis. Some of them have some open problems suitable for doing research and writing a thesis, but many may not have a topic to offer right away. It is usually more helpful to have an initial idea of a topic of your thesis and ask someone with interests in the related field to advise you. You can have a supervisor not related to the university, but he can act only as a co-supervisor and you need to agree to somebody related to the curricula or the [http://www.ttu.ee/faculty-of-information-technology/faculty-of-information-technology-1/about-faculty-2/departments/department-of-computer-science-2/ leading institute] of the curriculum to be an official co-supervisor. All (co-)supervisors must have at least a Master's degree.<br />
<br />
When refining a topic idea, make sure it has a clear connection with cyber security.<br />
<br />
NB!<br />
Theses supervised by supervisors from the University of Tartu (UT) have to be defended in UT. Exceptions are possible, but need do be approved by the program manager.<br />
<br />
If you will defend your thesis in UT, then you should do your thesis declaration according to the procedures and deadlines of UT. Thesis related guidelines and regulations are available at: https://www.cs.ut.ee/en/studying/guidelines-regulations In case of any questions contact UT Institute of Computer Science Academic Affairs Specialist Maarja Kungla (maarja.kungla@ut.ee).<br />
<br />
== Potential supervisors & proposed topics ==<br />
<br />
'''The topics below are offered by potential (co-)supervisors (in alphabetical order). The list is updated as new offers emerge.'''<br />
<br />
==== From Marko Arik, Industry PhD student, Talgen Cybersecurity Ltd. marko.arik@taltech.ee ==== <br />
<br />
* Cyber Operations<br />
* Informational Environment<br />
* Individual competences in Cyber<br />
<br />
==== From Hayretdin Bahsi, Tallinn University of Technology, hayretdin.bahsi@taltech.ee ====<br />
<br />
I am interested in various topics which can be categorized as technical and organizational. If you already have specific topics in your mind, we can discuss them and decide to work together. <br />
<br />
Technical Topics<br />
<br />
* Application of machine learning and data mining methods to the following cyber security problems: Malware detection, botnet identification, code security review, intrusion detection in cyber-physical systems, IoT network or robotic systems <br />
* Cyber security of IoT, cyber-physical systems: Development of a security testbed, threat modelling, honeypots, intrusion detection systems<br />
* Digital Forensics: Forensics issues in cyber-physical systems, IoT networks or robotics systems, mobile forensics, blockchain forensics<br />
<br />
Organizational Topics<br />
<br />
* Security operation center (SOC) models<br />
* Case studies for the improvement of SOC processes such as threat monitoring, incident handling, vulnerability management or situational awareness<br />
<br />
==== From Aivo Kalu, Cybernetica AS ====<br />
<br />
1. Comparison of identity/authentication/signing APIs from security and architecture viewpoint<br />
<br />
This might be suitable for student, who is more interested about software developing/architecture aspects, but still related to security as well. In short, there are many competing API-s in the Baltic/Nordic region, which are used in practice, to request the authentication or signatures. For example: <br />
<br />
* https://github.com/SK-EID/smart-id-documentation/blob/master/README.md<br />
* https://github.com/SK-EID/MID<br />
* https://developers.dokobit.com<br />
* https://developer.signicat.com/apis/sign-api/sign-api-v1/<br />
* https://github.com/open-eid/SiGa/wiki/Hashcode-API-description<br />
<br />
and also, there are the “canonical” or “standard" ones like OIDC and SAML and DSS (http://docs.oasis-open.org/dss/v1.0/oasis-dss-core-spec-v1.0-os.html). Which one is good? Which one has the best properties from software point of view or security point of view? Which one to use for future integrations? How do we even compare them?<br />
<br />
2. Apply Smart-ID authentication and digital signatures (or underlying SplitKey technology) in novel bitcoin/blockchain/SSI/DID use cases.<br />
<br />
For example, last year, there was the master thesis https://www.semanticscholar.org/paper/Aleksandr-Ts%C3%B5ganov-Integrating-User-Identity-with-Ts%C3%B5ganov-Pintado/30c653214f5a30ed46343058039d4b53a8d326f9?utm_source=email. <br />
<br />
If there’s some additional ideas, about where to apply the Smart-ID authentication services or perhaps to do more deeper integration with the SplitKey technology, we could discuss and see, if some interesting project might come out of this. <br />
<br />
3. Compare the attack model of the FIDO with the attack model of Smart-ID. <br />
<br />
The current Smart-ID authentication API (https://github.com/SK-EID/smart-id-documentation/blob/master/README.md) specifies how the anonymous session with the web-site becomes the authenticated session. Compare the security properties of this authentication flow with https://www.w3.org/TR/webauthn-2/ and https://fidoalliance.org/specs/fido-v2.0-id-20180227/fido-security-ref-v2.0-id-20180227.html<br />
<br />
4. Compare the properties of Smart-ID with framework by Bonneau et al.<br />
<br />
Take the https://www.cl.cam.ac.uk/~fms27/papers/2012-BonneauHerOorSta-password--oakland.pdf and the properties described there and analyse, which ones are satisfied by Smart-ID, which ones are not satisfied, which ones are already pointless in the year 2020. Compare with http://fc16.ifca.ai/preproceedings/25_Lang.pdf, which does the same kind exercise for FIDO in the section 6.1.<br />
<br />
==== From Jüri Kivimaa, Tallinn University of Technology ====<br />
* IT security economics<br />
* security cost optimization<br />
<br />
==== From Shaymaa Khalil, TalTech ====<br />
<br />
Interested in (but not limited to) topics related to:<br />
<br />
Industrial control systems: threat modeling, security, threat detection, testbeds, and education programs<br />
<br />
Digital Forensics topics, especially topics related to Industrial control systems, Windows OS and Digital Forensics tools benchmarking<br />
<br />
==== From Toomas Lepik, Tallinn University of Technology ====<br />
<br />
toomas.lepik@taltech.ee<br />
<br />
General areas:<br />
<br />
* Network Forensic (related data analysis)<br />
* Reverse engineering (including malware analysis)<br />
* SCADA security <br />
* Incident Handling.<br />
<br />
[https://courses.cs.ttu.ee/pages/Thesis/tl/ A bit more specific research ideas ]<br />
<br />
==== From Birgy Lorenz, Tallinn University of Technology ====<br />
birgy.lorenz@ttu.ee<br />
<br />
* human factors in cybersecurity<br />
* cyber awareness and training (kindergarten, schools, laypersons)<br />
* cybersecurity young talents skills and its development and testing<br />
* women in cybersecurity<br />
<br />
==== From Kaie Maennel, Tallinn University of Technology ====<br />
(kaie.maennel@ttu.ee)<br />
<br />
- cyber awareness and hygiene<br />
<br />
- cyber security learning and teaching (e.g., serious games, cyber defense exercises, etc.)<br />
<br />
- learning analytics in cyber security training context<br />
<br />
- human factors in cyber security<br />
<br />
- cybersecurity risk assessment and management<br />
<br />
- IT and cybersecurity audits<br />
<br />
==== From [https://maennel.net Olaf Maennel], Tallinn University of Technology, olaf.maennel@ttu.ee ====<br />
<br />
* Network security & network measurements (active & passive)<br />
* WAN-routing & security (IPv6, BGP/BGPsec,...)<br />
<br />
==== From Sten Mäses, Tallinn University of Technology ====<br />
<br />
* Creating educational hands-on virtual labs in rangeforce.com platform<br />
<br />
==== From Andrew Roberts, Tallinn University of Technology ====<br />
Topics: <br />
1. Evaluation of Methods for Threat and Risk Assessment of Autonomous Self-Driving Vehicles<br />
2. Design and Development of a cyber range for Autonomous self-driving vehicles <br />
Contribution: <br />
<br />
Topic 1: The outcome of this work will form part of TUT contribution to standards and methods research within the International Alliance for Mobility Testing and Standardisation (IAMTS). <br />
<br />
Topic 2: The developed cyber range will be integrated into the EU ECHO-Federated Cyber Range.<br />
<br />
==== From Anna-Maria Osula, Tallinn University of Technology ====<br />
<br />
* legal aspects of cyber security <br />
* international law<br />
<br />
==== From Rain Ottis, Tallinn University of Technology ====<br />
<br />
* national cyber security<br />
* serious games in cyber security/cyber security exercises<br />
<br />
==== From Mauno Pihelgas NATO CCDCOE ==== <br />
* system monitoring<br />
* network monitoring<br />
* IDS/IPS systems<br />
* insider threat detection<br />
<br />
==== From Jaan Priisalu, Tallinn University of Technology ====<br />
<br />
* TBD<br />
<br />
==== From Matthew Sorell, Tallinn University of Technology / Adelaide University Australia ====<br />
<br />
Matthew James Sorell <matthew.sorell@taltech.ee> <br />
<br />
1. A risk-based decision approach for handling digital devices at a crime scene.<br />
<br />
It is common for electronic devices such as mobile phones to be discovered at a crime scene, but the means for securing the device is becoming increasingly complex. In spite of this, evidence handling procedures are often static and increasingly out of date, leading to the loss of critical evidence in serious crime.<br />
<br />
The phone may be remotely wiped; picking it up may activate motion sensors; and in some cases (such as missing persons) the urgency of the evidence needs to be weighed against securing forensic evidence for investigation and prosecution. <br />
<br />
In this research, we consider the development of a risk-based approach to advising crime scene investigators to handle digital devices in the least-worst way.<br />
<br />
<br />
2. Feasible route mapping<br />
<br />
When examining timestamped geolocation data, it is often useful to determine feasible routes which could be taken from one location to another. <br />
<br />
Google Maps, for example, provides directions and sometimes provides a small number of alternatives. For criminal investigation, a heatmap of feasible routes would support investigators with a means to rapidly evaluate the context of movement in and around a crime. <br />
<br />
In this project, we propose to use the Google Maps Platform (https://developers.google.com/maps/gmp-get-started) to build, through statistical sampling, a heatmap of feasible routes subject to time and modes-of-transportation constraints.<br />
<br />
==== From Tiia Sõmer, Tallinn University of Technology ==== <br />
<br />
Currently no topics on offer.<br />
<br />
<br />
==== From Stefan Sütterlin, Tallinn University of Technology & Østfold University College ====<br />
(stefan.sutterlin@hiof.no)<br />
<br />
- cognitive science and performance in cyber defence<br />
<br />
- human factors in cyber security<br />
<br />
- cyberpsychology<br />
<br />
- decision-making<br />
<br />
- cognitive biases <br />
<br />
- cybersecurity awareness<br />
<br />
==== From Eneken Tikk, Tallinn University of Technology ====<br />
* Technical and organizational implementation of the GDPR <br />
* Monetization of personal data <br />
* Economics of cybersecurity (the cost of implementation relative to the anticipated and evidenced gains) <br />
* Cyber insurance<br />
* Non-military strategies for national and international cybersecurity<br />
* Legal aspects of cybersecurity<br />
<br />
==== From Risto Vaarandi, Tallinn University of Technology ====<br />
<br />
Here are potential areas for selecting a thesis topic:<br />
<br />
* event log collection<br />
* event log analysis<br />
* event correlation<br />
* network monitoring<br />
* intrusion detection<br />
* any area that is connected to security monitoring<br />
* various other system security engineering topics (for example, system hardening or firewalling)<br />
<br />
When applying for supervision, preference is given to students who have either passed the Cyber Defense Monitoring Solutions course with grade 4 or 5, or have previous engineering experience in the research area (for example, writing a thesis on network intrusion detection requires previous experience with network IDS systems). Before applying, make sure you have selected at least one initial thesis topic suggestion with a background research about its validity.<br />
<br />
==== From Adrian Venables, Tallinn University of Technology ====<br />
<br />
* Cyber security aspects of Information Warfare<br />
* Information Advantage doctrine development<br />
* Influence Operations<br />
<br />
Note: a background in International Relations, Political Science or Strategic Studies is required<br />
<br />
<br />
==== From Gabor Visky, NATO CCDCOE / TalTech ====<br />
<br />
Gabor Visky <gabor.visky@ccdcoe.org><br />
<br />
* Network traffic analysis in the maritime cyber-lab<br />
<br />
<br />
<br />
==== From the TalTech IT office ====<br />
Infrastructure<br />
* Migrating TUT Campus LAN to IPv6; Edgars Zigurs<br />
* Implementing a freeware SIEM solution in TUT; Edgars Zigurs<br />
* Campus WiFi quality and signal strength modeling (3D); Edgars Zigurs<br />
<br />
Development<br />
* electronic door signs, room calendars, etc.; Thomas Lepik<br />
* VoIP solutions - softphone, integration with existing information systems; Thomas Lepik<br />
* integrating last generation BMS (Building Management System); Thomas Lepik<br />
* the student view of OIS (usability, security, re-design); Enn Rebane<br />
<br />
==== From the Tartu University thesis topic registry ====<br />
NB! Theses supervised by supervisors from the University of Tartu (UT) have to be defended in UT. Exceptions are possible, but need do be approved by the program manager. If you will defend your thesis in UT, then you should do your thesis declaration according to the procedures and deadlines of UT. Thesis related guidelines and regulations are available at: https://www.cs.ut.ee/en/studying/guidelines-regulations<br />
In case of any questions contact UT Institute of Computer Science Academic Affairs Specialist Maarja Kungla (maarja.kungla@ut.ee).<br />
<br />
- Arnis Paršovs, University of Tartu, arnis@ut.ee<br />
* eID<br />
* PKI<br />
* TLS<br />
* Smart cards<br />
<br />
A full list of thesis topics offered by the [https://acs.cs.ut.ee/ Applied Cyber Security Group (UT)] is available in the [https://comserv.cs.ut.ee/ati_thesis_offers/index.php?year=all&keywords=acs thesis topics database].<br />
<br />
Students can also get access to various [https://acs.cs.ut.ee/hardware/ hardware] that can be used for research experiments.<br />
<br />
- Dominique Unruh, University of Tartu, <dominique.unruh@ut.ee> <br />
<br />
- Vitaly Skachek, University of Tartu, <vitaly.skachek@ut.ee><br />
<br />
- Meelis Roos, University of Tartu, <meelis.roos@ut.ee><br />
<br />
- Mubashar Iqbal, University of Tartu, <mubashar.iqbal@ut.ee><br />
<br />
- Abasi-Amefon Obot Affia, University of Tartu, <amefon.affia@ut.ee><br />
<br />
- Mari Seeba, University of Tartu, <mari.seeba@ut.ee><br />
<br />
- Sabah Suhail, University of Tartu,<br />
<br />
- Raimundas Matulevicius, University of Tartu, <raimundas.matulevicius@ut.ee><br />
<br />
<br />
Some topics are provided at <https://infosec.cs.ut.ee/Main/ThesisTopics><br />
<br />
For other topics, students can contact directly the supervisors and course lecturers.<br />
<br />
==== From Estonian Police ====<br />
* Vaatlustarkvarade EnCase ja Autopsy võrdlus (selgituseks, et Autopsy on EnCase analoog, kuid tasuta. Vajalik oleks täpne analüüs, et mida Autopsy võimaldab ja mida mitte võrreldes EnCase ja/või FTKga).<br />
<br />
* Erinevate suhtlustarkvarade (WhatsApp, Viber, FB Messenger, Skype jt) jäljed mobiiltelefonides ja nende analüüsimine (selgituseks, et üldjuhul loovad suhtlustarkvarad mingi andmebaasi vestlustega ka telefoni, kas see on krüpteeritud või mitte? Osad vestlused XRY tuvastab, aga millistel juhtudel? Millised võimalused oleks neid faile nö käsitsi uurida?).<br />
<br />
* Tõendiahela kirjeldamine elektrooniliste tõendite fikseerimisel (chain of custody)/Elektroonilise sisu erikohtlemine asitõendi vaatlusel/Digitaaltõendite vaatluse kord – erinevate riikid analüüs ja võrdlus.<br />
<br />
* P2P võrkudes lastest ebasündsate piltide levitajate tuvastamine/P2P võrkudes illegaalse internetisisu levitajate tuvastamine.<br />
<br />
* Koolituskava väljatöötamine uurijale/menetlejale, kes puutub kokku digitaalsete tõenditega- erinevate riikide praktika võrdlus.<br />
<br />
* Ask Rain Ottis for a POC on these topics.<br />
<br />
== Useful links ==<br />
[https://drive.google.com/file/d/0B7yq33Gize8ydEh5X0NxeWtZc3c/edit ITX8040 Thesis advice slides]<br />
<br />
[https://www.taltech.ee/en/thesis-and-graduation-it#p43359 Format requirements of a thesis and MS-Word Template (TalTech)]<br />
<br />
[https://gitlab.cs.ttu.ee/templates/phd-thesis LATEX template for master thesis (TalTech) (accessible by UNI-ID)]<br />
<br />
[http://www.lib.ttu.ee/dbs/abaasid.asp Databases, books, research papers accessible from the TTU network]<br />
<br />
[https://courses.cs.ttu.ee/pages/Research_Method An Overview of Research Methods]<br />
<br />
[https://courses.cs.ttu.ee/pages/Defended_thesis_cyber Previously Defended Theses]</div>Kristihttp://courses.cs.taltech.ee/w/index.php?title=Thesis&diff=10219Thesis2021-10-06T12:28:51Z<p>Kristi: /* Potential supervisors & proposed topics */</p>
<hr />
<div>=Thesis info for Cyber Security students=<br />
<br />
== Important Deadlines for January 2022 Defence ==<br />
* Submission of problem statement and research design document: 15th August 2021 https://moodle.taltech.ee/course/view.php?id=31686, Student key: qv374MdM<br />
<br />
* Submission of the thesis to the reviewer: TBD<br />
* OIS declaration: TBD<br />
* Submission of the final version of the thesis: TBD<br />
* Defences: TBD<br />
<br />
== Important Deadlines for May/June 2022 Defence ==<br />
<br />
* Submission of problem statement and research design document: TBD<br />
* Submission of the thesis to the reviewer: TBD<br />
* OIS declaration: TBD<br />
* Submission of the final version of the thesis: TBD<br />
* Defences: TBD<br />
<br />
<br />
<br />
== Thesis Defence Overview ==<br />
<br />
Writing and defending an MSc thesis is an important part of the Cyber Security curriculum, as it shows that you can go deep into a specific cyber security research area. This page gives a rough overview of the process, but details should be discussed with your supervisor. This overview part is given according to the assumption that you are following a 4-semester study plan and aim to defend in the May period. If you want to defend in January, then you can adjust the planning phases accordingly.<br />
<br />
Generally, the process should start during the first year, by finding a topic-area of interest and by identifying a suitable supervisor. At the end of the second semester, it is highly recommended to have an idea about your topic and have discussed this with your supervisor.<br />
<br />
In early December, you should submit a problem statement and research design document (please, find the details, below). Sending this document is considered as a registration to the defence that will take place in next term. <br />
<br />
The next step in the process would be conducting the research. As the thesis submission deadline is around the third week of April (for students aiming to defend in January, this deadline is early December), please, plan to finish your work early April, so that your supervisor can review your thesis, give you feedback and you have time to address the feedback before your thesis is being sent to the reviewer/opponent. Jointly with your supervisor, you should then make a decision if your work is ready to be submitted for May defence (or if you need more time and prefer to submit for a January defence). The reviewer will review your thesis and give you feedback. Expect that you should receive the review about a week before the final deadline. You can continue to update your work until the final submission date. You can and should, however, incorporate the review feedback into the final copy of your thesis and defence presentation. This will allow you to make modifications, e.g., fix some typos or clarify some sections, which the reviewer pointed out.<br />
<br />
At the final submission deadline, you will have to submit your thesis. On the day of defence, you are expected to give a 15-minute presentation of your work, followed by Q&A from the opponent, committee, supervisor & audience. Make sure you prepare your 15-minute presentation well, this should not be left for the evening before the defence. <br />
<br />
Below some more detailed information. <br />
<br />
Good luck! <br />
<br />
=== Registration and submission of problem statement and research design document ===<br />
Each student is required to submit a problem statement and research design document having a length up to 10 pages. '''The document must include your name and also the names of thesis and supervisor''' (and co-supervisor if exists).<br />
<br />
About half a year before the defence, the students are required to indicate their intent to defend by this document. See deadlines above set for each semester. Typically this will be around Early December for May defences and Mid June for January defences. You will need to submit this via the TTU Moodle link given in "important deadlines" section of relevant defence period. You'll have to self-enrol yourself in that link. Feedback on the problem statement and research design document should be received within 3-4 weeks via the email account that you defined in TTU Moodle.<br />
<br />
The document should include the following sections and content:<br />
<br />
• The topic of the thesis<br />
<br />
• The name of the author<br />
<br />
• The name of the supervisor<br />
<br />
• Motivation: An overview of the addressed problem is given here. It should be explained why the problem is important and deserves a research study.<br />
<br />
• Research Problem/Hypothesis/Question: It is imperative to write a proper research problem/hypothesis/question statement(s).<br />
<br />
• Scope and Goal: This section defines the goal of the study and describes the main outcomes. It is required to specify the scope, limitations and key assumptions of the study.<br />
<br />
• Literature Review: This section includes the analysis of similar studies in the literature and gives a discussion of the research gap. It is important to link this research gap explanation with the research problem.<br />
<br />
• Novelty: This section justifies the novelty of your study, explains what the main contribution is and what the differences are when compared to similar studies.<br />
<br />
• Research Methods: The research methods that you will apply in your study are given here. The data collection and analysis methods are also covered in this section. It is needed to explain how your research outcome will be validated.<br />
<br />
• References: The resources referenced in the document are listed here. <br />
<br />
This document is evaluated according to the following criteria:<br />
<br />
Whether the author<br />
<br />
• has a well-defined problem statement,<br />
<br />
• successfully presents the significance of the problem,<br />
<br />
• knows the literature and the limits of existing solutions,<br />
<br />
• have thought about possible methods,<br />
<br />
• have thought about how to validate the proposed solution,<br />
<br />
• brings a novelty to the literature.<br />
<br />
You can find detailed information about research methods [https://courses.cs.ttu.ee/pages/Research_Method here.]<br />
<br />
=== Submission to Reviewer ===<br />
Each thesis will be assigned a reviewer or sometimes called opponent. The reviewer must have at least a Master's degree and relevant knowledge or experience in the field of the thesis topic, and they must not have a conflict of interest (such as being members in the same research group). Students and supervisor may recommend reviewer candidates, but the final assignment will be done by the thesis defence committee. <br />
<br />
A reviewer will provide written feedback (typically about two pages) on the thesis. The review should cover the following points:<br />
* short description of the thesis<br />
* strengths and weaknesses of the thesis<br />
* recommended grade (0-5, where 0 is a failing thesis and 5 is an excellent thesis) based on the clarity of the problem and the solution, complexity of the problem, suitability of the chosen solution, proper execution of the solution, and the proper formatting and language use in the thesis.<br />
* at least three questions that can be asked during the defence.<br />
<br />
Based on the student's performance at the defence the reviewer may change the recommended grade.<br />
<br />
The reviewer will receive a copy of the thesis about two-three weeks before the final/hard university deadline for submitting the thesis. The reason for this is that typically reviewers point out the typos and small factual mistakes that can be fixed in short time (about a week). The student will receive the review one week before the final submission deadline and therefore is able to address some of the comments before submitting the final version. The student can also still decide not to submit the thesis this round, but rather work on improving the quality and then submit an improved version in the next defence period.<br />
<br />
=== OIS declaration===<br />
Before a student can proceed to the thesis defence, they have to declare the thesis topic in OIS and get approval from their supervisor. Please pay careful attention to the OIS declaration deadline, as without this you will not be permitted to attend the defence. If you will defend your thesis in Tartu University, then you should do your OIS declaration to their systems according to their deadlines.<br />
<br />
=== Submission of Final Copy===<br />
<br />
Each student will submit the pdf version of the thesis, the relevant thesis metadata and licence information via moodle course page link given in "important deadlines" section of relevant defence period. Please complete the steps 1, 2 and 3 of the thesis submission on this page. <br />
<br />
In addition to submission of above materials via Moodle, one paper copy of your thesis will be collected before defence, which you will get back after defence. The details will be announced one or two weeks before the deadline. <br />
<br />
If you will defend your thesis in Tartu University, then you should submit final copy according to the procedures and deadlines of Tartu University. <br />
<br />
<br />
NB! Do not forget that you need to prepare a '''15 min presentation for your defence'''. This should really not be left to the evening before the defence!<br />
<br />
=== The defence procedure ===<br />
On the day of defence, students will present their theses according to the announced schedule. Generally, the results will be announced at the end of the day.<br />
<br />
The defence procedure for each student consists of the following steps:<br />
* the committee Chairman announces the name of the student, the topic of the thesis, and the names of the supervisor(s) and reviewer.<br />
* the student presents his or her thesis in 15 minutes.<br />
* the student answers the reviewer's questions and the reviewer recommends a grade. This recommendation may differ from the preliminary recommendation, based on how successful the defence was.<br />
* the student answers questions from the committee. <br />
* the student answers questions from the audience.<br />
* the supervisor gives his or her opinion of the thesis and recommends a grade.<br />
<br />
NB! The recommended grades by the reviewer and the supervisor are not binding to the committee, who makes the final decision.<br />
<br />
* After the thesis defence, please visit the Dean's Office for more information about final formalities.<br />
* [http://lab.cs.ttu.ee/theses Upload your thesis if you would like to have it public]<br />
<br />
== Formal Requirements and recommendations ==<br />
<br />
Until further notice, please use the formatting guide from the School of Information Technologies (link to the guide is given [https://www.taltech.ee/en/thesis-and-graduation-it#p43359 here]). Please note that you will have to change the title page as of 01.01.2017:<br />
* write "School of Information Technology" instead of "Faculty of Information Technology"<br />
* write "Department of Software Science" instead of "Department of Computer Engineering".<br />
<br />
The thesis code for IVCM is ITC70LT.<br />
<br />
The following advices can be considered for a master thesis<br />
* a title page, an author declaration, an annotation in English and Estonian, a list of contents, and references are required in the thesis<br />
* 50-80 pages + appendices if needed<br />
* Times New Roman (or similar), font size 12, 1.5 spacing used for the ordinary text<br />
* Headings are numbered and no more than 3 levels used<br />
* Don't forget page numbers<br />
<br />
== Topic and supervisor ==<br />
Every student must have a supervisor when writing the thesis. The supervisor's role is to provide guidance on topic selection and research methods, as well as to give feedback on your work. It is not the supervisor's duty to correct spelling mistakes or formatting errors - they may point such things out, but the responsibility remains with you. Before a thesis will be accepted for defence, the supervisor has to agree that it is of sufficient quality.<br />
<br />
Almost any professor and lecturer you have met in your curriculum can act as an supervisor of your thesis. Some of them have some open problems suitable for doing research and writing a thesis, but many may not have a topic to offer right away. It is usually more helpful to have an initial idea of a topic of your thesis and ask someone with interests in the related field to advise you. You can have a supervisor not related to the university, but he can act only as a co-supervisor and you need to agree to somebody related to the curricula or the [http://www.ttu.ee/faculty-of-information-technology/faculty-of-information-technology-1/about-faculty-2/departments/department-of-computer-science-2/ leading institute] of the curriculum to be an official co-supervisor. All (co-)supervisors must have at least a Master's degree.<br />
<br />
When refining a topic idea, make sure it has a clear connection with cyber security.<br />
<br />
NB!<br />
Theses supervised by supervisors from the University of Tartu (UT) have to be defended in UT. Exceptions are possible, but need do be approved by the program manager.<br />
<br />
If you will defend your thesis in UT, then you should do your thesis declaration according to the procedures and deadlines of UT. Thesis related guidelines and regulations are available at: https://www.cs.ut.ee/en/studying/guidelines-regulations In case of any questions contact UT Institute of Computer Science Academic Affairs Specialist Maarja Kungla (maarja.kungla@ut.ee).<br />
<br />
== Potential supervisors & proposed topics ==<br />
<br />
'''The topics below are offered by potential (co-)supervisors (in alphabetical order). The list is updated as new offers emerge.'''<br />
<br />
==== From Marko Arik, Industry PhD student, Talgen Cybersecurity Ltd. marko.arik@taltech.ee ==== <br />
<br />
* Cyber Operations<br />
* Informational Environment<br />
* Individual competences in Cyber<br />
<br />
==== From Hayretdin Bahsi, Tallinn University of Technology, hayretdin.bahsi@taltech.ee ====<br />
<br />
I am interested in various topics which can be categorized as technical and organizational. If you already have specific topics in your mind, we can discuss them and decide to work together. <br />
<br />
Technical Topics<br />
<br />
* Application of machine learning and data mining methods to the following cyber security problems: Malware detection, botnet identification, code security review, intrusion detection in cyber-physical systems, IoT network or robotic systems <br />
* Cyber security of IoT, cyber-physical systems: Development of a security testbed, threat modelling, honeypots, intrusion detection systems<br />
* Digital Forensics: Forensics issues in cyber-physical systems, IoT networks or robotics systems, mobile forensics, blockchain forensics<br />
<br />
Organizational Topics<br />
<br />
* Security operation center (SOC) models<br />
* Case studies for the improvement of SOC processes such as threat monitoring, incident handling, vulnerability management or situational awareness<br />
<br />
==== From Aivo Kalu, Cybernetica AS ====<br />
<br />
1. Comparison of identity/authentication/signing APIs from security and architecture viewpoint<br />
<br />
This might be suitable for student, who is more interested about software developing/architecture aspects, but still related to security as well. In short, there are many competing API-s in the Baltic/Nordic region, which are used in practice, to request the authentication or signatures. For example: <br />
<br />
* https://github.com/SK-EID/smart-id-documentation/blob/master/README.md<br />
* https://github.com/SK-EID/MID<br />
* https://developers.dokobit.com<br />
* https://developer.signicat.com/apis/sign-api/sign-api-v1/<br />
* https://github.com/open-eid/SiGa/wiki/Hashcode-API-description<br />
<br />
and also, there are the “canonical” or “standard" ones like OIDC and SAML and DSS (http://docs.oasis-open.org/dss/v1.0/oasis-dss-core-spec-v1.0-os.html). Which one is good? Which one has the best properties from software point of view or security point of view? Which one to use for future integrations? How do we even compare them?<br />
<br />
2. Apply Smart-ID authentication and digital signatures (or underlying SplitKey technology) in novel bitcoin/blockchain/SSI/DID use cases.<br />
<br />
For example, last year, there was the master thesis https://www.semanticscholar.org/paper/Aleksandr-Ts%C3%B5ganov-Integrating-User-Identity-with-Ts%C3%B5ganov-Pintado/30c653214f5a30ed46343058039d4b53a8d326f9?utm_source=email. <br />
<br />
If there’s some additional ideas, about where to apply the Smart-ID authentication services or perhaps to do more deeper integration with the SplitKey technology, we could discuss and see, if some interesting project might come out of this. <br />
<br />
3. Compare the attack model of the FIDO with the attack model of Smart-ID. <br />
<br />
The current Smart-ID authentication API (https://github.com/SK-EID/smart-id-documentation/blob/master/README.md) specifies how the anonymous session with the web-site becomes the authenticated session. Compare the security properties of this authentication flow with https://www.w3.org/TR/webauthn-2/ and https://fidoalliance.org/specs/fido-v2.0-id-20180227/fido-security-ref-v2.0-id-20180227.html<br />
<br />
4. Compare the properties of Smart-ID with framework by Bonneau et al.<br />
<br />
Take the https://www.cl.cam.ac.uk/~fms27/papers/2012-BonneauHerOorSta-password--oakland.pdf and the properties described there and analyse, which ones are satisfied by Smart-ID, which ones are not satisfied, which ones are already pointless in the year 2020. Compare with http://fc16.ifca.ai/preproceedings/25_Lang.pdf, which does the same kind exercise for FIDO in the section 6.1.<br />
<br />
==== From Jüri Kivimaa, Tallinn University of Technology ====<br />
* IT security economics<br />
* security cost optimization<br />
<br />
<br />
==== From Shaymaa Khalil, TalTech ====<br />
<br />
Interested in (but not limited to) topics related to:<br />
<br />
Industrial control systems: threat modeling, security, threat detection, testbeds, and education programs<br />
<br />
Digital Forensics topics, especially topics related to Industrial control systems, Windows OS and Digital Forensics tools benchmarking<br />
<br />
<br />
==== From Toomas Lepik, Tallinn University of Technology ====<br />
<br />
toomas.lepik@taltech.ee<br />
<br />
General areas:<br />
<br />
* Network Forensic (related data analysis)<br />
* Reverse engineering (including malware analysis)<br />
* SCADA security <br />
* Incident Handling.<br />
<br />
[https://courses.cs.ttu.ee/pages/Thesis/tl/ A bit more specific research ideas ]<br />
<br />
<br />
==== From Birgy Lorenz, Tallinn University of Technology ====<br />
birgy.lorenz@ttu.ee<br />
<br />
* human factors in cybersecurity<br />
* cyber awareness and training (kindergarten, schools, laypersons)<br />
* cybersecurity young talents skills and its development and testing<br />
* women in cybersecurity<br />
<br />
==== From Kaie Maennel, Tallinn University of Technology ====<br />
(kaie.maennel@ttu.ee)<br />
<br />
- cyber awareness and hygiene<br />
<br />
- cyber security learning and teaching (e.g., serious games, cyber defense exercises, etc.)<br />
<br />
- learning analytics in cyber security training context<br />
<br />
- human factors in cyber security<br />
<br />
- cybersecurity risk assessment and management<br />
<br />
- IT and cybersecurity audits<br />
<br />
<br />
==== From [https://maennel.net Olaf Maennel], Tallinn University of Technology, olaf.maennel@ttu.ee ====<br />
<br />
* Network security & network measurements (active & passive)<br />
* WAN-routing & security (IPv6, BGP/BGPsec,...)<br />
<br />
<br />
==== From Sten Mäses, Tallinn University of Technology ====<br />
<br />
* Creating educational hands-on virtual labs in rangeforce.com platform<br />
<br />
==== From Andrew Roberts, Tallinn University of Technology ====<br />
Topics: <br />
1. Evaluation of Methods for Threat and Risk Assessment of Autonomous Self-Driving Vehicles<br />
2. Design and Development of a cyber range for Autonomous self-driving vehicles <br />
Contribution: <br />
<br />
Topic 1: The outcome of this work will form part of TUT contribution to standards and methods research within the International Alliance for Mobility Testing and Standardisation (IAMTS). <br />
<br />
Topic 2: The developed cyber range will be integrated into the EU ECHO-Federated Cyber Range.<br />
<br />
==== From Anna-Maria Osula, Tallinn University of Technology ====<br />
<br />
* legal aspects of cyber security <br />
* international law<br />
<br />
==== From Rain Ottis, Tallinn University of Technology ====<br />
<br />
* national cyber security<br />
* serious games in cyber security/cyber security exercises<br />
<br />
==== From Mauno Pihelgas ==== <br />
* system monitoring<br />
* network monitoring<br />
* IDS/IPS systems<br />
* insider threat detection<br />
<br />
==== From Jaan Priisalu, Tallinn University of Technology ====<br />
<br />
* TBD<br />
<br />
==== From Matthew Sorell, Tallinn University of Technology / Adelaide University Australia ====<br />
<br />
Matthew James Sorell <matthew.sorell@taltech.ee> <br />
<br />
1. A risk-based decision approach for handling digital devices at a crime scene.<br />
<br />
It is common for electronic devices such as mobile phones to be discovered at a crime scene, but the means for securing the device is becoming increasingly complex. In spite of this, evidence handling procedures are often static and increasingly out of date, leading to the loss of critical evidence in serious crime.<br />
<br />
The phone may be remotely wiped; picking it up may activate motion sensors; and in some cases (such as missing persons) the urgency of the evidence needs to be weighed against securing forensic evidence for investigation and prosecution. <br />
<br />
In this research, we consider the development of a risk-based approach to advising crime scene investigators to handle digital devices in the least-worst way.<br />
<br />
<br />
<br />
2. Feasible route mapping<br />
<br />
When examining timestamped geolocation data, it is often useful to determine feasible routes which could be taken from one location to another. <br />
<br />
Google Maps, for example, provides directions and sometimes provides a small number of alternatives. For criminal investigation, a heatmap of feasible routes would support investigators with a means to rapidly evaluate the context of movement in and around a crime. <br />
<br />
In this project, we propose to use the Google Maps Platform (https://developers.google.com/maps/gmp-get-started) to build, through statistical sampling, a heatmap of feasible routes subject to time and modes-of-transportation constraints.<br />
<br />
<br />
==== From Tiia Sõmer, Tallinn University of Technology ==== <br />
<br />
Currently no topics on offer.<br />
<br />
<br />
==== From Stefan Sütterlin, Tallinn University of Technology & Østfold University College ====<br />
(stefan.sutterlin@hiof.no)<br />
<br />
- cognitive science and performance in cyber defence<br />
<br />
- human factors in cyber security<br />
<br />
- cyberpsychology<br />
<br />
- decision-making<br />
<br />
- cognitive biases <br />
<br />
- cybersecurity awareness<br />
<br />
==== From Eneken Tikk, Tallinn University of Technology ====<br />
* Technical and organizational implementation of the GDPR <br />
* Monetization of personal data <br />
* Economics of cybersecurity (the cost of implementation relative to the anticipated and evidenced gains) <br />
* Cyber insurance<br />
* Non-military strategies for national and international cybersecurity<br />
* Legal aspects of cybersecurity<br />
<br />
==== From Risto Vaarandi, Tallinn University of Technology ====<br />
<br />
Here are potential areas for selecting a thesis topic:<br />
<br />
* event log collection<br />
* event log analysis<br />
* event correlation<br />
* network monitoring<br />
* intrusion detection<br />
* any area that is connected to security monitoring<br />
* various other system security engineering topics (for example, system hardening or firewalling)<br />
<br />
When applying for supervision, preference is given to students who have either passed the Cyber Defense Monitoring Solutions course with grade 4 or 5, or have previous engineering experience in the research area (for example, writing a thesis on network intrusion detection requires previous experience with network IDS systems). Before applying, make sure you have selected at least one initial thesis topic suggestion with a background research about its validity.<br />
<br />
==== From Adrian Venables, Tallinn University of Technology ====<br />
<br />
* Cyber security aspects of Information Warfare<br />
* Information Advantage doctrine development<br />
* Influence Operations<br />
<br />
Note: a background in International Relations, Political Science or Strategic Studies is required<br />
<br />
<br />
==== From Gabor Visky, NATO CCDCOE / TalTech ====<br />
<br />
Gabor Visky <gabor.visky@ccdcoe.org><br />
<br />
* Network traffic analysis in the maritime cyber-lab<br />
<br />
<br />
<br />
==== From the TalTech IT office ====<br />
Infrastructure<br />
* Migrating TUT Campus LAN to IPv6; Edgars Zigurs<br />
* Implementing a freeware SIEM solution in TUT; Edgars Zigurs<br />
* Campus WiFi quality and signal strength modeling (3D); Edgars Zigurs<br />
<br />
Development<br />
* electronic door signs, room calendars, etc.; Thomas Lepik<br />
* VoIP solutions - softphone, integration with existing information systems; Thomas Lepik<br />
* integrating last generation BMS (Building Management System); Thomas Lepik<br />
* the student view of OIS (usability, security, re-design); Enn Rebane<br />
<br />
==== From the Tartu University thesis topic registry ====<br />
NB! Theses supervised by supervisors from the University of Tartu (UT) have to be defended in UT. Exceptions are possible, but need do be approved by the program manager. If you will defend your thesis in UT, then you should do your thesis declaration according to the procedures and deadlines of UT. Thesis related guidelines and regulations are available at: https://www.cs.ut.ee/en/studying/guidelines-regulations<br />
In case of any questions contact UT Institute of Computer Science Academic Affairs Specialist Maarja Kungla (maarja.kungla@ut.ee).<br />
<br />
- Arnis Paršovs, University of Tartu, arnis@ut.ee<br />
* eID<br />
* PKI<br />
* TLS<br />
* Smart cards<br />
<br />
A full list of thesis topics offered by the [https://acs.cs.ut.ee/ Applied Cyber Security Group (UT)] is available in the [https://comserv.cs.ut.ee/ati_thesis_offers/index.php?year=all&keywords=acs thesis topics database].<br />
<br />
Students can also get access to various [https://acs.cs.ut.ee/hardware/ hardware] that can be used for research experiments.<br />
<br />
- Dominique Unruh, University of Tartu, <dominique.unruh@ut.ee> <br />
<br />
- Vitaly Skachek, University of Tartu, <vitaly.skachek@ut.ee><br />
<br />
- Meelis Roos, University of Tartu, <meelis.roos@ut.ee><br />
<br />
- Mubashar Iqbal, University of Tartu, <mubashar.iqbal@ut.ee><br />
<br />
- Abasi-Amefon Obot Affia, University of Tartu, <amefon.affia@ut.ee><br />
<br />
- Mari Seeba, University of Tartu, <mari.seeba@ut.ee><br />
<br />
- Sabah Suhail, University of Tartu,<br />
<br />
- Raimundas Matulevicius, University of Tartu, <raimundas.matulevicius@ut.ee><br />
<br />
<br />
Some topics are provided at <https://infosec.cs.ut.ee/Main/ThesisTopics><br />
<br />
For other topics, students can contact directly the supervisors and course lecturers.<br />
<br />
==== From Estonian Police ====<br />
* Vaatlustarkvarade EnCase ja Autopsy võrdlus (selgituseks, et Autopsy on EnCase analoog, kuid tasuta. Vajalik oleks täpne analüüs, et mida Autopsy võimaldab ja mida mitte võrreldes EnCase ja/või FTKga).<br />
<br />
* Erinevate suhtlustarkvarade (WhatsApp, Viber, FB Messenger, Skype jt) jäljed mobiiltelefonides ja nende analüüsimine (selgituseks, et üldjuhul loovad suhtlustarkvarad mingi andmebaasi vestlustega ka telefoni, kas see on krüpteeritud või mitte? Osad vestlused XRY tuvastab, aga millistel juhtudel? Millised võimalused oleks neid faile nö käsitsi uurida?).<br />
<br />
* Tõendiahela kirjeldamine elektrooniliste tõendite fikseerimisel (chain of custody)/Elektroonilise sisu erikohtlemine asitõendi vaatlusel/Digitaaltõendite vaatluse kord – erinevate riikid analüüs ja võrdlus.<br />
<br />
* P2P võrkudes lastest ebasündsate piltide levitajate tuvastamine/P2P võrkudes illegaalse internetisisu levitajate tuvastamine.<br />
<br />
* Koolituskava väljatöötamine uurijale/menetlejale, kes puutub kokku digitaalsete tõenditega- erinevate riikide praktika võrdlus.<br />
<br />
* Ask Rain Ottis for a POC on these topics.<br />
<br />
== Useful links ==<br />
[https://drive.google.com/file/d/0B7yq33Gize8ydEh5X0NxeWtZc3c/edit ITX8040 Thesis advice slides]<br />
<br />
[https://www.taltech.ee/en/thesis-and-graduation-it#p43359 Format requirements of a thesis and MS-Word Template (TalTech)]<br />
<br />
[https://gitlab.cs.ttu.ee/templates/phd-thesis LATEX template for master thesis (TalTech) (accessible by UNI-ID)]<br />
<br />
[http://www.lib.ttu.ee/dbs/abaasid.asp Databases, books, research papers accessible from the TTU network]<br />
<br />
[https://courses.cs.ttu.ee/pages/Research_Method An Overview of Research Methods]<br />
<br />
[https://courses.cs.ttu.ee/pages/Defended_thesis_cyber Previously Defended Theses]</div>Kristihttp://courses.cs.taltech.ee/w/index.php?title=Thesis&diff=10218Thesis2021-10-06T12:26:09Z<p>Kristi: /* Potential supervisors & proposed topics */</p>
<hr />
<div>=Thesis info for Cyber Security students=<br />
<br />
== Important Deadlines for January 2022 Defence ==<br />
* Submission of problem statement and research design document: 15th August 2021 https://moodle.taltech.ee/course/view.php?id=31686, Student key: qv374MdM<br />
<br />
* Submission of the thesis to the reviewer: TBD<br />
* OIS declaration: TBD<br />
* Submission of the final version of the thesis: TBD<br />
* Defences: TBD<br />
<br />
== Important Deadlines for May/June 2022 Defence ==<br />
<br />
* Submission of problem statement and research design document: TBD<br />
* Submission of the thesis to the reviewer: TBD<br />
* OIS declaration: TBD<br />
* Submission of the final version of the thesis: TBD<br />
* Defences: TBD<br />
<br />
<br />
<br />
== Thesis Defence Overview ==<br />
<br />
Writing and defending an MSc thesis is an important part of the Cyber Security curriculum, as it shows that you can go deep into a specific cyber security research area. This page gives a rough overview of the process, but details should be discussed with your supervisor. This overview part is given according to the assumption that you are following a 4-semester study plan and aim to defend in the May period. If you want to defend in January, then you can adjust the planning phases accordingly.<br />
<br />
Generally, the process should start during the first year, by finding a topic-area of interest and by identifying a suitable supervisor. At the end of the second semester, it is highly recommended to have an idea about your topic and have discussed this with your supervisor.<br />
<br />
In early December, you should submit a problem statement and research design document (please, find the details, below). Sending this document is considered as a registration to the defence that will take place in next term. <br />
<br />
The next step in the process would be conducting the research. As the thesis submission deadline is around the third week of April (for students aiming to defend in January, this deadline is early December), please, plan to finish your work early April, so that your supervisor can review your thesis, give you feedback and you have time to address the feedback before your thesis is being sent to the reviewer/opponent. Jointly with your supervisor, you should then make a decision if your work is ready to be submitted for May defence (or if you need more time and prefer to submit for a January defence). The reviewer will review your thesis and give you feedback. Expect that you should receive the review about a week before the final deadline. You can continue to update your work until the final submission date. You can and should, however, incorporate the review feedback into the final copy of your thesis and defence presentation. This will allow you to make modifications, e.g., fix some typos or clarify some sections, which the reviewer pointed out.<br />
<br />
At the final submission deadline, you will have to submit your thesis. On the day of defence, you are expected to give a 15-minute presentation of your work, followed by Q&A from the opponent, committee, supervisor & audience. Make sure you prepare your 15-minute presentation well, this should not be left for the evening before the defence. <br />
<br />
Below some more detailed information. <br />
<br />
Good luck! <br />
<br />
=== Registration and submission of problem statement and research design document ===<br />
Each student is required to submit a problem statement and research design document having a length up to 10 pages. '''The document must include your name and also the names of thesis and supervisor''' (and co-supervisor if exists).<br />
<br />
About half a year before the defence, the students are required to indicate their intent to defend by this document. See deadlines above set for each semester. Typically this will be around Early December for May defences and Mid June for January defences. You will need to submit this via the TTU Moodle link given in "important deadlines" section of relevant defence period. You'll have to self-enrol yourself in that link. Feedback on the problem statement and research design document should be received within 3-4 weeks via the email account that you defined in TTU Moodle.<br />
<br />
The document should include the following sections and content:<br />
<br />
• The topic of the thesis<br />
<br />
• The name of the author<br />
<br />
• The name of the supervisor<br />
<br />
• Motivation: An overview of the addressed problem is given here. It should be explained why the problem is important and deserves a research study.<br />
<br />
• Research Problem/Hypothesis/Question: It is imperative to write a proper research problem/hypothesis/question statement(s).<br />
<br />
• Scope and Goal: This section defines the goal of the study and describes the main outcomes. It is required to specify the scope, limitations and key assumptions of the study.<br />
<br />
• Literature Review: This section includes the analysis of similar studies in the literature and gives a discussion of the research gap. It is important to link this research gap explanation with the research problem.<br />
<br />
• Novelty: This section justifies the novelty of your study, explains what the main contribution is and what the differences are when compared to similar studies.<br />
<br />
• Research Methods: The research methods that you will apply in your study are given here. The data collection and analysis methods are also covered in this section. It is needed to explain how your research outcome will be validated.<br />
<br />
• References: The resources referenced in the document are listed here. <br />
<br />
This document is evaluated according to the following criteria:<br />
<br />
Whether the author<br />
<br />
• has a well-defined problem statement,<br />
<br />
• successfully presents the significance of the problem,<br />
<br />
• knows the literature and the limits of existing solutions,<br />
<br />
• have thought about possible methods,<br />
<br />
• have thought about how to validate the proposed solution,<br />
<br />
• brings a novelty to the literature.<br />
<br />
You can find detailed information about research methods [https://courses.cs.ttu.ee/pages/Research_Method here.]<br />
<br />
=== Submission to Reviewer ===<br />
Each thesis will be assigned a reviewer or sometimes called opponent. The reviewer must have at least a Master's degree and relevant knowledge or experience in the field of the thesis topic, and they must not have a conflict of interest (such as being members in the same research group). Students and supervisor may recommend reviewer candidates, but the final assignment will be done by the thesis defence committee. <br />
<br />
A reviewer will provide written feedback (typically about two pages) on the thesis. The review should cover the following points:<br />
* short description of the thesis<br />
* strengths and weaknesses of the thesis<br />
* recommended grade (0-5, where 0 is a failing thesis and 5 is an excellent thesis) based on the clarity of the problem and the solution, complexity of the problem, suitability of the chosen solution, proper execution of the solution, and the proper formatting and language use in the thesis.<br />
* at least three questions that can be asked during the defence.<br />
<br />
Based on the student's performance at the defence the reviewer may change the recommended grade.<br />
<br />
The reviewer will receive a copy of the thesis about two-three weeks before the final/hard university deadline for submitting the thesis. The reason for this is that typically reviewers point out the typos and small factual mistakes that can be fixed in short time (about a week). The student will receive the review one week before the final submission deadline and therefore is able to address some of the comments before submitting the final version. The student can also still decide not to submit the thesis this round, but rather work on improving the quality and then submit an improved version in the next defence period.<br />
<br />
=== OIS declaration===<br />
Before a student can proceed to the thesis defence, they have to declare the thesis topic in OIS and get approval from their supervisor. Please pay careful attention to the OIS declaration deadline, as without this you will not be permitted to attend the defence. If you will defend your thesis in Tartu University, then you should do your OIS declaration to their systems according to their deadlines.<br />
<br />
=== Submission of Final Copy===<br />
<br />
Each student will submit the pdf version of the thesis, the relevant thesis metadata and licence information via moodle course page link given in "important deadlines" section of relevant defence period. Please complete the steps 1, 2 and 3 of the thesis submission on this page. <br />
<br />
In addition to submission of above materials via Moodle, one paper copy of your thesis will be collected before defence, which you will get back after defence. The details will be announced one or two weeks before the deadline. <br />
<br />
If you will defend your thesis in Tartu University, then you should submit final copy according to the procedures and deadlines of Tartu University. <br />
<br />
<br />
NB! Do not forget that you need to prepare a '''15 min presentation for your defence'''. This should really not be left to the evening before the defence!<br />
<br />
=== The defence procedure ===<br />
On the day of defence, students will present their theses according to the announced schedule. Generally, the results will be announced at the end of the day.<br />
<br />
The defence procedure for each student consists of the following steps:<br />
* the committee Chairman announces the name of the student, the topic of the thesis, and the names of the supervisor(s) and reviewer.<br />
* the student presents his or her thesis in 15 minutes.<br />
* the student answers the reviewer's questions and the reviewer recommends a grade. This recommendation may differ from the preliminary recommendation, based on how successful the defence was.<br />
* the student answers questions from the committee. <br />
* the student answers questions from the audience.<br />
* the supervisor gives his or her opinion of the thesis and recommends a grade.<br />
<br />
NB! The recommended grades by the reviewer and the supervisor are not binding to the committee, who makes the final decision.<br />
<br />
* After the thesis defence, please visit the Dean's Office for more information about final formalities.<br />
* [http://lab.cs.ttu.ee/theses Upload your thesis if you would like to have it public]<br />
<br />
== Formal Requirements and recommendations ==<br />
<br />
Until further notice, please use the formatting guide from the School of Information Technologies (link to the guide is given [https://www.taltech.ee/en/thesis-and-graduation-it#p43359 here]). Please note that you will have to change the title page as of 01.01.2017:<br />
* write "School of Information Technology" instead of "Faculty of Information Technology"<br />
* write "Department of Software Science" instead of "Department of Computer Engineering".<br />
<br />
The thesis code for IVCM is ITC70LT.<br />
<br />
The following advices can be considered for a master thesis<br />
* a title page, an author declaration, an annotation in English and Estonian, a list of contents, and references are required in the thesis<br />
* 50-80 pages + appendices if needed<br />
* Times New Roman (or similar), font size 12, 1.5 spacing used for the ordinary text<br />
* Headings are numbered and no more than 3 levels used<br />
* Don't forget page numbers<br />
<br />
== Topic and supervisor ==<br />
Every student must have a supervisor when writing the thesis. The supervisor's role is to provide guidance on topic selection and research methods, as well as to give feedback on your work. It is not the supervisor's duty to correct spelling mistakes or formatting errors - they may point such things out, but the responsibility remains with you. Before a thesis will be accepted for defence, the supervisor has to agree that it is of sufficient quality.<br />
<br />
Almost any professor and lecturer you have met in your curriculum can act as an supervisor of your thesis. Some of them have some open problems suitable for doing research and writing a thesis, but many may not have a topic to offer right away. It is usually more helpful to have an initial idea of a topic of your thesis and ask someone with interests in the related field to advise you. You can have a supervisor not related to the university, but he can act only as a co-supervisor and you need to agree to somebody related to the curricula or the [http://www.ttu.ee/faculty-of-information-technology/faculty-of-information-technology-1/about-faculty-2/departments/department-of-computer-science-2/ leading institute] of the curriculum to be an official co-supervisor. All (co-)supervisors must have at least a Master's degree.<br />
<br />
When refining a topic idea, make sure it has a clear connection with cyber security.<br />
<br />
NB!<br />
Theses supervised by supervisors from the University of Tartu (UT) have to be defended in UT. Exceptions are possible, but need do be approved by the program manager.<br />
<br />
If you will defend your thesis in UT, then you should do your thesis declaration according to the procedures and deadlines of UT. Thesis related guidelines and regulations are available at: https://www.cs.ut.ee/en/studying/guidelines-regulations In case of any questions contact UT Institute of Computer Science Academic Affairs Specialist Maarja Kungla (maarja.kungla@ut.ee).<br />
<br />
== Potential supervisors & proposed topics ==<br />
<br />
'''The topics below are offered by potential (co-)supervisors (in alphabetical order). The list is updated as new offers emerge.'''<br />
<br />
==== From Marko Arik, Industry PhD student, Talgen Cybersecurity Ltd. marko.arik@taltech.ee ==== <br />
<br />
* Cyber Operations<br />
* Informational Environment<br />
* Individual competences in Cyber<br />
<br />
==== From Hayretdin Bahsi, Tallinn University of Technology, hayretdin.bahsi@taltech.ee ====<br />
<br />
I am interested in various topics which can be categorized as technical and organizational. If you already have specific topics in your mind, we can discuss them and decide to work together. <br />
<br />
Technical Topics<br />
<br />
* Application of machine learning and data mining methods to the following cyber security problems: Malware detection, botnet identification, code security review, intrusion detection in cyber-physical systems, IoT network or robotic systems <br />
* Cyber security of IoT, cyber-physical systems: Development of a security testbed, threat modelling, honeypots, intrusion detection systems<br />
* Digital Forensics: Forensics issues in cyber-physical systems, IoT networks or robotics systems, mobile forensics, blockchain forensics<br />
<br />
Organizational Topics<br />
<br />
* Security operation center (SOC) models<br />
* Case studies for the improvement of SOC processes such as threat monitoring, incident handling, vulnerability management or situational awareness<br />
<br />
==== From Aivo Kalu, Cybernetica AS ====<br />
<br />
1. Comparison of identity/authentication/signing APIs from security and architecture viewpoint<br />
<br />
This might be suitable for student, who is more interested about software developing/architecture aspects, but still related to security as well. In short, there are many competing API-s in the Baltic/Nordic region, which are used in practice, to request the authentication or signatures. For example: <br />
<br />
* https://github.com/SK-EID/smart-id-documentation/blob/master/README.md<br />
* https://github.com/SK-EID/MID<br />
* https://developers.dokobit.com<br />
* https://developer.signicat.com/apis/sign-api/sign-api-v1/<br />
* https://github.com/open-eid/SiGa/wiki/Hashcode-API-description<br />
<br />
and also, there are the “canonical” or “standard" ones like OIDC and SAML and DSS (http://docs.oasis-open.org/dss/v1.0/oasis-dss-core-spec-v1.0-os.html). Which one is good? Which one has the best properties from software point of view or security point of view? Which one to use for future integrations? How do we even compare them?<br />
<br />
2. Apply Smart-ID authentication and digital signatures (or underlying SplitKey technology) in novel bitcoin/blockchain/SSI/DID use cases.<br />
<br />
For example, last year, there was the master thesis https://www.semanticscholar.org/paper/Aleksandr-Ts%C3%B5ganov-Integrating-User-Identity-with-Ts%C3%B5ganov-Pintado/30c653214f5a30ed46343058039d4b53a8d326f9?utm_source=email. <br />
<br />
If there’s some additional ideas, about where to apply the Smart-ID authentication services or perhaps to do more deeper integration with the SplitKey technology, we could discuss and see, if some interesting project might come out of this. <br />
<br />
3. Compare the attack model of the FIDO with the attack model of Smart-ID. <br />
<br />
The current Smart-ID authentication API (https://github.com/SK-EID/smart-id-documentation/blob/master/README.md) specifies how the anonymous session with the web-site becomes the authenticated session. Compare the security properties of this authentication flow with https://www.w3.org/TR/webauthn-2/ and https://fidoalliance.org/specs/fido-v2.0-id-20180227/fido-security-ref-v2.0-id-20180227.html<br />
<br />
4. Compare the properties of Smart-ID with framework by Bonneau et al.<br />
<br />
Take the https://www.cl.cam.ac.uk/~fms27/papers/2012-BonneauHerOorSta-password--oakland.pdf and the properties described there and analyse, which ones are satisfied by Smart-ID, which ones are not satisfied, which ones are already pointless in the year 2020. Compare with http://fc16.ifca.ai/preproceedings/25_Lang.pdf, which does the same kind exercise for FIDO in the section 6.1.<br />
<br />
==== From Jüri Kivimaa, Tallinn University of Technology ====<br />
* IT security economics<br />
* security cost optimization<br />
<br />
<br />
==== From Shaymaa Khalil, TalTech ====<br />
<br />
Interested in (but not limited to) topics related to:<br />
<br />
Industrial control systems: threat modeling, security, threat detection, testbeds, and education programs<br />
<br />
Digital Forensics topics, especially topics related to Industrial control systems, Windows OS and Digital Forensics tools benchmarking<br />
<br />
==== From Toomas Lepik, Tallinn University of Technology ====<br />
<br />
toomas.lepik@taltech.ee<br />
<br />
General areas:<br />
<br />
* Network Forensic (related data analysis)<br />
* Reverse engineering (including malware analysis)<br />
* SCADA security <br />
* Incident Handling.<br />
<br />
[https://courses.cs.ttu.ee/pages/Thesis/tl/ A bit more specific research ideas ]<br />
<br />
<br />
==== From Birgy Lorenz, Tallinn University of Technology ====<br />
birgy.lorenz@ttu.ee<br />
<br />
* human factors in cybersecurity<br />
* cyber awareness and training (kindergarten, schools, laypersons)<br />
* cybersecurity young talents skills and its development and testing<br />
* women in cybersecurity<br />
<br />
==== From [https://maennel.net Olaf Maennel], Tallinn University of Technology, olaf.maennel@ttu.ee ====<br />
<br />
* Network security & network measurements (active & passive)<br />
* WAN-routing & security (IPv6, BGP/BGPsec,...)<br />
<br />
==== From Sten Mäses, Tallinn University of Technology ====<br />
<br />
* Creating educational hands-on virtual labs in rangeforce.com platform<br />
<br />
==== From Andrew Roberts, Tallinn University of Technology ====<br />
Topics: <br />
1. Evaluation of Methods for Threat and Risk Assessment of Autonomous Self-Driving Vehicles<br />
2. Design and Development of a cyber range for Autonomous self-driving vehicles <br />
Contribution: <br />
<br />
Topic 1: The outcome of this work will form part of TUT contribution to standards and methods research within the International Alliance for Mobility Testing and Standardisation (IAMTS). <br />
<br />
Topic 2: The developed cyber range will be integrated into the EU ECHO-Federated Cyber Range.<br />
<br />
==== From Anna-Maria Osula, Tallinn University of Technology ====<br />
<br />
* legal aspects of cyber security <br />
* international law<br />
<br />
==== From Rain Ottis, Tallinn University of Technology ====<br />
<br />
* national cyber security<br />
* serious games in cyber security/cyber security exercises<br />
<br />
==== From Mauno Pihelgas ==== <br />
* system monitoring<br />
* network monitoring<br />
* IDS/IPS systems<br />
* insider threat detection<br />
<br />
==== From Jaan Priisalu, Tallinn University of Technology ====<br />
<br />
* TBD<br />
<br />
==== From Tiia Sõmer, Tallinn University of Technology ==== <br />
<br />
Currently no topics on offer.<br />
<br />
==== From Kaie Maennel, Tallinn University of Technology ====<br />
(kaie.maennel@ttu.ee)<br />
<br />
- cyber awareness and hygiene<br />
<br />
- cyber security learning and teaching (e.g., serious games, cyber defense exercises, etc.)<br />
<br />
- learning analytics in cyber security training context<br />
<br />
- human factors in cyber security<br />
<br />
- cybersecurity risk assessment and management<br />
<br />
- IT and cybersecurity audits<br />
<br />
==== From Stefan Sütterlin, Tallinn University of Technology & Østfold University College ====<br />
(stefan.sutterlin@hiof.no)<br />
<br />
- cognitive science and performance in cyber defence<br />
<br />
- human factors in cyber security<br />
<br />
- cyberpsychology<br />
<br />
- decision-making<br />
<br />
- cognitive biases <br />
<br />
- cybersecurity awareness<br />
<br />
==== From Eneken Tikk, Tallinn University of Technology ====<br />
* Technical and organizational implementation of the GDPR <br />
* Monetization of personal data <br />
* Economics of cybersecurity (the cost of implementation relative to the anticipated and evidenced gains) <br />
* Cyber insurance<br />
* Non-military strategies for national and international cybersecurity<br />
* Legal aspects of cybersecurity<br />
<br />
==== From Risto Vaarandi, Tallinn University of Technology ====<br />
<br />
Here are potential areas for selecting a thesis topic:<br />
<br />
* event log collection<br />
* event log analysis<br />
* event correlation<br />
* network monitoring<br />
* intrusion detection<br />
* any area that is connected to security monitoring<br />
* various other system security engineering topics (for example, system hardening or firewalling)<br />
<br />
When applying for supervision, preference is given to students who have either passed the Cyber Defense Monitoring Solutions course with grade 4 or 5, or have previous engineering experience in the research area (for example, writing a thesis on network intrusion detection requires previous experience with network IDS systems). Before applying, make sure you have selected at least one initial thesis topic suggestion with a background research about its validity.<br />
<br />
==== From Adrian Venables, Tallinn University of Technology ====<br />
<br />
* Cyber security aspects of Information Warfare<br />
* Information Advantage doctrine development<br />
* Influence Operations<br />
<br />
Note: a background in International Relations, Political Science or Strategic Studies is required<br />
<br />
<br />
==== From Gabor Visky, NATO CCDCOE / TalTech ====<br />
<br />
Gabor Visky <gabor.visky@ccdcoe.org><br />
<br />
* Network traffic analysis in the maritime cyber-lab<br />
<br />
==== From Matthew Sorell, Tallinn University of Technology / Adelaide University Australia ====<br />
<br />
Matthew James Sorell <matthew.sorell@taltech.ee> <br />
<br />
1. A risk-based decision approach for handling digital devices at a crime scene.<br />
<br />
It is common for electronic devices such as mobile phones to be discovered at a crime scene, but the means for securing the device is becoming increasingly complex. In spite of this, evidence handling procedures are often static and increasingly out of date, leading to the loss of critical evidence in serious crime.<br />
<br />
The phone may be remotely wiped; picking it up may activate motion sensors; and in some cases (such as missing persons) the urgency of the evidence needs to be weighed against securing forensic evidence for investigation and prosecution. <br />
<br />
In this research, we consider the development of a risk-based approach to advising crime scene investigators to handle digital devices in the least-worst way.<br />
<br />
<br />
<br />
2. Feasible route mapping<br />
<br />
When examining timestamped geolocation data, it is often useful to determine feasible routes which could be taken from one location to another. <br />
<br />
Google Maps, for example, provides directions and sometimes provides a small number of alternatives. For criminal investigation, a heatmap of feasible routes would support investigators with a means to rapidly evaluate the context of movement in and around a crime. <br />
<br />
In this project, we propose to use the Google Maps Platform (https://developers.google.com/maps/gmp-get-started) to build, through statistical sampling, a heatmap of feasible routes subject to time and modes-of-transportation constraints.<br />
<br />
==== From the TalTech IT office ====<br />
Infrastructure<br />
* Migrating TUT Campus LAN to IPv6; Edgars Zigurs<br />
* Implementing a freeware SIEM solution in TUT; Edgars Zigurs<br />
* Campus WiFi quality and signal strength modeling (3D); Edgars Zigurs<br />
<br />
Development<br />
* electronic door signs, room calendars, etc.; Thomas Lepik<br />
* VoIP solutions - softphone, integration with existing information systems; Thomas Lepik<br />
* integrating last generation BMS (Building Management System); Thomas Lepik<br />
* the student view of OIS (usability, security, re-design); Enn Rebane<br />
<br />
==== From the Tartu University thesis topic registry ====<br />
NB! Theses supervised by supervisors from the University of Tartu (UT) have to be defended in UT. Exceptions are possible, but need do be approved by the program manager. If you will defend your thesis in UT, then you should do your thesis declaration according to the procedures and deadlines of UT. Thesis related guidelines and regulations are available at: https://www.cs.ut.ee/en/studying/guidelines-regulations<br />
In case of any questions contact UT Institute of Computer Science Academic Affairs Specialist Maarja Kungla (maarja.kungla@ut.ee).<br />
<br />
- Arnis Paršovs, University of Tartu, arnis@ut.ee<br />
* eID<br />
* PKI<br />
* TLS<br />
* Smart cards<br />
<br />
A full list of thesis topics offered by the [https://acs.cs.ut.ee/ Applied Cyber Security Group (UT)] is available in the [https://comserv.cs.ut.ee/ati_thesis_offers/index.php?year=all&keywords=acs thesis topics database].<br />
<br />
Students can also get access to various [https://acs.cs.ut.ee/hardware/ hardware] that can be used for research experiments.<br />
<br />
- Dominique Unruh, University of Tartu, <dominique.unruh@ut.ee> <br />
<br />
- Vitaly Skachek, University of Tartu, <vitaly.skachek@ut.ee><br />
<br />
- Meelis Roos, University of Tartu, <meelis.roos@ut.ee><br />
<br />
- Mubashar Iqbal, University of Tartu, <mubashar.iqbal@ut.ee><br />
<br />
- Abasi-Amefon Obot Affia, University of Tartu, <amefon.affia@ut.ee><br />
<br />
- Mari Seeba, University of Tartu, <mari.seeba@ut.ee><br />
<br />
- Sabah Suhail, University of Tartu,<br />
<br />
- Raimundas Matulevicius, University of Tartu, <raimundas.matulevicius@ut.ee><br />
<br />
<br />
Some topics are provided at <https://infosec.cs.ut.ee/Main/ThesisTopics><br />
<br />
For other topics, students can contact directly the supervisors and course lecturers.<br />
<br />
==== From Estonian Police ====<br />
* Vaatlustarkvarade EnCase ja Autopsy võrdlus (selgituseks, et Autopsy on EnCase analoog, kuid tasuta. Vajalik oleks täpne analüüs, et mida Autopsy võimaldab ja mida mitte võrreldes EnCase ja/või FTKga).<br />
<br />
* Erinevate suhtlustarkvarade (WhatsApp, Viber, FB Messenger, Skype jt) jäljed mobiiltelefonides ja nende analüüsimine (selgituseks, et üldjuhul loovad suhtlustarkvarad mingi andmebaasi vestlustega ka telefoni, kas see on krüpteeritud või mitte? Osad vestlused XRY tuvastab, aga millistel juhtudel? Millised võimalused oleks neid faile nö käsitsi uurida?).<br />
<br />
* Tõendiahela kirjeldamine elektrooniliste tõendite fikseerimisel (chain of custody)/Elektroonilise sisu erikohtlemine asitõendi vaatlusel/Digitaaltõendite vaatluse kord – erinevate riikid analüüs ja võrdlus.<br />
<br />
* P2P võrkudes lastest ebasündsate piltide levitajate tuvastamine/P2P võrkudes illegaalse internetisisu levitajate tuvastamine.<br />
<br />
* Koolituskava väljatöötamine uurijale/menetlejale, kes puutub kokku digitaalsete tõenditega- erinevate riikide praktika võrdlus.<br />
<br />
* Ask Rain Ottis for a POC on these topics.<br />
<br />
== Useful links ==<br />
[https://drive.google.com/file/d/0B7yq33Gize8ydEh5X0NxeWtZc3c/edit ITX8040 Thesis advice slides]<br />
<br />
[https://www.taltech.ee/en/thesis-and-graduation-it#p43359 Format requirements of a thesis and MS-Word Template (TalTech)]<br />
<br />
[https://gitlab.cs.ttu.ee/templates/phd-thesis LATEX template for master thesis (TalTech) (accessible by UNI-ID)]<br />
<br />
[http://www.lib.ttu.ee/dbs/abaasid.asp Databases, books, research papers accessible from the TTU network]<br />
<br />
[https://courses.cs.ttu.ee/pages/Research_Method An Overview of Research Methods]<br />
<br />
[https://courses.cs.ttu.ee/pages/Defended_thesis_cyber Previously Defended Theses]</div>Kristihttp://courses.cs.taltech.ee/w/index.php?title=Thesis&diff=10217Thesis2021-10-06T06:59:32Z<p>Kristi: /* Potential supervisors & proposed topics */</p>
<hr />
<div>=Thesis info for Cyber Security students=<br />
<br />
== Important Deadlines for January 2022 Defence ==<br />
* Submission of problem statement and research design document: 15th August 2021 https://moodle.taltech.ee/course/view.php?id=31686, Student key: qv374MdM<br />
<br />
* Submission of the thesis to the reviewer: TBD<br />
* OIS declaration: TBD<br />
* Submission of the final version of the thesis: TBD<br />
* Defences: TBD<br />
<br />
== Important Deadlines for May/June 2022 Defence ==<br />
<br />
* Submission of problem statement and research design document: TBD<br />
* Submission of the thesis to the reviewer: TBD<br />
* OIS declaration: TBD<br />
* Submission of the final version of the thesis: TBD<br />
* Defences: TBD<br />
<br />
<br />
<br />
== Thesis Defence Overview ==<br />
<br />
Writing and defending an MSc thesis is an important part of the Cyber Security curriculum, as it shows that you can go deep into a specific cyber security research area. This page gives a rough overview of the process, but details should be discussed with your supervisor. This overview part is given according to the assumption that you are following a 4-semester study plan and aim to defend in the May period. If you want to defend in January, then you can adjust the planning phases accordingly.<br />
<br />
Generally, the process should start during the first year, by finding a topic-area of interest and by identifying a suitable supervisor. At the end of the second semester, it is highly recommended to have an idea about your topic and have discussed this with your supervisor.<br />
<br />
In early December, you should submit a problem statement and research design document (please, find the details, below). Sending this document is considered as a registration to the defence that will take place in next term. <br />
<br />
The next step in the process would be conducting the research. As the thesis submission deadline is around the third week of April (for students aiming to defend in January, this deadline is early December), please, plan to finish your work early April, so that your supervisor can review your thesis, give you feedback and you have time to address the feedback before your thesis is being sent to the reviewer/opponent. Jointly with your supervisor, you should then make a decision if your work is ready to be submitted for May defence (or if you need more time and prefer to submit for a January defence). The reviewer will review your thesis and give you feedback. Expect that you should receive the review about a week before the final deadline. You can continue to update your work until the final submission date. You can and should, however, incorporate the review feedback into the final copy of your thesis and defence presentation. This will allow you to make modifications, e.g., fix some typos or clarify some sections, which the reviewer pointed out.<br />
<br />
At the final submission deadline, you will have to submit your thesis. On the day of defence, you are expected to give a 15-minute presentation of your work, followed by Q&A from the opponent, committee, supervisor & audience. Make sure you prepare your 15-minute presentation well, this should not be left for the evening before the defence. <br />
<br />
Below some more detailed information. <br />
<br />
Good luck! <br />
<br />
=== Registration and submission of problem statement and research design document ===<br />
Each student is required to submit a problem statement and research design document having a length up to 10 pages. '''The document must include your name and also the names of thesis and supervisor''' (and co-supervisor if exists).<br />
<br />
About half a year before the defence, the students are required to indicate their intent to defend by this document. See deadlines above set for each semester. Typically this will be around Early December for May defences and Mid June for January defences. You will need to submit this via the TTU Moodle link given in "important deadlines" section of relevant defence period. You'll have to self-enrol yourself in that link. Feedback on the problem statement and research design document should be received within 3-4 weeks via the email account that you defined in TTU Moodle.<br />
<br />
The document should include the following sections and content:<br />
<br />
• The topic of the thesis<br />
<br />
• The name of the author<br />
<br />
• The name of the supervisor<br />
<br />
• Motivation: An overview of the addressed problem is given here. It should be explained why the problem is important and deserves a research study.<br />
<br />
• Research Problem/Hypothesis/Question: It is imperative to write a proper research problem/hypothesis/question statement(s).<br />
<br />
• Scope and Goal: This section defines the goal of the study and describes the main outcomes. It is required to specify the scope, limitations and key assumptions of the study.<br />
<br />
• Literature Review: This section includes the analysis of similar studies in the literature and gives a discussion of the research gap. It is important to link this research gap explanation with the research problem.<br />
<br />
• Novelty: This section justifies the novelty of your study, explains what the main contribution is and what the differences are when compared to similar studies.<br />
<br />
• Research Methods: The research methods that you will apply in your study are given here. The data collection and analysis methods are also covered in this section. It is needed to explain how your research outcome will be validated.<br />
<br />
• References: The resources referenced in the document are listed here. <br />
<br />
This document is evaluated according to the following criteria:<br />
<br />
Whether the author<br />
<br />
• has a well-defined problem statement,<br />
<br />
• successfully presents the significance of the problem,<br />
<br />
• knows the literature and the limits of existing solutions,<br />
<br />
• have thought about possible methods,<br />
<br />
• have thought about how to validate the proposed solution,<br />
<br />
• brings a novelty to the literature.<br />
<br />
You can find detailed information about research methods [https://courses.cs.ttu.ee/pages/Research_Method here.]<br />
<br />
=== Submission to Reviewer ===<br />
Each thesis will be assigned a reviewer or sometimes called opponent. The reviewer must have at least a Master's degree and relevant knowledge or experience in the field of the thesis topic, and they must not have a conflict of interest (such as being members in the same research group). Students and supervisor may recommend reviewer candidates, but the final assignment will be done by the thesis defence committee. <br />
<br />
A reviewer will provide written feedback (typically about two pages) on the thesis. The review should cover the following points:<br />
* short description of the thesis<br />
* strengths and weaknesses of the thesis<br />
* recommended grade (0-5, where 0 is a failing thesis and 5 is an excellent thesis) based on the clarity of the problem and the solution, complexity of the problem, suitability of the chosen solution, proper execution of the solution, and the proper formatting and language use in the thesis.<br />
* at least three questions that can be asked during the defence.<br />
<br />
Based on the student's performance at the defence the reviewer may change the recommended grade.<br />
<br />
The reviewer will receive a copy of the thesis about two-three weeks before the final/hard university deadline for submitting the thesis. The reason for this is that typically reviewers point out the typos and small factual mistakes that can be fixed in short time (about a week). The student will receive the review one week before the final submission deadline and therefore is able to address some of the comments before submitting the final version. The student can also still decide not to submit the thesis this round, but rather work on improving the quality and then submit an improved version in the next defence period.<br />
<br />
=== OIS declaration===<br />
Before a student can proceed to the thesis defence, they have to declare the thesis topic in OIS and get approval from their supervisor. Please pay careful attention to the OIS declaration deadline, as without this you will not be permitted to attend the defence. If you will defend your thesis in Tartu University, then you should do your OIS declaration to their systems according to their deadlines.<br />
<br />
=== Submission of Final Copy===<br />
<br />
Each student will submit the pdf version of the thesis, the relevant thesis metadata and licence information via moodle course page link given in "important deadlines" section of relevant defence period. Please complete the steps 1, 2 and 3 of the thesis submission on this page. <br />
<br />
In addition to submission of above materials via Moodle, one paper copy of your thesis will be collected before defence, which you will get back after defence. The details will be announced one or two weeks before the deadline. <br />
<br />
If you will defend your thesis in Tartu University, then you should submit final copy according to the procedures and deadlines of Tartu University. <br />
<br />
<br />
NB! Do not forget that you need to prepare a '''15 min presentation for your defence'''. This should really not be left to the evening before the defence!<br />
<br />
=== The defence procedure ===<br />
On the day of defence, students will present their theses according to the announced schedule. Generally, the results will be announced at the end of the day.<br />
<br />
The defence procedure for each student consists of the following steps:<br />
* the committee Chairman announces the name of the student, the topic of the thesis, and the names of the supervisor(s) and reviewer.<br />
* the student presents his or her thesis in 15 minutes.<br />
* the student answers the reviewer's questions and the reviewer recommends a grade. This recommendation may differ from the preliminary recommendation, based on how successful the defence was.<br />
* the student answers questions from the committee. <br />
* the student answers questions from the audience.<br />
* the supervisor gives his or her opinion of the thesis and recommends a grade.<br />
<br />
NB! The recommended grades by the reviewer and the supervisor are not binding to the committee, who makes the final decision.<br />
<br />
* After the thesis defence, please visit the Dean's Office for more information about final formalities.<br />
* [http://lab.cs.ttu.ee/theses Upload your thesis if you would like to have it public]<br />
<br />
== Formal Requirements and recommendations ==<br />
<br />
Until further notice, please use the formatting guide from the School of Information Technologies (link to the guide is given [https://www.taltech.ee/en/thesis-and-graduation-it#p43359 here]). Please note that you will have to change the title page as of 01.01.2017:<br />
* write "School of Information Technology" instead of "Faculty of Information Technology"<br />
* write "Department of Software Science" instead of "Department of Computer Engineering".<br />
<br />
The thesis code for IVCM is ITC70LT.<br />
<br />
The following advices can be considered for a master thesis<br />
* a title page, an author declaration, an annotation in English and Estonian, a list of contents, and references are required in the thesis<br />
* 50-80 pages + appendices if needed<br />
* Times New Roman (or similar), font size 12, 1.5 spacing used for the ordinary text<br />
* Headings are numbered and no more than 3 levels used<br />
* Don't forget page numbers<br />
<br />
== Topic and supervisor ==<br />
Every student must have a supervisor when writing the thesis. The supervisor's role is to provide guidance on topic selection and research methods, as well as to give feedback on your work. It is not the supervisor's duty to correct spelling mistakes or formatting errors - they may point such things out, but the responsibility remains with you. Before a thesis will be accepted for defence, the supervisor has to agree that it is of sufficient quality.<br />
<br />
Almost any professor and lecturer you have met in your curriculum can act as an supervisor of your thesis. Some of them have some open problems suitable for doing research and writing a thesis, but many may not have a topic to offer right away. It is usually more helpful to have an initial idea of a topic of your thesis and ask someone with interests in the related field to advise you. You can have a supervisor not related to the university, but he can act only as a co-supervisor and you need to agree to somebody related to the curricula or the [http://www.ttu.ee/faculty-of-information-technology/faculty-of-information-technology-1/about-faculty-2/departments/department-of-computer-science-2/ leading institute] of the curriculum to be an official co-supervisor. All (co-)supervisors must have at least a Master's degree.<br />
<br />
When refining a topic idea, make sure it has a clear connection with cyber security.<br />
<br />
NB!<br />
Theses supervised by supervisors from the University of Tartu (UT) have to be defended in UT. Exceptions are possible, but need do be approved by the program manager.<br />
<br />
If you will defend your thesis in UT, then you should do your thesis declaration according to the procedures and deadlines of UT. Thesis related guidelines and regulations are available at: https://www.cs.ut.ee/en/studying/guidelines-regulations In case of any questions contact UT Institute of Computer Science Academic Affairs Specialist Maarja Kungla (maarja.kungla@ut.ee).<br />
<br />
== Potential supervisors & proposed topics ==<br />
<br />
The topics below are offered by potential (co-)supervisors (in alphabetical order). The list is updated as new offers emerge.<br />
<br />
==== From Marko Arik, Industry PhD student, Talgen Cybersecurity Ltd. marko.arik@taltech.ee ==== <br />
<br />
* Cyber Operations<br />
* Informational Environment<br />
* Individual competences in Cyber<br />
<br />
==== From Hayretdin Bahsi, Tallinn University of Technology, hayretdin.bahsi@taltech.ee ====<br />
<br />
I am interested in various topics which can be categorized as technical and organizational. If you already have specific topics in your mind, we can discuss them and decide to work together. <br />
<br />
Technical Topics<br />
<br />
* Application of machine learning and data mining methods to the following cyber security problems: Malware detection, botnet identification, code security review, intrusion detection in cyber-physical systems, IoT network or robotic systems <br />
* Cyber security of IoT, cyber-physical systems: Development of a security testbed, threat modelling, honeypots, intrusion detection systems<br />
* Digital Forensics: Forensics issues in cyber-physical systems, IoT networks or robotics systems, mobile forensics, blockchain forensics<br />
<br />
<br />
Organizational Topics<br />
<br />
* Security operation center (SOC) models<br />
* Case studies for the improvement of SOC processes such as threat monitoring, incident handling, vulnerability management or situational awareness<br />
<br />
==== From Aivo Kalu, Cybernetica AS ====<br />
<br />
1. Comparison of identity/authentication/signing APIs from security and architecture viewpoint<br />
<br />
This might be suitable for student, who is more interested about software developing/architecture aspects, but still related to security as well. In short, there are many competing API-s in the Baltic/Nordic region, which are used in practice, to request the authentication or signatures. For example: <br />
<br />
* https://github.com/SK-EID/smart-id-documentation/blob/master/README.md<br />
* https://github.com/SK-EID/MID<br />
* https://developers.dokobit.com<br />
* https://developer.signicat.com/apis/sign-api/sign-api-v1/<br />
* https://github.com/open-eid/SiGa/wiki/Hashcode-API-description<br />
<br />
and also, there are the “canonical” or “standard" ones like OIDC and SAML and DSS (http://docs.oasis-open.org/dss/v1.0/oasis-dss-core-spec-v1.0-os.html). Which one is good? Which one has the best properties from software point of view or security point of view? Which one to use for future integrations? How do we even compare them?<br />
<br />
2. Apply Smart-ID authentication and digital signatures (or underlying SplitKey technology) in novel bitcoin/blockchain/SSI/DID use cases.<br />
<br />
For example, last year, there was the master thesis https://www.semanticscholar.org/paper/Aleksandr-Ts%C3%B5ganov-Integrating-User-Identity-with-Ts%C3%B5ganov-Pintado/30c653214f5a30ed46343058039d4b53a8d326f9?utm_source=email. <br />
<br />
If there’s some additional ideas, about where to apply the Smart-ID authentication services or perhaps to do more deeper integration with the SplitKey technology, we could discuss and see, if some interesting project might come out of this. <br />
<br />
3. Compare the attack model of the FIDO with the attack model of Smart-ID. <br />
<br />
The current Smart-ID authentication API (https://github.com/SK-EID/smart-id-documentation/blob/master/README.md) specifies how the anonymous session with the web-site becomes the authenticated session. Compare the security properties of this authentication flow with https://www.w3.org/TR/webauthn-2/ and https://fidoalliance.org/specs/fido-v2.0-id-20180227/fido-security-ref-v2.0-id-20180227.html<br />
<br />
4. Compare the properties of Smart-ID with framework by Bonneau et al.<br />
<br />
Take the https://www.cl.cam.ac.uk/~fms27/papers/2012-BonneauHerOorSta-password--oakland.pdf and the properties described there and analyse, which ones are satisfied by Smart-ID, which ones are not satisfied, which ones are already pointless in the year 2020. Compare with http://fc16.ifca.ai/preproceedings/25_Lang.pdf, which does the same kind exercise for FIDO in the section 6.1.<br />
<br />
==== From Jüri Kivimaa, Tallinn University of Technology ====<br />
* IT security economics<br />
* security cost optimization<br />
<br />
==== From Toomas Lepik, Tallinn University of Technology ====<br />
<br />
toomas.lepik@taltech.ee<br />
<br />
General areas:<br />
<br />
* Network Forensic (related data analysis)<br />
* Reverse engineering (including malware analysis)<br />
* SCADA security <br />
* Incident Handling.<br />
<br />
[https://courses.cs.ttu.ee/pages/Thesis/tl/ A bit more specific research ideas ]<br />
<br />
==== From Adrian Venables, Tallinn University of Technology ====<br />
<br />
* Cyber security aspects of Information Warfare<br />
* Information Advantage doctrine development<br />
* Influence Operations<br />
<br />
Note: a background in International Relations, Political Science or Strategic Studies is required<br />
<br />
==== From Sten Mäses, Tallinn University of Technology ====<br />
<br />
* Creating educational hands-on virtual labs in rangeforce.com platform<br />
<br />
<br />
==== From Birgy Lorenz, Tallinn University of Technology ====<br />
birgy.lorenz@ttu.ee<br />
<br />
* human factors in cybersecurity<br />
* cyber awareness and training (kindergarten, schools, laypersons)<br />
* cybersecurity young talents skills and its development and testing<br />
* women in cybersecurity<br />
<br />
==== From [https://maennel.net Olaf Maennel], Tallinn University of Technology, olaf.maennel@ttu.ee ====<br />
<br />
* Network security & network measurements (active & passive)<br />
* WAN-routing & security (IPv6, BGP/BGPsec,...)<br />
<br />
==== From Andrew Roberts, Tallinn University of Technology ====<br />
Topics: <br />
1. Evaluation of Methods for Threat and Risk Assessment of Autonomous Self-Driving Vehicles<br />
2. Design and Development of a cyber range for Autonomous self-driving vehicles <br />
Contribution: <br />
<br />
Topic 1: The outcome of this work will form part of TUT contribution to standards and methods research within the International Alliance for Mobility Testing and Standardisation (IAMTS). <br />
<br />
Topic 2: The developed cyber range will be integrated into the EU ECHO-Federated Cyber Range.<br />
<br />
==== From Anna-Maria Osula, Tallinn University of Technology ====<br />
<br />
* legal aspects of cyber security <br />
* international law<br />
<br />
==== From Rain Ottis, Tallinn University of Technology ====<br />
<br />
* national cyber security<br />
* serious games in cyber security/cyber security exercises<br />
<br />
==== From Mauno Pihelgas ==== <br />
* system monitoring<br />
* network monitoring<br />
* IDS/IPS systems<br />
* insider threat detection<br />
<br />
==== From Jaan Priisalu, Tallinn University of Technology ====<br />
<br />
* TBD<br />
<br />
==== From Tiia Sõmer, Tallinn University of Technology ==== <br />
<br />
Currently no topics on offer.<br />
<br />
==== From Kaie Maennel, Tallinn University of Technology ====<br />
(kaie.maennel@ttu.ee)<br />
<br />
- cyber awareness and hygiene<br />
<br />
- cyber security learning and teaching (e.g., serious games, cyber defense exercises, etc.)<br />
<br />
- learning analytics in cyber security training context<br />
<br />
- human factors in cyber security<br />
<br />
- cybersecurity risk assessment and management<br />
<br />
- IT and cybersecurity audits<br />
<br />
==== From Stefan Sütterlin, Tallinn University of Technology & Østfold University College ====<br />
(stefan.sutterlin@hiof.no)<br />
<br />
- cognitive science and performance in cyber defence<br />
<br />
- human factors in cyber security<br />
<br />
- cyberpsychology<br />
<br />
- decision-making<br />
<br />
- cognitive biases <br />
<br />
- cybersecurity awareness<br />
<br />
==== From Eneken Tikk, Tallinn University of Technology ====<br />
* Technical and organizational implementation of the GDPR <br />
* Monetization of personal data <br />
* Economics of cybersecurity (the cost of implementation relative to the anticipated and evidenced gains) <br />
* Cyber insurance<br />
* Non-military strategies for national and international cybersecurity<br />
* Legal aspects of cybersecurity<br />
<br />
==== From Risto Vaarandi, Tallinn University of Technology ====<br />
<br />
Here are potential areas for selecting a thesis topic:<br />
<br />
* event log collection<br />
* event log analysis<br />
* event correlation<br />
* network monitoring<br />
* intrusion detection<br />
* any area that is connected to security monitoring<br />
* various other system security engineering topics (for example, system hardening or firewalling)<br />
<br />
When applying for supervision, preference is given to students who have either passed the Cyber Defense Monitoring Solutions course with grade 4 or 5, or have previous engineering experience in the research area (for example, writing a thesis on network intrusion detection requires previous experience with network IDS systems). Before applying, make sure you have selected at least one initial thesis topic suggestion with a background research about its validity.<br />
<br />
==== From Shaymaa Khalil, TalTech ====<br />
<br />
Interested in (but not limited to) topics related to:<br />
<br />
Industrial control systems: threat modeling, security, threat detection, testbeds, and education programs<br />
<br />
Digital Forensics topics, especially topics related to Industrial control systems, Windows OS and Digital Forensics tools benchmarking<br />
<br />
==== From Gabor Visky, NATO CCDCOE / TalTech ====<br />
<br />
Gabor Visky <gabor.visky@ccdcoe.org><br />
<br />
* Network traffic analysis in the maritime cyber-lab<br />
<br />
==== From Matthew Sorell, Tallinn University of Technology / Adelaide University Australia ====<br />
<br />
Matthew James Sorell <matthew.sorell@taltech.ee> <br />
<br />
1. A risk-based decision approach for handling digital devices at a crime scene.<br />
<br />
It is common for electronic devices such as mobile phones to be discovered at a crime scene, but the means for securing the device is becoming increasingly complex. In spite of this, evidence handling procedures are often static and increasingly out of date, leading to the loss of critical evidence in serious crime.<br />
<br />
The phone may be remotely wiped; picking it up may activate motion sensors; and in some cases (such as missing persons) the urgency of the evidence needs to be weighed against securing forensic evidence for investigation and prosecution. <br />
<br />
In this research, we consider the development of a risk-based approach to advising crime scene investigators to handle digital devices in the least-worst way.<br />
<br />
<br />
<br />
2. Feasible route mapping<br />
<br />
When examining timestamped geolocation data, it is often useful to determine feasible routes which could be taken from one location to another. <br />
<br />
Google Maps, for example, provides directions and sometimes provides a small number of alternatives. For criminal investigation, a heatmap of feasible routes would support investigators with a means to rapidly evaluate the context of movement in and around a crime. <br />
<br />
In this project, we propose to use the Google Maps Platform (https://developers.google.com/maps/gmp-get-started) to build, through statistical sampling, a heatmap of feasible routes subject to time and modes-of-transportation constraints.<br />
<br />
==== From the TalTech IT office ====<br />
Infrastructure<br />
* Migrating TUT Campus LAN to IPv6; Edgars Zigurs<br />
* Implementing a freeware SIEM solution in TUT; Edgars Zigurs<br />
* Campus WiFi quality and signal strength modeling (3D); Edgars Zigurs<br />
<br />
Development<br />
* electronic door signs, room calendars, etc.; Thomas Lepik<br />
* VoIP solutions - softphone, integration with existing information systems; Thomas Lepik<br />
* integrating last generation BMS (Building Management System); Thomas Lepik<br />
* the student view of OIS (usability, security, re-design); Enn Rebane<br />
<br />
==== From the Tartu University thesis topic registry ====<br />
NB! Theses supervised by supervisors from the University of Tartu (UT) have to be defended in UT. Exceptions are possible, but need do be approved by the program manager. If you will defend your thesis in UT, then you should do your thesis declaration according to the procedures and deadlines of UT. Thesis related guidelines and regulations are available at: https://www.cs.ut.ee/en/studying/guidelines-regulations<br />
In case of any questions contact UT Institute of Computer Science Academic Affairs Specialist Maarja Kungla (maarja.kungla@ut.ee).<br />
<br />
- Arnis Paršovs, University of Tartu, arnis@ut.ee<br />
* eID<br />
* PKI<br />
* TLS<br />
* Smart cards<br />
<br />
A full list of thesis topics offered by the [https://acs.cs.ut.ee/ Applied Cyber Security Group (UT)] is available in the [https://comserv.cs.ut.ee/ati_thesis_offers/index.php?year=all&keywords=acs thesis topics database].<br />
<br />
Students can also get access to various [https://acs.cs.ut.ee/hardware/ hardware] that can be used for research experiments.<br />
<br />
- Dominique Unruh, University of Tartu, <dominique.unruh@ut.ee> <br />
<br />
- Vitaly Skachek, University of Tartu, <vitaly.skachek@ut.ee><br />
<br />
- Meelis Roos, University of Tartu, <meelis.roos@ut.ee><br />
<br />
- Mubashar Iqbal, University of Tartu, <mubashar.iqbal@ut.ee><br />
<br />
- Abasi-Amefon Obot Affia, University of Tartu, <amefon.affia@ut.ee><br />
<br />
- Mari Seeba, University of Tartu, <mari.seeba@ut.ee><br />
<br />
- Sabah Suhail, University of Tartu,<br />
<br />
- Raimundas Matulevicius, University of Tartu, <raimundas.matulevicius@ut.ee><br />
<br />
<br />
Some topics are provided at <https://infosec.cs.ut.ee/Main/ThesisTopics><br />
<br />
For other topics, students can contact directly the supervisors and course lecturers.<br />
<br />
==== From Estonian Police ====<br />
* Vaatlustarkvarade EnCase ja Autopsy võrdlus (selgituseks, et Autopsy on EnCase analoog, kuid tasuta. Vajalik oleks täpne analüüs, et mida Autopsy võimaldab ja mida mitte võrreldes EnCase ja/või FTKga).<br />
<br />
* Erinevate suhtlustarkvarade (WhatsApp, Viber, FB Messenger, Skype jt) jäljed mobiiltelefonides ja nende analüüsimine (selgituseks, et üldjuhul loovad suhtlustarkvarad mingi andmebaasi vestlustega ka telefoni, kas see on krüpteeritud või mitte? Osad vestlused XRY tuvastab, aga millistel juhtudel? Millised võimalused oleks neid faile nö käsitsi uurida?).<br />
<br />
* Tõendiahela kirjeldamine elektrooniliste tõendite fikseerimisel (chain of custody)/Elektroonilise sisu erikohtlemine asitõendi vaatlusel/Digitaaltõendite vaatluse kord – erinevate riikid analüüs ja võrdlus.<br />
<br />
* P2P võrkudes lastest ebasündsate piltide levitajate tuvastamine/P2P võrkudes illegaalse internetisisu levitajate tuvastamine.<br />
<br />
* Koolituskava väljatöötamine uurijale/menetlejale, kes puutub kokku digitaalsete tõenditega- erinevate riikide praktika võrdlus.<br />
<br />
* Ask Rain Ottis for a POC on these topics.<br />
<br />
== Useful links ==<br />
[https://drive.google.com/file/d/0B7yq33Gize8ydEh5X0NxeWtZc3c/edit ITX8040 Thesis advice slides]<br />
<br />
[https://www.taltech.ee/en/thesis-and-graduation-it#p43359 Format requirements of a thesis and MS-Word Template (TalTech)]<br />
<br />
[https://gitlab.cs.ttu.ee/templates/phd-thesis LATEX template for master thesis (TalTech) (accessible by UNI-ID)]<br />
<br />
[http://www.lib.ttu.ee/dbs/abaasid.asp Databases, books, research papers accessible from the TTU network]<br />
<br />
[https://courses.cs.ttu.ee/pages/Research_Method An Overview of Research Methods]<br />
<br />
[https://courses.cs.ttu.ee/pages/Defended_thesis_cyber Previously Defended Theses]</div>Kristihttp://courses.cs.taltech.ee/w/index.php?title=Thesis&diff=10181Thesis2021-09-17T08:08:48Z<p>Kristi: /* Potential supervisors & proposed topics */</p>
<hr />
<div>=Thesis info for Cyber Security students=<br />
<br />
== Important Deadlines for January 2022 Defence ==<br />
* Submission of problem statement and research design document: 15th August 2021 https://moodle.taltech.ee/course/view.php?id=31686, Student key: qv374MdM<br />
<br />
* Submission of the thesis to the reviewer: TBD<br />
* OIS declaration: TBD<br />
* Submission of the final version of the thesis: TBD<br />
* Defences: TBD<br />
<br />
== Important Deadlines for May/June 2022 Defence ==<br />
<br />
* Submission of problem statement and research design document: TBD<br />
* Submission of the thesis to the reviewer: TBD<br />
* OIS declaration: TBD<br />
* Submission of the final version of the thesis: TBD<br />
* Defences: TBD<br />
<br />
<br />
<br />
== Thesis Defence Overview ==<br />
<br />
Writing and defending an MSc thesis is an important part of the Cyber Security curriculum, as it shows that you can go deep into a specific cyber security research area. This page gives a rough overview of the process, but details should be discussed with your supervisor. This overview part is given according to the assumption that you are following a 4-semester study plan and aim to defend in the May period. If you want to defend in January, then you can adjust the planning phases accordingly.<br />
<br />
Generally, the process should start during the first year, by finding a topic-area of interest and by identifying a suitable supervisor. At the end of the second semester, it is highly recommended to have an idea about your topic and have discussed this with your supervisor.<br />
<br />
In early December, you should submit a problem statement and research design document (please, find the details, below). Sending this document is considered as a registration to the defence that will take place in next term. <br />
<br />
The next step in the process would be conducting the research. As the thesis submission deadline is around the third week of April (for students aiming to defend in January, this deadline is early December), please, plan to finish your work early April, so that your supervisor can review your thesis, give you feedback and you have time to address the feedback before your thesis is being sent to the reviewer/opponent. Jointly with your supervisor, you should then make a decision if your work is ready to be submitted for May defence (or if you need more time and prefer to submit for a January defence). The reviewer will review your thesis and give you feedback. Expect that you should receive the review about a week before the final deadline. You can continue to update your work until the final submission date. You can and should, however, incorporate the review feedback into the final copy of your thesis and defence presentation. This will allow you to make modifications, e.g., fix some typos or clarify some sections, which the reviewer pointed out.<br />
<br />
At the final submission deadline, you will have to submit your thesis. On the day of defence, you are expected to give a 15-minute presentation of your work, followed by Q&A from the opponent, committee, supervisor & audience. Make sure you prepare your 15-minute presentation well, this should not be left for the evening before the defence. <br />
<br />
Below some more detailed information. <br />
<br />
Good luck! <br />
<br />
=== Registration and submission of problem statement and research design document ===<br />
Each student is required to submit a problem statement and research design document having a length up to 10 pages. '''The document must include your name and also the names of thesis and supervisor''' (and co-supervisor if exists).<br />
<br />
About half a year before the defence, the students are required to indicate their intent to defend by this document. See deadlines above set for each semester. Typically this will be around Early December for May defences and Mid June for January defences. You will need to submit this via the TTU Moodle link given in "important deadlines" section of relevant defence period. You'll have to self-enrol yourself in that link. Feedback on the problem statement and research design document should be received within 3-4 weeks via the email account that you defined in TTU Moodle.<br />
<br />
The document should include the following sections and content:<br />
<br />
• The topic of the thesis<br />
<br />
• The name of the author<br />
<br />
• The name of the supervisor<br />
<br />
• Motivation: An overview of the addressed problem is given here. It should be explained why the problem is important and deserves a research study.<br />
<br />
• Research Problem/Hypothesis/Question: It is imperative to write a proper research problem/hypothesis/question statement(s).<br />
<br />
• Scope and Goal: This section defines the goal of the study and describes the main outcomes. It is required to specify the scope, limitations and key assumptions of the study.<br />
<br />
• Literature Review: This section includes the analysis of similar studies in the literature and gives a discussion of the research gap. It is important to link this research gap explanation with the research problem.<br />
<br />
• Novelty: This section justifies the novelty of your study, explains what the main contribution is and what the differences are when compared to similar studies.<br />
<br />
• Research Methods: The research methods that you will apply in your study are given here. The data collection and analysis methods are also covered in this section. It is needed to explain how your research outcome will be validated.<br />
<br />
• References: The resources referenced in the document are listed here. <br />
<br />
This document is evaluated according to the following criteria:<br />
<br />
Whether the author<br />
<br />
• has a well-defined problem statement,<br />
<br />
• successfully presents the significance of the problem,<br />
<br />
• knows the literature and the limits of existing solutions,<br />
<br />
• have thought about possible methods,<br />
<br />
• have thought about how to validate the proposed solution,<br />
<br />
• brings a novelty to the literature.<br />
<br />
You can find detailed information about research methods [https://courses.cs.ttu.ee/pages/Research_Method here.]<br />
<br />
=== Submission to Reviewer ===<br />
Each thesis will be assigned a reviewer or sometimes called opponent. The reviewer must have at least a Master's degree and relevant knowledge or experience in the field of the thesis topic, and they must not have a conflict of interest (such as being members in the same research group). Students and supervisor may recommend reviewer candidates, but the final assignment will be done by the thesis defence committee. <br />
<br />
A reviewer will provide written feedback (typically about two pages) on the thesis. The review should cover the following points:<br />
* short description of the thesis<br />
* strengths and weaknesses of the thesis<br />
* recommended grade (0-5, where 0 is a failing thesis and 5 is an excellent thesis) based on the clarity of the problem and the solution, complexity of the problem, suitability of the chosen solution, proper execution of the solution, and the proper formatting and language use in the thesis.<br />
* at least three questions that can be asked during the defence.<br />
<br />
Based on the student's performance at the defence the reviewer may change the recommended grade.<br />
<br />
The reviewer will receive a copy of the thesis about two-three weeks before the final/hard university deadline for submitting the thesis. The reason for this is that typically reviewers point out the typos and small factual mistakes that can be fixed in short time (about a week). The student will receive the review one week before the final submission deadline and therefore is able to address some of the comments before submitting the final version. The student can also still decide not to submit the thesis this round, but rather work on improving the quality and then submit an improved version in the next defence period.<br />
<br />
=== OIS declaration===<br />
Before a student can proceed to the thesis defence, they have to declare the thesis topic in OIS and get approval from their supervisor. Please pay careful attention to the OIS declaration deadline, as without this you will not be permitted to attend the defence. If you will defend your thesis in Tartu University, then you should do your OIS declaration to their systems according to their deadlines.<br />
<br />
=== Submission of Final Copy===<br />
<br />
Each student will submit the pdf version of the thesis, the relevant thesis metadata and licence information via moodle course page link given in "important deadlines" section of relevant defence period. Please complete the steps 1, 2 and 3 of the thesis submission on this page. <br />
<br />
In addition to submission of above materials via Moodle, one paper copy of your thesis will be collected before defence, which you will get back after defence. The details will be announced one or two weeks before the deadline. <br />
<br />
If you will defend your thesis in Tartu University, then you should submit final copy according to the procedures and deadlines of Tartu University. <br />
<br />
<br />
NB! Do not forget that you need to prepare a '''15 min presentation for your defence'''. This should really not be left to the evening before the defence!<br />
<br />
=== The defence procedure ===<br />
On the day of defence, students will present their theses according to the announced schedule. Generally, the results will be announced at the end of the day.<br />
<br />
The defence procedure for each student consists of the following steps:<br />
* the committee Chairman announces the name of the student, the topic of the thesis, and the names of the supervisor(s) and reviewer.<br />
* the student presents his or her thesis in 15 minutes.<br />
* the student answers the reviewer's questions and the reviewer recommends a grade. This recommendation may differ from the preliminary recommendation, based on how successful the defence was.<br />
* the student answers questions from the committee. <br />
* the student answers questions from the audience.<br />
* the supervisor gives his or her opinion of the thesis and recommends a grade.<br />
<br />
NB! The recommended grades by the reviewer and the supervisor are not binding to the committee, who makes the final decision.<br />
<br />
* After the thesis defence, please visit the Dean's Office for more information about final formalities.<br />
* [http://lab.cs.ttu.ee/theses Upload your thesis if you would like to have it public]<br />
<br />
== Formal Requirements and recommendations ==<br />
<br />
Until further notice, please use the formatting guide from the School of Information Technologies (link to the guide is given [https://www.taltech.ee/en/thesis-and-graduation-it#p43359 here]). Please note that you will have to change the title page as of 01.01.2017:<br />
* write "School of Information Technology" instead of "Faculty of Information Technology"<br />
* write "Department of Software Science" instead of "Department of Computer Engineering".<br />
<br />
The thesis code for IVCM is ITC70LT.<br />
<br />
The following advices can be considered for a master thesis<br />
* a title page, an author declaration, an annotation in English and Estonian, a list of contents, and references are required in the thesis<br />
* 50-80 pages + appendices if needed<br />
* Times New Roman (or similar), font size 12, 1.5 spacing used for the ordinary text<br />
* Headings are numbered and no more than 3 levels used<br />
* Don't forget page numbers<br />
<br />
== Topic and supervisor ==<br />
Every student must have a supervisor when writing the thesis. The supervisor's role is to provide guidance on topic selection and research methods, as well as to give feedback on your work. It is not the supervisor's duty to correct spelling mistakes or formatting errors - they may point such things out, but the responsibility remains with you. Before a thesis will be accepted for defence, the supervisor has to agree that it is of sufficient quality.<br />
<br />
Almost any professor and lecturer you have met in your curriculum can act as an supervisor of your thesis. Some of them have some open problems suitable for doing research and writing a thesis, but many may not have a topic to offer right away. It is usually more helpful to have an initial idea of a topic of your thesis and ask someone with interests in the related field to advise you. You can have a supervisor not related to the university, but he can act only as a co-supervisor and you need to agree to somebody related to the curricula or the [http://www.ttu.ee/faculty-of-information-technology/faculty-of-information-technology-1/about-faculty-2/departments/department-of-computer-science-2/ leading institute] of the curriculum to be an official co-supervisor. All (co-)supervisors must have at least a Master's degree.<br />
<br />
When refining a topic idea, make sure it has a clear connection with cyber security.<br />
<br />
NB!<br />
Theses supervised by supervisors from the University of Tartu (UT) have to be defended in UT. Exceptions are possible, but need do be approved by the program manager.<br />
<br />
If you will defend your thesis in UT, then you should do your thesis declaration according to the procedures and deadlines of UT. Thesis related guidelines and regulations are available at: https://www.cs.ut.ee/en/studying/guidelines-regulations In case of any questions contact UT Institute of Computer Science Academic Affairs Specialist Maarja Kungla (maarja.kungla@ut.ee).<br />
<br />
== Potential supervisors & proposed topics ==<br />
<br />
The topics below are offered by potential (co-)supervisors (in alphabetical order). The list is updated as new offers emerge.<br />
<br />
==== From Hayretdin Bahsi, Tallinn University of Technology, hayretdin.bahsi@taltech.ee ====<br />
<br />
I am interested in various topics which can be categorized as technical and organizational. If you already have specific topics in your mind, we can discuss them and decide to work together. <br />
<br />
Technical Topics<br />
<br />
* Application of machine learning and data mining methods to the following cyber security problems: Malware detection, botnet identification, code security review, intrusion detection in cyber-physical systems, IoT network or robotic systems <br />
* Cyber security of IoT, cyber-physical systems: Development of a security testbed, threat modelling, honeypots, intrusion detection systems<br />
* Digital Forensics: Forensics issues in cyber-physical systems, IoT networks or robotics systems, mobile forensics, blockchain forensics<br />
<br />
<br />
Organizational Topics<br />
<br />
* Security operation center (SOC) models<br />
* Case studies for the improvement of SOC processes such as threat monitoring, incident handling, vulnerability management or situational awareness<br />
<br />
==== From Aivo Kalu, Cybernetica AS ====<br />
<br />
1. Comparison of identity/authentication/signing APIs from security and architecture viewpoint<br />
<br />
This might be suitable for student, who is more interested about software developing/architecture aspects, but still related to security as well. In short, there are many competing API-s in the Baltic/Nordic region, which are used in practice, to request the authentication or signatures. For example: <br />
<br />
* https://github.com/SK-EID/smart-id-documentation/blob/master/README.md<br />
* https://github.com/SK-EID/MID<br />
* https://developers.dokobit.com<br />
* https://developer.signicat.com/apis/sign-api/sign-api-v1/<br />
* https://github.com/open-eid/SiGa/wiki/Hashcode-API-description<br />
<br />
and also, there are the “canonical” or “standard" ones like OIDC and SAML and DSS (http://docs.oasis-open.org/dss/v1.0/oasis-dss-core-spec-v1.0-os.html). Which one is good? Which one has the best properties from software point of view or security point of view? Which one to use for future integrations? How do we even compare them?<br />
<br />
2. Apply Smart-ID authentication and digital signatures (or underlying SplitKey technology) in novel bitcoin/blockchain/SSI/DID use cases.<br />
<br />
For example, last year, there was the master thesis https://www.semanticscholar.org/paper/Aleksandr-Ts%C3%B5ganov-Integrating-User-Identity-with-Ts%C3%B5ganov-Pintado/30c653214f5a30ed46343058039d4b53a8d326f9?utm_source=email. <br />
<br />
If there’s some additional ideas, about where to apply the Smart-ID authentication services or perhaps to do more deeper integration with the SplitKey technology, we could discuss and see, if some interesting project might come out of this. <br />
<br />
3. Compare the attack model of the FIDO with the attack model of Smart-ID. <br />
<br />
The current Smart-ID authentication API (https://github.com/SK-EID/smart-id-documentation/blob/master/README.md) specifies how the anonymous session with the web-site becomes the authenticated session. Compare the security properties of this authentication flow with https://www.w3.org/TR/webauthn-2/ and https://fidoalliance.org/specs/fido-v2.0-id-20180227/fido-security-ref-v2.0-id-20180227.html<br />
<br />
4. Compare the properties of Smart-ID with framework by Bonneau et al.<br />
<br />
Take the https://www.cl.cam.ac.uk/~fms27/papers/2012-BonneauHerOorSta-password--oakland.pdf and the properties described there and analyse, which ones are satisfied by Smart-ID, which ones are not satisfied, which ones are already pointless in the year 2020. Compare with http://fc16.ifca.ai/preproceedings/25_Lang.pdf, which does the same kind exercise for FIDO in the section 6.1.<br />
<br />
==== From Jüri Kivimaa, Tallinn University of Technology ====<br />
* IT security economics<br />
* security cost optimization<br />
<br />
==== From Toomas Lepik, Tallinn University of Technology ====<br />
<br />
toomas.lepik@taltech.ee<br />
<br />
General areas:<br />
<br />
* Network Forensic (related data analysis)<br />
* Reverse engineering (including malware analysis)<br />
* SCADA security <br />
* Incident Handling.<br />
<br />
[https://courses.cs.ttu.ee/pages/Thesis/tl/ A bit more specific research ideas ]<br />
<br />
==== From Adrian Venables, Tallinn University of Technology ====<br />
<br />
* Cyber security aspects of Information Warfare<br />
* Information Advantage doctrine development<br />
* Influence Operations<br />
<br />
Note: a background in International Relations, Political Science or Strategic Studies is required<br />
<br />
==== From Sten Mäses, Tallinn University of Technology ====<br />
<br />
* Creating educational hands-on virtual labs in rangeforce.com platform<br />
<br />
<br />
==== From Birgy Lorenz, Tallinn University of Technology ====<br />
birgy.lorenz@ttu.ee<br />
<br />
* human factors in cybersecurity<br />
* cyber awareness and training (kindergarten, schools, laypersons)<br />
* cybersecurity young talents skills and its development and testing<br />
* women in cybersecurity<br />
<br />
==== From [https://maennel.net Olaf Maennel], Tallinn University of Technology, olaf.maennel@ttu.ee ====<br />
<br />
* Network security & network measurements (active & passive)<br />
* WAN-routing & security (IPv6, BGP/BGPsec,...)<br />
<br />
==== From Andrew Roberts, Tallinn University of Technology ====<br />
Topics: <br />
1. Evaluation of Methods for Threat and Risk Assessment of Autonomous Self-Driving Vehicles<br />
2. Design and Development of a cyber range for Autonomous self-driving vehicles <br />
Contribution: <br />
<br />
Topic 1: The outcome of this work will form part of TUT contribution to standards and methods research within the International Alliance for Mobility Testing and Standardisation (IAMTS). <br />
<br />
Topic 2: The developed cyber range will be integrated into the EU ECHO-Federated Cyber Range.<br />
<br />
==== From Anna-Maria Osula, Tallinn University of Technology ====<br />
<br />
* legal aspects of cyber security <br />
* international law<br />
<br />
==== From Rain Ottis, Tallinn University of Technology ====<br />
<br />
* national cyber security<br />
* serious games in cyber security/cyber security exercises<br />
<br />
==== From Mauno Pihelgas ==== <br />
* system monitoring<br />
* network monitoring<br />
* IDS/IPS systems<br />
* insider threat detection<br />
<br />
==== From Jaan Priisalu, Tallinn University of Technology ====<br />
<br />
* TBD<br />
<br />
==== From Tiia Sõmer, Tallinn University of Technology ==== <br />
<br />
Currently no topics on offer.<br />
<br />
==== From Kaie Maennel, Tallinn University of Technology ====<br />
(kaie.maennel@ttu.ee)<br />
<br />
- cyber awareness and hygiene<br />
<br />
- cyber security learning and teaching (e.g., serious games, cyber defense exercises, etc.)<br />
<br />
- learning analytics in cyber security training context<br />
<br />
- human factors in cyber security<br />
<br />
- cybersecurity risk assessment and management<br />
<br />
- IT and cybersecurity audits<br />
<br />
==== From Stefan Sütterlin, Tallinn University of Technology & Østfold University College ====<br />
(stefan.sutterlin@hiof.no)<br />
<br />
- cognitive science and performance in cyber defence<br />
<br />
- human factors in cyber security<br />
<br />
- cyberpsychology<br />
<br />
- decision-making<br />
<br />
- cognitive biases <br />
<br />
- cybersecurity awareness<br />
<br />
==== From Eneken Tikk, Tallinn University of Technology ====<br />
* Technical and organizational implementation of the GDPR <br />
* Monetization of personal data <br />
* Economics of cybersecurity (the cost of implementation relative to the anticipated and evidenced gains) <br />
* Cyber insurance<br />
* Non-military strategies for national and international cybersecurity<br />
* Legal aspects of cybersecurity<br />
<br />
==== From Risto Vaarandi, Tallinn University of Technology ====<br />
<br />
Here are potential areas for selecting a thesis topic:<br />
<br />
* event log collection<br />
* event log analysis<br />
* event correlation<br />
* network monitoring<br />
* intrusion detection<br />
* any area that is connected to security monitoring<br />
* various other system security engineering topics (for example, system hardening or firewalling)<br />
<br />
When applying for supervision, preference is given to students who have either passed the Cyber Defense Monitoring Solutions course with grade 4 or 5, or have previous engineering experience in the research area (for example, writing a thesis on network intrusion detection requires previous experience with network IDS systems). Before applying, make sure you have selected at least one initial thesis topic suggestion with a background research about its validity.<br />
<br />
==== From Shaymaa Khalil, TalTech ====<br />
<br />
Interested in (but not limited to) topics related to:<br />
<br />
Industrial control systems: threat modeling, security, threat detection, testbeds, and education programs<br />
<br />
Digital Forensics topics, especially topics related to Industrial control systems, Windows OS and Digital Forensics tools benchmarking<br />
<br />
==== From Gabor Visky, NATO CCDCOE / TalTech ====<br />
<br />
Gabor Visky <gabor.visky@ccdcoe.org><br />
<br />
* Network traffic analysis in the maritime cyber-lab<br />
<br />
==== From Matthew Sorell, Tallinn University of Technology / Adelaide University Australia ====<br />
<br />
Matthew James Sorell <matthew.sorell@taltech.ee> <br />
<br />
1. A risk-based decision approach for handling digital devices at a crime scene.<br />
<br />
It is common for electronic devices such as mobile phones to be discovered at a crime scene, but the means for securing the device is becoming increasingly complex. In spite of this, evidence handling procedures are often static and increasingly out of date, leading to the loss of critical evidence in serious crime.<br />
<br />
The phone may be remotely wiped; picking it up may activate motion sensors; and in some cases (such as missing persons) the urgency of the evidence needs to be weighed against securing forensic evidence for investigation and prosecution. <br />
<br />
In this research, we consider the development of a risk-based approach to advising crime scene investigators to handle digital devices in the least-worst way.<br />
<br />
<br />
<br />
2. Feasible route mapping<br />
<br />
When examining timestamped geolocation data, it is often useful to determine feasible routes which could be taken from one location to another. <br />
<br />
Google Maps, for example, provides directions and sometimes provides a small number of alternatives. For criminal investigation, a heatmap of feasible routes would support investigators with a means to rapidly evaluate the context of movement in and around a crime. <br />
<br />
In this project, we propose to use the Google Maps Platform (https://developers.google.com/maps/gmp-get-started) to build, through statistical sampling, a heatmap of feasible routes subject to time and modes-of-transportation constraints.<br />
<br />
==== From the TalTech IT office ====<br />
Infrastructure<br />
* Migrating TUT Campus LAN to IPv6; Edgars Zigurs<br />
* Implementing a freeware SIEM solution in TUT; Edgars Zigurs<br />
* Campus WiFi quality and signal strength modeling (3D); Edgars Zigurs<br />
<br />
Development<br />
* electronic door signs, room calendars, etc.; Thomas Lepik<br />
* VoIP solutions - softphone, integration with existing information systems; Thomas Lepik<br />
* integrating last generation BMS (Building Management System); Thomas Lepik<br />
* the student view of OIS (usability, security, re-design); Enn Rebane<br />
<br />
==== From the Tartu University thesis topic registry ====<br />
NB! Theses supervised by supervisors from the University of Tartu (UT) have to be defended in UT. Exceptions are possible, but need do be approved by the program manager. If you will defend your thesis in UT, then you should do your thesis declaration according to the procedures and deadlines of UT. Thesis related guidelines and regulations are available at: https://www.cs.ut.ee/en/studying/guidelines-regulations<br />
In case of any questions contact UT Institute of Computer Science Academic Affairs Specialist Maarja Kungla (maarja.kungla@ut.ee).<br />
<br />
- Arnis Paršovs, University of Tartu, arnis@ut.ee<br />
* eID<br />
* PKI<br />
* TLS<br />
* Smart cards<br />
<br />
A full list of thesis topics offered by the [https://acs.cs.ut.ee/ Applied Cyber Security Group (UT)] is available in the [https://comserv.cs.ut.ee/ati_thesis_offers/index.php?year=all&keywords=acs thesis topics database].<br />
<br />
Students can also get access to various [https://acs.cs.ut.ee/hardware/ hardware] that can be used for research experiments.<br />
<br />
- Dominique Unruh, University of Tartu, <dominique.unruh@ut.ee> <br />
<br />
- Vitaly Skachek, University of Tartu, <vitaly.skachek@ut.ee><br />
<br />
- Meelis Roos, University of Tartu, <meelis.roos@ut.ee><br />
<br />
- Mubashar Iqbal, University of Tartu, <mubashar.iqbal@ut.ee><br />
<br />
- Abasi-Amefon Obot Affia, University of Tartu, <amefon.affia@ut.ee><br />
<br />
- Mari Seeba, University of Tartu, <mari.seeba@ut.ee><br />
<br />
- Sabah Suhail, University of Tartu,<br />
<br />
- Raimundas Matulevicius, University of Tartu, <raimundas.matulevicius@ut.ee><br />
<br />
<br />
Some topics are provided at <https://infosec.cs.ut.ee/Main/ThesisTopics><br />
<br />
For other topics, students can contact directly the supervisors and course lecturers.<br />
<br />
==== From Estonian Police ====<br />
* Vaatlustarkvarade EnCase ja Autopsy võrdlus (selgituseks, et Autopsy on EnCase analoog, kuid tasuta. Vajalik oleks täpne analüüs, et mida Autopsy võimaldab ja mida mitte võrreldes EnCase ja/või FTKga).<br />
<br />
* Erinevate suhtlustarkvarade (WhatsApp, Viber, FB Messenger, Skype jt) jäljed mobiiltelefonides ja nende analüüsimine (selgituseks, et üldjuhul loovad suhtlustarkvarad mingi andmebaasi vestlustega ka telefoni, kas see on krüpteeritud või mitte? Osad vestlused XRY tuvastab, aga millistel juhtudel? Millised võimalused oleks neid faile nö käsitsi uurida?).<br />
<br />
* Tõendiahela kirjeldamine elektrooniliste tõendite fikseerimisel (chain of custody)/Elektroonilise sisu erikohtlemine asitõendi vaatlusel/Digitaaltõendite vaatluse kord – erinevate riikid analüüs ja võrdlus.<br />
<br />
* P2P võrkudes lastest ebasündsate piltide levitajate tuvastamine/P2P võrkudes illegaalse internetisisu levitajate tuvastamine.<br />
<br />
* Koolituskava väljatöötamine uurijale/menetlejale, kes puutub kokku digitaalsete tõenditega- erinevate riikide praktika võrdlus.<br />
<br />
* Ask Rain Ottis for a POC on these topics.<br />
<br />
== Useful links ==<br />
[https://drive.google.com/file/d/0B7yq33Gize8ydEh5X0NxeWtZc3c/edit ITX8040 Thesis advice slides]<br />
<br />
[https://www.taltech.ee/en/thesis-and-graduation-it#p43359 Format requirements of a thesis and MS-Word Template (TalTech)]<br />
<br />
[https://gitlab.cs.ttu.ee/templates/phd-thesis LATEX template for master thesis (TalTech) (accessible by UNI-ID)]<br />
<br />
[http://www.lib.ttu.ee/dbs/abaasid.asp Databases, books, research papers accessible from the TTU network]<br />
<br />
[https://courses.cs.ttu.ee/pages/Research_Method An Overview of Research Methods]<br />
<br />
[https://courses.cs.ttu.ee/pages/Defended_thesis_cyber Previously Defended Theses]</div>Kristihttp://courses.cs.taltech.ee/w/index.php?title=Cyber_security_research_excellence_course&diff=7903Cyber security research excellence course2018-12-17T10:40:12Z<p>Kristi: /* In 2019 */</p>
<hr />
<div>=Introduction=<br />
<br />
==Objective==<br />
<br />
The objective of the Cyber Security Research Excellence Course is to strengthen Estonia's position on international cyber security research excellence. The main purpose is to give our cyber security students a unique experience in academic research, working on industry-related projects, academic writing, and presenting the work to an international audience. This builds the basis for establishing long-term collaborations on an international level. The starting point for this will be working on some concrete projects in cyber security that build the basis for a MSc thesis, an academic career or industry collaboration.<br />
<br />
==Outcome==<br />
<br />
The students will write a paper to be published at a conference or in a journal on original research done over the year. They will gain experience in conducting research and academic writing, build international long-term collaborations with students and supervisors at TalTech University as well as the partner universities.<br />
<br />
==Partners==<br />
<br />
This course will take place in collaboration between three universities:<br />
* '''TalTech University''' (Estonia) [https://en.wikipedia.org/wiki/Tallinn_University_of_Technology]<br />
* '''University of Adelaide''' (Australia) [https://en.wikipedia.org/wiki/University_of_Adelaide]<br />
* '''University of Applied Sciences Ravensburg-Weingarten''' (Germany) [https://en.wikipedia.org/wiki/University_of_Applied_Sciences_Ravensburg-Weingarten]<br />
<br />
<br />
We cooperate with the following industry partners:<br />
* '''Tallink''' - the largest passenger and cargo shipping company in the Baltic Sea region [https://en.wikipedia.org/wiki/Tallink]<br />
* '''Avira Operations GmbH & Co.''' - Avira is German antivirus company offering security solutions against malware, viruses and spyware [https://en.wikipedia.org/wiki/Avira]<br />
<br />
=Organisation=<br />
<br />
==Timeline==<br />
<br />
It is expected from the students that they will actively "drive" the course, set their own milestones and be responsible for their progress. Throughout the course the students will be constantly mentored on a one-to-one basis. Furthermore, the students can get help from mentors participating in this collaboration, which currently includes academics working at the University of Adelaide, TalTech University and University of Applied Sciences Ravensburg-Weingarten.<br />
<br />
* '''October 2018''' Getting acquainted with the course<br />
* '''November - December 2018''' Signing up for the course, selecting the topic area, starting a literature review<br />
* '''January 2019''' Option to participate at Research Bootcamp at the University of Adelaide. Over the two weeks, you will be working closely together with mentors and you should find other participants interested in your research, ideally working in related areas, willing to support you over the year. Obviously, you should be willing to support them as well. Participation at the Research Bootcamp is not mandatory but a wonderful opportunity and we highly recommend. <br />
* '''February - May 2019''' Regular meetings with the supervisors. During the spring, the students will meet with the supervisors regularly and discusses progress and questions arising from the work. This also includes discussions on topics such as 'how to conduct a literature review', 'research methodology', 'how to select a conference or journal', etc. Also submitting a 1,000 word research abstract and initial findings to the ICR2019: 5th Interdisciplinary Cyber Research workshop. Submission of abstract is mandatory<br />
* '''June 2019''' Attend at ICR2019 and present (if accepted) ongoing research at the workshop<br />
* '''July 2019''' Option to participate at the Cyber Security Summer School C3S2019 “Blockchain and Quantum Cryptography” <br />
* '''Autumn 2019''' In the second half of the year we will more focus on analysing data, writing-up a paper using latex, etc<br />
* '''October 2019''' Poster presenting research methodology, and results<br />
* '''January 2020''' Research paper draft ready to submit to journal or conference<br />
<br />
<br />
Please note that semester at University of Tartu will not affect the eligibility for taking this course.<br />
<br />
==Research topics==<br />
<br />
Students are welcome to propose their own topics, or work with a supervisor on a per-defined topic. An initial list of per-defined projects include (list will be expanded over time):<br />
<br />
* '''Application of Machine Learning to the Cyber Security Problems''' <br />
In this project, the student(s) will apply machine learning algorithms to solve a cyber security problem which is mainly detecting a cyber attack in the selected network environment. There exist various publicly available datasets that include legitimate and attack records obtained from enterprise networks, SCADA systems, IoT networks, mobile systems. The student will select a problem domain (such as internal threat, IoT botnet, mobile malware, SCADA attacks) and create machine learning classifiers that discriminate attack records from legitimate ones with high accuracy detection rates. <br />
<br />
* '''Establishing an IoT Security Test Setup''' <br />
In this project, the student(s) will establish a test setup that resembles a realistic IoT network. The main goal is to launch the cyber attacks in the environment where the normal traffic is also simulated and create a dataset that can be used by the other researchers. This test setup can be also utilized in an attack-defence type of course and may enable us to deal with some research problems about cyber security exercises/games. <br />
<br />
* '''Establishing a SCADA Security Test Setup''' <br />
In this topic, the student(s) will create a test setup that includes physical/virtual components of SCADA networks. The main goal is to launch the cyber attacks in the environment where the normal traffic is also simulated and create a dataset that can be used by the other researchers. This test setup can be also utilized in an attack-defence type of course. The further study can be conducted for understanding how to create a totally virtual system that can be easily replicated for cyber security exercises. One other interesting question could be the comparison of the degree of fidelity provided by the physically established system and totally virtual one.<br />
<br />
* '''Conducting a Study in the Area of Cyber Doctrine Development'''<br />
On 14 June 2016 the defence ministers of NATO countries agreed to recognise cyberspace as a domain of warfare at that year’s Warsaw Summit. However, although now regarded as equal to operations on land, sea, air and space, cyber doctrine is still immature and developing. The production of coherent strategy is further hindered by a lack of alignment in a definition of cyberspace. In this topic, the student(s) will have an opportunity to study in this area. <br />
<br />
* '''Maritime Cyber Security''' <br />
In collaboration with Tallink we offer several projects on cyber security aspects of smart bridges or smart passenger desks. This project builds knowledge in secure system design, and penetration testing, risk analysis.<br />
<br />
* '''Projects in collaboration with Avira Operations''' <br />
Please find the complete list of project proposals here: [[Media:Avira-project-proposals.pdf|PDF]]<br />
<br />
==ECTS==<br />
<br />
The course is running through all 2019 and valued at 15 ECTS (6 ECTS for spring semester 2019, 6 ECTS for autumn semester 2019, 3 ECTS C3S Summer School).<br />
<br />
=Participants=<br />
<br />
==Target group==<br />
<br />
The course is targeted at Cyber Security MSc students, who have a strong interest in pursuing an academic career, conducting research, and publishing papers. Furthermore, we encourage MSc students to participate in this course in order to understand the more academic perspective early on and then join our PhD program and thereby strengthens Estonia's Cyber Security research.<br />
<br />
==Important dates and events==<br />
<br />
Please keep track of the following dates and deadlines:<br />
<br />
===In 2018===<br />
<br />
* Cyber Security Student Briefing on '''5 November 2018''' at 15:00 - 17:00. Venue: '''Auditorium U01-202 TalTech University main building''' (Ehitajate tee 5). Official launch of the course, briefing, possible to meet organisers and mentors, Q&A. Find the agenda: [https://www.ttu.ee/institutes/centre-for-digital-forensics-cyber-security/news-16/ HERE] [[Media:2018-11-05_student_brief.pdf | Slides from 5th of Nov student brief]]<br />
* Sign up for the course by '''6 November 2018''' at 23:59. <br />
* Course eligibility will be determined based on interviews on '''7 November 2018''' For signing up for the course, please book an interview time: [https://doodle.com/poll/qyy7nskhxnp67xwu HERE] Interviews will take place in '''TalTech University ICT building''' (Akadeemia tee 15a) room '''ICT-420'''.<br />
* Option to participate at Cybersecurity University Industry Networking (CUIN) at Startup Week TLN on '''21 November 2018''' at 14:00 - 17:00. Venue: '''TalTech Mektory''' (Raja 15). CUIN is a cyber security industry and university networking event which will bring young researchers and practicing experts in the cyber domain closer to stimulate research and development collaboration between the University and Industry. More information about the event, agenda and registration [https://www.facebook.com/events/247219845956105/ HERE]<br />
<br />
''The list to be updated''<br />
<br />
===In 2019===<br />
* [https://wiki.maennel.net/index.php?title=Main_Page Adelaide Research Bootcamp 2019] '''14 - 25 January 2019''' (optional)<br />
* Abstract submission deadline for ICR2019 '''15 April 2019''' (mandatory)<br />
* Notification if accepted for presenting at ICR2019 '''6 May 2019'''<br />
* ICR2019: 5th Interdisciplinary Cyber Research workshop '''29 June 2019''' at TalTech. More information about the event: [https://taltech.ee/institutes/centre-for-digital-forensics-cyber-security/studies-30/interdisciplinary-cyber-research-icr-workshop/icr2019-3/ HERE] <br />
* Cyber Security Summer School C3S2019 “Blockchain and Quantum Cryptography” '''1 - 5 July 2019''' at University of Tartu (optional)<br />
<br />
''The list to be updated''<br />
<br />
=Administrative matters=<br />
<br />
==Contacts==<br />
<br />
* Kristi Ainen kristi.ainen[at]taltech.ee Project Manager at TalTech University, Administrative Support<br />
<br />
* Prof. Dr Olaf Maennel olaf.maenne[at]taltech.ee Professor of Cyber Security at TalTech University, Scientific Lead<br />
<br />
* Dr Matthew Sorell, University of Adelaide, Representing partner university, and Adjunct Professor in Digital Forensics at TalTech University<br />
<br />
* Prof. Dr Tobias Eggendorfer, University of Applied Sciences Ravensburg-Weingarten, Representing partner university</div>Kristihttp://courses.cs.taltech.ee/w/index.php?title=Cyber_security_research_excellence_course&diff=7809Cyber security research excellence course2018-11-29T10:17:43Z<p>Kristi: /* Timeline */</p>
<hr />
<div>=Introduction=<br />
<br />
==Objective==<br />
<br />
The objective of the Cyber Security Research Excellence Course is to strengthen Estonia's position on international cyber security research excellence. The main purpose is to give our cyber security students a unique experience in academic research, working on industry-related projects, academic writing, and presenting the work to an international audience. This builds the basis for establishing long-term collaborations on an international level. The starting point for this will be working on some concrete projects in cyber security that build the basis for a MSc thesis, an academic career or industry collaboration.<br />
<br />
==Outcome==<br />
<br />
The students will write a paper to be published at a conference or in a journal on original research done over the year. They will gain experience in conducting research and academic writing, build international long-term collaborations with students and supervisors at TalTech University as well as the partner universities.<br />
<br />
==Partners==<br />
<br />
This course will take place in collaboration between three universities:<br />
* '''TalTech University''' (Estonia) [https://en.wikipedia.org/wiki/Tallinn_University_of_Technology]<br />
* '''University of Adelaide''' (Australia) [https://en.wikipedia.org/wiki/University_of_Adelaide]<br />
* '''University of Applied Sciences Ravensburg-Weingarten''' (Germany) [https://en.wikipedia.org/wiki/University_of_Applied_Sciences_Ravensburg-Weingarten]<br />
<br />
<br />
We cooperate with the following industry partners:<br />
* '''Tallink''' - the largest passenger and cargo shipping company in the Baltic Sea region [https://en.wikipedia.org/wiki/Tallink]<br />
* '''Avira Operations GmbH & Co.''' - Avira is German antivirus company offering security solutions against malware, viruses and spyware [https://en.wikipedia.org/wiki/Avira]<br />
<br />
=Organisation=<br />
<br />
==Timeline==<br />
<br />
It is expected from the students that they will actively "drive" the course, set their own milestones and be responsible for their progress. Throughout the course the students will be constantly mentored on a one-to-one basis. Furthermore, the students can get help from mentors participating in this collaboration, which currently includes academics working at the University of Adelaide, TalTech University and University of Applied Sciences Ravensburg-Weingarten.<br />
<br />
* '''October 2018''' Getting acquainted with the course<br />
* '''November - December 2018''' Signing up for the course, selecting the topic area, starting a literature review<br />
* '''January 2019''' Option to participate at Research Bootcamp at the University of Adelaide. Over the two weeks, you will be working closely together with mentors and you should find other participants interested in your research, ideally working in related areas, willing to support you over the year. Obviously, you should be willing to support them as well. Participation at the Research Bootcamp is not mandatory but a wonderful opportunity and we highly recommend. <br />
* '''February - May 2019''' Regular meetings with the supervisors. During the spring, the students will meet with the supervisors regularly and discusses progress and questions arising from the work. This also includes discussions on topics such as 'how to conduct a literature review', 'research methodology', 'how to select a conference or journal', etc. Also submitting a 1,000 word research abstract and initial findings to the ICR2019: 5th Interdisciplinary Cyber Research workshop. Submission of abstract is mandatory<br />
* '''June 2019''' Attend at ICR2019 and present (if accepted) ongoing research at the workshop<br />
* '''July 2019''' Option to participate at the Cyber Security Summer School C3S2019 “Blockchain and Quantum Cryptography” <br />
* '''Autumn 2019''' In the second half of the year we will more focus on analysing data, writing-up a paper using latex, etc<br />
* '''October 2019''' Poster presenting research methodology, and results<br />
* '''January 2020''' Research paper draft ready to submit to journal or conference<br />
<br />
<br />
Please note that semester at University of Tartu will not affect the eligibility for taking this course.<br />
<br />
==Research topics==<br />
<br />
Students are welcome to propose their own topics, or work with a supervisor on a per-defined topic. An initial list of per-defined projects include (list will be expanded over time):<br />
<br />
* '''Application of Machine Learning to the Cyber Security Problems''' <br />
In this project, the student(s) will apply machine learning algorithms to solve a cyber security problem which is mainly detecting a cyber attack in the selected network environment. There exist various publicly available datasets that include legitimate and attack records obtained from enterprise networks, SCADA systems, IoT networks, mobile systems. The student will select a problem domain (such as internal threat, IoT botnet, mobile malware, SCADA attacks) and create machine learning classifiers that discriminate attack records from legitimate ones with high accuracy detection rates. <br />
<br />
* '''Establishing an IoT Security Test Setup''' <br />
In this project, the student(s) will establish a test setup that resembles a realistic IoT network. The main goal is to launch the cyber attacks in the environment where the normal traffic is also simulated and create a dataset that can be used by the other researchers. This test setup can be also utilized in an attack-defence type of course and may enable us to deal with some research problems about cyber security exercises/games. <br />
<br />
* '''Establishing a SCADA Security Test Setup''' <br />
In this topic, the student(s) will create a test setup that includes physical/virtual components of SCADA networks. The main goal is to launch the cyber attacks in the environment where the normal traffic is also simulated and create a dataset that can be used by the other researchers. This test setup can be also utilized in an attack-defence type of course. The further study can be conducted for understanding how to create a totally virtual system that can be easily replicated for cyber security exercises. One other interesting question could be the comparison of the degree of fidelity provided by the physically established system and totally virtual one.<br />
<br />
* '''Conducting a Study in the Area of Cyber Doctrine Development'''<br />
On 14 June 2016 the defence ministers of NATO countries agreed to recognise cyberspace as a domain of warfare at that year’s Warsaw Summit. However, although now regarded as equal to operations on land, sea, air and space, cyber doctrine is still immature and developing. The production of coherent strategy is further hindered by a lack of alignment in a definition of cyberspace. In this topic, the student(s) will have an opportunity to study in this area. <br />
<br />
* '''Maritime Cyber Security''' <br />
In collaboration with Tallink we offer several projects on cyber security aspects of smart bridges or smart passenger desks. This project builds knowledge in secure system design, and penetration testing, risk analysis.<br />
<br />
* '''Projects in collaboration with Avira Operations''' <br />
Please find the complete list of project proposals here: [[Media:Avira-project-proposals.pdf|PDF]]<br />
<br />
==ECTS==<br />
<br />
The course is running through all 2019 and valued at 15 ECTS (6 ECTS for spring semester 2019, 6 ECTS for autumn semester 2019, 3 ECTS C3S Summer School).<br />
<br />
=Participants=<br />
<br />
==Target group==<br />
<br />
The course is targeted at Cyber Security MSc students, who have a strong interest in pursuing an academic career, conducting research, and publishing papers. Furthermore, we encourage MSc students to participate in this course in order to understand the more academic perspective early on and then join our PhD program and thereby strengthens Estonia's Cyber Security research.<br />
<br />
==Important dates and events==<br />
<br />
Please keep track of the following dates and deadlines:<br />
<br />
===In 2018===<br />
<br />
* Cyber Security Student Briefing on '''5 November 2018''' at 15:00 - 17:00. Venue: '''Auditorium U01-202 TalTech University main building''' (Ehitajate tee 5). Official launch of the course, briefing, possible to meet organisers and mentors, Q&A. Find the agenda: [https://www.ttu.ee/institutes/centre-for-digital-forensics-cyber-security/news-16/ HERE] [[Media:2018-11-05_student_brief.pdf | Slides from 5th of Nov student brief]]<br />
* Sign up for the course by '''6 November 2018''' at 23:59. <br />
* Course eligibility will be determined based on interviews on '''7 November 2018''' For signing up for the course, please book an interview time: [https://doodle.com/poll/qyy7nskhxnp67xwu HERE] Interviews will take place in '''TalTech University ICT building''' (Akadeemia tee 15a) room '''ICT-420'''.<br />
* Option to participate at Cybersecurity University Industry Networking (CUIN) at Startup Week TLN on '''21 November 2018''' at 14:00 - 17:00. Venue: '''TalTech Mektory''' (Raja 15). CUIN is a cyber security industry and university networking event which will bring young researchers and practicing experts in the cyber domain closer to stimulate research and development collaboration between the University and Industry. More information about the event, agenda and registration [https://www.facebook.com/events/247219845956105/ HERE]<br />
<br />
''The list to be updated''<br />
<br />
===In 2019===<br />
* [[Adelaide Research Bootcamp 2019]] '''14 - 25 January 2019''' (optional)<br />
* Abstract submission deadline for ICR2019 '''15 April 2019''' (mandatory)<br />
* Notification if accepted for presenting at ICR2019 '''6 May 2019'''<br />
* ICR2019: 5th Interdisciplinary Cyber Research workshop '''29 June 2019''' at TalTech. More information about the event: [https://taltech.ee/institutes/centre-for-digital-forensics-cyber-security/studies-30/interdisciplinary-cyber-research-icr-workshop/icr2019-3/ HERE] <br />
* Cyber Security Summer School C3S2019 “Blockchain and Quantum Cryptography” '''1 - 5 July 2019''' at University of Tartu (optional)<br />
<br />
''The list to be updated''<br />
<br />
=Administrative matters=<br />
<br />
==Contacts==<br />
<br />
* Kristi Ainen kristi.ainen[at]taltech.ee Project Manager at TalTech University, Administrative Support<br />
<br />
* Prof. Dr Olaf Maennel olaf.maenne[at]taltech.ee Professor of Cyber Security at TalTech University, Scientific Lead<br />
<br />
* Dr Matthew Sorell, University of Adelaide, Representing partner university, and Adjunct Professor in Digital Forensics at TalTech University<br />
<br />
* Prof. Dr Tobias Eggendorfer, University of Applied Sciences Ravensburg-Weingarten, Representing partner university</div>Kristihttp://courses.cs.taltech.ee/w/index.php?title=Cyber_security_research_excellence_course&diff=7805Cyber security research excellence course2018-11-28T13:07:21Z<p>Kristi: /* In 2018 */</p>
<hr />
<div>=Introduction=<br />
<br />
==Objective==<br />
<br />
The objective of the Cyber Security Research Excellence Course is to strengthen Estonia's position on international cyber security research excellence. The main purpose is to give our cyber security students a unique experience in academic research, working on industry-related projects, academic writing, and presenting the work to an international audience. This builds the basis for establishing long-term collaborations on an international level. The starting point for this will be working on some concrete projects in cyber security that build the basis for a MSc thesis, an academic career or industry collaboration.<br />
<br />
==Outcome==<br />
<br />
The students will write a paper to be published at a conference or in a journal on original research done over the year. They will gain experience in conducting research and academic writing, build international long-term collaborations with students and supervisors at TalTech University as well as the partner universities.<br />
<br />
==Partners==<br />
<br />
This course will take place in collaboration between three universities:<br />
* '''TalTech University''' (Estonia) [https://en.wikipedia.org/wiki/Tallinn_University_of_Technology]<br />
* '''University of Adelaide''' (Australia) [https://en.wikipedia.org/wiki/University_of_Adelaide]<br />
* '''University of Applied Sciences Ravensburg-Weingarten''' (Germany) [https://en.wikipedia.org/wiki/University_of_Applied_Sciences_Ravensburg-Weingarten]<br />
<br />
<br />
We cooperate with the following industry partners:<br />
* '''Tallink''' - the largest passenger and cargo shipping company in the Baltic Sea region [https://en.wikipedia.org/wiki/Tallink]<br />
* '''Avira Operations GmbH & Co.''' - Avira is German antivirus company offering security solutions against malware, viruses and spyware [https://en.wikipedia.org/wiki/Avira]<br />
<br />
=Organisation=<br />
<br />
==Timeline==<br />
<br />
It is expected from the students that they will actively "drive" the course, set their own milestones and be responsible for their progress. Throughout the course the students will be constantly mentored on a one-to-one basis. Furthermore, the students can get help from mentors participating in this collaboration, which currently includes academics working at the University of Adelaide, TalTech University and University of Applied Sciences Ravensburg-Weingarten.<br />
<br />
* '''October 2018''' Getting acquainted with the course<br />
* '''November - December 2018''' Signing up for the course, selecting the topic area, starting a literature review<br />
* '''January 2019''' Option to participate at Research Bootcamp at the University of Adelaide. Over the two weeks, you will be working closely together with mentors and you should find other participants interested in your research, ideally working in related areas, willing to support you over the year. Obviously, you should be willing to support them as well. Participation at the Research Bootcamp is not mandatory but a wonderful opportunity and we highly recommend. For travel support, it is possible to apply for the scholarship from Dora Plus Short-Term Study Mobility Measure. Read more about the scholarship: [https://www.ttu.ee/studying/phd-studies/programmes-6/dora-scholarships/ HERE]<br />
* '''February - May 2019''' Regular meetings with the supervisors. During the spring, the students will meet with the supervisors regularly and discusses progress and questions arising from the work. This also includes discussions on topics such as 'how to conduct a literature review', 'research methodology', 'how to select a conference or journal', etc. Also submitting a 1,000 word research abstract and initial findings to the ICR2019: 5th Interdisciplinary Cyber Research workshop. Submission of abstract is mandatory<br />
* '''June 2019''' Attend at ICR2019 and present (if accepted) ongoing research at the workshop<br />
* '''July 2019''' Option to participate at the Cyber Security Summer School C3S2019 “Blockchain and Quantum Cryptography” <br />
* '''Autumn 2019''' In the second half of the year we will more focus on analysing data, writing-up a paper using latex, etc<br />
* '''October 2019''' Poster presenting research methodology, and results<br />
* '''January 2020''' Research paper draft ready to submit to journal or conference<br />
<br />
<br />
Please note that semester at University of Tartu will not affect the eligibility for taking this course.<br />
<br />
==Research topics==<br />
<br />
Students are welcome to propose their own topics, or work with a supervisor on a per-defined topic. An initial list of per-defined projects include (list will be expanded over time):<br />
<br />
* '''Application of Machine Learning to the Cyber Security Problems''' <br />
In this project, the student(s) will apply machine learning algorithms to solve a cyber security problem which is mainly detecting a cyber attack in the selected network environment. There exist various publicly available datasets that include legitimate and attack records obtained from enterprise networks, SCADA systems, IoT networks, mobile systems. The student will select a problem domain (such as internal threat, IoT botnet, mobile malware, SCADA attacks) and create machine learning classifiers that discriminate attack records from legitimate ones with high accuracy detection rates. <br />
<br />
* '''Establishing an IoT Security Test Setup''' <br />
In this project, the student(s) will establish a test setup that resembles a realistic IoT network. The main goal is to launch the cyber attacks in the environment where the normal traffic is also simulated and create a dataset that can be used by the other researchers. This test setup can be also utilized in an attack-defence type of course and may enable us to deal with some research problems about cyber security exercises/games. <br />
<br />
* '''Establishing a SCADA Security Test Setup''' <br />
In this topic, the student(s) will create a test setup that includes physical/virtual components of SCADA networks. The main goal is to launch the cyber attacks in the environment where the normal traffic is also simulated and create a dataset that can be used by the other researchers. This test setup can be also utilized in an attack-defence type of course. The further study can be conducted for understanding how to create a totally virtual system that can be easily replicated for cyber security exercises. One other interesting question could be the comparison of the degree of fidelity provided by the physically established system and totally virtual one.<br />
<br />
* '''Conducting a Study in the Area of Cyber Doctrine Development'''<br />
On 14 June 2016 the defence ministers of NATO countries agreed to recognise cyberspace as a domain of warfare at that year’s Warsaw Summit. However, although now regarded as equal to operations on land, sea, air and space, cyber doctrine is still immature and developing. The production of coherent strategy is further hindered by a lack of alignment in a definition of cyberspace. In this topic, the student(s) will have an opportunity to study in this area. <br />
<br />
* '''Maritime Cyber Security''' <br />
In collaboration with Tallink we offer several projects on cyber security aspects of smart bridges or smart passenger desks. This project builds knowledge in secure system design, and penetration testing, risk analysis.<br />
<br />
* '''Projects in collaboration with Avira Operations''' <br />
Please find the complete list of project proposals here: [[Media:Avira-project-proposals.pdf|PDF]]<br />
<br />
==ECTS==<br />
<br />
The course is running through all 2019 and valued at 15 ECTS (6 ECTS for spring semester 2019, 6 ECTS for autumn semester 2019, 3 ECTS C3S Summer School).<br />
<br />
=Participants=<br />
<br />
==Target group==<br />
<br />
The course is targeted at Cyber Security MSc students, who have a strong interest in pursuing an academic career, conducting research, and publishing papers. Furthermore, we encourage MSc students to participate in this course in order to understand the more academic perspective early on and then join our PhD program and thereby strengthens Estonia's Cyber Security research.<br />
<br />
==Important dates and events==<br />
<br />
Please keep track of the following dates and deadlines:<br />
<br />
===In 2018===<br />
<br />
* Cyber Security Student Briefing on '''5 November 2018''' at 15:00 - 17:00. Venue: '''Auditorium U01-202 TalTech University main building''' (Ehitajate tee 5). Official launch of the course, briefing, possible to meet organisers and mentors, Q&A. Find the agenda: [https://www.ttu.ee/institutes/centre-for-digital-forensics-cyber-security/news-16/ HERE] [[Media:2018-11-05_student_brief.pdf | Slides from 5th of Nov student brief]]<br />
* Sign up for the course by '''6 November 2018''' at 23:59. <br />
* Course eligibility will be determined based on interviews on '''7 November 2018''' For signing up for the course, please book an interview time: [https://doodle.com/poll/qyy7nskhxnp67xwu HERE] Interviews will take place in '''TalTech University ICT building''' (Akadeemia tee 15a) room '''ICT-420'''.<br />
* Option to participate at Cybersecurity University Industry Networking (CUIN) at Startup Week TLN on '''21 November 2018''' at 14:00 - 17:00. Venue: '''TalTech Mektory''' (Raja 15). CUIN is a cyber security industry and university networking event which will bring young researchers and practicing experts in the cyber domain closer to stimulate research and development collaboration between the University and Industry. More information about the event, agenda and registration [https://www.facebook.com/events/247219845956105/ HERE]<br />
<br />
''The list to be updated''<br />
<br />
===In 2019===<br />
* [[Adelaide Research Bootcamp 2019]] '''14 - 25 January 2019''' (optional)<br />
* Abstract submission deadline for ICR2019 '''15 April 2019''' (mandatory)<br />
* Notification if accepted for presenting at ICR2019 '''6 May 2019'''<br />
* ICR2019: 5th Interdisciplinary Cyber Research workshop '''29 June 2019''' at TalTech. More information about the event: [https://taltech.ee/institutes/centre-for-digital-forensics-cyber-security/studies-30/interdisciplinary-cyber-research-icr-workshop/icr2019-3/ HERE] <br />
* Cyber Security Summer School C3S2019 “Blockchain and Quantum Cryptography” '''1 - 5 July 2019''' at University of Tartu (optional)<br />
<br />
''The list to be updated''<br />
<br />
=Administrative matters=<br />
<br />
==Contacts==<br />
<br />
* Kristi Ainen kristi.ainen[at]taltech.ee Project Manager at TalTech University, Administrative Support<br />
<br />
* Prof. Dr Olaf Maennel olaf.maenne[at]taltech.ee Professor of Cyber Security at TalTech University, Scientific Lead<br />
<br />
* Dr Matthew Sorell, University of Adelaide, Representing partner university, and Adjunct Professor in Digital Forensics at TalTech University<br />
<br />
* Prof. Dr Tobias Eggendorfer, University of Applied Sciences Ravensburg-Weingarten, Representing partner university</div>Kristihttp://courses.cs.taltech.ee/w/index.php?title=Cyber_security_research_excellence_course&diff=7804Cyber security research excellence course2018-11-28T13:07:07Z<p>Kristi: /* In 2018 */</p>
<hr />
<div>=Introduction=<br />
<br />
==Objective==<br />
<br />
The objective of the Cyber Security Research Excellence Course is to strengthen Estonia's position on international cyber security research excellence. The main purpose is to give our cyber security students a unique experience in academic research, working on industry-related projects, academic writing, and presenting the work to an international audience. This builds the basis for establishing long-term collaborations on an international level. The starting point for this will be working on some concrete projects in cyber security that build the basis for a MSc thesis, an academic career or industry collaboration.<br />
<br />
==Outcome==<br />
<br />
The students will write a paper to be published at a conference or in a journal on original research done over the year. They will gain experience in conducting research and academic writing, build international long-term collaborations with students and supervisors at TalTech University as well as the partner universities.<br />
<br />
==Partners==<br />
<br />
This course will take place in collaboration between three universities:<br />
* '''TalTech University''' (Estonia) [https://en.wikipedia.org/wiki/Tallinn_University_of_Technology]<br />
* '''University of Adelaide''' (Australia) [https://en.wikipedia.org/wiki/University_of_Adelaide]<br />
* '''University of Applied Sciences Ravensburg-Weingarten''' (Germany) [https://en.wikipedia.org/wiki/University_of_Applied_Sciences_Ravensburg-Weingarten]<br />
<br />
<br />
We cooperate with the following industry partners:<br />
* '''Tallink''' - the largest passenger and cargo shipping company in the Baltic Sea region [https://en.wikipedia.org/wiki/Tallink]<br />
* '''Avira Operations GmbH & Co.''' - Avira is German antivirus company offering security solutions against malware, viruses and spyware [https://en.wikipedia.org/wiki/Avira]<br />
<br />
=Organisation=<br />
<br />
==Timeline==<br />
<br />
It is expected from the students that they will actively "drive" the course, set their own milestones and be responsible for their progress. Throughout the course the students will be constantly mentored on a one-to-one basis. Furthermore, the students can get help from mentors participating in this collaboration, which currently includes academics working at the University of Adelaide, TalTech University and University of Applied Sciences Ravensburg-Weingarten.<br />
<br />
* '''October 2018''' Getting acquainted with the course<br />
* '''November - December 2018''' Signing up for the course, selecting the topic area, starting a literature review<br />
* '''January 2019''' Option to participate at Research Bootcamp at the University of Adelaide. Over the two weeks, you will be working closely together with mentors and you should find other participants interested in your research, ideally working in related areas, willing to support you over the year. Obviously, you should be willing to support them as well. Participation at the Research Bootcamp is not mandatory but a wonderful opportunity and we highly recommend. For travel support, it is possible to apply for the scholarship from Dora Plus Short-Term Study Mobility Measure. Read more about the scholarship: [https://www.ttu.ee/studying/phd-studies/programmes-6/dora-scholarships/ HERE]<br />
* '''February - May 2019''' Regular meetings with the supervisors. During the spring, the students will meet with the supervisors regularly and discusses progress and questions arising from the work. This also includes discussions on topics such as 'how to conduct a literature review', 'research methodology', 'how to select a conference or journal', etc. Also submitting a 1,000 word research abstract and initial findings to the ICR2019: 5th Interdisciplinary Cyber Research workshop. Submission of abstract is mandatory<br />
* '''June 2019''' Attend at ICR2019 and present (if accepted) ongoing research at the workshop<br />
* '''July 2019''' Option to participate at the Cyber Security Summer School C3S2019 “Blockchain and Quantum Cryptography” <br />
* '''Autumn 2019''' In the second half of the year we will more focus on analysing data, writing-up a paper using latex, etc<br />
* '''October 2019''' Poster presenting research methodology, and results<br />
* '''January 2020''' Research paper draft ready to submit to journal or conference<br />
<br />
<br />
Please note that semester at University of Tartu will not affect the eligibility for taking this course.<br />
<br />
==Research topics==<br />
<br />
Students are welcome to propose their own topics, or work with a supervisor on a per-defined topic. An initial list of per-defined projects include (list will be expanded over time):<br />
<br />
* '''Application of Machine Learning to the Cyber Security Problems''' <br />
In this project, the student(s) will apply machine learning algorithms to solve a cyber security problem which is mainly detecting a cyber attack in the selected network environment. There exist various publicly available datasets that include legitimate and attack records obtained from enterprise networks, SCADA systems, IoT networks, mobile systems. The student will select a problem domain (such as internal threat, IoT botnet, mobile malware, SCADA attacks) and create machine learning classifiers that discriminate attack records from legitimate ones with high accuracy detection rates. <br />
<br />
* '''Establishing an IoT Security Test Setup''' <br />
In this project, the student(s) will establish a test setup that resembles a realistic IoT network. The main goal is to launch the cyber attacks in the environment where the normal traffic is also simulated and create a dataset that can be used by the other researchers. This test setup can be also utilized in an attack-defence type of course and may enable us to deal with some research problems about cyber security exercises/games. <br />
<br />
* '''Establishing a SCADA Security Test Setup''' <br />
In this topic, the student(s) will create a test setup that includes physical/virtual components of SCADA networks. The main goal is to launch the cyber attacks in the environment where the normal traffic is also simulated and create a dataset that can be used by the other researchers. This test setup can be also utilized in an attack-defence type of course. The further study can be conducted for understanding how to create a totally virtual system that can be easily replicated for cyber security exercises. One other interesting question could be the comparison of the degree of fidelity provided by the physically established system and totally virtual one.<br />
<br />
* '''Conducting a Study in the Area of Cyber Doctrine Development'''<br />
On 14 June 2016 the defence ministers of NATO countries agreed to recognise cyberspace as a domain of warfare at that year’s Warsaw Summit. However, although now regarded as equal to operations on land, sea, air and space, cyber doctrine is still immature and developing. The production of coherent strategy is further hindered by a lack of alignment in a definition of cyberspace. In this topic, the student(s) will have an opportunity to study in this area. <br />
<br />
* '''Maritime Cyber Security''' <br />
In collaboration with Tallink we offer several projects on cyber security aspects of smart bridges or smart passenger desks. This project builds knowledge in secure system design, and penetration testing, risk analysis.<br />
<br />
* '''Projects in collaboration with Avira Operations''' <br />
Please find the complete list of project proposals here: [[Media:Avira-project-proposals.pdf|PDF]]<br />
<br />
==ECTS==<br />
<br />
The course is running through all 2019 and valued at 15 ECTS (6 ECTS for spring semester 2019, 6 ECTS for autumn semester 2019, 3 ECTS C3S Summer School).<br />
<br />
=Participants=<br />
<br />
==Target group==<br />
<br />
The course is targeted at Cyber Security MSc students, who have a strong interest in pursuing an academic career, conducting research, and publishing papers. Furthermore, we encourage MSc students to participate in this course in order to understand the more academic perspective early on and then join our PhD program and thereby strengthens Estonia's Cyber Security research.<br />
<br />
==Important dates and events==<br />
<br />
Please keep track of the following dates and deadlines:<br />
<br />
===In 2018===<br />
<br />
* Cyber Security Student Briefing on '''5 November 2018''' at 15:00 - 17:00. Venue: '''Auditorium U01-202 TalTech University main building''' (Ehitajate tee 5). Official launch of the course, briefing, possible to meet organisers and mentors, Q&A. Find the agenda: [https://www.ttu.ee/institutes/centre-for-digital-forensics-cyber-security/news-16/ HERE] [[Media:2018-11-05_student_brief.pdf | Slides from 5th of Nov student brief]]<br />
* Sign up for the course by '''6 November 2018''' at 23:59. <br />
* Course eligibility will be determined based on interviews on '''7 November 2018''' For signing up for the course, please book an interview time: [https://doodle.com/poll/qyy7nskhxnp67xwu HERE] Interviews will take place in '''TalTech University ICT building''' (Akadeemia tee 15a) room '''ICT-420'''.<br />
* Option to participate at Cybersecurity University Industry Networking (CUIN) at Startup Week TLN on '''21 November 2018''' at 14:00 - 17:00. Venue: '''TalTech Mektory''' (Raja 15). CUIN is a cyber security industry and university networking event which will bring young researchers and practicing experts in the cyber domain closer to stimulate research and development collaboration between the University and Industry. More information about the event, agenda and registration [https://www.facebook.com/events/247219845956105/ HERE]<br />
<br />
<br />
''The list to be updated''<br />
<br />
===In 2019===<br />
* [[Adelaide Research Bootcamp 2019]] '''14 - 25 January 2019''' (optional)<br />
* Abstract submission deadline for ICR2019 '''15 April 2019''' (mandatory)<br />
* Notification if accepted for presenting at ICR2019 '''6 May 2019'''<br />
* ICR2019: 5th Interdisciplinary Cyber Research workshop '''29 June 2019''' at TalTech. More information about the event: [https://taltech.ee/institutes/centre-for-digital-forensics-cyber-security/studies-30/interdisciplinary-cyber-research-icr-workshop/icr2019-3/ HERE] <br />
* Cyber Security Summer School C3S2019 “Blockchain and Quantum Cryptography” '''1 - 5 July 2019''' at University of Tartu (optional)<br />
<br />
''The list to be updated''<br />
<br />
=Administrative matters=<br />
<br />
==Contacts==<br />
<br />
* Kristi Ainen kristi.ainen[at]taltech.ee Project Manager at TalTech University, Administrative Support<br />
<br />
* Prof. Dr Olaf Maennel olaf.maenne[at]taltech.ee Professor of Cyber Security at TalTech University, Scientific Lead<br />
<br />
* Dr Matthew Sorell, University of Adelaide, Representing partner university, and Adjunct Professor in Digital Forensics at TalTech University<br />
<br />
* Prof. Dr Tobias Eggendorfer, University of Applied Sciences Ravensburg-Weingarten, Representing partner university</div>Kristihttp://courses.cs.taltech.ee/w/index.php?title=Cyber_security_research_excellence_course&diff=7789Cyber security research excellence course2018-11-26T10:33:37Z<p>Kristi: /* In 2019 */</p>
<hr />
<div>=Introduction=<br />
<br />
==Objective==<br />
<br />
The objective of the Cyber Security Research Excellence Course is to strengthen Estonia's position on international cyber security research excellence. The main purpose is to give our cyber security students a unique experience in academic research, working on industry-related projects, academic writing, and presenting the work to an international audience. This builds the basis for establishing long-term collaborations on an international level. The starting point for this will be working on some concrete projects in cyber security that build the basis for a MSc thesis, an academic career or industry collaboration.<br />
<br />
==Outcome==<br />
<br />
The students will write a paper to be published at a conference or in a journal on original research done over the year. They will gain experience in conducting research and academic writing, build international long-term collaborations with students and supervisors at TalTech University as well as the partner universities.<br />
<br />
==Partners==<br />
<br />
This course will take place in collaboration between three universities:<br />
* '''TalTech University''' (Estonia) [https://en.wikipedia.org/wiki/Tallinn_University_of_Technology]<br />
* '''University of Adelaide''' (Australia) [https://en.wikipedia.org/wiki/University_of_Adelaide]<br />
* '''University of Applied Sciences Ravensburg-Weingarten''' (Germany) [https://en.wikipedia.org/wiki/University_of_Applied_Sciences_Ravensburg-Weingarten]<br />
<br />
<br />
We cooperate with the following industry partners:<br />
* '''Tallink''' - the largest passenger and cargo shipping company in the Baltic Sea region [https://en.wikipedia.org/wiki/Tallink]<br />
* '''Avira Operations GmbH & Co.''' - Avira is German antivirus company offering security solutions against malware, viruses and spyware [https://en.wikipedia.org/wiki/Avira]<br />
<br />
=Organisation=<br />
<br />
==Timeline==<br />
<br />
It is expected from the students that they will actively "drive" the course, set their own milestones and be responsible for their progress. Throughout the course the students will be constantly mentored on a one-to-one basis. Furthermore, the students can get help from mentors participating in this collaboration, which currently includes academics working at the University of Adelaide, TalTech University and University of Applied Sciences Ravensburg-Weingarten.<br />
<br />
* '''October 2018''' Getting acquainted with the course<br />
* '''November - December 2018''' Signing up for the course, selecting the topic area, starting a literature review<br />
* '''January 2019''' Option to participate at Research Bootcamp at the University of Adelaide. Over the two weeks, you will be working closely together with mentors and you should find other participants interested in your research, ideally working in related areas, willing to support you over the year. Obviously, you should be willing to support them as well. Participation at the Research Bootcamp is not mandatory but a wonderful opportunity and we highly recommend. For travel support, it is possible to apply for the scholarship from Dora Plus Short-Term Study Mobility Measure. Read more about the scholarship: [https://www.ttu.ee/studying/phd-studies/programmes-6/dora-scholarships/ HERE]<br />
* '''February - May 2019''' Regular meetings with the supervisors. During the spring, the students will meet with the supervisors regularly and discusses progress and questions arising from the work. This also includes discussions on topics such as 'how to conduct a literature review', 'research methodology', 'how to select a conference or journal', etc. Also submitting a 1,000 word research abstract and initial findings to the ICR2019: 5th Interdisciplinary Cyber Research workshop. Submission of abstract is mandatory<br />
* '''June 2019''' Attend at ICR2019 and present (if accepted) ongoing research at the workshop<br />
* '''July 2019''' Option to participate at the Cyber Security Summer School C3S2019 “Blockchain and Quantum Cryptography” <br />
* '''Autumn 2019''' In the second half of the year we will more focus on analysing data, writing-up a paper using latex, etc<br />
* '''October 2019''' Poster presenting research methodology, and results<br />
* '''January 2020''' Research paper draft ready to submit to journal or conference<br />
<br />
<br />
Please note that semester at University of Tartu will not affect the eligibility for taking this course.<br />
<br />
==Research topics==<br />
<br />
Students are welcome to propose their own topics, or work with a supervisor on a per-defined topic. An initial list of per-defined projects include (list will be expanded over time):<br />
<br />
* '''Application of Machine Learning to the Cyber Security Problems''' <br />
In this project, the student(s) will apply machine learning algorithms to solve a cyber security problem which is mainly detecting a cyber attack in the selected network environment. There exist various publicly available datasets that include legitimate and attack records obtained from enterprise networks, SCADA systems, IoT networks, mobile systems. The student will select a problem domain (such as internal threat, IoT botnet, mobile malware, SCADA attacks) and create machine learning classifiers that discriminate attack records from legitimate ones with high accuracy detection rates. <br />
<br />
* '''Establishing an IoT Security Test Setup''' <br />
In this project, the student(s) will establish a test setup that resembles a realistic IoT network. The main goal is to launch the cyber attacks in the environment where the normal traffic is also simulated and create a dataset that can be used by the other researchers. This test setup can be also utilized in an attack-defence type of course and may enable us to deal with some research problems about cyber security exercises/games. <br />
<br />
* '''Establishing a SCADA Security Test Setup''' <br />
In this topic, the student(s) will create a test setup that includes physical/virtual components of SCADA networks. The main goal is to launch the cyber attacks in the environment where the normal traffic is also simulated and create a dataset that can be used by the other researchers. This test setup can be also utilized in an attack-defence type of course. The further study can be conducted for understanding how to create a totally virtual system that can be easily replicated for cyber security exercises. One other interesting question could be the comparison of the degree of fidelity provided by the physically established system and totally virtual one.<br />
<br />
* '''Conducting a Study in the Area of Cyber Doctrine Development'''<br />
On 14 June 2016 the defence ministers of NATO countries agreed to recognise cyberspace as a domain of warfare at that year’s Warsaw Summit. However, although now regarded as equal to operations on land, sea, air and space, cyber doctrine is still immature and developing. The production of coherent strategy is further hindered by a lack of alignment in a definition of cyberspace. In this topic, the student(s) will have an opportunity to study in this area. <br />
<br />
* '''Maritime Cyber Security''' <br />
In collaboration with Tallink we offer several projects on cyber security aspects of smart bridges or smart passenger desks. This project builds knowledge in secure system design, and penetration testing, risk analysis.<br />
<br />
* '''Projects in collaboration with Avira Operations''' <br />
Please find the complete list of project proposals here: [[Media:Avira-project-proposals.pdf|PDF]]<br />
<br />
==ECTS==<br />
<br />
The course is running through all 2019 and valued at 15 ECTS (6 ECTS for spring semester 2019, 6 ECTS for autumn semester 2019, 3 ECTS C3S Summer School).<br />
<br />
=Participants=<br />
<br />
==Target group==<br />
<br />
The course is targeted at Cyber Security MSc students, who have a strong interest in pursuing an academic career, conducting research, and publishing papers. Furthermore, we encourage MSc students to participate in this course in order to understand the more academic perspective early on and then join our PhD program and thereby strengthens Estonia's Cyber Security research.<br />
<br />
==Important dates and events==<br />
<br />
Please keep track of the following dates and deadlines:<br />
<br />
===In 2018===<br />
<br />
* Cyber Security Student Briefing on '''5 November 2018''' at 15:00 - 17:00. Venue: '''Auditorium U01-202 TalTech University main building''' (Ehitajate tee 5). Official launch of the course, briefing, possible to meet organisers and mentors, Q&A. Find the agenda: [https://www.ttu.ee/institutes/centre-for-digital-forensics-cyber-security/news-16/ HERE] [[Media:2018-11-05_student_brief.pdf | Slides from 5th of Nov student brief]]<br />
* Sign up for the course by '''6 November 2018''' at 23:59. <br />
* Course eligibility will be determined based on interviews on '''7 November 2018''' For signing up for the course, please book an interview time: [https://doodle.com/poll/qyy7nskhxnp67xwu HERE] Interviews will take place in '''TalTech University ICT building''' (Akadeemia tee 15a) room '''ICT-420'''.<br />
* Option to participate at Cybersecurity University Industry Networking (CUIN) at Startup Week TLN on '''21 November 2018''' at 14:00 - 17:00. Venue: '''TalTech Mektory''' (Raja 15). CUIN is a cyber security industry and university networking event which will bring young researchers and practicing experts in the cyber domain closer to stimulate research and development collaboration between the University and Industry. More information about the event, agenda and registration [https://www.facebook.com/events/247219845956105/ HERE]<br />
* In case you want to apply for the scholarship for participating at the Research Bootcamp at the University of Adelaide, please submit all required documents electronically or on paper to Dora Plus Action 1 Coordinator Kaire Kaljuvee: kaire.kaljuvee[at]taltech.ee by '''7 December 2018''' at the latest. List of required documents and more information: [https://www.ttu.ee/studying/phd-studies/programmes-6/dora-scholarships/ HERE]<br />
<br />
''The list to be updated''<br />
<br />
===In 2019===<br />
* [[Adelaide Research Bootcamp 2019]] '''14 - 25 January 2019''' (optional)<br />
* Abstract submission deadline for ICR2019 '''15 April 2019''' (mandatory)<br />
* Notification if accepted for presenting at ICR2019 '''6 May 2019'''<br />
* ICR2019: 5th Interdisciplinary Cyber Research workshop '''29 June 2019''' at TalTech. More information about the event: [https://taltech.ee/institutes/centre-for-digital-forensics-cyber-security/studies-30/interdisciplinary-cyber-research-icr-workshop/icr2019-3/ HERE] <br />
* Cyber Security Summer School C3S2019 “Blockchain and Quantum Cryptography” '''1 - 5 July 2019''' at University of Tartu (optional)<br />
<br />
''The list to be updated''<br />
<br />
=Administrative matters=<br />
<br />
==Contacts==<br />
<br />
* Kristi Ainen kristi.ainen[at]taltech.ee Project Manager at TalTech University, Administrative Support<br />
<br />
* Prof. Dr Olaf Maennel olaf.maenne[at]taltech.ee Professor of Cyber Security at TalTech University, Scientific Lead<br />
<br />
* Dr Matthew Sorell, University of Adelaide, Representing partner university, and Adjunct Professor in Digital Forensics at TalTech University<br />
<br />
* Prof. Dr Tobias Eggendorfer, University of Applied Sciences Ravensburg-Weingarten, Representing partner university</div>Kristihttp://courses.cs.taltech.ee/w/index.php?title=Cyber_security_research_excellence_course&diff=7788Cyber security research excellence course2018-11-26T10:30:54Z<p>Kristi: /* In 2019 */</p>
<hr />
<div>=Introduction=<br />
<br />
==Objective==<br />
<br />
The objective of the Cyber Security Research Excellence Course is to strengthen Estonia's position on international cyber security research excellence. The main purpose is to give our cyber security students a unique experience in academic research, working on industry-related projects, academic writing, and presenting the work to an international audience. This builds the basis for establishing long-term collaborations on an international level. The starting point for this will be working on some concrete projects in cyber security that build the basis for a MSc thesis, an academic career or industry collaboration.<br />
<br />
==Outcome==<br />
<br />
The students will write a paper to be published at a conference or in a journal on original research done over the year. They will gain experience in conducting research and academic writing, build international long-term collaborations with students and supervisors at TalTech University as well as the partner universities.<br />
<br />
==Partners==<br />
<br />
This course will take place in collaboration between three universities:<br />
* '''TalTech University''' (Estonia) [https://en.wikipedia.org/wiki/Tallinn_University_of_Technology]<br />
* '''University of Adelaide''' (Australia) [https://en.wikipedia.org/wiki/University_of_Adelaide]<br />
* '''University of Applied Sciences Ravensburg-Weingarten''' (Germany) [https://en.wikipedia.org/wiki/University_of_Applied_Sciences_Ravensburg-Weingarten]<br />
<br />
<br />
We cooperate with the following industry partners:<br />
* '''Tallink''' - the largest passenger and cargo shipping company in the Baltic Sea region [https://en.wikipedia.org/wiki/Tallink]<br />
* '''Avira Operations GmbH & Co.''' - Avira is German antivirus company offering security solutions against malware, viruses and spyware [https://en.wikipedia.org/wiki/Avira]<br />
<br />
=Organisation=<br />
<br />
==Timeline==<br />
<br />
It is expected from the students that they will actively "drive" the course, set their own milestones and be responsible for their progress. Throughout the course the students will be constantly mentored on a one-to-one basis. Furthermore, the students can get help from mentors participating in this collaboration, which currently includes academics working at the University of Adelaide, TalTech University and University of Applied Sciences Ravensburg-Weingarten.<br />
<br />
* '''October 2018''' Getting acquainted with the course<br />
* '''November - December 2018''' Signing up for the course, selecting the topic area, starting a literature review<br />
* '''January 2019''' Option to participate at Research Bootcamp at the University of Adelaide. Over the two weeks, you will be working closely together with mentors and you should find other participants interested in your research, ideally working in related areas, willing to support you over the year. Obviously, you should be willing to support them as well. Participation at the Research Bootcamp is not mandatory but a wonderful opportunity and we highly recommend. For travel support, it is possible to apply for the scholarship from Dora Plus Short-Term Study Mobility Measure. Read more about the scholarship: [https://www.ttu.ee/studying/phd-studies/programmes-6/dora-scholarships/ HERE]<br />
* '''February - May 2019''' Regular meetings with the supervisors. During the spring, the students will meet with the supervisors regularly and discusses progress and questions arising from the work. This also includes discussions on topics such as 'how to conduct a literature review', 'research methodology', 'how to select a conference or journal', etc. Also submitting a 1,000 word research abstract and initial findings to the ICR2019: 5th Interdisciplinary Cyber Research workshop. Submission of abstract is mandatory<br />
* '''June 2019''' Attend at ICR2019 and present (if accepted) ongoing research at the workshop<br />
* '''July 2019''' Option to participate at the Cyber Security Summer School C3S2019 “Blockchain and Quantum Cryptography” <br />
* '''Autumn 2019''' In the second half of the year we will more focus on analysing data, writing-up a paper using latex, etc<br />
* '''October 2019''' Poster presenting research methodology, and results<br />
* '''January 2020''' Research paper draft ready to submit to journal or conference<br />
<br />
<br />
Please note that semester at University of Tartu will not affect the eligibility for taking this course.<br />
<br />
==Research topics==<br />
<br />
Students are welcome to propose their own topics, or work with a supervisor on a per-defined topic. An initial list of per-defined projects include (list will be expanded over time):<br />
<br />
* '''Application of Machine Learning to the Cyber Security Problems''' <br />
In this project, the student(s) will apply machine learning algorithms to solve a cyber security problem which is mainly detecting a cyber attack in the selected network environment. There exist various publicly available datasets that include legitimate and attack records obtained from enterprise networks, SCADA systems, IoT networks, mobile systems. The student will select a problem domain (such as internal threat, IoT botnet, mobile malware, SCADA attacks) and create machine learning classifiers that discriminate attack records from legitimate ones with high accuracy detection rates. <br />
<br />
* '''Establishing an IoT Security Test Setup''' <br />
In this project, the student(s) will establish a test setup that resembles a realistic IoT network. The main goal is to launch the cyber attacks in the environment where the normal traffic is also simulated and create a dataset that can be used by the other researchers. This test setup can be also utilized in an attack-defence type of course and may enable us to deal with some research problems about cyber security exercises/games. <br />
<br />
* '''Establishing a SCADA Security Test Setup''' <br />
In this topic, the student(s) will create a test setup that includes physical/virtual components of SCADA networks. The main goal is to launch the cyber attacks in the environment where the normal traffic is also simulated and create a dataset that can be used by the other researchers. This test setup can be also utilized in an attack-defence type of course. The further study can be conducted for understanding how to create a totally virtual system that can be easily replicated for cyber security exercises. One other interesting question could be the comparison of the degree of fidelity provided by the physically established system and totally virtual one.<br />
<br />
* '''Conducting a Study in the Area of Cyber Doctrine Development'''<br />
On 14 June 2016 the defence ministers of NATO countries agreed to recognise cyberspace as a domain of warfare at that year’s Warsaw Summit. However, although now regarded as equal to operations on land, sea, air and space, cyber doctrine is still immature and developing. The production of coherent strategy is further hindered by a lack of alignment in a definition of cyberspace. In this topic, the student(s) will have an opportunity to study in this area. <br />
<br />
* '''Maritime Cyber Security''' <br />
In collaboration with Tallink we offer several projects on cyber security aspects of smart bridges or smart passenger desks. This project builds knowledge in secure system design, and penetration testing, risk analysis.<br />
<br />
* '''Projects in collaboration with Avira Operations''' <br />
Please find the complete list of project proposals here: [[Media:Avira-project-proposals.pdf|PDF]]<br />
<br />
==ECTS==<br />
<br />
The course is running through all 2019 and valued at 15 ECTS (6 ECTS for spring semester 2019, 6 ECTS for autumn semester 2019, 3 ECTS C3S Summer School).<br />
<br />
=Participants=<br />
<br />
==Target group==<br />
<br />
The course is targeted at Cyber Security MSc students, who have a strong interest in pursuing an academic career, conducting research, and publishing papers. Furthermore, we encourage MSc students to participate in this course in order to understand the more academic perspective early on and then join our PhD program and thereby strengthens Estonia's Cyber Security research.<br />
<br />
==Important dates and events==<br />
<br />
Please keep track of the following dates and deadlines:<br />
<br />
===In 2018===<br />
<br />
* Cyber Security Student Briefing on '''5 November 2018''' at 15:00 - 17:00. Venue: '''Auditorium U01-202 TalTech University main building''' (Ehitajate tee 5). Official launch of the course, briefing, possible to meet organisers and mentors, Q&A. Find the agenda: [https://www.ttu.ee/institutes/centre-for-digital-forensics-cyber-security/news-16/ HERE] [[Media:2018-11-05_student_brief.pdf | Slides from 5th of Nov student brief]]<br />
* Sign up for the course by '''6 November 2018''' at 23:59. <br />
* Course eligibility will be determined based on interviews on '''7 November 2018''' For signing up for the course, please book an interview time: [https://doodle.com/poll/qyy7nskhxnp67xwu HERE] Interviews will take place in '''TalTech University ICT building''' (Akadeemia tee 15a) room '''ICT-420'''.<br />
* Option to participate at Cybersecurity University Industry Networking (CUIN) at Startup Week TLN on '''21 November 2018''' at 14:00 - 17:00. Venue: '''TalTech Mektory''' (Raja 15). CUIN is a cyber security industry and university networking event which will bring young researchers and practicing experts in the cyber domain closer to stimulate research and development collaboration between the University and Industry. More information about the event, agenda and registration [https://www.facebook.com/events/247219845956105/ HERE]<br />
* In case you want to apply for the scholarship for participating at the Research Bootcamp at the University of Adelaide, please submit all required documents electronically or on paper to Dora Plus Action 1 Coordinator Kaire Kaljuvee: kaire.kaljuvee[at]taltech.ee by '''7 December 2018''' at the latest. List of required documents and more information: [https://www.ttu.ee/studying/phd-studies/programmes-6/dora-scholarships/ HERE]<br />
<br />
''The list to be updated''<br />
<br />
===In 2019===<br />
* [[Adelaide Research Bootcamp 2019]] '''14 - 25 January 2019''' (optional)<br />
* Abstract submission deadline for ICR2019 '''15 April 2019''' (mandatory)<br />
* Notification if accepted for presenting at ICR2019 '''6 May 2019'''<br />
* ICR2019: 5th Interdisciplinary Cyber Research workshop '''29 June 2019''' at TalTech. More information about the event: [https://taltech.ee/institutes/centre-for-digital-forensics-cyber-security/studies-30/interdisciplinary-cyber-research-icr-workshop/ HERE] <br />
* Cyber Security Summer School C3S2019 “Blockchain and Quantum Cryptography” '''1 - 5 July 2019''' at University of Tartu (optional)<br />
<br />
''The list to be updated''<br />
<br />
=Administrative matters=<br />
<br />
==Contacts==<br />
<br />
* Kristi Ainen kristi.ainen[at]taltech.ee Project Manager at TalTech University, Administrative Support<br />
<br />
* Prof. Dr Olaf Maennel olaf.maenne[at]taltech.ee Professor of Cyber Security at TalTech University, Scientific Lead<br />
<br />
* Dr Matthew Sorell, University of Adelaide, Representing partner university, and Adjunct Professor in Digital Forensics at TalTech University<br />
<br />
* Prof. Dr Tobias Eggendorfer, University of Applied Sciences Ravensburg-Weingarten, Representing partner university</div>Kristihttp://courses.cs.taltech.ee/w/index.php?title=Cyber_security_research_excellence_course&diff=7787Cyber security research excellence course2018-11-26T10:30:00Z<p>Kristi: /* In 2018 */</p>
<hr />
<div>=Introduction=<br />
<br />
==Objective==<br />
<br />
The objective of the Cyber Security Research Excellence Course is to strengthen Estonia's position on international cyber security research excellence. The main purpose is to give our cyber security students a unique experience in academic research, working on industry-related projects, academic writing, and presenting the work to an international audience. This builds the basis for establishing long-term collaborations on an international level. The starting point for this will be working on some concrete projects in cyber security that build the basis for a MSc thesis, an academic career or industry collaboration.<br />
<br />
==Outcome==<br />
<br />
The students will write a paper to be published at a conference or in a journal on original research done over the year. They will gain experience in conducting research and academic writing, build international long-term collaborations with students and supervisors at TalTech University as well as the partner universities.<br />
<br />
==Partners==<br />
<br />
This course will take place in collaboration between three universities:<br />
* '''TalTech University''' (Estonia) [https://en.wikipedia.org/wiki/Tallinn_University_of_Technology]<br />
* '''University of Adelaide''' (Australia) [https://en.wikipedia.org/wiki/University_of_Adelaide]<br />
* '''University of Applied Sciences Ravensburg-Weingarten''' (Germany) [https://en.wikipedia.org/wiki/University_of_Applied_Sciences_Ravensburg-Weingarten]<br />
<br />
<br />
We cooperate with the following industry partners:<br />
* '''Tallink''' - the largest passenger and cargo shipping company in the Baltic Sea region [https://en.wikipedia.org/wiki/Tallink]<br />
* '''Avira Operations GmbH & Co.''' - Avira is German antivirus company offering security solutions against malware, viruses and spyware [https://en.wikipedia.org/wiki/Avira]<br />
<br />
=Organisation=<br />
<br />
==Timeline==<br />
<br />
It is expected from the students that they will actively "drive" the course, set their own milestones and be responsible for their progress. Throughout the course the students will be constantly mentored on a one-to-one basis. Furthermore, the students can get help from mentors participating in this collaboration, which currently includes academics working at the University of Adelaide, TalTech University and University of Applied Sciences Ravensburg-Weingarten.<br />
<br />
* '''October 2018''' Getting acquainted with the course<br />
* '''November - December 2018''' Signing up for the course, selecting the topic area, starting a literature review<br />
* '''January 2019''' Option to participate at Research Bootcamp at the University of Adelaide. Over the two weeks, you will be working closely together with mentors and you should find other participants interested in your research, ideally working in related areas, willing to support you over the year. Obviously, you should be willing to support them as well. Participation at the Research Bootcamp is not mandatory but a wonderful opportunity and we highly recommend. For travel support, it is possible to apply for the scholarship from Dora Plus Short-Term Study Mobility Measure. Read more about the scholarship: [https://www.ttu.ee/studying/phd-studies/programmes-6/dora-scholarships/ HERE]<br />
* '''February - May 2019''' Regular meetings with the supervisors. During the spring, the students will meet with the supervisors regularly and discusses progress and questions arising from the work. This also includes discussions on topics such as 'how to conduct a literature review', 'research methodology', 'how to select a conference or journal', etc. Also submitting a 1,000 word research abstract and initial findings to the ICR2019: 5th Interdisciplinary Cyber Research workshop. Submission of abstract is mandatory<br />
* '''June 2019''' Attend at ICR2019 and present (if accepted) ongoing research at the workshop<br />
* '''July 2019''' Option to participate at the Cyber Security Summer School C3S2019 “Blockchain and Quantum Cryptography” <br />
* '''Autumn 2019''' In the second half of the year we will more focus on analysing data, writing-up a paper using latex, etc<br />
* '''October 2019''' Poster presenting research methodology, and results<br />
* '''January 2020''' Research paper draft ready to submit to journal or conference<br />
<br />
<br />
Please note that semester at University of Tartu will not affect the eligibility for taking this course.<br />
<br />
==Research topics==<br />
<br />
Students are welcome to propose their own topics, or work with a supervisor on a per-defined topic. An initial list of per-defined projects include (list will be expanded over time):<br />
<br />
* '''Application of Machine Learning to the Cyber Security Problems''' <br />
In this project, the student(s) will apply machine learning algorithms to solve a cyber security problem which is mainly detecting a cyber attack in the selected network environment. There exist various publicly available datasets that include legitimate and attack records obtained from enterprise networks, SCADA systems, IoT networks, mobile systems. The student will select a problem domain (such as internal threat, IoT botnet, mobile malware, SCADA attacks) and create machine learning classifiers that discriminate attack records from legitimate ones with high accuracy detection rates. <br />
<br />
* '''Establishing an IoT Security Test Setup''' <br />
In this project, the student(s) will establish a test setup that resembles a realistic IoT network. The main goal is to launch the cyber attacks in the environment where the normal traffic is also simulated and create a dataset that can be used by the other researchers. This test setup can be also utilized in an attack-defence type of course and may enable us to deal with some research problems about cyber security exercises/games. <br />
<br />
* '''Establishing a SCADA Security Test Setup''' <br />
In this topic, the student(s) will create a test setup that includes physical/virtual components of SCADA networks. The main goal is to launch the cyber attacks in the environment where the normal traffic is also simulated and create a dataset that can be used by the other researchers. This test setup can be also utilized in an attack-defence type of course. The further study can be conducted for understanding how to create a totally virtual system that can be easily replicated for cyber security exercises. One other interesting question could be the comparison of the degree of fidelity provided by the physically established system and totally virtual one.<br />
<br />
* '''Conducting a Study in the Area of Cyber Doctrine Development'''<br />
On 14 June 2016 the defence ministers of NATO countries agreed to recognise cyberspace as a domain of warfare at that year’s Warsaw Summit. However, although now regarded as equal to operations on land, sea, air and space, cyber doctrine is still immature and developing. The production of coherent strategy is further hindered by a lack of alignment in a definition of cyberspace. In this topic, the student(s) will have an opportunity to study in this area. <br />
<br />
* '''Maritime Cyber Security''' <br />
In collaboration with Tallink we offer several projects on cyber security aspects of smart bridges or smart passenger desks. This project builds knowledge in secure system design, and penetration testing, risk analysis.<br />
<br />
* '''Projects in collaboration with Avira Operations''' <br />
Please find the complete list of project proposals here: [[Media:Avira-project-proposals.pdf|PDF]]<br />
<br />
==ECTS==<br />
<br />
The course is running through all 2019 and valued at 15 ECTS (6 ECTS for spring semester 2019, 6 ECTS for autumn semester 2019, 3 ECTS C3S Summer School).<br />
<br />
=Participants=<br />
<br />
==Target group==<br />
<br />
The course is targeted at Cyber Security MSc students, who have a strong interest in pursuing an academic career, conducting research, and publishing papers. Furthermore, we encourage MSc students to participate in this course in order to understand the more academic perspective early on and then join our PhD program and thereby strengthens Estonia's Cyber Security research.<br />
<br />
==Important dates and events==<br />
<br />
Please keep track of the following dates and deadlines:<br />
<br />
===In 2018===<br />
<br />
* Cyber Security Student Briefing on '''5 November 2018''' at 15:00 - 17:00. Venue: '''Auditorium U01-202 TalTech University main building''' (Ehitajate tee 5). Official launch of the course, briefing, possible to meet organisers and mentors, Q&A. Find the agenda: [https://www.ttu.ee/institutes/centre-for-digital-forensics-cyber-security/news-16/ HERE] [[Media:2018-11-05_student_brief.pdf | Slides from 5th of Nov student brief]]<br />
* Sign up for the course by '''6 November 2018''' at 23:59. <br />
* Course eligibility will be determined based on interviews on '''7 November 2018''' For signing up for the course, please book an interview time: [https://doodle.com/poll/qyy7nskhxnp67xwu HERE] Interviews will take place in '''TalTech University ICT building''' (Akadeemia tee 15a) room '''ICT-420'''.<br />
* Option to participate at Cybersecurity University Industry Networking (CUIN) at Startup Week TLN on '''21 November 2018''' at 14:00 - 17:00. Venue: '''TalTech Mektory''' (Raja 15). CUIN is a cyber security industry and university networking event which will bring young researchers and practicing experts in the cyber domain closer to stimulate research and development collaboration between the University and Industry. More information about the event, agenda and registration [https://www.facebook.com/events/247219845956105/ HERE]<br />
* In case you want to apply for the scholarship for participating at the Research Bootcamp at the University of Adelaide, please submit all required documents electronically or on paper to Dora Plus Action 1 Coordinator Kaire Kaljuvee: kaire.kaljuvee[at]taltech.ee by '''7 December 2018''' at the latest. List of required documents and more information: [https://www.ttu.ee/studying/phd-studies/programmes-6/dora-scholarships/ HERE]<br />
<br />
''The list to be updated''<br />
<br />
===In 2019===<br />
* [[Adelaide Research Bootcamp 2019]] '''14 - 25 January 2019''' (optional)<br />
* Abstract submission deadline for ICR2019 '''15 April 2019''' (mandatory)<br />
* Notification if accepted for presenting at ICR2019 '''6 May 2019'''<br />
* ICR2019: 5th Interdisciplinary Cyber Research workshop '''29 June 2019''' at TalTech. More information about the event: [https://taltech.ee/institutes/centre-for-digital-forensics-cyber-security/news-16/icr2019-2 HERE] <br />
* Cyber Security Summer School C3S2019 “Blockchain and Quantum Cryptography” '''1 - 5 July 2019''' at University of Tartu (optional)<br />
<br />
''The list to be updated''<br />
<br />
=Administrative matters=<br />
<br />
==Contacts==<br />
<br />
* Kristi Ainen kristi.ainen[at]taltech.ee Project Manager at TalTech University, Administrative Support<br />
<br />
* Prof. Dr Olaf Maennel olaf.maenne[at]taltech.ee Professor of Cyber Security at TalTech University, Scientific Lead<br />
<br />
* Dr Matthew Sorell, University of Adelaide, Representing partner university, and Adjunct Professor in Digital Forensics at TalTech University<br />
<br />
* Prof. Dr Tobias Eggendorfer, University of Applied Sciences Ravensburg-Weingarten, Representing partner university</div>Kristihttp://courses.cs.taltech.ee/w/index.php?title=Cyber_security_research_excellence_course&diff=7786Cyber security research excellence course2018-11-26T10:29:01Z<p>Kristi: /* In 2018 */</p>
<hr />
<div>=Introduction=<br />
<br />
==Objective==<br />
<br />
The objective of the Cyber Security Research Excellence Course is to strengthen Estonia's position on international cyber security research excellence. The main purpose is to give our cyber security students a unique experience in academic research, working on industry-related projects, academic writing, and presenting the work to an international audience. This builds the basis for establishing long-term collaborations on an international level. The starting point for this will be working on some concrete projects in cyber security that build the basis for a MSc thesis, an academic career or industry collaboration.<br />
<br />
==Outcome==<br />
<br />
The students will write a paper to be published at a conference or in a journal on original research done over the year. They will gain experience in conducting research and academic writing, build international long-term collaborations with students and supervisors at TalTech University as well as the partner universities.<br />
<br />
==Partners==<br />
<br />
This course will take place in collaboration between three universities:<br />
* '''TalTech University''' (Estonia) [https://en.wikipedia.org/wiki/Tallinn_University_of_Technology]<br />
* '''University of Adelaide''' (Australia) [https://en.wikipedia.org/wiki/University_of_Adelaide]<br />
* '''University of Applied Sciences Ravensburg-Weingarten''' (Germany) [https://en.wikipedia.org/wiki/University_of_Applied_Sciences_Ravensburg-Weingarten]<br />
<br />
<br />
We cooperate with the following industry partners:<br />
* '''Tallink''' - the largest passenger and cargo shipping company in the Baltic Sea region [https://en.wikipedia.org/wiki/Tallink]<br />
* '''Avira Operations GmbH & Co.''' - Avira is German antivirus company offering security solutions against malware, viruses and spyware [https://en.wikipedia.org/wiki/Avira]<br />
<br />
=Organisation=<br />
<br />
==Timeline==<br />
<br />
It is expected from the students that they will actively "drive" the course, set their own milestones and be responsible for their progress. Throughout the course the students will be constantly mentored on a one-to-one basis. Furthermore, the students can get help from mentors participating in this collaboration, which currently includes academics working at the University of Adelaide, TalTech University and University of Applied Sciences Ravensburg-Weingarten.<br />
<br />
* '''October 2018''' Getting acquainted with the course<br />
* '''November - December 2018''' Signing up for the course, selecting the topic area, starting a literature review<br />
* '''January 2019''' Option to participate at Research Bootcamp at the University of Adelaide. Over the two weeks, you will be working closely together with mentors and you should find other participants interested in your research, ideally working in related areas, willing to support you over the year. Obviously, you should be willing to support them as well. Participation at the Research Bootcamp is not mandatory but a wonderful opportunity and we highly recommend. For travel support, it is possible to apply for the scholarship from Dora Plus Short-Term Study Mobility Measure. Read more about the scholarship: [https://www.ttu.ee/studying/phd-studies/programmes-6/dora-scholarships/ HERE]<br />
* '''February - May 2019''' Regular meetings with the supervisors. During the spring, the students will meet with the supervisors regularly and discusses progress and questions arising from the work. This also includes discussions on topics such as 'how to conduct a literature review', 'research methodology', 'how to select a conference or journal', etc. Also submitting a 1,000 word research abstract and initial findings to the ICR2019: 5th Interdisciplinary Cyber Research workshop. Submission of abstract is mandatory<br />
* '''June 2019''' Attend at ICR2019 and present (if accepted) ongoing research at the workshop<br />
* '''July 2019''' Option to participate at the Cyber Security Summer School C3S2019 “Blockchain and Quantum Cryptography” <br />
* '''Autumn 2019''' In the second half of the year we will more focus on analysing data, writing-up a paper using latex, etc<br />
* '''October 2019''' Poster presenting research methodology, and results<br />
* '''January 2020''' Research paper draft ready to submit to journal or conference<br />
<br />
<br />
Please note that semester at University of Tartu will not affect the eligibility for taking this course.<br />
<br />
==Research topics==<br />
<br />
Students are welcome to propose their own topics, or work with a supervisor on a per-defined topic. An initial list of per-defined projects include (list will be expanded over time):<br />
<br />
* '''Application of Machine Learning to the Cyber Security Problems''' <br />
In this project, the student(s) will apply machine learning algorithms to solve a cyber security problem which is mainly detecting a cyber attack in the selected network environment. There exist various publicly available datasets that include legitimate and attack records obtained from enterprise networks, SCADA systems, IoT networks, mobile systems. The student will select a problem domain (such as internal threat, IoT botnet, mobile malware, SCADA attacks) and create machine learning classifiers that discriminate attack records from legitimate ones with high accuracy detection rates. <br />
<br />
* '''Establishing an IoT Security Test Setup''' <br />
In this project, the student(s) will establish a test setup that resembles a realistic IoT network. The main goal is to launch the cyber attacks in the environment where the normal traffic is also simulated and create a dataset that can be used by the other researchers. This test setup can be also utilized in an attack-defence type of course and may enable us to deal with some research problems about cyber security exercises/games. <br />
<br />
* '''Establishing a SCADA Security Test Setup''' <br />
In this topic, the student(s) will create a test setup that includes physical/virtual components of SCADA networks. The main goal is to launch the cyber attacks in the environment where the normal traffic is also simulated and create a dataset that can be used by the other researchers. This test setup can be also utilized in an attack-defence type of course. The further study can be conducted for understanding how to create a totally virtual system that can be easily replicated for cyber security exercises. One other interesting question could be the comparison of the degree of fidelity provided by the physically established system and totally virtual one.<br />
<br />
* '''Conducting a Study in the Area of Cyber Doctrine Development'''<br />
On 14 June 2016 the defence ministers of NATO countries agreed to recognise cyberspace as a domain of warfare at that year’s Warsaw Summit. However, although now regarded as equal to operations on land, sea, air and space, cyber doctrine is still immature and developing. The production of coherent strategy is further hindered by a lack of alignment in a definition of cyberspace. In this topic, the student(s) will have an opportunity to study in this area. <br />
<br />
* '''Maritime Cyber Security''' <br />
In collaboration with Tallink we offer several projects on cyber security aspects of smart bridges or smart passenger desks. This project builds knowledge in secure system design, and penetration testing, risk analysis.<br />
<br />
* '''Projects in collaboration with Avira Operations''' <br />
Please find the complete list of project proposals here: [[Media:Avira-project-proposals.pdf|PDF]]<br />
<br />
==ECTS==<br />
<br />
The course is running through all 2019 and valued at 15 ECTS (6 ECTS for spring semester 2019, 6 ECTS for autumn semester 2019, 3 ECTS C3S Summer School).<br />
<br />
=Participants=<br />
<br />
==Target group==<br />
<br />
The course is targeted at Cyber Security MSc students, who have a strong interest in pursuing an academic career, conducting research, and publishing papers. Furthermore, we encourage MSc students to participate in this course in order to understand the more academic perspective early on and then join our PhD program and thereby strengthens Estonia's Cyber Security research.<br />
<br />
==Important dates and events==<br />
<br />
Please keep track of the following dates and deadlines:<br />
<br />
===In 2018===<br />
<br />
* Cyber Security Student Briefing on '''5 November 2018''' at 15:00 - 17:00. Venue: '''Auditorium U01-202 TalTech University main building''' (Ehitajate tee 5). Official launch of the course, briefing, possible to meet organisers and mentors, Q&A. Find the agenda: [https://www.ttu.ee/institutes/centre-for-digital-forensics-cyber-security/news-16/ HERE]. [[Media:2018-11-05_student_brief.pdf | Slides from 5th of Nov student brief]]<br />
* Sign up for the course by '''6 November 2018''' at 23:59. <br />
* Course eligibility will be determined based on interviews on '''7 November 2018''' For signing up for the course, please book an interview time: [https://doodle.com/poll/qyy7nskhxnp67xwu HERE] Interviews will take place in '''TalTech University ICT building''' (Akadeemia tee 15a) room '''ICT-420'''.<br />
* Option to participate at Cybersecurity University Industry Networking (CUIN) at Startup Week TLN on '''21 November 2018''' at 14:00 - 17:00. Venue: '''TalTech Mektory''' (Raja 15). CUIN is a cyber security industry and university networking event which will bring young researchers and practicing experts in the cyber domain closer to stimulate research and development collaboration between the University and Industry. More information about the event, agenda and registration [https://www.facebook.com/events/247219845956105/ HERE]<br />
* In case you want to apply for the scholarship for participating at the Research Bootcamp at the University of Adelaide, please submit all required documents electronically or on paper to Dora Plus Action 1 Coordinator Kaire Kaljuvee: kaire.kaljuvee[at]taltech.ee by '''7 December 2018''' at the latest. List of required documents and more information: [https://www.ttu.ee/studying/phd-studies/programmes-6/dora-scholarships/ HERE]<br />
<br />
''The list to be updated''<br />
<br />
===In 2019===<br />
* [[Adelaide Research Bootcamp 2019]] '''14 - 25 January 2019''' (optional)<br />
* Abstract submission deadline for ICR2019 '''15 April 2019''' (mandatory)<br />
* Notification if accepted for presenting at ICR2019 '''6 May 2019'''<br />
* ICR2019: 5th Interdisciplinary Cyber Research workshop '''29 June 2019''' at TalTech. More information about the event: [https://taltech.ee/institutes/centre-for-digital-forensics-cyber-security/news-16/icr2019-2 HERE] <br />
* Cyber Security Summer School C3S2019 “Blockchain and Quantum Cryptography” '''1 - 5 July 2019''' at University of Tartu (optional)<br />
<br />
''The list to be updated''<br />
<br />
=Administrative matters=<br />
<br />
==Contacts==<br />
<br />
* Kristi Ainen kristi.ainen[at]taltech.ee Project Manager at TalTech University, Administrative Support<br />
<br />
* Prof. Dr Olaf Maennel olaf.maenne[at]taltech.ee Professor of Cyber Security at TalTech University, Scientific Lead<br />
<br />
* Dr Matthew Sorell, University of Adelaide, Representing partner university, and Adjunct Professor in Digital Forensics at TalTech University<br />
<br />
* Prof. Dr Tobias Eggendorfer, University of Applied Sciences Ravensburg-Weingarten, Representing partner university</div>Kristihttp://courses.cs.taltech.ee/w/index.php?title=Adelaide_Research_Bootcamp_2019&diff=7782Adelaide Research Bootcamp 20192018-11-22T13:08:45Z<p>Kristi: /* Schedule */</p>
<hr />
<div>=Introduction=<br />
==Objective==<br />
This is a two-week face-to-face meeting in Adelaide, Australia hosted by University of Adelaide. During that time small international teams of students, with common research interests, will form. The purpose of those small groups is to have someone to actively discuss the research problem with — besides the mentors.<br />
<br />
==Goals==<br />
<br />
=Organisation=<br />
==Schedule==<br />
Bootcamp will take place '''14 - 25 January 2019'''<br />
<br />
Detailed schedule TBD<br />
<br />
=Practical=<br />
==Travel==<br />
<br />
==Accommodation==<br />
<br />
==Visa==<br />
To find out whether a visa is needed for your trip to Australia, please check at<br />
* [https://www.homeaffairs.gov.au/ https://www.homeaffairs.gov.au/]<br />
* In most cases a tourist visa is sufficient.<br />
* Please read the instructions on the visas carefully.<br />
<br />
==General advice==<br />
Note that Australia has different power plugs [https://www.tripadvisor.co.uk/Travel-g255055-c120179/Australia:Power.And.Appliances.html/ Aussie plug] than Europe. Make sure you have or buy a converter for your laptop.<br />
<br />
You will also be expected to bring your own laptop/tablet for your work.<br />
<br />
=Contacts=</div>Kristihttp://courses.cs.taltech.ee/w/index.php?title=Adelaide_Research_Bootcamp_2019&diff=7776Adelaide Research Bootcamp 20192018-11-22T09:27:07Z<p>Kristi: /* Objective */</p>
<hr />
<div>=Introduction=<br />
==Objective==<br />
This is a two-week face-to-face meeting in Adelaide, Australia hosted by University of Adelaide. During that time small international teams of students, with common research interests, will form. The purpose of those small groups is to have someone to actively discuss the research problem with — besides the mentors.<br />
<br />
==Goals==<br />
<br />
=Organisation=<br />
==Schedule==<br />
Bootcamp will take place '''14 - 24 January 2019'''<br />
<br />
Detailed schedule TBD<br />
<br />
=Practical=<br />
==Travel==<br />
<br />
==Accommodation==<br />
<br />
==Visa==<br />
To find out whether a visa is needed for your trip to Australia, please check at<br />
* [https://www.homeaffairs.gov.au/ https://www.homeaffairs.gov.au/]<br />
* In most cases a tourist visa is sufficient.<br />
* Please read the instructions on the visas carefully.<br />
<br />
==General advice==<br />
Note that Australia has different power plugs [https://www.tripadvisor.co.uk/Travel-g255055-c120179/Australia:Power.And.Appliances.html/ Aussie plug] than Europe. Make sure you have or buy a converter for your laptop.<br />
<br />
You will also be expected to bring your own laptop/tablet for your work.<br />
<br />
=Contacts=</div>Kristihttp://courses.cs.taltech.ee/w/index.php?title=Adelaide_Research_Bootcamp_2019&diff=7775Adelaide Research Bootcamp 20192018-11-22T09:26:57Z<p>Kristi: /* Objective */</p>
<hr />
<div>=Introduction=<br />
==Objective==<br />
This is a two-week face-to-face meeting in Adelaide hosted by University of Adelaide. During that time small international teams of students, with common research interests, will form. The purpose of those small groups is to have someone to actively discuss the research problem with — besides the mentors.<br />
<br />
==Goals==<br />
<br />
=Organisation=<br />
==Schedule==<br />
Bootcamp will take place '''14 - 24 January 2019'''<br />
<br />
Detailed schedule TBD<br />
<br />
=Practical=<br />
==Travel==<br />
<br />
==Accommodation==<br />
<br />
==Visa==<br />
To find out whether a visa is needed for your trip to Australia, please check at<br />
* [https://www.homeaffairs.gov.au/ https://www.homeaffairs.gov.au/]<br />
* In most cases a tourist visa is sufficient.<br />
* Please read the instructions on the visas carefully.<br />
<br />
==General advice==<br />
Note that Australia has different power plugs [https://www.tripadvisor.co.uk/Travel-g255055-c120179/Australia:Power.And.Appliances.html/ Aussie plug] than Europe. Make sure you have or buy a converter for your laptop.<br />
<br />
You will also be expected to bring your own laptop/tablet for your work.<br />
<br />
=Contacts=</div>Kristihttp://courses.cs.taltech.ee/w/index.php?title=Adelaide_Research_Bootcamp_2019&diff=7774Adelaide Research Bootcamp 20192018-11-22T08:49:26Z<p>Kristi: /* Objective */</p>
<hr />
<div>=Introduction=<br />
==Objective==<br />
This is a two-week face-to-face meeting in January 2018 in Adelaide hosted by University of Adelaide. During that time small international teams of students, with common research interests, will form. The purpose of those small groups is to have someone to actively discuss the research problem with — besides the mentors.<br />
<br />
==Goals==<br />
<br />
=Organisation=<br />
==Schedule==<br />
Bootcamp will take place '''14 - 24 January 2019'''<br />
<br />
Detailed schedule TBD<br />
<br />
=Practical=<br />
==Travel==<br />
<br />
==Accommodation==<br />
<br />
==Visa==<br />
To find out whether a visa is needed for your trip to Australia, please check at<br />
* [https://www.homeaffairs.gov.au/ https://www.homeaffairs.gov.au/]<br />
* In most cases a tourist visa is sufficient.<br />
* Please read the instructions on the visas carefully.<br />
<br />
==General advice==<br />
Note that Australia has different power plugs [https://www.tripadvisor.co.uk/Travel-g255055-c120179/Australia:Power.And.Appliances.html/ Aussie plug] than Europe. Make sure you have or buy a converter for your laptop.<br />
<br />
You will also be expected to bring your own laptop/tablet for your work.<br />
<br />
=Contacts=</div>Kristihttp://courses.cs.taltech.ee/w/index.php?title=Adelaide_Research_Bootcamp_2019&diff=7773Adelaide Research Bootcamp 20192018-11-22T08:48:31Z<p>Kristi: /* General advice */</p>
<hr />
<div>=Introduction=<br />
==Objective==<br />
This is a two-week face-to-face meeting in January 2018 in Adelaide hosted by University of Adelaide. During that time small international teams of students, with common research interests, will form. The purpose of those small groups is to have someone to actively discuss the research problem with — besides the mentors.<br />
<br />
=Organisation=<br />
==Schedule==<br />
Bootcamp will take place '''14 - 24 January 2019'''<br />
<br />
Detailed schedule TBD<br />
<br />
=Practical=<br />
==Travel==<br />
<br />
==Accommodation==<br />
<br />
==Visa==<br />
To find out whether a visa is needed for your trip to Australia, please check at<br />
* [https://www.homeaffairs.gov.au/ https://www.homeaffairs.gov.au/]<br />
* In most cases a tourist visa is sufficient.<br />
* Please read the instructions on the visas carefully.<br />
<br />
==General advice==<br />
Note that Australia has different power plugs [https://www.tripadvisor.co.uk/Travel-g255055-c120179/Australia:Power.And.Appliances.html/ Aussie plug] than Europe. Make sure you have or buy a converter for your laptop.<br />
<br />
You will also be expected to bring your own laptop/tablet for your work.<br />
<br />
=Contacts=</div>Kristihttp://courses.cs.taltech.ee/w/index.php?title=Adelaide_Research_Bootcamp_2019&diff=7772Adelaide Research Bootcamp 20192018-11-22T08:47:26Z<p>Kristi: /* Practical */</p>
<hr />
<div>=Introduction=<br />
==Objective==<br />
This is a two-week face-to-face meeting in January 2018 in Adelaide hosted by University of Adelaide. During that time small international teams of students, with common research interests, will form. The purpose of those small groups is to have someone to actively discuss the research problem with — besides the mentors.<br />
<br />
=Organisation=<br />
==Schedule==<br />
Bootcamp will take place '''14 - 24 January 2019'''<br />
<br />
Detailed schedule TBD<br />
<br />
=Practical=<br />
==Travel==<br />
<br />
==Accommodation==<br />
<br />
==Visa==<br />
To find out whether a visa is needed for your trip to Australia, please check at<br />
* [https://www.homeaffairs.gov.au/ https://www.homeaffairs.gov.au/]<br />
* In most cases a tourist visa is sufficient.<br />
* Please read the instructions on the visas carefully.<br />
<br />
==General advice==<br />
Note that Australia has different power plugs [Aussie-plug / https://www.tripadvisor.co.uk/Travel-g255055-c120179/Australia:Power.And.Appliances.html] than Europe. Make sure you have or buy a converter for your laptop.<br />
<br />
You will also be expected to bring your own laptop/tablet for your work.<br />
<br />
=Contacts=</div>Kristihttp://courses.cs.taltech.ee/w/index.php?title=Adelaide_Research_Bootcamp_2019&diff=7769Adelaide Research Bootcamp 20192018-11-22T08:44:46Z<p>Kristi: Uus lehekülg: '=Introduction= ==Objective== This is a two-week face-to-face meeting in January 2018 in Adelaide hosted by University of Adelaide. During that time small international teams of s...'</p>
<hr />
<div>=Introduction=<br />
==Objective==<br />
This is a two-week face-to-face meeting in January 2018 in Adelaide hosted by University of Adelaide. During that time small international teams of students, with common research interests, will form. The purpose of those small groups is to have someone to actively discuss the research problem with — besides the mentors.<br />
<br />
=Organisation=<br />
==Schedule==<br />
Bootcamp will take place '''14 - 24 January 2019'''<br />
<br />
Detailed schedule TBD<br />
<br />
=Practical=<br />
==Travel==<br />
<br />
==Accommodation==<br />
<br />
==Visa==<br />
To find out whether a visa is needed for your trip to Australia, please check at<br />
* [https://www.homeaffairs.gov.au/ https://www.homeaffairs.gov.au/]<br />
* In most cases a tourist visa is sufficient.<br />
* Please read the instructions on the visas carefully.<br />
<br />
<br />
=Contacts=</div>Kristihttp://courses.cs.taltech.ee/w/index.php?title=Cyber_security_research_excellence_course&diff=7768Cyber security research excellence course2018-11-22T08:35:17Z<p>Kristi: /* In 2019 */</p>
<hr />
<div>=Introduction=<br />
<br />
==Objective==<br />
<br />
The objective of the Cyber Security Research Excellence Course is to strengthen Estonia's position on international cyber security research excellence. The main purpose is to give our cyber security students a unique experience in academic research, working on industry-related projects, academic writing, and presenting the work to an international audience. This builds the basis for establishing long-term collaborations on an international level. The starting point for this will be working on some concrete projects in cyber security that build the basis for a MSc thesis, an academic career or industry collaboration.<br />
<br />
==Outcome==<br />
<br />
The students will write a paper to be published at a conference or in a journal on original research done over the year. They will gain experience in conducting research and academic writing, build international long-term collaborations with students and supervisors at TalTech University as well as the partner universities.<br />
<br />
==Partners==<br />
<br />
This course will take place in collaboration between three universities:<br />
* '''TalTech University''' (Estonia) [https://en.wikipedia.org/wiki/Tallinn_University_of_Technology]<br />
* '''University of Adelaide''' (Australia) [https://en.wikipedia.org/wiki/University_of_Adelaide]<br />
* '''University of Applied Sciences Ravensburg-Weingarten''' (Germany) [https://en.wikipedia.org/wiki/University_of_Applied_Sciences_Ravensburg-Weingarten]<br />
<br />
<br />
We cooperate with the following industry partners:<br />
* '''Tallink''' - the largest passenger and cargo shipping company in the Baltic Sea region [https://en.wikipedia.org/wiki/Tallink]<br />
* '''Avira Operations GmbH & Co.''' - Avira is German antivirus company offering security solutions against malware, viruses and spyware [https://en.wikipedia.org/wiki/Avira]<br />
<br />
=Organisation=<br />
<br />
==Timeline==<br />
<br />
It is expected from the students that they will actively "drive" the course, set their own milestones and be responsible for their progress. Throughout the course the students will be constantly mentored on a one-to-one basis. Furthermore, the students can get help from mentors participating in this collaboration, which currently includes academics working at the University of Adelaide, TalTech University and University of Applied Sciences Ravensburg-Weingarten.<br />
<br />
* '''October 2018''' Getting acquainted with the course<br />
* '''November - December 2018''' Signing up for the course, selecting the topic area, starting a literature review<br />
* '''January 2019''' Option to participate at Research Bootcamp at the University of Adelaide. Over the two weeks, you will be working closely together with mentors and you should find other participants interested in your research, ideally working in related areas, willing to support you over the year. Obviously, you should be willing to support them as well. Participation at the Research Bootcamp is not mandatory but a wonderful opportunity and we highly recommend. For travel support, it is possible to apply for the scholarship from Dora Plus Short-Term Study Mobility Measure. Read more about the scholarship: [https://www.ttu.ee/studying/phd-studies/programmes-6/dora-scholarships/ HERE]<br />
* '''February - May 2019''' Regular meetings with the supervisors. During the spring, the students will meet with the supervisors regularly and discusses progress and questions arising from the work. This also includes discussions on topics such as 'how to conduct a literature review', 'research methodology', 'how to select a conference or journal', etc. Also submitting a 1,000 word research abstract and initial findings to the ICR2019: 5th Interdisciplinary Cyber Research workshop. Submission of abstract is mandatory<br />
* '''June 2019''' Attend at ICR2019 and present (if accepted) ongoing research at the workshop<br />
* '''July 2019''' Option to participate at the Cyber Security Summer School C3S2019 “Blockchain and Quantum Cryptography” <br />
* '''Autumn 2019''' In the second half of the year we will more focus on analysing data, writing-up a paper using latex, etc<br />
* '''October 2019''' Poster presenting research methodology, and results<br />
* '''January 2020''' Research paper draft ready to submit to journal or conference<br />
<br />
<br />
Please note that semester at University of Tartu will not affect the eligibility for taking this course.<br />
<br />
==Research topics==<br />
<br />
Students are welcome to propose their own topics, or work with a supervisor on a per-defined topic. An initial list of per-defined projects include (list will be expanded over time):<br />
<br />
* '''Application of Machine Learning to the Cyber Security Problems''' <br />
In this project, the student(s) will apply machine learning algorithms to solve a cyber security problem which is mainly detecting a cyber attack in the selected network environment. There exist various publicly available datasets that include legitimate and attack records obtained from enterprise networks, SCADA systems, IoT networks, mobile systems. The student will select a problem domain (such as internal threat, IoT botnet, mobile malware, SCADA attacks) and create machine learning classifiers that discriminate attack records from legitimate ones with high accuracy detection rates. <br />
<br />
* '''Establishing an IoT Security Test Setup''' <br />
In this project, the student(s) will establish a test setup that resembles a realistic IoT network. The main goal is to launch the cyber attacks in the environment where the normal traffic is also simulated and create a dataset that can be used by the other researchers. This test setup can be also utilized in an attack-defence type of course and may enable us to deal with some research problems about cyber security exercises/games. <br />
<br />
* '''Establishing a SCADA Security Test Setup''' <br />
In this topic, the student(s) will create a test setup that includes physical/virtual components of SCADA networks. The main goal is to launch the cyber attacks in the environment where the normal traffic is also simulated and create a dataset that can be used by the other researchers. This test setup can be also utilized in an attack-defence type of course. The further study can be conducted for understanding how to create a totally virtual system that can be easily replicated for cyber security exercises. One other interesting question could be the comparison of the degree of fidelity provided by the physically established system and totally virtual one.<br />
<br />
* '''Conducting a Study in the Area of Cyber Doctrine Development'''<br />
On 14 June 2016 the defence ministers of NATO countries agreed to recognise cyberspace as a domain of warfare at that year’s Warsaw Summit. However, although now regarded as equal to operations on land, sea, air and space, cyber doctrine is still immature and developing. The production of coherent strategy is further hindered by a lack of alignment in a definition of cyberspace. In this topic, the student(s) will have an opportunity to study in this area. <br />
<br />
* '''Maritime Cyber Security''' <br />
In collaboration with Tallink we offer several projects on cyber security aspects of smart bridges or smart passenger desks. This project builds knowledge in secure system design, and penetration testing, risk analysis.<br />
<br />
* '''Projects in collaboration with Avira Operations''' <br />
Please find the complete list of project proposals here: [[Media:Avira-project-proposals.pdf|PDF]]<br />
<br />
==ECTS==<br />
<br />
The course is running through all 2019 and valued at 15 ECTS (6 ECTS for spring semester 2019, 6 ECTS for autumn semester 2019, 3 ECTS C3S Summer School).<br />
<br />
=Participants=<br />
<br />
==Target group==<br />
<br />
The course is targeted at Cyber Security MSc students, who have a strong interest in pursuing an academic career, conducting research, and publishing papers. Furthermore, we encourage MSc students to participate in this course in order to understand the more academic perspective early on and then join our PhD program and thereby strengthens Estonia's Cyber Security research.<br />
<br />
==Important dates and events==<br />
<br />
Please keep track of the following dates and deadlines:<br />
<br />
===In 2018===<br />
<br />
* Cyber Security Student Briefing on '''5 November 2018''' at 15:00 - 17:00. Venue: '''Auditorium U01-202 TalTech University main building''' (Ehitajate tee 5). Official launch of the course, briefing, possible to meet organisers and mentors, Q&A. Find the agenda: [https://www.ttu.ee/institutes/centre-for-digital-forensics-cyber-security/news-16/ HERE]<br />
* Sign up for the course by '''6 November 2018''' at 23:59. <br />
* Course eligibility will be determined based on interviews on '''7 November 2018''' For signing up for the course, please book an interview time: [https://doodle.com/poll/qyy7nskhxnp67xwu HERE] Interviews will take place in '''TalTech University ICT building''' (Akadeemia tee 15a) room '''ICT-420'''.<br />
* Option to participate at Cybersecurity University Industry Networking (CUIN) at Startup Week TLN on '''21 November 2018''' at 14:00 - 17:00. Venue: '''TalTech Mektory''' (Raja 15). CUIN is a cyber security industry and university networking event which will bring young researchers and practicing experts in the cyber domain closer to stimulate research and development collaboration between the University and Industry. More information about the event, agenda and registration [https://www.facebook.com/events/247219845956105/ HERE]<br />
* In case you want to apply for the scholarship for participating at the Research Bootcamp at the University of Adelaide, please submit all required documents electronically or on paper to Dora Plus Action 1 Coordinator Kaire Kaljuvee: kaire.kaljuvee[at]taltech.ee by '''7 December 2018''' at the latest. List of required documents and more information: [https://www.ttu.ee/studying/phd-studies/programmes-6/dora-scholarships/ HERE]<br />
<br />
''The list to be updated''<br />
<br />
===In 2019===<br />
* [[Adelaide Research Bootcamp 2019]] '''14 - 25 January 2019''' (optional)<br />
* Abstract submission deadline for ICR2019 '''15 April 2019''' (mandatory)<br />
* Notification if accepted for presenting at ICR2019 '''6 May 2019'''<br />
* ICR2019: 5th Interdisciplinary Cyber Research workshop '''29 June 2019''' at TalTech. More information about the event: [https://taltech.ee/institutes/centre-for-digital-forensics-cyber-security/news-16/icr2019-2 HERE] <br />
* Cyber Security Summer School C3S2019 “Blockchain and Quantum Cryptography” '''1 - 5 July 2019''' at University of Tartu (optional)<br />
<br />
''The list to be updated''<br />
<br />
=Administrative matters=<br />
<br />
==Contacts==<br />
<br />
* Kristi Ainen kristi.ainen[at]taltech.ee Project Manager at TalTech University, Administrative Support<br />
<br />
* Prof. Dr Olaf Maennel olaf.maenne[at]taltech.ee Professor of Cyber Security at TalTech University, Scientific Lead<br />
<br />
* Dr Matthew Sorell, University of Adelaide, Representing partner university, and Adjunct Professor in Digital Forensics at TalTech University<br />
<br />
* Prof. Dr Tobias Eggendorfer, University of Applied Sciences Ravensburg-Weingarten, Representing partner university</div>Kristihttp://courses.cs.taltech.ee/w/index.php?title=Cyber_security_research_excellence_course&diff=7767Cyber security research excellence course2018-11-22T08:22:08Z<p>Kristi: /* In 2019 */</p>
<hr />
<div>=Introduction=<br />
<br />
==Objective==<br />
<br />
The objective of the Cyber Security Research Excellence Course is to strengthen Estonia's position on international cyber security research excellence. The main purpose is to give our cyber security students a unique experience in academic research, working on industry-related projects, academic writing, and presenting the work to an international audience. This builds the basis for establishing long-term collaborations on an international level. The starting point for this will be working on some concrete projects in cyber security that build the basis for a MSc thesis, an academic career or industry collaboration.<br />
<br />
==Outcome==<br />
<br />
The students will write a paper to be published at a conference or in a journal on original research done over the year. They will gain experience in conducting research and academic writing, build international long-term collaborations with students and supervisors at TalTech University as well as the partner universities.<br />
<br />
==Partners==<br />
<br />
This course will take place in collaboration between three universities:<br />
* '''TalTech University''' (Estonia) [https://en.wikipedia.org/wiki/Tallinn_University_of_Technology]<br />
* '''University of Adelaide''' (Australia) [https://en.wikipedia.org/wiki/University_of_Adelaide]<br />
* '''University of Applied Sciences Ravensburg-Weingarten''' (Germany) [https://en.wikipedia.org/wiki/University_of_Applied_Sciences_Ravensburg-Weingarten]<br />
<br />
<br />
We cooperate with the following industry partners:<br />
* '''Tallink''' - the largest passenger and cargo shipping company in the Baltic Sea region [https://en.wikipedia.org/wiki/Tallink]<br />
* '''Avira Operations GmbH & Co.''' - Avira is German antivirus company offering security solutions against malware, viruses and spyware [https://en.wikipedia.org/wiki/Avira]<br />
<br />
=Organisation=<br />
<br />
==Timeline==<br />
<br />
It is expected from the students that they will actively "drive" the course, set their own milestones and be responsible for their progress. Throughout the course the students will be constantly mentored on a one-to-one basis. Furthermore, the students can get help from mentors participating in this collaboration, which currently includes academics working at the University of Adelaide, TalTech University and University of Applied Sciences Ravensburg-Weingarten.<br />
<br />
* '''October 2018''' Getting acquainted with the course<br />
* '''November - December 2018''' Signing up for the course, selecting the topic area, starting a literature review<br />
* '''January 2019''' Option to participate at Research Bootcamp at the University of Adelaide. Over the two weeks, you will be working closely together with mentors and you should find other participants interested in your research, ideally working in related areas, willing to support you over the year. Obviously, you should be willing to support them as well. Participation at the Research Bootcamp is not mandatory but a wonderful opportunity and we highly recommend. For travel support, it is possible to apply for the scholarship from Dora Plus Short-Term Study Mobility Measure. Read more about the scholarship: [https://www.ttu.ee/studying/phd-studies/programmes-6/dora-scholarships/ HERE]<br />
* '''February - May 2019''' Regular meetings with the supervisors. During the spring, the students will meet with the supervisors regularly and discusses progress and questions arising from the work. This also includes discussions on topics such as 'how to conduct a literature review', 'research methodology', 'how to select a conference or journal', etc. Also submitting a 1,000 word research abstract and initial findings to the ICR2019: 5th Interdisciplinary Cyber Research workshop. Submission of abstract is mandatory<br />
* '''June 2019''' Attend at ICR2019 and present (if accepted) ongoing research at the workshop<br />
* '''July 2019''' Option to participate at the Cyber Security Summer School C3S2019 “Blockchain and Quantum Cryptography” <br />
* '''Autumn 2019''' In the second half of the year we will more focus on analysing data, writing-up a paper using latex, etc<br />
* '''October 2019''' Poster presenting research methodology, and results<br />
* '''January 2020''' Research paper draft ready to submit to journal or conference<br />
<br />
<br />
Please note that semester at University of Tartu will not affect the eligibility for taking this course.<br />
<br />
==Research topics==<br />
<br />
Students are welcome to propose their own topics, or work with a supervisor on a per-defined topic. An initial list of per-defined projects include (list will be expanded over time):<br />
<br />
* '''Application of Machine Learning to the Cyber Security Problems''' <br />
In this project, the student(s) will apply machine learning algorithms to solve a cyber security problem which is mainly detecting a cyber attack in the selected network environment. There exist various publicly available datasets that include legitimate and attack records obtained from enterprise networks, SCADA systems, IoT networks, mobile systems. The student will select a problem domain (such as internal threat, IoT botnet, mobile malware, SCADA attacks) and create machine learning classifiers that discriminate attack records from legitimate ones with high accuracy detection rates. <br />
<br />
* '''Establishing an IoT Security Test Setup''' <br />
In this project, the student(s) will establish a test setup that resembles a realistic IoT network. The main goal is to launch the cyber attacks in the environment where the normal traffic is also simulated and create a dataset that can be used by the other researchers. This test setup can be also utilized in an attack-defence type of course and may enable us to deal with some research problems about cyber security exercises/games. <br />
<br />
* '''Establishing a SCADA Security Test Setup''' <br />
In this topic, the student(s) will create a test setup that includes physical/virtual components of SCADA networks. The main goal is to launch the cyber attacks in the environment where the normal traffic is also simulated and create a dataset that can be used by the other researchers. This test setup can be also utilized in an attack-defence type of course. The further study can be conducted for understanding how to create a totally virtual system that can be easily replicated for cyber security exercises. One other interesting question could be the comparison of the degree of fidelity provided by the physically established system and totally virtual one.<br />
<br />
* '''Conducting a Study in the Area of Cyber Doctrine Development'''<br />
On 14 June 2016 the defence ministers of NATO countries agreed to recognise cyberspace as a domain of warfare at that year’s Warsaw Summit. However, although now regarded as equal to operations on land, sea, air and space, cyber doctrine is still immature and developing. The production of coherent strategy is further hindered by a lack of alignment in a definition of cyberspace. In this topic, the student(s) will have an opportunity to study in this area. <br />
<br />
* '''Maritime Cyber Security''' <br />
In collaboration with Tallink we offer several projects on cyber security aspects of smart bridges or smart passenger desks. This project builds knowledge in secure system design, and penetration testing, risk analysis.<br />
<br />
* '''Projects in collaboration with Avira Operations''' <br />
Please find the complete list of project proposals here: [[Media:Avira-project-proposals.pdf|PDF]]<br />
<br />
==ECTS==<br />
<br />
The course is running through all 2019 and valued at 15 ECTS (6 ECTS for spring semester 2019, 6 ECTS for autumn semester 2019, 3 ECTS C3S Summer School).<br />
<br />
=Participants=<br />
<br />
==Target group==<br />
<br />
The course is targeted at Cyber Security MSc students, who have a strong interest in pursuing an academic career, conducting research, and publishing papers. Furthermore, we encourage MSc students to participate in this course in order to understand the more academic perspective early on and then join our PhD program and thereby strengthens Estonia's Cyber Security research.<br />
<br />
==Important dates and events==<br />
<br />
Please keep track of the following dates and deadlines:<br />
<br />
===In 2018===<br />
<br />
* Cyber Security Student Briefing on '''5 November 2018''' at 15:00 - 17:00. Venue: '''Auditorium U01-202 TalTech University main building''' (Ehitajate tee 5). Official launch of the course, briefing, possible to meet organisers and mentors, Q&A. Find the agenda: [https://www.ttu.ee/institutes/centre-for-digital-forensics-cyber-security/news-16/ HERE]<br />
* Sign up for the course by '''6 November 2018''' at 23:59. <br />
* Course eligibility will be determined based on interviews on '''7 November 2018''' For signing up for the course, please book an interview time: [https://doodle.com/poll/qyy7nskhxnp67xwu HERE] Interviews will take place in '''TalTech University ICT building''' (Akadeemia tee 15a) room '''ICT-420'''.<br />
* Option to participate at Cybersecurity University Industry Networking (CUIN) at Startup Week TLN on '''21 November 2018''' at 14:00 - 17:00. Venue: '''TalTech Mektory''' (Raja 15). CUIN is a cyber security industry and university networking event which will bring young researchers and practicing experts in the cyber domain closer to stimulate research and development collaboration between the University and Industry. More information about the event, agenda and registration [https://www.facebook.com/events/247219845956105/ HERE]<br />
* In case you want to apply for the scholarship for participating at the Research Bootcamp at the University of Adelaide, please submit all required documents electronically or on paper to Dora Plus Action 1 Coordinator Kaire Kaljuvee: kaire.kaljuvee[at]taltech.ee by '''7 December 2018''' at the latest. List of required documents and more information: [https://www.ttu.ee/studying/phd-studies/programmes-6/dora-scholarships/ HERE]<br />
<br />
''The list to be updated''<br />
<br />
===In 2019===<br />
* [[Adelaide Research Bootcamp 2019]] '''14 - 25 January 2019''' (optional). <br />
* Abstract submission deadline for ICR2019 '''15 April 2019''' (mandatory)<br />
* Notification if accepted for presenting at ICR2019 '''6 May 2019'''<br />
* ICR2019: 5th Interdisciplinary Cyber Research workshop '''29 June 2019''' at TalTech. More information about the event: [https://taltech.ee/institutes/centre-for-digital-forensics-cyber-security/news-16/icr2019-2 HERE] <br />
* Cyber Security Summer School C3S2019 “Blockchain and Quantum Cryptography” '''1 - 5 July 2019''' at University of Tartu (optional)<br />
<br />
''The list to be updated''<br />
<br />
=Administrative matters=<br />
<br />
==Contacts==<br />
<br />
* Kristi Ainen kristi.ainen[at]taltech.ee Project Manager at TalTech University, Administrative Support<br />
<br />
* Prof. Dr Olaf Maennel olaf.maenne[at]taltech.ee Professor of Cyber Security at TalTech University, Scientific Lead<br />
<br />
* Dr Matthew Sorell, University of Adelaide, Representing partner university, and Adjunct Professor in Digital Forensics at TalTech University<br />
<br />
* Prof. Dr Tobias Eggendorfer, University of Applied Sciences Ravensburg-Weingarten, Representing partner university</div>Kristihttp://courses.cs.taltech.ee/w/index.php?title=Cyber_security_research_excellence_course&diff=7766Cyber security research excellence course2018-11-22T08:07:51Z<p>Kristi: /* In 2019 */</p>
<hr />
<div>=Introduction=<br />
<br />
==Objective==<br />
<br />
The objective of the Cyber Security Research Excellence Course is to strengthen Estonia's position on international cyber security research excellence. The main purpose is to give our cyber security students a unique experience in academic research, working on industry-related projects, academic writing, and presenting the work to an international audience. This builds the basis for establishing long-term collaborations on an international level. The starting point for this will be working on some concrete projects in cyber security that build the basis for a MSc thesis, an academic career or industry collaboration.<br />
<br />
==Outcome==<br />
<br />
The students will write a paper to be published at a conference or in a journal on original research done over the year. They will gain experience in conducting research and academic writing, build international long-term collaborations with students and supervisors at TalTech University as well as the partner universities.<br />
<br />
==Partners==<br />
<br />
This course will take place in collaboration between three universities:<br />
* '''TalTech University''' (Estonia) [https://en.wikipedia.org/wiki/Tallinn_University_of_Technology]<br />
* '''University of Adelaide''' (Australia) [https://en.wikipedia.org/wiki/University_of_Adelaide]<br />
* '''University of Applied Sciences Ravensburg-Weingarten''' (Germany) [https://en.wikipedia.org/wiki/University_of_Applied_Sciences_Ravensburg-Weingarten]<br />
<br />
<br />
We cooperate with the following industry partners:<br />
* '''Tallink''' - the largest passenger and cargo shipping company in the Baltic Sea region [https://en.wikipedia.org/wiki/Tallink]<br />
* '''Avira Operations GmbH & Co.''' - Avira is German antivirus company offering security solutions against malware, viruses and spyware [https://en.wikipedia.org/wiki/Avira]<br />
<br />
=Organisation=<br />
<br />
==Timeline==<br />
<br />
It is expected from the students that they will actively "drive" the course, set their own milestones and be responsible for their progress. Throughout the course the students will be constantly mentored on a one-to-one basis. Furthermore, the students can get help from mentors participating in this collaboration, which currently includes academics working at the University of Adelaide, TalTech University and University of Applied Sciences Ravensburg-Weingarten.<br />
<br />
* '''October 2018''' Getting acquainted with the course<br />
* '''November - December 2018''' Signing up for the course, selecting the topic area, starting a literature review<br />
* '''January 2019''' Option to participate at Research Bootcamp at the University of Adelaide. Over the two weeks, you will be working closely together with mentors and you should find other participants interested in your research, ideally working in related areas, willing to support you over the year. Obviously, you should be willing to support them as well. Participation at the Research Bootcamp is not mandatory but a wonderful opportunity and we highly recommend. For travel support, it is possible to apply for the scholarship from Dora Plus Short-Term Study Mobility Measure. Read more about the scholarship: [https://www.ttu.ee/studying/phd-studies/programmes-6/dora-scholarships/ HERE]<br />
* '''February - May 2019''' Regular meetings with the supervisors. During the spring, the students will meet with the supervisors regularly and discusses progress and questions arising from the work. This also includes discussions on topics such as 'how to conduct a literature review', 'research methodology', 'how to select a conference or journal', etc. Also submitting a 1,000 word research abstract and initial findings to the ICR2019: 5th Interdisciplinary Cyber Research workshop. Submission of abstract is mandatory<br />
* '''June 2019''' Attend at ICR2019 and present (if accepted) ongoing research at the workshop<br />
* '''July 2019''' Option to participate at the Cyber Security Summer School C3S2019 “Blockchain and Quantum Cryptography” <br />
* '''Autumn 2019''' In the second half of the year we will more focus on analysing data, writing-up a paper using latex, etc<br />
* '''October 2019''' Poster presenting research methodology, and results<br />
* '''January 2020''' Research paper draft ready to submit to journal or conference<br />
<br />
<br />
Please note that semester at University of Tartu will not affect the eligibility for taking this course.<br />
<br />
==Research topics==<br />
<br />
Students are welcome to propose their own topics, or work with a supervisor on a per-defined topic. An initial list of per-defined projects include (list will be expanded over time):<br />
<br />
* '''Application of Machine Learning to the Cyber Security Problems''' <br />
In this project, the student(s) will apply machine learning algorithms to solve a cyber security problem which is mainly detecting a cyber attack in the selected network environment. There exist various publicly available datasets that include legitimate and attack records obtained from enterprise networks, SCADA systems, IoT networks, mobile systems. The student will select a problem domain (such as internal threat, IoT botnet, mobile malware, SCADA attacks) and create machine learning classifiers that discriminate attack records from legitimate ones with high accuracy detection rates. <br />
<br />
* '''Establishing an IoT Security Test Setup''' <br />
In this project, the student(s) will establish a test setup that resembles a realistic IoT network. The main goal is to launch the cyber attacks in the environment where the normal traffic is also simulated and create a dataset that can be used by the other researchers. This test setup can be also utilized in an attack-defence type of course and may enable us to deal with some research problems about cyber security exercises/games. <br />
<br />
* '''Establishing a SCADA Security Test Setup''' <br />
In this topic, the student(s) will create a test setup that includes physical/virtual components of SCADA networks. The main goal is to launch the cyber attacks in the environment where the normal traffic is also simulated and create a dataset that can be used by the other researchers. This test setup can be also utilized in an attack-defence type of course. The further study can be conducted for understanding how to create a totally virtual system that can be easily replicated for cyber security exercises. One other interesting question could be the comparison of the degree of fidelity provided by the physically established system and totally virtual one.<br />
<br />
* '''Conducting a Study in the Area of Cyber Doctrine Development'''<br />
On 14 June 2016 the defence ministers of NATO countries agreed to recognise cyberspace as a domain of warfare at that year’s Warsaw Summit. However, although now regarded as equal to operations on land, sea, air and space, cyber doctrine is still immature and developing. The production of coherent strategy is further hindered by a lack of alignment in a definition of cyberspace. In this topic, the student(s) will have an opportunity to study in this area. <br />
<br />
* '''Maritime Cyber Security''' <br />
In collaboration with Tallink we offer several projects on cyber security aspects of smart bridges or smart passenger desks. This project builds knowledge in secure system design, and penetration testing, risk analysis.<br />
<br />
* '''Projects in collaboration with Avira Operations''' <br />
Please find the complete list of project proposals here: [[Media:Avira-project-proposals.pdf|PDF]]<br />
<br />
==ECTS==<br />
<br />
The course is running through all 2019 and valued at 15 ECTS (6 ECTS for spring semester 2019, 6 ECTS for autumn semester 2019, 3 ECTS C3S Summer School).<br />
<br />
=Participants=<br />
<br />
==Target group==<br />
<br />
The course is targeted at Cyber Security MSc students, who have a strong interest in pursuing an academic career, conducting research, and publishing papers. Furthermore, we encourage MSc students to participate in this course in order to understand the more academic perspective early on and then join our PhD program and thereby strengthens Estonia's Cyber Security research.<br />
<br />
==Important dates and events==<br />
<br />
Please keep track of the following dates and deadlines:<br />
<br />
===In 2018===<br />
<br />
* Cyber Security Student Briefing on '''5 November 2018''' at 15:00 - 17:00. Venue: '''Auditorium U01-202 TalTech University main building''' (Ehitajate tee 5). Official launch of the course, briefing, possible to meet organisers and mentors, Q&A. Find the agenda: [https://www.ttu.ee/institutes/centre-for-digital-forensics-cyber-security/news-16/ HERE]<br />
* Sign up for the course by '''6 November 2018''' at 23:59. <br />
* Course eligibility will be determined based on interviews on '''7 November 2018''' For signing up for the course, please book an interview time: [https://doodle.com/poll/qyy7nskhxnp67xwu HERE] Interviews will take place in '''TalTech University ICT building''' (Akadeemia tee 15a) room '''ICT-420'''.<br />
* Option to participate at Cybersecurity University Industry Networking (CUIN) at Startup Week TLN on '''21 November 2018''' at 14:00 - 17:00. Venue: '''TalTech Mektory''' (Raja 15). CUIN is a cyber security industry and university networking event which will bring young researchers and practicing experts in the cyber domain closer to stimulate research and development collaboration between the University and Industry. More information about the event, agenda and registration [https://www.facebook.com/events/247219845956105/ HERE]<br />
* In case you want to apply for the scholarship for participating at the Research Bootcamp at the University of Adelaide, please submit all required documents electronically or on paper to Dora Plus Action 1 Coordinator Kaire Kaljuvee: kaire.kaljuvee[at]taltech.ee by '''7 December 2018''' at the latest. List of required documents and more information: [https://www.ttu.ee/studying/phd-studies/programmes-6/dora-scholarships/ HERE]<br />
<br />
''The list to be updated''<br />
<br />
===In 2019===<br />
* Research Bootcamp at the University of Adelaide '''14 - 25 January 2019''' (optional). <br />
* Abstract submission deadline for ICR2019 '''15 April 2019''' (mandatory)<br />
* Notification if accepted for presenting at ICR2019 '''6 May 2019'''<br />
* ICR2019: 5th Interdisciplinary Cyber Research workshop '''29 June 2019''' at TalTech. More information about the event: [https://taltech.ee/institutes/centre-for-digital-forensics-cyber-security/news-16/icr2019-2 HERE] <br />
* Cyber Security Summer School C3S2019 “Blockchain and Quantum Cryptography” '''1 - 5 July 2019''' at University of Tartu (optional)<br />
<br />
''The list to be updated''<br />
<br />
=Administrative matters=<br />
<br />
==Contacts==<br />
<br />
* Kristi Ainen kristi.ainen[at]taltech.ee Project Manager at TalTech University, Administrative Support<br />
<br />
* Prof. Dr Olaf Maennel olaf.maenne[at]taltech.ee Professor of Cyber Security at TalTech University, Scientific Lead<br />
<br />
* Dr Matthew Sorell, University of Adelaide, Representing partner university, and Adjunct Professor in Digital Forensics at TalTech University<br />
<br />
* Prof. Dr Tobias Eggendorfer, University of Applied Sciences Ravensburg-Weingarten, Representing partner university</div>Kristihttp://courses.cs.taltech.ee/w/index.php?title=Cyber_security_research_excellence_course&diff=7724Cyber security research excellence course2018-11-09T12:17:25Z<p>Kristi: /* In 2019 */</p>
<hr />
<div>=Introduction=<br />
<br />
==Objective==<br />
<br />
The objective of the Cyber Security Research Excellence Course is to strengthen Estonia's position on international cyber security research excellence. The main purpose is to give our cyber security students a unique experience in academic research, working on industry-related projects, academic writing, and presenting the work to an international audience. This builds the basis for establishing long-term collaborations on an international level. The starting point for this will be working on some concrete projects in cyber security that build the basis for a MSc thesis, an academic career or industry collaboration.<br />
<br />
==Outcome==<br />
<br />
The students will write a paper to be published at a conference or in a journal on original research done over the year. They will gain experience in conducting research and academic writing, build international long-term collaborations with students and supervisors at TalTech University as well as the partner universities.<br />
<br />
==Partners==<br />
<br />
This course will take place in collaboration between three universities:<br />
* '''TalTech University''' (Estonia) [https://en.wikipedia.org/wiki/Tallinn_University_of_Technology]<br />
* '''University of Adelaide''' (Australia) [https://en.wikipedia.org/wiki/University_of_Adelaide]<br />
* '''University of Applied Sciences Ravensburg-Weingarten''' (Germany) [https://en.wikipedia.org/wiki/University_of_Applied_Sciences_Ravensburg-Weingarten]<br />
<br />
<br />
We cooperate with the following industry partners:<br />
* '''Tallink''' - the largest passenger and cargo shipping company in the Baltic Sea region [https://en.wikipedia.org/wiki/Tallink]<br />
* '''Avira Operations GmbH & Co.''' - Avira is German antivirus company offering security solutions against malware, viruses and spyware [https://en.wikipedia.org/wiki/Avira]<br />
<br />
=Organisation=<br />
<br />
==Timeline==<br />
<br />
It is expected from the students that they will actively "drive" the course, set their own milestones and be responsible for their progress. Throughout the course the students will be constantly mentored on a one-to-one basis. Furthermore, the students can get help from mentors participating in this collaboration, which currently includes academics working at the University of Adelaide, TalTech University and University of Applied Sciences Ravensburg-Weingarten.<br />
<br />
* '''October 2018''' Getting acquainted with the course<br />
* '''November - December 2018''' Signing up for the course, selecting the topic area, starting a literature review<br />
* '''January 2019''' Option to participate at Research Bootcamp at the University of Adelaide. Over the two weeks, you will be working closely together with mentors and you should find other participants interested in your research, ideally working in related areas, willing to support you over the year. Obviously, you should be willing to support them as well. Participation at the Research Bootcamp is not mandatory but a wonderful opportunity and we highly recommend. For travel support, it is possible to apply for the scholarship from Dora Plus Short-Term Study Mobility Measure. Read more about the scholarship: [https://www.ttu.ee/studying/phd-studies/programmes-6/dora-scholarships/ HERE]<br />
* '''February - May 2019''' Regular meetings with the supervisors. During the spring, the students will meet with the supervisors regularly and discusses progress and questions arising from the work. This also includes discussions on topics such as 'how to conduct a literature review', 'research methodology', 'how to select a conference or journal', etc. Also submitting a 1,000 word research abstract and initial findings to the ICR2019: 5th Interdisciplinary Cyber Research workshop. Submission of abstract is mandatory<br />
* '''June 2019''' Attend at ICR2019 and present (if accepted) ongoing research at the workshop<br />
* '''July 2019''' Option to participate at the Cyber Security Summer School C3S2019 “Blockchain and Quantum Cryptography” <br />
* '''Autumn 2019''' In the second half of the year we will more focus on analysing data, writing-up a paper using latex, etc<br />
* '''October 2019''' Poster presenting research methodology, and results<br />
* '''January 2020''' Research paper draft ready to submit to journal or conference<br />
<br />
<br />
Please note that semester at University of Tartu will not affect the eligibility for taking this course.<br />
<br />
==Research topics==<br />
<br />
Students are welcome to propose their own topics, or work with a supervisor on a per-defined topic. An initial list of per-defined projects include (list will be expanded over time):<br />
<br />
* '''Application of Machine Learning to the Cyber Security Problems''' <br />
In this project, the student(s) will apply machine learning algorithms to solve a cyber security problem which is mainly detecting a cyber attack in the selected network environment. There exist various publicly available datasets that include legitimate and attack records obtained from enterprise networks, SCADA systems, IoT networks, mobile systems. The student will select a problem domain (such as internal threat, IoT botnet, mobile malware, SCADA attacks) and create machine learning classifiers that discriminate attack records from legitimate ones with high accuracy detection rates. <br />
<br />
* '''Establishing an IoT Security Test Setup''' <br />
In this project, the student(s) will establish a test setup that resembles a realistic IoT network. The main goal is to launch the cyber attacks in the environment where the normal traffic is also simulated and create a dataset that can be used by the other researchers. This test setup can be also utilized in an attack-defence type of course and may enable us to deal with some research problems about cyber security exercises/games. <br />
<br />
* '''Establishing a SCADA Security Test Setup''' <br />
In this topic, the student(s) will create a test setup that includes physical/virtual components of SCADA networks. The main goal is to launch the cyber attacks in the environment where the normal traffic is also simulated and create a dataset that can be used by the other researchers. This test setup can be also utilized in an attack-defence type of course. The further study can be conducted for understanding how to create a totally virtual system that can be easily replicated for cyber security exercises. One other interesting question could be the comparison of the degree of fidelity provided by the physically established system and totally virtual one.<br />
<br />
* '''Conducting a Study in the Area of Cyber Doctrine Development'''<br />
On 14 June 2016 the defence ministers of NATO countries agreed to recognise cyberspace as a domain of warfare at that year’s Warsaw Summit. However, although now regarded as equal to operations on land, sea, air and space, cyber doctrine is still immature and developing. The production of coherent strategy is further hindered by a lack of alignment in a definition of cyberspace. In this topic, the student(s) will have an opportunity to study in this area. <br />
<br />
* '''Maritime Cyber Security''' <br />
In collaboration with Tallink we offer several projects on cyber security aspects of smart bridges or smart passenger desks. This project builds knowledge in secure system design, and penetration testing, risk analysis.<br />
<br />
* '''Projects in collaboration with Avira Operations''' <br />
Please find the complete list of project proposals here: [[Media:Avira-project-proposals.pdf|PDF]]<br />
<br />
==ECTS==<br />
<br />
The course is running through all 2019 and valued at 15 ECTS (6 ECTS for spring semester 2019, 6 ECTS for autumn semester 2019, 3 ECTS C3S Summer School).<br />
<br />
=Participants=<br />
<br />
==Target group==<br />
<br />
The course is targeted at Cyber Security MSc students, who have a strong interest in pursuing an academic career, conducting research, and publishing papers. Furthermore, we encourage MSc students to participate in this course in order to understand the more academic perspective early on and then join our PhD program and thereby strengthens Estonia's Cyber Security research.<br />
<br />
==Important dates and events==<br />
<br />
Please keep track of the following dates and deadlines:<br />
<br />
===In 2018===<br />
<br />
* Cyber Security Student Briefing on '''5 November 2018''' at 15:00 - 17:00. Venue: '''Auditorium U01-202 TalTech University main building''' (Ehitajate tee 5). Official launch of the course, briefing, possible to meet organisers and mentors, Q&A. Find the agenda: [https://www.ttu.ee/institutes/centre-for-digital-forensics-cyber-security/news-16/ HERE]<br />
* Sign up for the course by '''6 November 2018''' at 23:59. <br />
* Course eligibility will be determined based on interviews on '''7 November 2018''' For signing up for the course, please book an interview time: [https://doodle.com/poll/qyy7nskhxnp67xwu HERE] Interviews will take place in '''TalTech University ICT building''' (Akadeemia tee 15a) room '''ICT-420'''.<br />
* Option to participate at Cybersecurity University Industry Networking (CUIN) at Startup Week TLN on '''21 November 2018''' at 14:00 - 17:00. Venue: '''TalTech Mektory''' (Raja 15). CUIN is a cyber security industry and university networking event which will bring young researchers and practicing experts in the cyber domain closer to stimulate research and development collaboration between the University and Industry. More information about the event, agenda and registration [https://www.facebook.com/events/247219845956105/ HERE]<br />
* In case you want to apply for the scholarship for participating at the Research Bootcamp at the University of Adelaide, please submit all required documents electronically or on paper to Dora Plus Action 1 Coordinator Kaire Kaljuvee: kaire.kaljuvee[at]taltech.ee by '''7 December 2018''' at the latest. List of required documents and more information: [https://www.ttu.ee/studying/phd-studies/programmes-6/dora-scholarships/ HERE]<br />
<br />
''The list to be updated''<br />
<br />
===In 2019===<br />
* Research Bootcamp at the University of Adelaide '''14 - 25 January 2019''' (optional)<br />
* Abstract submission deadline for ICR2019 '''15 April 2019''' (mandatory)<br />
* Notification if accepted for presenting at ICR2019 '''6 May 2019'''<br />
* ICR2019: 5th Interdisciplinary Cyber Research workshop '''29 June 2019''' at TalTech. More information about the event: [https://taltech.ee/institutes/centre-for-digital-forensics-cyber-security/news-16/icr2019-2 HERE] <br />
* Cyber Security Summer School C3S2019 “Blockchain and Quantum Cryptography” '''1 - 5 July 2019''' at University of Tartu (optional)<br />
<br />
''The list to be updated''<br />
<br />
=Administrative matters=<br />
<br />
==Contacts==<br />
<br />
* Kristi Ainen kristi.ainen[at]taltech.ee Project Manager at TalTech University, Administrative Support<br />
<br />
* Prof. Dr Olaf Maennel olaf.maenne[at]taltech.ee Professor of Cyber Security at TalTech University, Scientific Lead<br />
<br />
* Dr Matthew Sorell, University of Adelaide, Representing partner university, and Adjunct Professor in Digital Forensics at TalTech University<br />
<br />
* Prof. Dr Tobias Eggendorfer, University of Applied Sciences Ravensburg-Weingarten, Representing partner university</div>Kristihttp://courses.cs.taltech.ee/w/index.php?title=Cyber_security_research_excellence_course&diff=7723Cyber security research excellence course2018-11-09T12:13:40Z<p>Kristi: /* In 2018 */</p>
<hr />
<div>=Introduction=<br />
<br />
==Objective==<br />
<br />
The objective of the Cyber Security Research Excellence Course is to strengthen Estonia's position on international cyber security research excellence. The main purpose is to give our cyber security students a unique experience in academic research, working on industry-related projects, academic writing, and presenting the work to an international audience. This builds the basis for establishing long-term collaborations on an international level. The starting point for this will be working on some concrete projects in cyber security that build the basis for a MSc thesis, an academic career or industry collaboration.<br />
<br />
==Outcome==<br />
<br />
The students will write a paper to be published at a conference or in a journal on original research done over the year. They will gain experience in conducting research and academic writing, build international long-term collaborations with students and supervisors at TalTech University as well as the partner universities.<br />
<br />
==Partners==<br />
<br />
This course will take place in collaboration between three universities:<br />
* '''TalTech University''' (Estonia) [https://en.wikipedia.org/wiki/Tallinn_University_of_Technology]<br />
* '''University of Adelaide''' (Australia) [https://en.wikipedia.org/wiki/University_of_Adelaide]<br />
* '''University of Applied Sciences Ravensburg-Weingarten''' (Germany) [https://en.wikipedia.org/wiki/University_of_Applied_Sciences_Ravensburg-Weingarten]<br />
<br />
<br />
We cooperate with the following industry partners:<br />
* '''Tallink''' - the largest passenger and cargo shipping company in the Baltic Sea region [https://en.wikipedia.org/wiki/Tallink]<br />
* '''Avira Operations GmbH & Co.''' - Avira is German antivirus company offering security solutions against malware, viruses and spyware [https://en.wikipedia.org/wiki/Avira]<br />
<br />
=Organisation=<br />
<br />
==Timeline==<br />
<br />
It is expected from the students that they will actively "drive" the course, set their own milestones and be responsible for their progress. Throughout the course the students will be constantly mentored on a one-to-one basis. Furthermore, the students can get help from mentors participating in this collaboration, which currently includes academics working at the University of Adelaide, TalTech University and University of Applied Sciences Ravensburg-Weingarten.<br />
<br />
* '''October 2018''' Getting acquainted with the course<br />
* '''November - December 2018''' Signing up for the course, selecting the topic area, starting a literature review<br />
* '''January 2019''' Option to participate at Research Bootcamp at the University of Adelaide. Over the two weeks, you will be working closely together with mentors and you should find other participants interested in your research, ideally working in related areas, willing to support you over the year. Obviously, you should be willing to support them as well. Participation at the Research Bootcamp is not mandatory but a wonderful opportunity and we highly recommend. For travel support, it is possible to apply for the scholarship from Dora Plus Short-Term Study Mobility Measure. Read more about the scholarship: [https://www.ttu.ee/studying/phd-studies/programmes-6/dora-scholarships/ HERE]<br />
* '''February - May 2019''' Regular meetings with the supervisors. During the spring, the students will meet with the supervisors regularly and discusses progress and questions arising from the work. This also includes discussions on topics such as 'how to conduct a literature review', 'research methodology', 'how to select a conference or journal', etc. Also submitting a 1,000 word research abstract and initial findings to the ICR2019: 5th Interdisciplinary Cyber Research workshop. Submission of abstract is mandatory<br />
* '''June 2019''' Attend at ICR2019 and present (if accepted) ongoing research at the workshop<br />
* '''July 2019''' Option to participate at the Cyber Security Summer School C3S2019 “Blockchain and Quantum Cryptography” <br />
* '''Autumn 2019''' In the second half of the year we will more focus on analysing data, writing-up a paper using latex, etc<br />
* '''October 2019''' Poster presenting research methodology, and results<br />
* '''January 2020''' Research paper draft ready to submit to journal or conference<br />
<br />
<br />
Please note that semester at University of Tartu will not affect the eligibility for taking this course.<br />
<br />
==Research topics==<br />
<br />
Students are welcome to propose their own topics, or work with a supervisor on a per-defined topic. An initial list of per-defined projects include (list will be expanded over time):<br />
<br />
* '''Application of Machine Learning to the Cyber Security Problems''' <br />
In this project, the student(s) will apply machine learning algorithms to solve a cyber security problem which is mainly detecting a cyber attack in the selected network environment. There exist various publicly available datasets that include legitimate and attack records obtained from enterprise networks, SCADA systems, IoT networks, mobile systems. The student will select a problem domain (such as internal threat, IoT botnet, mobile malware, SCADA attacks) and create machine learning classifiers that discriminate attack records from legitimate ones with high accuracy detection rates. <br />
<br />
* '''Establishing an IoT Security Test Setup''' <br />
In this project, the student(s) will establish a test setup that resembles a realistic IoT network. The main goal is to launch the cyber attacks in the environment where the normal traffic is also simulated and create a dataset that can be used by the other researchers. This test setup can be also utilized in an attack-defence type of course and may enable us to deal with some research problems about cyber security exercises/games. <br />
<br />
* '''Establishing a SCADA Security Test Setup''' <br />
In this topic, the student(s) will create a test setup that includes physical/virtual components of SCADA networks. The main goal is to launch the cyber attacks in the environment where the normal traffic is also simulated and create a dataset that can be used by the other researchers. This test setup can be also utilized in an attack-defence type of course. The further study can be conducted for understanding how to create a totally virtual system that can be easily replicated for cyber security exercises. One other interesting question could be the comparison of the degree of fidelity provided by the physically established system and totally virtual one.<br />
<br />
* '''Conducting a Study in the Area of Cyber Doctrine Development'''<br />
On 14 June 2016 the defence ministers of NATO countries agreed to recognise cyberspace as a domain of warfare at that year’s Warsaw Summit. However, although now regarded as equal to operations on land, sea, air and space, cyber doctrine is still immature and developing. The production of coherent strategy is further hindered by a lack of alignment in a definition of cyberspace. In this topic, the student(s) will have an opportunity to study in this area. <br />
<br />
* '''Maritime Cyber Security''' <br />
In collaboration with Tallink we offer several projects on cyber security aspects of smart bridges or smart passenger desks. This project builds knowledge in secure system design, and penetration testing, risk analysis.<br />
<br />
* '''Projects in collaboration with Avira Operations''' <br />
Please find the complete list of project proposals here: [[Media:Avira-project-proposals.pdf|PDF]]<br />
<br />
==ECTS==<br />
<br />
The course is running through all 2019 and valued at 15 ECTS (6 ECTS for spring semester 2019, 6 ECTS for autumn semester 2019, 3 ECTS C3S Summer School).<br />
<br />
=Participants=<br />
<br />
==Target group==<br />
<br />
The course is targeted at Cyber Security MSc students, who have a strong interest in pursuing an academic career, conducting research, and publishing papers. Furthermore, we encourage MSc students to participate in this course in order to understand the more academic perspective early on and then join our PhD program and thereby strengthens Estonia's Cyber Security research.<br />
<br />
==Important dates and events==<br />
<br />
Please keep track of the following dates and deadlines:<br />
<br />
===In 2018===<br />
<br />
* Cyber Security Student Briefing on '''5 November 2018''' at 15:00 - 17:00. Venue: '''Auditorium U01-202 TalTech University main building''' (Ehitajate tee 5). Official launch of the course, briefing, possible to meet organisers and mentors, Q&A. Find the agenda: [https://www.ttu.ee/institutes/centre-for-digital-forensics-cyber-security/news-16/ HERE]<br />
* Sign up for the course by '''6 November 2018''' at 23:59. <br />
* Course eligibility will be determined based on interviews on '''7 November 2018''' For signing up for the course, please book an interview time: [https://doodle.com/poll/qyy7nskhxnp67xwu HERE] Interviews will take place in '''TalTech University ICT building''' (Akadeemia tee 15a) room '''ICT-420'''.<br />
* Option to participate at Cybersecurity University Industry Networking (CUIN) at Startup Week TLN on '''21 November 2018''' at 14:00 - 17:00. Venue: '''TalTech Mektory''' (Raja 15). CUIN is a cyber security industry and university networking event which will bring young researchers and practicing experts in the cyber domain closer to stimulate research and development collaboration between the University and Industry. More information about the event, agenda and registration [https://www.facebook.com/events/247219845956105/ HERE]<br />
* In case you want to apply for the scholarship for participating at the Research Bootcamp at the University of Adelaide, please submit all required documents electronically or on paper to Dora Plus Action 1 Coordinator Kaire Kaljuvee: kaire.kaljuvee[at]taltech.ee by '''7 December 2018''' at the latest. List of required documents and more information: [https://www.ttu.ee/studying/phd-studies/programmes-6/dora-scholarships/ HERE]<br />
<br />
''The list to be updated''<br />
<br />
===In 2019===<br />
* Research Bootcamp at the University of Adelaide '''14 - 25 January 2019''' (optional)<br />
* Abstract submission deadline for ICR2019 '''15 April 2019''' (mandatory)<br />
* Notification if accepted for presenting at ICR2019 '''6 May 2019'''<br />
* ICR2019: 5th Interdisciplinary Cyber Research workshop '''29 June 2019''' at TalTech. More information about the event: [https://taltech.ee/institutes/centre-for-digital-forensics-cyber-security/news-16/icr2019-2 HERE] <br />
* Optional Cyber Security Summer School C3S2019 “Blockchain and Quantum Cryptography” '''1 - 5 July 2019''' at University of Tartu<br />
<br />
''The list to be updated''<br />
<br />
=Administrative matters=<br />
<br />
==Contacts==<br />
<br />
* Kristi Ainen kristi.ainen[at]taltech.ee Project Manager at TalTech University, Administrative Support<br />
<br />
* Prof. Dr Olaf Maennel olaf.maenne[at]taltech.ee Professor of Cyber Security at TalTech University, Scientific Lead<br />
<br />
* Dr Matthew Sorell, University of Adelaide, Representing partner university, and Adjunct Professor in Digital Forensics at TalTech University<br />
<br />
* Prof. Dr Tobias Eggendorfer, University of Applied Sciences Ravensburg-Weingarten, Representing partner university</div>Kristihttp://courses.cs.taltech.ee/w/index.php?title=Cyber_security_research_excellence_course&diff=7722Cyber security research excellence course2018-11-09T12:13:24Z<p>Kristi: /* In 2018 */</p>
<hr />
<div>=Introduction=<br />
<br />
==Objective==<br />
<br />
The objective of the Cyber Security Research Excellence Course is to strengthen Estonia's position on international cyber security research excellence. The main purpose is to give our cyber security students a unique experience in academic research, working on industry-related projects, academic writing, and presenting the work to an international audience. This builds the basis for establishing long-term collaborations on an international level. The starting point for this will be working on some concrete projects in cyber security that build the basis for a MSc thesis, an academic career or industry collaboration.<br />
<br />
==Outcome==<br />
<br />
The students will write a paper to be published at a conference or in a journal on original research done over the year. They will gain experience in conducting research and academic writing, build international long-term collaborations with students and supervisors at TalTech University as well as the partner universities.<br />
<br />
==Partners==<br />
<br />
This course will take place in collaboration between three universities:<br />
* '''TalTech University''' (Estonia) [https://en.wikipedia.org/wiki/Tallinn_University_of_Technology]<br />
* '''University of Adelaide''' (Australia) [https://en.wikipedia.org/wiki/University_of_Adelaide]<br />
* '''University of Applied Sciences Ravensburg-Weingarten''' (Germany) [https://en.wikipedia.org/wiki/University_of_Applied_Sciences_Ravensburg-Weingarten]<br />
<br />
<br />
We cooperate with the following industry partners:<br />
* '''Tallink''' - the largest passenger and cargo shipping company in the Baltic Sea region [https://en.wikipedia.org/wiki/Tallink]<br />
* '''Avira Operations GmbH & Co.''' - Avira is German antivirus company offering security solutions against malware, viruses and spyware [https://en.wikipedia.org/wiki/Avira]<br />
<br />
=Organisation=<br />
<br />
==Timeline==<br />
<br />
It is expected from the students that they will actively "drive" the course, set their own milestones and be responsible for their progress. Throughout the course the students will be constantly mentored on a one-to-one basis. Furthermore, the students can get help from mentors participating in this collaboration, which currently includes academics working at the University of Adelaide, TalTech University and University of Applied Sciences Ravensburg-Weingarten.<br />
<br />
* '''October 2018''' Getting acquainted with the course<br />
* '''November - December 2018''' Signing up for the course, selecting the topic area, starting a literature review<br />
* '''January 2019''' Option to participate at Research Bootcamp at the University of Adelaide. Over the two weeks, you will be working closely together with mentors and you should find other participants interested in your research, ideally working in related areas, willing to support you over the year. Obviously, you should be willing to support them as well. Participation at the Research Bootcamp is not mandatory but a wonderful opportunity and we highly recommend. For travel support, it is possible to apply for the scholarship from Dora Plus Short-Term Study Mobility Measure. Read more about the scholarship: [https://www.ttu.ee/studying/phd-studies/programmes-6/dora-scholarships/ HERE]<br />
* '''February - May 2019''' Regular meetings with the supervisors. During the spring, the students will meet with the supervisors regularly and discusses progress and questions arising from the work. This also includes discussions on topics such as 'how to conduct a literature review', 'research methodology', 'how to select a conference or journal', etc. Also submitting a 1,000 word research abstract and initial findings to the ICR2019: 5th Interdisciplinary Cyber Research workshop. Submission of abstract is mandatory<br />
* '''June 2019''' Attend at ICR2019 and present (if accepted) ongoing research at the workshop<br />
* '''July 2019''' Option to participate at the Cyber Security Summer School C3S2019 “Blockchain and Quantum Cryptography” <br />
* '''Autumn 2019''' In the second half of the year we will more focus on analysing data, writing-up a paper using latex, etc<br />
* '''October 2019''' Poster presenting research methodology, and results<br />
* '''January 2020''' Research paper draft ready to submit to journal or conference<br />
<br />
<br />
Please note that semester at University of Tartu will not affect the eligibility for taking this course.<br />
<br />
==Research topics==<br />
<br />
Students are welcome to propose their own topics, or work with a supervisor on a per-defined topic. An initial list of per-defined projects include (list will be expanded over time):<br />
<br />
* '''Application of Machine Learning to the Cyber Security Problems''' <br />
In this project, the student(s) will apply machine learning algorithms to solve a cyber security problem which is mainly detecting a cyber attack in the selected network environment. There exist various publicly available datasets that include legitimate and attack records obtained from enterprise networks, SCADA systems, IoT networks, mobile systems. The student will select a problem domain (such as internal threat, IoT botnet, mobile malware, SCADA attacks) and create machine learning classifiers that discriminate attack records from legitimate ones with high accuracy detection rates. <br />
<br />
* '''Establishing an IoT Security Test Setup''' <br />
In this project, the student(s) will establish a test setup that resembles a realistic IoT network. The main goal is to launch the cyber attacks in the environment where the normal traffic is also simulated and create a dataset that can be used by the other researchers. This test setup can be also utilized in an attack-defence type of course and may enable us to deal with some research problems about cyber security exercises/games. <br />
<br />
* '''Establishing a SCADA Security Test Setup''' <br />
In this topic, the student(s) will create a test setup that includes physical/virtual components of SCADA networks. The main goal is to launch the cyber attacks in the environment where the normal traffic is also simulated and create a dataset that can be used by the other researchers. This test setup can be also utilized in an attack-defence type of course. The further study can be conducted for understanding how to create a totally virtual system that can be easily replicated for cyber security exercises. One other interesting question could be the comparison of the degree of fidelity provided by the physically established system and totally virtual one.<br />
<br />
* '''Conducting a Study in the Area of Cyber Doctrine Development'''<br />
On 14 June 2016 the defence ministers of NATO countries agreed to recognise cyberspace as a domain of warfare at that year’s Warsaw Summit. However, although now regarded as equal to operations on land, sea, air and space, cyber doctrine is still immature and developing. The production of coherent strategy is further hindered by a lack of alignment in a definition of cyberspace. In this topic, the student(s) will have an opportunity to study in this area. <br />
<br />
* '''Maritime Cyber Security''' <br />
In collaboration with Tallink we offer several projects on cyber security aspects of smart bridges or smart passenger desks. This project builds knowledge in secure system design, and penetration testing, risk analysis.<br />
<br />
* '''Projects in collaboration with Avira Operations''' <br />
Please find the complete list of project proposals here: [[Media:Avira-project-proposals.pdf|PDF]]<br />
<br />
==ECTS==<br />
<br />
The course is running through all 2019 and valued at 15 ECTS (6 ECTS for spring semester 2019, 6 ECTS for autumn semester 2019, 3 ECTS C3S Summer School).<br />
<br />
=Participants=<br />
<br />
==Target group==<br />
<br />
The course is targeted at Cyber Security MSc students, who have a strong interest in pursuing an academic career, conducting research, and publishing papers. Furthermore, we encourage MSc students to participate in this course in order to understand the more academic perspective early on and then join our PhD program and thereby strengthens Estonia's Cyber Security research.<br />
<br />
==Important dates and events==<br />
<br />
Please keep track of the following dates and deadlines:<br />
<br />
===In 2018===<br />
<br />
* Cyber Security Student Briefing on '''5 November 2018''' at 15:00 - 17:00. Venue: '''Auditorium U01-202 TalTech University main building''' (Ehitajate tee 5). Official launch of the course, briefing, possible to meet organisers and mentors, Q&A. Find the agenda: [https://www.ttu.ee/institutes/centre-for-digital-forensics-cyber-security/news-16/ HERE]<br />
* Sign up for the course by '''6 November 2018''' at 23:59. <br />
* Course eligibility will be determined based on interviews on '''7 November 2018''' For signing up for the course, please book an interview time: [https://doodle.com/poll/qyy7nskhxnp67xwu HERE] Interviews will take place in '''TalTech University ICT building''' (Akadeemia tee 15a) room '''ICT-420'''.<br />
* Option to participate at Cybersecurity University Industry Networking (CUIN) at Startup Week TLN on '''21 November 2018''' at 14:00 - 17:00. Venue: '''TalTech Mektory''' (Raja 15). CUIN is a cyber security industry and university networking event which will bring young researchers and practicing experts in the cyber domain closer to stimulate research and development collaboration between the University and Industry. More information about the event, agenda and registration [https://www.facebook.com/events/247219845956105/ HERE]<br />
* In case you want to apply for the scholarship for participating at the Research Bootcamp at the University of Adelaide, please submit all required documents electronically or on paper to Dora Plus Action 1 Coordinator Kaire Kaljuvee: kaire.kaljuvee[at]taltech.ee by '''7 December 2018''' at the latest. Documents and more information: [https://www.ttu.ee/studying/phd-studies/programmes-6/dora-scholarships/ HERE]<br />
<br />
''The list to be updated''<br />
<br />
===In 2019===<br />
* Research Bootcamp at the University of Adelaide '''14 - 25 January 2019''' (optional)<br />
* Abstract submission deadline for ICR2019 '''15 April 2019''' (mandatory)<br />
* Notification if accepted for presenting at ICR2019 '''6 May 2019'''<br />
* ICR2019: 5th Interdisciplinary Cyber Research workshop '''29 June 2019''' at TalTech. More information about the event: [https://taltech.ee/institutes/centre-for-digital-forensics-cyber-security/news-16/icr2019-2 HERE] <br />
* Optional Cyber Security Summer School C3S2019 “Blockchain and Quantum Cryptography” '''1 - 5 July 2019''' at University of Tartu<br />
<br />
''The list to be updated''<br />
<br />
=Administrative matters=<br />
<br />
==Contacts==<br />
<br />
* Kristi Ainen kristi.ainen[at]taltech.ee Project Manager at TalTech University, Administrative Support<br />
<br />
* Prof. Dr Olaf Maennel olaf.maenne[at]taltech.ee Professor of Cyber Security at TalTech University, Scientific Lead<br />
<br />
* Dr Matthew Sorell, University of Adelaide, Representing partner university, and Adjunct Professor in Digital Forensics at TalTech University<br />
<br />
* Prof. Dr Tobias Eggendorfer, University of Applied Sciences Ravensburg-Weingarten, Representing partner university</div>Kristihttp://courses.cs.taltech.ee/w/index.php?title=Cyber_security_research_excellence_course&diff=7721Cyber security research excellence course2018-11-09T12:11:51Z<p>Kristi: /* In 2018 */</p>
<hr />
<div>=Introduction=<br />
<br />
==Objective==<br />
<br />
The objective of the Cyber Security Research Excellence Course is to strengthen Estonia's position on international cyber security research excellence. The main purpose is to give our cyber security students a unique experience in academic research, working on industry-related projects, academic writing, and presenting the work to an international audience. This builds the basis for establishing long-term collaborations on an international level. The starting point for this will be working on some concrete projects in cyber security that build the basis for a MSc thesis, an academic career or industry collaboration.<br />
<br />
==Outcome==<br />
<br />
The students will write a paper to be published at a conference or in a journal on original research done over the year. They will gain experience in conducting research and academic writing, build international long-term collaborations with students and supervisors at TalTech University as well as the partner universities.<br />
<br />
==Partners==<br />
<br />
This course will take place in collaboration between three universities:<br />
* '''TalTech University''' (Estonia) [https://en.wikipedia.org/wiki/Tallinn_University_of_Technology]<br />
* '''University of Adelaide''' (Australia) [https://en.wikipedia.org/wiki/University_of_Adelaide]<br />
* '''University of Applied Sciences Ravensburg-Weingarten''' (Germany) [https://en.wikipedia.org/wiki/University_of_Applied_Sciences_Ravensburg-Weingarten]<br />
<br />
<br />
We cooperate with the following industry partners:<br />
* '''Tallink''' - the largest passenger and cargo shipping company in the Baltic Sea region [https://en.wikipedia.org/wiki/Tallink]<br />
* '''Avira Operations GmbH & Co.''' - Avira is German antivirus company offering security solutions against malware, viruses and spyware [https://en.wikipedia.org/wiki/Avira]<br />
<br />
=Organisation=<br />
<br />
==Timeline==<br />
<br />
It is expected from the students that they will actively "drive" the course, set their own milestones and be responsible for their progress. Throughout the course the students will be constantly mentored on a one-to-one basis. Furthermore, the students can get help from mentors participating in this collaboration, which currently includes academics working at the University of Adelaide, TalTech University and University of Applied Sciences Ravensburg-Weingarten.<br />
<br />
* '''October 2018''' Getting acquainted with the course<br />
* '''November - December 2018''' Signing up for the course, selecting the topic area, starting a literature review<br />
* '''January 2019''' Option to participate at Research Bootcamp at the University of Adelaide. Over the two weeks, you will be working closely together with mentors and you should find other participants interested in your research, ideally working in related areas, willing to support you over the year. Obviously, you should be willing to support them as well. Participation at the Research Bootcamp is not mandatory but a wonderful opportunity and we highly recommend. For travel support, it is possible to apply for the scholarship from Dora Plus Short-Term Study Mobility Measure. Read more about the scholarship: [https://www.ttu.ee/studying/phd-studies/programmes-6/dora-scholarships/ HERE]<br />
* '''February - May 2019''' Regular meetings with the supervisors. During the spring, the students will meet with the supervisors regularly and discusses progress and questions arising from the work. This also includes discussions on topics such as 'how to conduct a literature review', 'research methodology', 'how to select a conference or journal', etc. Also submitting a 1,000 word research abstract and initial findings to the ICR2019: 5th Interdisciplinary Cyber Research workshop. Submission of abstract is mandatory<br />
* '''June 2019''' Attend at ICR2019 and present (if accepted) ongoing research at the workshop<br />
* '''July 2019''' Option to participate at the Cyber Security Summer School C3S2019 “Blockchain and Quantum Cryptography” <br />
* '''Autumn 2019''' In the second half of the year we will more focus on analysing data, writing-up a paper using latex, etc<br />
* '''October 2019''' Poster presenting research methodology, and results<br />
* '''January 2020''' Research paper draft ready to submit to journal or conference<br />
<br />
<br />
Please note that semester at University of Tartu will not affect the eligibility for taking this course.<br />
<br />
==Research topics==<br />
<br />
Students are welcome to propose their own topics, or work with a supervisor on a per-defined topic. An initial list of per-defined projects include (list will be expanded over time):<br />
<br />
* '''Application of Machine Learning to the Cyber Security Problems''' <br />
In this project, the student(s) will apply machine learning algorithms to solve a cyber security problem which is mainly detecting a cyber attack in the selected network environment. There exist various publicly available datasets that include legitimate and attack records obtained from enterprise networks, SCADA systems, IoT networks, mobile systems. The student will select a problem domain (such as internal threat, IoT botnet, mobile malware, SCADA attacks) and create machine learning classifiers that discriminate attack records from legitimate ones with high accuracy detection rates. <br />
<br />
* '''Establishing an IoT Security Test Setup''' <br />
In this project, the student(s) will establish a test setup that resembles a realistic IoT network. The main goal is to launch the cyber attacks in the environment where the normal traffic is also simulated and create a dataset that can be used by the other researchers. This test setup can be also utilized in an attack-defence type of course and may enable us to deal with some research problems about cyber security exercises/games. <br />
<br />
* '''Establishing a SCADA Security Test Setup''' <br />
In this topic, the student(s) will create a test setup that includes physical/virtual components of SCADA networks. The main goal is to launch the cyber attacks in the environment where the normal traffic is also simulated and create a dataset that can be used by the other researchers. This test setup can be also utilized in an attack-defence type of course. The further study can be conducted for understanding how to create a totally virtual system that can be easily replicated for cyber security exercises. One other interesting question could be the comparison of the degree of fidelity provided by the physically established system and totally virtual one.<br />
<br />
* '''Conducting a Study in the Area of Cyber Doctrine Development'''<br />
On 14 June 2016 the defence ministers of NATO countries agreed to recognise cyberspace as a domain of warfare at that year’s Warsaw Summit. However, although now regarded as equal to operations on land, sea, air and space, cyber doctrine is still immature and developing. The production of coherent strategy is further hindered by a lack of alignment in a definition of cyberspace. In this topic, the student(s) will have an opportunity to study in this area. <br />
<br />
* '''Maritime Cyber Security''' <br />
In collaboration with Tallink we offer several projects on cyber security aspects of smart bridges or smart passenger desks. This project builds knowledge in secure system design, and penetration testing, risk analysis.<br />
<br />
* '''Projects in collaboration with Avira Operations''' <br />
Please find the complete list of project proposals here: [[Media:Avira-project-proposals.pdf|PDF]]<br />
<br />
==ECTS==<br />
<br />
The course is running through all 2019 and valued at 15 ECTS (6 ECTS for spring semester 2019, 6 ECTS for autumn semester 2019, 3 ECTS C3S Summer School).<br />
<br />
=Participants=<br />
<br />
==Target group==<br />
<br />
The course is targeted at Cyber Security MSc students, who have a strong interest in pursuing an academic career, conducting research, and publishing papers. Furthermore, we encourage MSc students to participate in this course in order to understand the more academic perspective early on and then join our PhD program and thereby strengthens Estonia's Cyber Security research.<br />
<br />
==Important dates and events==<br />
<br />
Please keep track of the following dates and deadlines:<br />
<br />
===In 2018===<br />
<br />
* Cyber Security Student Briefing on '''5 November 2018''' at 15:00 - 17:00. Venue: '''Auditorium U01-202 TalTech University main building''' (Ehitajate tee 5). Official launch of the course, briefing, possible to meet organisers and mentors, Q&A. Find the agenda: [https://www.ttu.ee/institutes/centre-for-digital-forensics-cyber-security/news-16/ HERE]<br />
* Sign up for the course by '''6 November 2018''' at 23:59. <br />
* Course eligibility will be determined based on interviews on '''7 November 2018''' For signing up for the course, please book an interview time: [https://doodle.com/poll/qyy7nskhxnp67xwu HERE] Interviews will take place in '''TalTech University ICT building''' (Akadeemia tee 15a) room '''ICT-420'''.<br />
* Option to participate at Cybersecurity University Industry Networking (CUIN) at Startup Week TLN on '''21 November 2018''' at 14:00 - 17:00. Venue: '''TalTech Mektory''' (Raja 15). CUIN is a cyber security industry and university networking event which will bring young researchers and practicing experts in the cyber domain closer to stimulate research and development collaboration between the University and Industry. More information about the event, agenda and registration [https://www.facebook.com/events/247219845956105/ HERE]<br />
* In case you want to apply for the scholarship for participating at the Research Bootcamp at the University of Adelaide, please submit all required documents electronically or on paper to Dora Plus Action 1 Coordinator Kaire Kaljuvee: kaire.kaljuvee[at]taltech.ee by '''7 December 2018''' at the latest. <br />
<br />
''The list to be updated''<br />
<br />
===In 2019===<br />
* Research Bootcamp at the University of Adelaide '''14 - 25 January 2019''' (optional)<br />
* Abstract submission deadline for ICR2019 '''15 April 2019''' (mandatory)<br />
* Notification if accepted for presenting at ICR2019 '''6 May 2019'''<br />
* ICR2019: 5th Interdisciplinary Cyber Research workshop '''29 June 2019''' at TalTech. More information about the event: [https://taltech.ee/institutes/centre-for-digital-forensics-cyber-security/news-16/icr2019-2 HERE] <br />
* Optional Cyber Security Summer School C3S2019 “Blockchain and Quantum Cryptography” '''1 - 5 July 2019''' at University of Tartu<br />
<br />
''The list to be updated''<br />
<br />
=Administrative matters=<br />
<br />
==Contacts==<br />
<br />
* Kristi Ainen kristi.ainen[at]taltech.ee Project Manager at TalTech University, Administrative Support<br />
<br />
* Prof. Dr Olaf Maennel olaf.maenne[at]taltech.ee Professor of Cyber Security at TalTech University, Scientific Lead<br />
<br />
* Dr Matthew Sorell, University of Adelaide, Representing partner university, and Adjunct Professor in Digital Forensics at TalTech University<br />
<br />
* Prof. Dr Tobias Eggendorfer, University of Applied Sciences Ravensburg-Weingarten, Representing partner university</div>Kristihttp://courses.cs.taltech.ee/w/index.php?title=Cyber_security_research_excellence_course&diff=7720Cyber security research excellence course2018-11-09T12:05:05Z<p>Kristi: /* Timeline */</p>
<hr />
<div>=Introduction=<br />
<br />
==Objective==<br />
<br />
The objective of the Cyber Security Research Excellence Course is to strengthen Estonia's position on international cyber security research excellence. The main purpose is to give our cyber security students a unique experience in academic research, working on industry-related projects, academic writing, and presenting the work to an international audience. This builds the basis for establishing long-term collaborations on an international level. The starting point for this will be working on some concrete projects in cyber security that build the basis for a MSc thesis, an academic career or industry collaboration.<br />
<br />
==Outcome==<br />
<br />
The students will write a paper to be published at a conference or in a journal on original research done over the year. They will gain experience in conducting research and academic writing, build international long-term collaborations with students and supervisors at TalTech University as well as the partner universities.<br />
<br />
==Partners==<br />
<br />
This course will take place in collaboration between three universities:<br />
* '''TalTech University''' (Estonia) [https://en.wikipedia.org/wiki/Tallinn_University_of_Technology]<br />
* '''University of Adelaide''' (Australia) [https://en.wikipedia.org/wiki/University_of_Adelaide]<br />
* '''University of Applied Sciences Ravensburg-Weingarten''' (Germany) [https://en.wikipedia.org/wiki/University_of_Applied_Sciences_Ravensburg-Weingarten]<br />
<br />
<br />
We cooperate with the following industry partners:<br />
* '''Tallink''' - the largest passenger and cargo shipping company in the Baltic Sea region [https://en.wikipedia.org/wiki/Tallink]<br />
* '''Avira Operations GmbH & Co.''' - Avira is German antivirus company offering security solutions against malware, viruses and spyware [https://en.wikipedia.org/wiki/Avira]<br />
<br />
=Organisation=<br />
<br />
==Timeline==<br />
<br />
It is expected from the students that they will actively "drive" the course, set their own milestones and be responsible for their progress. Throughout the course the students will be constantly mentored on a one-to-one basis. Furthermore, the students can get help from mentors participating in this collaboration, which currently includes academics working at the University of Adelaide, TalTech University and University of Applied Sciences Ravensburg-Weingarten.<br />
<br />
* '''October 2018''' Getting acquainted with the course<br />
* '''November - December 2018''' Signing up for the course, selecting the topic area, starting a literature review<br />
* '''January 2019''' Option to participate at Research Bootcamp at the University of Adelaide. Over the two weeks, you will be working closely together with mentors and you should find other participants interested in your research, ideally working in related areas, willing to support you over the year. Obviously, you should be willing to support them as well. Participation at the Research Bootcamp is not mandatory but a wonderful opportunity and we highly recommend. For travel support, it is possible to apply for the scholarship from Dora Plus Short-Term Study Mobility Measure. Read more about the scholarship: [https://www.ttu.ee/studying/phd-studies/programmes-6/dora-scholarships/ HERE]<br />
* '''February - May 2019''' Regular meetings with the supervisors. During the spring, the students will meet with the supervisors regularly and discusses progress and questions arising from the work. This also includes discussions on topics such as 'how to conduct a literature review', 'research methodology', 'how to select a conference or journal', etc. Also submitting a 1,000 word research abstract and initial findings to the ICR2019: 5th Interdisciplinary Cyber Research workshop. Submission of abstract is mandatory<br />
* '''June 2019''' Attend at ICR2019 and present (if accepted) ongoing research at the workshop<br />
* '''July 2019''' Option to participate at the Cyber Security Summer School C3S2019 “Blockchain and Quantum Cryptography” <br />
* '''Autumn 2019''' In the second half of the year we will more focus on analysing data, writing-up a paper using latex, etc<br />
* '''October 2019''' Poster presenting research methodology, and results<br />
* '''January 2020''' Research paper draft ready to submit to journal or conference<br />
<br />
<br />
Please note that semester at University of Tartu will not affect the eligibility for taking this course.<br />
<br />
==Research topics==<br />
<br />
Students are welcome to propose their own topics, or work with a supervisor on a per-defined topic. An initial list of per-defined projects include (list will be expanded over time):<br />
<br />
* '''Application of Machine Learning to the Cyber Security Problems''' <br />
In this project, the student(s) will apply machine learning algorithms to solve a cyber security problem which is mainly detecting a cyber attack in the selected network environment. There exist various publicly available datasets that include legitimate and attack records obtained from enterprise networks, SCADA systems, IoT networks, mobile systems. The student will select a problem domain (such as internal threat, IoT botnet, mobile malware, SCADA attacks) and create machine learning classifiers that discriminate attack records from legitimate ones with high accuracy detection rates. <br />
<br />
* '''Establishing an IoT Security Test Setup''' <br />
In this project, the student(s) will establish a test setup that resembles a realistic IoT network. The main goal is to launch the cyber attacks in the environment where the normal traffic is also simulated and create a dataset that can be used by the other researchers. This test setup can be also utilized in an attack-defence type of course and may enable us to deal with some research problems about cyber security exercises/games. <br />
<br />
* '''Establishing a SCADA Security Test Setup''' <br />
In this topic, the student(s) will create a test setup that includes physical/virtual components of SCADA networks. The main goal is to launch the cyber attacks in the environment where the normal traffic is also simulated and create a dataset that can be used by the other researchers. This test setup can be also utilized in an attack-defence type of course. The further study can be conducted for understanding how to create a totally virtual system that can be easily replicated for cyber security exercises. One other interesting question could be the comparison of the degree of fidelity provided by the physically established system and totally virtual one.<br />
<br />
* '''Conducting a Study in the Area of Cyber Doctrine Development'''<br />
On 14 June 2016 the defence ministers of NATO countries agreed to recognise cyberspace as a domain of warfare at that year’s Warsaw Summit. However, although now regarded as equal to operations on land, sea, air and space, cyber doctrine is still immature and developing. The production of coherent strategy is further hindered by a lack of alignment in a definition of cyberspace. In this topic, the student(s) will have an opportunity to study in this area. <br />
<br />
* '''Maritime Cyber Security''' <br />
In collaboration with Tallink we offer several projects on cyber security aspects of smart bridges or smart passenger desks. This project builds knowledge in secure system design, and penetration testing, risk analysis.<br />
<br />
* '''Projects in collaboration with Avira Operations''' <br />
Please find the complete list of project proposals here: [[Media:Avira-project-proposals.pdf|PDF]]<br />
<br />
==ECTS==<br />
<br />
The course is running through all 2019 and valued at 15 ECTS (6 ECTS for spring semester 2019, 6 ECTS for autumn semester 2019, 3 ECTS C3S Summer School).<br />
<br />
=Participants=<br />
<br />
==Target group==<br />
<br />
The course is targeted at Cyber Security MSc students, who have a strong interest in pursuing an academic career, conducting research, and publishing papers. Furthermore, we encourage MSc students to participate in this course in order to understand the more academic perspective early on and then join our PhD program and thereby strengthens Estonia's Cyber Security research.<br />
<br />
==Important dates and events==<br />
<br />
Please keep track of the following dates and deadlines:<br />
<br />
===In 2018===<br />
<br />
* Cyber Security Student Briefing on '''5 November 2018''' at 15:00 - 17:00. Venue: '''Auditorium U01-202 TalTech University main building''' (Ehitajate tee 5). Official launch of the course, briefing, possible to meet organisers and mentors, Q&A. Find the agenda: [https://www.ttu.ee/institutes/centre-for-digital-forensics-cyber-security/news-16/ HERE]<br />
* Sign up for the course by '''6 November 2018''' at 23:59. <br />
* Course eligibility will be determined based on interviews on '''7 November 2018''' For signing up for the course, please book an interview time: [https://doodle.com/poll/qyy7nskhxnp67xwu HERE] Interviews will take place in '''TalTech University ICT building''' (Akadeemia tee 15a) room '''ICT-420'''.<br />
* Option to participate at Cybersecurity University Industry Networking (CUIN) at Startup Week TLN on '''21 November 2018''' at 14:00 - 17:00. Venue: '''TalTech Mektory''' (Raja 15). CUIN is a cyber security industry and university networking event which will bring young researchers and practicing experts in the cyber domain closer to stimulate research and development collaboration between the University and Industry. More information about the event, agenda and registration [https://www.facebook.com/events/247219845956105/ HERE]<br />
<br />
''The list to be updated''<br />
<br />
===In 2019===<br />
* Research Bootcamp at the University of Adelaide '''14 - 25 January 2019''' (optional)<br />
* Abstract submission deadline for ICR2019 '''15 April 2019''' (mandatory)<br />
* Notification if accepted for presenting at ICR2019 '''6 May 2019'''<br />
* ICR2019: 5th Interdisciplinary Cyber Research workshop '''29 June 2019''' at TalTech. More information about the event: [https://taltech.ee/institutes/centre-for-digital-forensics-cyber-security/news-16/icr2019-2 HERE] <br />
* Optional Cyber Security Summer School C3S2019 “Blockchain and Quantum Cryptography” '''1 - 5 July 2019''' at University of Tartu<br />
<br />
''The list to be updated''<br />
<br />
=Administrative matters=<br />
<br />
==Contacts==<br />
<br />
* Kristi Ainen kristi.ainen[at]taltech.ee Project Manager at TalTech University, Administrative Support<br />
<br />
* Prof. Dr Olaf Maennel olaf.maenne[at]taltech.ee Professor of Cyber Security at TalTech University, Scientific Lead<br />
<br />
* Dr Matthew Sorell, University of Adelaide, Representing partner university, and Adjunct Professor in Digital Forensics at TalTech University<br />
<br />
* Prof. Dr Tobias Eggendorfer, University of Applied Sciences Ravensburg-Weingarten, Representing partner university</div>Kristihttp://courses.cs.taltech.ee/w/index.php?title=Cyber_security_research_excellence_course&diff=7719Cyber security research excellence course2018-11-09T12:04:39Z<p>Kristi: /* Timeline */</p>
<hr />
<div>=Introduction=<br />
<br />
==Objective==<br />
<br />
The objective of the Cyber Security Research Excellence Course is to strengthen Estonia's position on international cyber security research excellence. The main purpose is to give our cyber security students a unique experience in academic research, working on industry-related projects, academic writing, and presenting the work to an international audience. This builds the basis for establishing long-term collaborations on an international level. The starting point for this will be working on some concrete projects in cyber security that build the basis for a MSc thesis, an academic career or industry collaboration.<br />
<br />
==Outcome==<br />
<br />
The students will write a paper to be published at a conference or in a journal on original research done over the year. They will gain experience in conducting research and academic writing, build international long-term collaborations with students and supervisors at TalTech University as well as the partner universities.<br />
<br />
==Partners==<br />
<br />
This course will take place in collaboration between three universities:<br />
* '''TalTech University''' (Estonia) [https://en.wikipedia.org/wiki/Tallinn_University_of_Technology]<br />
* '''University of Adelaide''' (Australia) [https://en.wikipedia.org/wiki/University_of_Adelaide]<br />
* '''University of Applied Sciences Ravensburg-Weingarten''' (Germany) [https://en.wikipedia.org/wiki/University_of_Applied_Sciences_Ravensburg-Weingarten]<br />
<br />
<br />
We cooperate with the following industry partners:<br />
* '''Tallink''' - the largest passenger and cargo shipping company in the Baltic Sea region [https://en.wikipedia.org/wiki/Tallink]<br />
* '''Avira Operations GmbH & Co.''' - Avira is German antivirus company offering security solutions against malware, viruses and spyware [https://en.wikipedia.org/wiki/Avira]<br />
<br />
=Organisation=<br />
<br />
==Timeline==<br />
<br />
It is expected from the students that they will actively "drive" the course, set their own milestones and be responsible for their progress. Throughout the course the students will be constantly mentored on a one-to-one basis. Furthermore, the students can get help from mentors participating in this collaboration, which currently includes academics working at the University of Adelaide, TalTech University and University of Applied Sciences Ravensburg-Weingarten.<br />
<br />
* '''October 2018''' Getting acquainted with the course<br />
* '''November - December 2018''' Signing up for the course, selecting the topic area, starting a literature review<br />
* '''January 2019''' Option to participate at Research Bootcamp at the University of Adelaide. Over the two weeks, you will be working closely together with mentors and you should find other participants interested in your research, ideally working in related areas, willing to support you over the year. Obviously, you should be willing to support them as well. Participation at the Research Bootcamp is not mandatory but a wonderful opportunity and we highly recommend. For travel support, it is possible to apply for the scholarship from Dora Plus Short-Term Study Mobility Measure. Read more about the scholarship: [[https://www.ttu.ee/studying/phd-studies/programmes-6/dora-scholarships/ HERE]]<br />
* '''February - May 2019''' Regular meetings with the supervisors. During the spring, the students will meet with the supervisors regularly and discusses progress and questions arising from the work. This also includes discussions on topics such as 'how to conduct a literature review', 'research methodology', 'how to select a conference or journal', etc. Also submitting a 1,000 word research abstract and initial findings to the ICR2019: 5th Interdisciplinary Cyber Research workshop. Submission of abstract is mandatory<br />
* '''June 2019''' Attend at ICR2019 and present (if accepted) ongoing research at the workshop<br />
* '''July 2019''' Option to participate at the Cyber Security Summer School C3S2019 “Blockchain and Quantum Cryptography” <br />
* '''Autumn 2019''' In the second half of the year we will more focus on analysing data, writing-up a paper using latex, etc<br />
* '''October 2019''' Poster presenting research methodology, and results<br />
* '''January 2020''' Research paper draft ready to submit to journal or conference<br />
<br />
<br />
Please note that semester at University of Tartu will not affect the eligibility for taking this course.<br />
<br />
==Research topics==<br />
<br />
Students are welcome to propose their own topics, or work with a supervisor on a per-defined topic. An initial list of per-defined projects include (list will be expanded over time):<br />
<br />
* '''Application of Machine Learning to the Cyber Security Problems''' <br />
In this project, the student(s) will apply machine learning algorithms to solve a cyber security problem which is mainly detecting a cyber attack in the selected network environment. There exist various publicly available datasets that include legitimate and attack records obtained from enterprise networks, SCADA systems, IoT networks, mobile systems. The student will select a problem domain (such as internal threat, IoT botnet, mobile malware, SCADA attacks) and create machine learning classifiers that discriminate attack records from legitimate ones with high accuracy detection rates. <br />
<br />
* '''Establishing an IoT Security Test Setup''' <br />
In this project, the student(s) will establish a test setup that resembles a realistic IoT network. The main goal is to launch the cyber attacks in the environment where the normal traffic is also simulated and create a dataset that can be used by the other researchers. This test setup can be also utilized in an attack-defence type of course and may enable us to deal with some research problems about cyber security exercises/games. <br />
<br />
* '''Establishing a SCADA Security Test Setup''' <br />
In this topic, the student(s) will create a test setup that includes physical/virtual components of SCADA networks. The main goal is to launch the cyber attacks in the environment where the normal traffic is also simulated and create a dataset that can be used by the other researchers. This test setup can be also utilized in an attack-defence type of course. The further study can be conducted for understanding how to create a totally virtual system that can be easily replicated for cyber security exercises. One other interesting question could be the comparison of the degree of fidelity provided by the physically established system and totally virtual one.<br />
<br />
* '''Conducting a Study in the Area of Cyber Doctrine Development'''<br />
On 14 June 2016 the defence ministers of NATO countries agreed to recognise cyberspace as a domain of warfare at that year’s Warsaw Summit. However, although now regarded as equal to operations on land, sea, air and space, cyber doctrine is still immature and developing. The production of coherent strategy is further hindered by a lack of alignment in a definition of cyberspace. In this topic, the student(s) will have an opportunity to study in this area. <br />
<br />
* '''Maritime Cyber Security''' <br />
In collaboration with Tallink we offer several projects on cyber security aspects of smart bridges or smart passenger desks. This project builds knowledge in secure system design, and penetration testing, risk analysis.<br />
<br />
* '''Projects in collaboration with Avira Operations''' <br />
Please find the complete list of project proposals here: [[Media:Avira-project-proposals.pdf|PDF]]<br />
<br />
==ECTS==<br />
<br />
The course is running through all 2019 and valued at 15 ECTS (6 ECTS for spring semester 2019, 6 ECTS for autumn semester 2019, 3 ECTS C3S Summer School).<br />
<br />
=Participants=<br />
<br />
==Target group==<br />
<br />
The course is targeted at Cyber Security MSc students, who have a strong interest in pursuing an academic career, conducting research, and publishing papers. Furthermore, we encourage MSc students to participate in this course in order to understand the more academic perspective early on and then join our PhD program and thereby strengthens Estonia's Cyber Security research.<br />
<br />
==Important dates and events==<br />
<br />
Please keep track of the following dates and deadlines:<br />
<br />
===In 2018===<br />
<br />
* Cyber Security Student Briefing on '''5 November 2018''' at 15:00 - 17:00. Venue: '''Auditorium U01-202 TalTech University main building''' (Ehitajate tee 5). Official launch of the course, briefing, possible to meet organisers and mentors, Q&A. Find the agenda: [https://www.ttu.ee/institutes/centre-for-digital-forensics-cyber-security/news-16/ HERE]<br />
* Sign up for the course by '''6 November 2018''' at 23:59. <br />
* Course eligibility will be determined based on interviews on '''7 November 2018''' For signing up for the course, please book an interview time: [https://doodle.com/poll/qyy7nskhxnp67xwu HERE] Interviews will take place in '''TalTech University ICT building''' (Akadeemia tee 15a) room '''ICT-420'''.<br />
* Option to participate at Cybersecurity University Industry Networking (CUIN) at Startup Week TLN on '''21 November 2018''' at 14:00 - 17:00. Venue: '''TalTech Mektory''' (Raja 15). CUIN is a cyber security industry and university networking event which will bring young researchers and practicing experts in the cyber domain closer to stimulate research and development collaboration between the University and Industry. More information about the event, agenda and registration [https://www.facebook.com/events/247219845956105/ HERE]<br />
<br />
''The list to be updated''<br />
<br />
===In 2019===<br />
* Research Bootcamp at the University of Adelaide '''14 - 25 January 2019''' (optional)<br />
* Abstract submission deadline for ICR2019 '''15 April 2019''' (mandatory)<br />
* Notification if accepted for presenting at ICR2019 '''6 May 2019'''<br />
* ICR2019: 5th Interdisciplinary Cyber Research workshop '''29 June 2019''' at TalTech. More information about the event: [https://taltech.ee/institutes/centre-for-digital-forensics-cyber-security/news-16/icr2019-2 HERE] <br />
* Optional Cyber Security Summer School C3S2019 “Blockchain and Quantum Cryptography” '''1 - 5 July 2019''' at University of Tartu<br />
<br />
''The list to be updated''<br />
<br />
=Administrative matters=<br />
<br />
==Contacts==<br />
<br />
* Kristi Ainen kristi.ainen[at]taltech.ee Project Manager at TalTech University, Administrative Support<br />
<br />
* Prof. Dr Olaf Maennel olaf.maenne[at]taltech.ee Professor of Cyber Security at TalTech University, Scientific Lead<br />
<br />
* Dr Matthew Sorell, University of Adelaide, Representing partner university, and Adjunct Professor in Digital Forensics at TalTech University<br />
<br />
* Prof. Dr Tobias Eggendorfer, University of Applied Sciences Ravensburg-Weingarten, Representing partner university</div>Kristihttp://courses.cs.taltech.ee/w/index.php?title=Cyber_security_research_excellence_course&diff=7718Cyber security research excellence course2018-11-09T12:04:15Z<p>Kristi: /* Timeline */</p>
<hr />
<div>=Introduction=<br />
<br />
==Objective==<br />
<br />
The objective of the Cyber Security Research Excellence Course is to strengthen Estonia's position on international cyber security research excellence. The main purpose is to give our cyber security students a unique experience in academic research, working on industry-related projects, academic writing, and presenting the work to an international audience. This builds the basis for establishing long-term collaborations on an international level. The starting point for this will be working on some concrete projects in cyber security that build the basis for a MSc thesis, an academic career or industry collaboration.<br />
<br />
==Outcome==<br />
<br />
The students will write a paper to be published at a conference or in a journal on original research done over the year. They will gain experience in conducting research and academic writing, build international long-term collaborations with students and supervisors at TalTech University as well as the partner universities.<br />
<br />
==Partners==<br />
<br />
This course will take place in collaboration between three universities:<br />
* '''TalTech University''' (Estonia) [https://en.wikipedia.org/wiki/Tallinn_University_of_Technology]<br />
* '''University of Adelaide''' (Australia) [https://en.wikipedia.org/wiki/University_of_Adelaide]<br />
* '''University of Applied Sciences Ravensburg-Weingarten''' (Germany) [https://en.wikipedia.org/wiki/University_of_Applied_Sciences_Ravensburg-Weingarten]<br />
<br />
<br />
We cooperate with the following industry partners:<br />
* '''Tallink''' - the largest passenger and cargo shipping company in the Baltic Sea region [https://en.wikipedia.org/wiki/Tallink]<br />
* '''Avira Operations GmbH & Co.''' - Avira is German antivirus company offering security solutions against malware, viruses and spyware [https://en.wikipedia.org/wiki/Avira]<br />
<br />
=Organisation=<br />
<br />
==Timeline==<br />
<br />
It is expected from the students that they will actively "drive" the course, set their own milestones and be responsible for their progress. Throughout the course the students will be constantly mentored on a one-to-one basis. Furthermore, the students can get help from mentors participating in this collaboration, which currently includes academics working at the University of Adelaide, TalTech University and University of Applied Sciences Ravensburg-Weingarten.<br />
<br />
* '''October 2018''' Getting acquainted with the course<br />
* '''November - December 2018''' Signing up for the course, selecting the topic area, starting a literature review<br />
* '''January 2019''' Option to participate at Research Bootcamp at the University of Adelaide. Over the two weeks, you will be working closely together with mentors and you should find other participants interested in your research, ideally working in related areas, willing to support you over the year. Obviously, you should be willing to support them as well. Participation at the Research Bootcamp is not mandatory but a wonderful opportunity and we highly recommend. For travel support, it is possible to apply for the scholarship from Dora Plus Short-Term study mobility measure. Read more about the scholarship: [[https://www.ttu.ee/studying/phd-studies/programmes-6/dora-scholarships/ HERE]]<br />
* '''February - May 2019''' Regular meetings with the supervisors. During the spring, the students will meet with the supervisors regularly and discusses progress and questions arising from the work. This also includes discussions on topics such as 'how to conduct a literature review', 'research methodology', 'how to select a conference or journal', etc. Also submitting a 1,000 word research abstract and initial findings to the ICR2019: 5th Interdisciplinary Cyber Research workshop. Submission of abstract is mandatory<br />
* '''June 2019''' Attend at ICR2019 and present (if accepted) ongoing research at the workshop<br />
* '''July 2019''' Option to participate at the Cyber Security Summer School C3S2019 “Blockchain and Quantum Cryptography” <br />
* '''Autumn 2019''' In the second half of the year we will more focus on analysing data, writing-up a paper using latex, etc<br />
* '''October 2019''' Poster presenting research methodology, and results<br />
* '''January 2020''' Research paper draft ready to submit to journal or conference<br />
<br />
<br />
Please note that semester at University of Tartu will not affect the eligibility for taking this course.<br />
<br />
==Research topics==<br />
<br />
Students are welcome to propose their own topics, or work with a supervisor on a per-defined topic. An initial list of per-defined projects include (list will be expanded over time):<br />
<br />
* '''Application of Machine Learning to the Cyber Security Problems''' <br />
In this project, the student(s) will apply machine learning algorithms to solve a cyber security problem which is mainly detecting a cyber attack in the selected network environment. There exist various publicly available datasets that include legitimate and attack records obtained from enterprise networks, SCADA systems, IoT networks, mobile systems. The student will select a problem domain (such as internal threat, IoT botnet, mobile malware, SCADA attacks) and create machine learning classifiers that discriminate attack records from legitimate ones with high accuracy detection rates. <br />
<br />
* '''Establishing an IoT Security Test Setup''' <br />
In this project, the student(s) will establish a test setup that resembles a realistic IoT network. The main goal is to launch the cyber attacks in the environment where the normal traffic is also simulated and create a dataset that can be used by the other researchers. This test setup can be also utilized in an attack-defence type of course and may enable us to deal with some research problems about cyber security exercises/games. <br />
<br />
* '''Establishing a SCADA Security Test Setup''' <br />
In this topic, the student(s) will create a test setup that includes physical/virtual components of SCADA networks. The main goal is to launch the cyber attacks in the environment where the normal traffic is also simulated and create a dataset that can be used by the other researchers. This test setup can be also utilized in an attack-defence type of course. The further study can be conducted for understanding how to create a totally virtual system that can be easily replicated for cyber security exercises. One other interesting question could be the comparison of the degree of fidelity provided by the physically established system and totally virtual one.<br />
<br />
* '''Conducting a Study in the Area of Cyber Doctrine Development'''<br />
On 14 June 2016 the defence ministers of NATO countries agreed to recognise cyberspace as a domain of warfare at that year’s Warsaw Summit. However, although now regarded as equal to operations on land, sea, air and space, cyber doctrine is still immature and developing. The production of coherent strategy is further hindered by a lack of alignment in a definition of cyberspace. In this topic, the student(s) will have an opportunity to study in this area. <br />
<br />
* '''Maritime Cyber Security''' <br />
In collaboration with Tallink we offer several projects on cyber security aspects of smart bridges or smart passenger desks. This project builds knowledge in secure system design, and penetration testing, risk analysis.<br />
<br />
* '''Projects in collaboration with Avira Operations''' <br />
Please find the complete list of project proposals here: [[Media:Avira-project-proposals.pdf|PDF]]<br />
<br />
==ECTS==<br />
<br />
The course is running through all 2019 and valued at 15 ECTS (6 ECTS for spring semester 2019, 6 ECTS for autumn semester 2019, 3 ECTS C3S Summer School).<br />
<br />
=Participants=<br />
<br />
==Target group==<br />
<br />
The course is targeted at Cyber Security MSc students, who have a strong interest in pursuing an academic career, conducting research, and publishing papers. Furthermore, we encourage MSc students to participate in this course in order to understand the more academic perspective early on and then join our PhD program and thereby strengthens Estonia's Cyber Security research.<br />
<br />
==Important dates and events==<br />
<br />
Please keep track of the following dates and deadlines:<br />
<br />
===In 2018===<br />
<br />
* Cyber Security Student Briefing on '''5 November 2018''' at 15:00 - 17:00. Venue: '''Auditorium U01-202 TalTech University main building''' (Ehitajate tee 5). Official launch of the course, briefing, possible to meet organisers and mentors, Q&A. Find the agenda: [https://www.ttu.ee/institutes/centre-for-digital-forensics-cyber-security/news-16/ HERE]<br />
* Sign up for the course by '''6 November 2018''' at 23:59. <br />
* Course eligibility will be determined based on interviews on '''7 November 2018''' For signing up for the course, please book an interview time: [https://doodle.com/poll/qyy7nskhxnp67xwu HERE] Interviews will take place in '''TalTech University ICT building''' (Akadeemia tee 15a) room '''ICT-420'''.<br />
* Option to participate at Cybersecurity University Industry Networking (CUIN) at Startup Week TLN on '''21 November 2018''' at 14:00 - 17:00. Venue: '''TalTech Mektory''' (Raja 15). CUIN is a cyber security industry and university networking event which will bring young researchers and practicing experts in the cyber domain closer to stimulate research and development collaboration between the University and Industry. More information about the event, agenda and registration [https://www.facebook.com/events/247219845956105/ HERE]<br />
<br />
''The list to be updated''<br />
<br />
===In 2019===<br />
* Research Bootcamp at the University of Adelaide '''14 - 25 January 2019''' (optional)<br />
* Abstract submission deadline for ICR2019 '''15 April 2019''' (mandatory)<br />
* Notification if accepted for presenting at ICR2019 '''6 May 2019'''<br />
* ICR2019: 5th Interdisciplinary Cyber Research workshop '''29 June 2019''' at TalTech. More information about the event: [https://taltech.ee/institutes/centre-for-digital-forensics-cyber-security/news-16/icr2019-2 HERE] <br />
* Optional Cyber Security Summer School C3S2019 “Blockchain and Quantum Cryptography” '''1 - 5 July 2019''' at University of Tartu<br />
<br />
''The list to be updated''<br />
<br />
=Administrative matters=<br />
<br />
==Contacts==<br />
<br />
* Kristi Ainen kristi.ainen[at]taltech.ee Project Manager at TalTech University, Administrative Support<br />
<br />
* Prof. Dr Olaf Maennel olaf.maenne[at]taltech.ee Professor of Cyber Security at TalTech University, Scientific Lead<br />
<br />
* Dr Matthew Sorell, University of Adelaide, Representing partner university, and Adjunct Professor in Digital Forensics at TalTech University<br />
<br />
* Prof. Dr Tobias Eggendorfer, University of Applied Sciences Ravensburg-Weingarten, Representing partner university</div>Kristihttp://courses.cs.taltech.ee/w/index.php?title=Cyber_security_research_excellence_course&diff=7717Cyber security research excellence course2018-11-09T12:03:15Z<p>Kristi: /* Timeline */</p>
<hr />
<div>=Introduction=<br />
<br />
==Objective==<br />
<br />
The objective of the Cyber Security Research Excellence Course is to strengthen Estonia's position on international cyber security research excellence. The main purpose is to give our cyber security students a unique experience in academic research, working on industry-related projects, academic writing, and presenting the work to an international audience. This builds the basis for establishing long-term collaborations on an international level. The starting point for this will be working on some concrete projects in cyber security that build the basis for a MSc thesis, an academic career or industry collaboration.<br />
<br />
==Outcome==<br />
<br />
The students will write a paper to be published at a conference or in a journal on original research done over the year. They will gain experience in conducting research and academic writing, build international long-term collaborations with students and supervisors at TalTech University as well as the partner universities.<br />
<br />
==Partners==<br />
<br />
This course will take place in collaboration between three universities:<br />
* '''TalTech University''' (Estonia) [https://en.wikipedia.org/wiki/Tallinn_University_of_Technology]<br />
* '''University of Adelaide''' (Australia) [https://en.wikipedia.org/wiki/University_of_Adelaide]<br />
* '''University of Applied Sciences Ravensburg-Weingarten''' (Germany) [https://en.wikipedia.org/wiki/University_of_Applied_Sciences_Ravensburg-Weingarten]<br />
<br />
<br />
We cooperate with the following industry partners:<br />
* '''Tallink''' - the largest passenger and cargo shipping company in the Baltic Sea region [https://en.wikipedia.org/wiki/Tallink]<br />
* '''Avira Operations GmbH & Co.''' - Avira is German antivirus company offering security solutions against malware, viruses and spyware [https://en.wikipedia.org/wiki/Avira]<br />
<br />
=Organisation=<br />
<br />
==Timeline==<br />
<br />
It is expected from the students that they will actively "drive" the course, set their own milestones and be responsible for their progress. Throughout the course the students will be constantly mentored on a one-to-one basis. Furthermore, the students can get help from mentors participating in this collaboration, which currently includes academics working at the University of Adelaide, TalTech University and University of Applied Sciences Ravensburg-Weingarten.<br />
<br />
* '''October 2018''' Getting acquainted with the course<br />
* '''November - December 2018''' Signing up for the course, selecting the topic area, starting a literature review<br />
* '''January 2019''' Option to participate at Research Bootcamp at the University of Adelaide. Over the two weeks, you will be working closely together with mentors and you should find other participants interested in your research, ideally working in related areas, willing to support you over the year. Obviously, you should be willing to support them as well. Participation at the Research Bootcamp is not mandatory but a wonderful opportunity and we highly recommend. For travel support, it is possible to apply for the scholarship for Dora Plus Short-Term study mobility measure. Read more about the scholarship: [[https://www.ttu.ee/studying/phd-studies/programmes-6/dora-scholarships/ HERE]]<br />
* '''February - May 2019''' Regular meetings with the supervisors. During the spring, the students will meet with the supervisors regularly and discusses progress and questions arising from the work. This also includes discussions on topics such as 'how to conduct a literature review', 'research methodology', 'how to select a conference or journal', etc. Also submitting a 1,000 word research abstract and initial findings to the ICR2019: 5th Interdisciplinary Cyber Research workshop. Submission of abstract is mandatory<br />
* '''June 2019''' Attend at ICR2019 and present (if accepted) ongoing research at the workshop<br />
* '''July 2019''' Option to participate at the Cyber Security Summer School C3S2019 “Blockchain and Quantum Cryptography” <br />
* '''Autumn 2019''' In the second half of the year we will more focus on analysing data, writing-up a paper using latex, etc<br />
* '''October 2019''' Poster presenting research methodology, and results<br />
* '''January 2020''' Research paper draft ready to submit to journal or conference<br />
<br />
<br />
Please note that semester at University of Tartu will not affect the eligibility for taking this course.<br />
<br />
==Research topics==<br />
<br />
Students are welcome to propose their own topics, or work with a supervisor on a per-defined topic. An initial list of per-defined projects include (list will be expanded over time):<br />
<br />
* '''Application of Machine Learning to the Cyber Security Problems''' <br />
In this project, the student(s) will apply machine learning algorithms to solve a cyber security problem which is mainly detecting a cyber attack in the selected network environment. There exist various publicly available datasets that include legitimate and attack records obtained from enterprise networks, SCADA systems, IoT networks, mobile systems. The student will select a problem domain (such as internal threat, IoT botnet, mobile malware, SCADA attacks) and create machine learning classifiers that discriminate attack records from legitimate ones with high accuracy detection rates. <br />
<br />
* '''Establishing an IoT Security Test Setup''' <br />
In this project, the student(s) will establish a test setup that resembles a realistic IoT network. The main goal is to launch the cyber attacks in the environment where the normal traffic is also simulated and create a dataset that can be used by the other researchers. This test setup can be also utilized in an attack-defence type of course and may enable us to deal with some research problems about cyber security exercises/games. <br />
<br />
* '''Establishing a SCADA Security Test Setup''' <br />
In this topic, the student(s) will create a test setup that includes physical/virtual components of SCADA networks. The main goal is to launch the cyber attacks in the environment where the normal traffic is also simulated and create a dataset that can be used by the other researchers. This test setup can be also utilized in an attack-defence type of course. The further study can be conducted for understanding how to create a totally virtual system that can be easily replicated for cyber security exercises. One other interesting question could be the comparison of the degree of fidelity provided by the physically established system and totally virtual one.<br />
<br />
* '''Conducting a Study in the Area of Cyber Doctrine Development'''<br />
On 14 June 2016 the defence ministers of NATO countries agreed to recognise cyberspace as a domain of warfare at that year’s Warsaw Summit. However, although now regarded as equal to operations on land, sea, air and space, cyber doctrine is still immature and developing. The production of coherent strategy is further hindered by a lack of alignment in a definition of cyberspace. In this topic, the student(s) will have an opportunity to study in this area. <br />
<br />
* '''Maritime Cyber Security''' <br />
In collaboration with Tallink we offer several projects on cyber security aspects of smart bridges or smart passenger desks. This project builds knowledge in secure system design, and penetration testing, risk analysis.<br />
<br />
* '''Projects in collaboration with Avira Operations''' <br />
Please find the complete list of project proposals here: [[Media:Avira-project-proposals.pdf|PDF]]<br />
<br />
==ECTS==<br />
<br />
The course is running through all 2019 and valued at 15 ECTS (6 ECTS for spring semester 2019, 6 ECTS for autumn semester 2019, 3 ECTS C3S Summer School).<br />
<br />
=Participants=<br />
<br />
==Target group==<br />
<br />
The course is targeted at Cyber Security MSc students, who have a strong interest in pursuing an academic career, conducting research, and publishing papers. Furthermore, we encourage MSc students to participate in this course in order to understand the more academic perspective early on and then join our PhD program and thereby strengthens Estonia's Cyber Security research.<br />
<br />
==Important dates and events==<br />
<br />
Please keep track of the following dates and deadlines:<br />
<br />
===In 2018===<br />
<br />
* Cyber Security Student Briefing on '''5 November 2018''' at 15:00 - 17:00. Venue: '''Auditorium U01-202 TalTech University main building''' (Ehitajate tee 5). Official launch of the course, briefing, possible to meet organisers and mentors, Q&A. Find the agenda: [https://www.ttu.ee/institutes/centre-for-digital-forensics-cyber-security/news-16/ HERE]<br />
* Sign up for the course by '''6 November 2018''' at 23:59. <br />
* Course eligibility will be determined based on interviews on '''7 November 2018''' For signing up for the course, please book an interview time: [https://doodle.com/poll/qyy7nskhxnp67xwu HERE] Interviews will take place in '''TalTech University ICT building''' (Akadeemia tee 15a) room '''ICT-420'''.<br />
* Option to participate at Cybersecurity University Industry Networking (CUIN) at Startup Week TLN on '''21 November 2018''' at 14:00 - 17:00. Venue: '''TalTech Mektory''' (Raja 15). CUIN is a cyber security industry and university networking event which will bring young researchers and practicing experts in the cyber domain closer to stimulate research and development collaboration between the University and Industry. More information about the event, agenda and registration [https://www.facebook.com/events/247219845956105/ HERE]<br />
<br />
''The list to be updated''<br />
<br />
===In 2019===<br />
* Research Bootcamp at the University of Adelaide '''14 - 25 January 2019''' (optional)<br />
* Abstract submission deadline for ICR2019 '''15 April 2019''' (mandatory)<br />
* Notification if accepted for presenting at ICR2019 '''6 May 2019'''<br />
* ICR2019: 5th Interdisciplinary Cyber Research workshop '''29 June 2019''' at TalTech. More information about the event: [https://taltech.ee/institutes/centre-for-digital-forensics-cyber-security/news-16/icr2019-2 HERE] <br />
* Optional Cyber Security Summer School C3S2019 “Blockchain and Quantum Cryptography” '''1 - 5 July 2019''' at University of Tartu<br />
<br />
''The list to be updated''<br />
<br />
=Administrative matters=<br />
<br />
==Contacts==<br />
<br />
* Kristi Ainen kristi.ainen[at]taltech.ee Project Manager at TalTech University, Administrative Support<br />
<br />
* Prof. Dr Olaf Maennel olaf.maenne[at]taltech.ee Professor of Cyber Security at TalTech University, Scientific Lead<br />
<br />
* Dr Matthew Sorell, University of Adelaide, Representing partner university, and Adjunct Professor in Digital Forensics at TalTech University<br />
<br />
* Prof. Dr Tobias Eggendorfer, University of Applied Sciences Ravensburg-Weingarten, Representing partner university</div>Kristihttp://courses.cs.taltech.ee/w/index.php?title=Cyber_security_research_excellence_course&diff=7716Cyber security research excellence course2018-11-09T12:01:13Z<p>Kristi: /* Timeline */</p>
<hr />
<div>=Introduction=<br />
<br />
==Objective==<br />
<br />
The objective of the Cyber Security Research Excellence Course is to strengthen Estonia's position on international cyber security research excellence. The main purpose is to give our cyber security students a unique experience in academic research, working on industry-related projects, academic writing, and presenting the work to an international audience. This builds the basis for establishing long-term collaborations on an international level. The starting point for this will be working on some concrete projects in cyber security that build the basis for a MSc thesis, an academic career or industry collaboration.<br />
<br />
==Outcome==<br />
<br />
The students will write a paper to be published at a conference or in a journal on original research done over the year. They will gain experience in conducting research and academic writing, build international long-term collaborations with students and supervisors at TalTech University as well as the partner universities.<br />
<br />
==Partners==<br />
<br />
This course will take place in collaboration between three universities:<br />
* '''TalTech University''' (Estonia) [https://en.wikipedia.org/wiki/Tallinn_University_of_Technology]<br />
* '''University of Adelaide''' (Australia) [https://en.wikipedia.org/wiki/University_of_Adelaide]<br />
* '''University of Applied Sciences Ravensburg-Weingarten''' (Germany) [https://en.wikipedia.org/wiki/University_of_Applied_Sciences_Ravensburg-Weingarten]<br />
<br />
<br />
We cooperate with the following industry partners:<br />
* '''Tallink''' - the largest passenger and cargo shipping company in the Baltic Sea region [https://en.wikipedia.org/wiki/Tallink]<br />
* '''Avira Operations GmbH & Co.''' - Avira is German antivirus company offering security solutions against malware, viruses and spyware [https://en.wikipedia.org/wiki/Avira]<br />
<br />
=Organisation=<br />
<br />
==Timeline==<br />
<br />
It is expected from the students that they will actively "drive" the course, set their own milestones and be responsible for their progress. Throughout the course the students will be constantly mentored on a one-to-one basis. Furthermore, the students can get help from mentors participating in this collaboration, which currently includes academics working at the University of Adelaide, TalTech University and University of Applied Sciences Ravensburg-Weingarten.<br />
<br />
* '''October 2018''' Getting acquainted with the course<br />
* '''November - December 2018''' Signing up for the course, selecting the topic area, starting a literature review<br />
* '''January 2019''' Option to participate at Research Bootcamp at the University of Adelaide. Over the two weeks, you should find other participants interested in your research, ideally working in related areas, willing to support you over the year. Obviously, you should be willing to support them as well. Participation at the Research Bootcamp is not mandatory but still a wonderful opportunity. For travel support, it is possible to apply for the scholarship for Dora Plus Short-Term study mobility measure. Read more about the scholarship: [[https://www.ttu.ee/studying/phd-studies/programmes-6/dora-scholarships/ HERE]]<br />
* '''February - May 2019''' Regular meetings with the supervisors. During the spring, the students will meet with the supervisors regularly and discusses progress and questions arising from the work. This also includes discussions on topics such as 'how to conduct a literature review', 'research methodology', 'how to select a conference or journal', etc. Also submitting a 1,000 word research abstract and initial findings to the ICR2019: 5th Interdisciplinary Cyber Research workshop. Submission of abstract is mandatory<br />
* '''June 2019''' Attend at ICR2019 and present (if accepted) ongoing research at the workshop<br />
* '''July 2019''' Option to participate at the Cyber Security Summer School C3S2019 “Blockchain and Quantum Cryptography” <br />
* '''Autumn 2019''' In the second half of the year we will more focus on analysing data, writing-up a paper using latex, etc<br />
* '''October 2019''' Poster presenting research methodology, and results<br />
* '''January 2020''' Research paper draft ready to submit to journal or conference<br />
<br />
<br />
Please note that semester at University of Tartu will not affect the eligibility for taking this course.<br />
<br />
==Research topics==<br />
<br />
Students are welcome to propose their own topics, or work with a supervisor on a per-defined topic. An initial list of per-defined projects include (list will be expanded over time):<br />
<br />
* '''Application of Machine Learning to the Cyber Security Problems''' <br />
In this project, the student(s) will apply machine learning algorithms to solve a cyber security problem which is mainly detecting a cyber attack in the selected network environment. There exist various publicly available datasets that include legitimate and attack records obtained from enterprise networks, SCADA systems, IoT networks, mobile systems. The student will select a problem domain (such as internal threat, IoT botnet, mobile malware, SCADA attacks) and create machine learning classifiers that discriminate attack records from legitimate ones with high accuracy detection rates. <br />
<br />
* '''Establishing an IoT Security Test Setup''' <br />
In this project, the student(s) will establish a test setup that resembles a realistic IoT network. The main goal is to launch the cyber attacks in the environment where the normal traffic is also simulated and create a dataset that can be used by the other researchers. This test setup can be also utilized in an attack-defence type of course and may enable us to deal with some research problems about cyber security exercises/games. <br />
<br />
* '''Establishing a SCADA Security Test Setup''' <br />
In this topic, the student(s) will create a test setup that includes physical/virtual components of SCADA networks. The main goal is to launch the cyber attacks in the environment where the normal traffic is also simulated and create a dataset that can be used by the other researchers. This test setup can be also utilized in an attack-defence type of course. The further study can be conducted for understanding how to create a totally virtual system that can be easily replicated for cyber security exercises. One other interesting question could be the comparison of the degree of fidelity provided by the physically established system and totally virtual one.<br />
<br />
* '''Conducting a Study in the Area of Cyber Doctrine Development'''<br />
On 14 June 2016 the defence ministers of NATO countries agreed to recognise cyberspace as a domain of warfare at that year’s Warsaw Summit. However, although now regarded as equal to operations on land, sea, air and space, cyber doctrine is still immature and developing. The production of coherent strategy is further hindered by a lack of alignment in a definition of cyberspace. In this topic, the student(s) will have an opportunity to study in this area. <br />
<br />
* '''Maritime Cyber Security''' <br />
In collaboration with Tallink we offer several projects on cyber security aspects of smart bridges or smart passenger desks. This project builds knowledge in secure system design, and penetration testing, risk analysis.<br />
<br />
* '''Projects in collaboration with Avira Operations''' <br />
Please find the complete list of project proposals here: [[Media:Avira-project-proposals.pdf|PDF]]<br />
<br />
==ECTS==<br />
<br />
The course is running through all 2019 and valued at 15 ECTS (6 ECTS for spring semester 2019, 6 ECTS for autumn semester 2019, 3 ECTS C3S Summer School).<br />
<br />
=Participants=<br />
<br />
==Target group==<br />
<br />
The course is targeted at Cyber Security MSc students, who have a strong interest in pursuing an academic career, conducting research, and publishing papers. Furthermore, we encourage MSc students to participate in this course in order to understand the more academic perspective early on and then join our PhD program and thereby strengthens Estonia's Cyber Security research.<br />
<br />
==Important dates and events==<br />
<br />
Please keep track of the following dates and deadlines:<br />
<br />
===In 2018===<br />
<br />
* Cyber Security Student Briefing on '''5 November 2018''' at 15:00 - 17:00. Venue: '''Auditorium U01-202 TalTech University main building''' (Ehitajate tee 5). Official launch of the course, briefing, possible to meet organisers and mentors, Q&A. Find the agenda: [https://www.ttu.ee/institutes/centre-for-digital-forensics-cyber-security/news-16/ HERE]<br />
* Sign up for the course by '''6 November 2018''' at 23:59. <br />
* Course eligibility will be determined based on interviews on '''7 November 2018''' For signing up for the course, please book an interview time: [https://doodle.com/poll/qyy7nskhxnp67xwu HERE] Interviews will take place in '''TalTech University ICT building''' (Akadeemia tee 15a) room '''ICT-420'''.<br />
* Option to participate at Cybersecurity University Industry Networking (CUIN) at Startup Week TLN on '''21 November 2018''' at 14:00 - 17:00. Venue: '''TalTech Mektory''' (Raja 15). CUIN is a cyber security industry and university networking event which will bring young researchers and practicing experts in the cyber domain closer to stimulate research and development collaboration between the University and Industry. More information about the event, agenda and registration [https://www.facebook.com/events/247219845956105/ HERE]<br />
<br />
''The list to be updated''<br />
<br />
===In 2019===<br />
* Research Bootcamp at the University of Adelaide '''14 - 25 January 2019''' (optional)<br />
* Abstract submission deadline for ICR2019 '''15 April 2019''' (mandatory)<br />
* Notification if accepted for presenting at ICR2019 '''6 May 2019'''<br />
* ICR2019: 5th Interdisciplinary Cyber Research workshop '''29 June 2019''' at TalTech. More information about the event: [https://taltech.ee/institutes/centre-for-digital-forensics-cyber-security/news-16/icr2019-2 HERE] <br />
* Optional Cyber Security Summer School C3S2019 “Blockchain and Quantum Cryptography” '''1 - 5 July 2019''' at University of Tartu<br />
<br />
''The list to be updated''<br />
<br />
=Administrative matters=<br />
<br />
==Contacts==<br />
<br />
* Kristi Ainen kristi.ainen[at]taltech.ee Project Manager at TalTech University, Administrative Support<br />
<br />
* Prof. Dr Olaf Maennel olaf.maenne[at]taltech.ee Professor of Cyber Security at TalTech University, Scientific Lead<br />
<br />
* Dr Matthew Sorell, University of Adelaide, Representing partner university, and Adjunct Professor in Digital Forensics at TalTech University<br />
<br />
* Prof. Dr Tobias Eggendorfer, University of Applied Sciences Ravensburg-Weingarten, Representing partner university</div>Kristihttp://courses.cs.taltech.ee/w/index.php?title=Cyber_security_research_excellence_course&diff=7715Cyber security research excellence course2018-11-09T12:00:25Z<p>Kristi: /* Timeline */</p>
<hr />
<div>=Introduction=<br />
<br />
==Objective==<br />
<br />
The objective of the Cyber Security Research Excellence Course is to strengthen Estonia's position on international cyber security research excellence. The main purpose is to give our cyber security students a unique experience in academic research, working on industry-related projects, academic writing, and presenting the work to an international audience. This builds the basis for establishing long-term collaborations on an international level. The starting point for this will be working on some concrete projects in cyber security that build the basis for a MSc thesis, an academic career or industry collaboration.<br />
<br />
==Outcome==<br />
<br />
The students will write a paper to be published at a conference or in a journal on original research done over the year. They will gain experience in conducting research and academic writing, build international long-term collaborations with students and supervisors at TalTech University as well as the partner universities.<br />
<br />
==Partners==<br />
<br />
This course will take place in collaboration between three universities:<br />
* '''TalTech University''' (Estonia) [https://en.wikipedia.org/wiki/Tallinn_University_of_Technology]<br />
* '''University of Adelaide''' (Australia) [https://en.wikipedia.org/wiki/University_of_Adelaide]<br />
* '''University of Applied Sciences Ravensburg-Weingarten''' (Germany) [https://en.wikipedia.org/wiki/University_of_Applied_Sciences_Ravensburg-Weingarten]<br />
<br />
<br />
We cooperate with the following industry partners:<br />
* '''Tallink''' - the largest passenger and cargo shipping company in the Baltic Sea region [https://en.wikipedia.org/wiki/Tallink]<br />
* '''Avira Operations GmbH & Co.''' - Avira is German antivirus company offering security solutions against malware, viruses and spyware [https://en.wikipedia.org/wiki/Avira]<br />
<br />
=Organisation=<br />
<br />
==Timeline==<br />
<br />
It is expected from the students that they will actively "drive" the course, set their own milestones and be responsible for their progress. Throughout the course the students will be constantly mentored on a one-to-one basis. Furthermore, the students can get help from mentors participating in this collaboration, which currently includes academics working at the University of Adelaide, TalTech University and University of Applied Sciences Ravensburg-Weingarten.<br />
<br />
* '''October 2018''' Getting acquainted with the course<br />
* '''November - December 2018''' Signing up for the course, selecting the topic area, starting a literature review<br />
* '''January 2019''' Option to participate at Research Bootcamp at the University of Adelaide. Over the two weeks, you should find other participants interested in your research, ideally working in related areas, willing to support you over the year. Obviously, you should be willing to support them as well. Participation at the Research Bootcamp is not mandatory. However, for travel support, it is possible to apply for the scholarship for Dora Plus Short-Term study mobility measure. Read more about the scholarship: [[https://www.ttu.ee/studying/phd-studies/programmes-6/dora-scholarships/ HERE]]<br />
* '''February - May 2019''' Regular meetings with the supervisors. During the spring, the students will meet with the supervisors regularly and discusses progress and questions arising from the work. This also includes discussions on topics such as 'how to conduct a literature review', 'research methodology', 'how to select a conference or journal', etc. Also submitting a 1,000 word research abstract and initial findings to the ICR2019: 5th Interdisciplinary Cyber Research workshop. Submission of abstract is mandatory<br />
* '''June 2019''' Attend at ICR2019 and present (if accepted) ongoing research at the workshop<br />
* '''July 2019''' Option to participate at the Cyber Security Summer School C3S2019 “Blockchain and Quantum Cryptography” <br />
* '''Autumn 2019''' In the second half of the year we will more focus on analysing data, writing-up a paper using latex, etc<br />
* '''October 2019''' Poster presenting research methodology, and results<br />
* '''January 2020''' Research paper draft ready to submit to journal or conference<br />
<br />
<br />
Please note that semester at University of Tartu will not affect the eligibility for taking this course.<br />
<br />
==Research topics==<br />
<br />
Students are welcome to propose their own topics, or work with a supervisor on a per-defined topic. An initial list of per-defined projects include (list will be expanded over time):<br />
<br />
* '''Application of Machine Learning to the Cyber Security Problems''' <br />
In this project, the student(s) will apply machine learning algorithms to solve a cyber security problem which is mainly detecting a cyber attack in the selected network environment. There exist various publicly available datasets that include legitimate and attack records obtained from enterprise networks, SCADA systems, IoT networks, mobile systems. The student will select a problem domain (such as internal threat, IoT botnet, mobile malware, SCADA attacks) and create machine learning classifiers that discriminate attack records from legitimate ones with high accuracy detection rates. <br />
<br />
* '''Establishing an IoT Security Test Setup''' <br />
In this project, the student(s) will establish a test setup that resembles a realistic IoT network. The main goal is to launch the cyber attacks in the environment where the normal traffic is also simulated and create a dataset that can be used by the other researchers. This test setup can be also utilized in an attack-defence type of course and may enable us to deal with some research problems about cyber security exercises/games. <br />
<br />
* '''Establishing a SCADA Security Test Setup''' <br />
In this topic, the student(s) will create a test setup that includes physical/virtual components of SCADA networks. The main goal is to launch the cyber attacks in the environment where the normal traffic is also simulated and create a dataset that can be used by the other researchers. This test setup can be also utilized in an attack-defence type of course. The further study can be conducted for understanding how to create a totally virtual system that can be easily replicated for cyber security exercises. One other interesting question could be the comparison of the degree of fidelity provided by the physically established system and totally virtual one.<br />
<br />
* '''Conducting a Study in the Area of Cyber Doctrine Development'''<br />
On 14 June 2016 the defence ministers of NATO countries agreed to recognise cyberspace as a domain of warfare at that year’s Warsaw Summit. However, although now regarded as equal to operations on land, sea, air and space, cyber doctrine is still immature and developing. The production of coherent strategy is further hindered by a lack of alignment in a definition of cyberspace. In this topic, the student(s) will have an opportunity to study in this area. <br />
<br />
* '''Maritime Cyber Security''' <br />
In collaboration with Tallink we offer several projects on cyber security aspects of smart bridges or smart passenger desks. This project builds knowledge in secure system design, and penetration testing, risk analysis.<br />
<br />
* '''Projects in collaboration with Avira Operations''' <br />
Please find the complete list of project proposals here: [[Media:Avira-project-proposals.pdf|PDF]]<br />
<br />
==ECTS==<br />
<br />
The course is running through all 2019 and valued at 15 ECTS (6 ECTS for spring semester 2019, 6 ECTS for autumn semester 2019, 3 ECTS C3S Summer School).<br />
<br />
=Participants=<br />
<br />
==Target group==<br />
<br />
The course is targeted at Cyber Security MSc students, who have a strong interest in pursuing an academic career, conducting research, and publishing papers. Furthermore, we encourage MSc students to participate in this course in order to understand the more academic perspective early on and then join our PhD program and thereby strengthens Estonia's Cyber Security research.<br />
<br />
==Important dates and events==<br />
<br />
Please keep track of the following dates and deadlines:<br />
<br />
===In 2018===<br />
<br />
* Cyber Security Student Briefing on '''5 November 2018''' at 15:00 - 17:00. Venue: '''Auditorium U01-202 TalTech University main building''' (Ehitajate tee 5). Official launch of the course, briefing, possible to meet organisers and mentors, Q&A. Find the agenda: [https://www.ttu.ee/institutes/centre-for-digital-forensics-cyber-security/news-16/ HERE]<br />
* Sign up for the course by '''6 November 2018''' at 23:59. <br />
* Course eligibility will be determined based on interviews on '''7 November 2018''' For signing up for the course, please book an interview time: [https://doodle.com/poll/qyy7nskhxnp67xwu HERE] Interviews will take place in '''TalTech University ICT building''' (Akadeemia tee 15a) room '''ICT-420'''.<br />
* Option to participate at Cybersecurity University Industry Networking (CUIN) at Startup Week TLN on '''21 November 2018''' at 14:00 - 17:00. Venue: '''TalTech Mektory''' (Raja 15). CUIN is a cyber security industry and university networking event which will bring young researchers and practicing experts in the cyber domain closer to stimulate research and development collaboration between the University and Industry. More information about the event, agenda and registration [https://www.facebook.com/events/247219845956105/ HERE]<br />
<br />
''The list to be updated''<br />
<br />
===In 2019===<br />
* Research Bootcamp at the University of Adelaide '''14 - 25 January 2019''' (optional)<br />
* Abstract submission deadline for ICR2019 '''15 April 2019''' (mandatory)<br />
* Notification if accepted for presenting at ICR2019 '''6 May 2019'''<br />
* ICR2019: 5th Interdisciplinary Cyber Research workshop '''29 June 2019''' at TalTech. More information about the event: [https://taltech.ee/institutes/centre-for-digital-forensics-cyber-security/news-16/icr2019-2 HERE] <br />
* Optional Cyber Security Summer School C3S2019 “Blockchain and Quantum Cryptography” '''1 - 5 July 2019''' at University of Tartu<br />
<br />
''The list to be updated''<br />
<br />
=Administrative matters=<br />
<br />
==Contacts==<br />
<br />
* Kristi Ainen kristi.ainen[at]taltech.ee Project Manager at TalTech University, Administrative Support<br />
<br />
* Prof. Dr Olaf Maennel olaf.maenne[at]taltech.ee Professor of Cyber Security at TalTech University, Scientific Lead<br />
<br />
* Dr Matthew Sorell, University of Adelaide, Representing partner university, and Adjunct Professor in Digital Forensics at TalTech University<br />
<br />
* Prof. Dr Tobias Eggendorfer, University of Applied Sciences Ravensburg-Weingarten, Representing partner university</div>Kristihttp://courses.cs.taltech.ee/w/index.php?title=Cyber_security_research_excellence_course&diff=7714Cyber security research excellence course2018-11-09T11:59:40Z<p>Kristi: /* Timeline */</p>
<hr />
<div>=Introduction=<br />
<br />
==Objective==<br />
<br />
The objective of the Cyber Security Research Excellence Course is to strengthen Estonia's position on international cyber security research excellence. The main purpose is to give our cyber security students a unique experience in academic research, working on industry-related projects, academic writing, and presenting the work to an international audience. This builds the basis for establishing long-term collaborations on an international level. The starting point for this will be working on some concrete projects in cyber security that build the basis for a MSc thesis, an academic career or industry collaboration.<br />
<br />
==Outcome==<br />
<br />
The students will write a paper to be published at a conference or in a journal on original research done over the year. They will gain experience in conducting research and academic writing, build international long-term collaborations with students and supervisors at TalTech University as well as the partner universities.<br />
<br />
==Partners==<br />
<br />
This course will take place in collaboration between three universities:<br />
* '''TalTech University''' (Estonia) [https://en.wikipedia.org/wiki/Tallinn_University_of_Technology]<br />
* '''University of Adelaide''' (Australia) [https://en.wikipedia.org/wiki/University_of_Adelaide]<br />
* '''University of Applied Sciences Ravensburg-Weingarten''' (Germany) [https://en.wikipedia.org/wiki/University_of_Applied_Sciences_Ravensburg-Weingarten]<br />
<br />
<br />
We cooperate with the following industry partners:<br />
* '''Tallink''' - the largest passenger and cargo shipping company in the Baltic Sea region [https://en.wikipedia.org/wiki/Tallink]<br />
* '''Avira Operations GmbH & Co.''' - Avira is German antivirus company offering security solutions against malware, viruses and spyware [https://en.wikipedia.org/wiki/Avira]<br />
<br />
=Organisation=<br />
<br />
==Timeline==<br />
<br />
It is expected from the students that they will actively "drive" the course, set their own milestones and be responsible for their progress. Throughout the course the students will be constantly mentored on a one-to-one basis. Furthermore, the students can get help from mentors participating in this collaboration, which currently includes academics working at the University of Adelaide, TalTech University and University of Applied Sciences Ravensburg-Weingarten.<br />
<br />
* '''October 2018''' Getting acquainted with the course<br />
* '''November - December 2018''' Signing up for the course, selecting the topic area, starting a literature review<br />
* '''January 2019''' Option to participate at Research Bootcamp at the University of Adelaide. Over the two weeks, you should find other participants interested in your research, ideally working in related areas, willing to support you over the year. Obviously, you should be willing to support them as well. Participation at the Research Bootcamp is not mandatory. For travel support, it is possible to apply for the scholarship for Dora Plus Short-Term study mobility measure. Read more about the scholarship: [[https://www.ttu.ee/studying/phd-studies/programmes-6/dora-scholarships/ HERE]]<br />
* '''February - May 2019''' Regular meetings with the supervisors. During the spring, the students will meet with the supervisors regularly and discusses progress and questions arising from the work. This also includes discussions on topics such as 'how to conduct a literature review', 'research methodology', 'how to select a conference or journal', etc. Also submitting a 1,000 word research abstract and initial findings to the ICR2019: 5th Interdisciplinary Cyber Research workshop. Submission of abstract is mandatory<br />
* '''June 2019''' Attend at ICR2019 and present (if accepted) ongoing research at the workshop<br />
* '''July 2019''' Option to participate at the Cyber Security Summer School C3S2019 “Blockchain and Quantum Cryptography” <br />
* '''Autumn 2019''' In the second half of the year we will more focus on analysing data, writing-up a paper using latex, etc<br />
* '''October 2019''' Poster presenting research methodology, and results<br />
* '''January 2020''' Research paper draft ready to submit to journal or conference<br />
<br />
<br />
Please note that semester at University of Tartu will not affect the eligibility for taking this course.<br />
<br />
==Research topics==<br />
<br />
Students are welcome to propose their own topics, or work with a supervisor on a per-defined topic. An initial list of per-defined projects include (list will be expanded over time):<br />
<br />
* '''Application of Machine Learning to the Cyber Security Problems''' <br />
In this project, the student(s) will apply machine learning algorithms to solve a cyber security problem which is mainly detecting a cyber attack in the selected network environment. There exist various publicly available datasets that include legitimate and attack records obtained from enterprise networks, SCADA systems, IoT networks, mobile systems. The student will select a problem domain (such as internal threat, IoT botnet, mobile malware, SCADA attacks) and create machine learning classifiers that discriminate attack records from legitimate ones with high accuracy detection rates. <br />
<br />
* '''Establishing an IoT Security Test Setup''' <br />
In this project, the student(s) will establish a test setup that resembles a realistic IoT network. The main goal is to launch the cyber attacks in the environment where the normal traffic is also simulated and create a dataset that can be used by the other researchers. This test setup can be also utilized in an attack-defence type of course and may enable us to deal with some research problems about cyber security exercises/games. <br />
<br />
* '''Establishing a SCADA Security Test Setup''' <br />
In this topic, the student(s) will create a test setup that includes physical/virtual components of SCADA networks. The main goal is to launch the cyber attacks in the environment where the normal traffic is also simulated and create a dataset that can be used by the other researchers. This test setup can be also utilized in an attack-defence type of course. The further study can be conducted for understanding how to create a totally virtual system that can be easily replicated for cyber security exercises. One other interesting question could be the comparison of the degree of fidelity provided by the physically established system and totally virtual one.<br />
<br />
* '''Conducting a Study in the Area of Cyber Doctrine Development'''<br />
On 14 June 2016 the defence ministers of NATO countries agreed to recognise cyberspace as a domain of warfare at that year’s Warsaw Summit. However, although now regarded as equal to operations on land, sea, air and space, cyber doctrine is still immature and developing. The production of coherent strategy is further hindered by a lack of alignment in a definition of cyberspace. In this topic, the student(s) will have an opportunity to study in this area. <br />
<br />
* '''Maritime Cyber Security''' <br />
In collaboration with Tallink we offer several projects on cyber security aspects of smart bridges or smart passenger desks. This project builds knowledge in secure system design, and penetration testing, risk analysis.<br />
<br />
* '''Projects in collaboration with Avira Operations''' <br />
Please find the complete list of project proposals here: [[Media:Avira-project-proposals.pdf|PDF]]<br />
<br />
==ECTS==<br />
<br />
The course is running through all 2019 and valued at 15 ECTS (6 ECTS for spring semester 2019, 6 ECTS for autumn semester 2019, 3 ECTS C3S Summer School).<br />
<br />
=Participants=<br />
<br />
==Target group==<br />
<br />
The course is targeted at Cyber Security MSc students, who have a strong interest in pursuing an academic career, conducting research, and publishing papers. Furthermore, we encourage MSc students to participate in this course in order to understand the more academic perspective early on and then join our PhD program and thereby strengthens Estonia's Cyber Security research.<br />
<br />
==Important dates and events==<br />
<br />
Please keep track of the following dates and deadlines:<br />
<br />
===In 2018===<br />
<br />
* Cyber Security Student Briefing on '''5 November 2018''' at 15:00 - 17:00. Venue: '''Auditorium U01-202 TalTech University main building''' (Ehitajate tee 5). Official launch of the course, briefing, possible to meet organisers and mentors, Q&A. Find the agenda: [https://www.ttu.ee/institutes/centre-for-digital-forensics-cyber-security/news-16/ HERE]<br />
* Sign up for the course by '''6 November 2018''' at 23:59. <br />
* Course eligibility will be determined based on interviews on '''7 November 2018''' For signing up for the course, please book an interview time: [https://doodle.com/poll/qyy7nskhxnp67xwu HERE] Interviews will take place in '''TalTech University ICT building''' (Akadeemia tee 15a) room '''ICT-420'''.<br />
* Option to participate at Cybersecurity University Industry Networking (CUIN) at Startup Week TLN on '''21 November 2018''' at 14:00 - 17:00. Venue: '''TalTech Mektory''' (Raja 15). CUIN is a cyber security industry and university networking event which will bring young researchers and practicing experts in the cyber domain closer to stimulate research and development collaboration between the University and Industry. More information about the event, agenda and registration [https://www.facebook.com/events/247219845956105/ HERE]<br />
<br />
''The list to be updated''<br />
<br />
===In 2019===<br />
* Research Bootcamp at the University of Adelaide '''14 - 25 January 2019''' (optional)<br />
* Abstract submission deadline for ICR2019 '''15 April 2019''' (mandatory)<br />
* Notification if accepted for presenting at ICR2019 '''6 May 2019'''<br />
* ICR2019: 5th Interdisciplinary Cyber Research workshop '''29 June 2019''' at TalTech. More information about the event: [https://taltech.ee/institutes/centre-for-digital-forensics-cyber-security/news-16/icr2019-2 HERE] <br />
* Optional Cyber Security Summer School C3S2019 “Blockchain and Quantum Cryptography” '''1 - 5 July 2019''' at University of Tartu<br />
<br />
''The list to be updated''<br />
<br />
=Administrative matters=<br />
<br />
==Contacts==<br />
<br />
* Kristi Ainen kristi.ainen[at]taltech.ee Project Manager at TalTech University, Administrative Support<br />
<br />
* Prof. Dr Olaf Maennel olaf.maenne[at]taltech.ee Professor of Cyber Security at TalTech University, Scientific Lead<br />
<br />
* Dr Matthew Sorell, University of Adelaide, Representing partner university, and Adjunct Professor in Digital Forensics at TalTech University<br />
<br />
* Prof. Dr Tobias Eggendorfer, University of Applied Sciences Ravensburg-Weingarten, Representing partner university</div>Kristihttp://courses.cs.taltech.ee/w/index.php?title=Cyber_security_research_excellence_course&diff=7713Cyber security research excellence course2018-11-09T11:59:25Z<p>Kristi: /* Timeline */</p>
<hr />
<div>=Introduction=<br />
<br />
==Objective==<br />
<br />
The objective of the Cyber Security Research Excellence Course is to strengthen Estonia's position on international cyber security research excellence. The main purpose is to give our cyber security students a unique experience in academic research, working on industry-related projects, academic writing, and presenting the work to an international audience. This builds the basis for establishing long-term collaborations on an international level. The starting point for this will be working on some concrete projects in cyber security that build the basis for a MSc thesis, an academic career or industry collaboration.<br />
<br />
==Outcome==<br />
<br />
The students will write a paper to be published at a conference or in a journal on original research done over the year. They will gain experience in conducting research and academic writing, build international long-term collaborations with students and supervisors at TalTech University as well as the partner universities.<br />
<br />
==Partners==<br />
<br />
This course will take place in collaboration between three universities:<br />
* '''TalTech University''' (Estonia) [https://en.wikipedia.org/wiki/Tallinn_University_of_Technology]<br />
* '''University of Adelaide''' (Australia) [https://en.wikipedia.org/wiki/University_of_Adelaide]<br />
* '''University of Applied Sciences Ravensburg-Weingarten''' (Germany) [https://en.wikipedia.org/wiki/University_of_Applied_Sciences_Ravensburg-Weingarten]<br />
<br />
<br />
We cooperate with the following industry partners:<br />
* '''Tallink''' - the largest passenger and cargo shipping company in the Baltic Sea region [https://en.wikipedia.org/wiki/Tallink]<br />
* '''Avira Operations GmbH & Co.''' - Avira is German antivirus company offering security solutions against malware, viruses and spyware [https://en.wikipedia.org/wiki/Avira]<br />
<br />
=Organisation=<br />
<br />
==Timeline==<br />
<br />
It is expected from the students that they will actively "drive" the course, set their own milestones and be responsible for their progress. Throughout the course the students will be constantly mentored on a one-to-one basis. Furthermore, the students can get help from mentors participating in this collaboration, which currently includes academics working at the University of Adelaide, TalTech University and University of Applied Sciences Ravensburg-Weingarten.<br />
<br />
* '''October 2018''' Getting acquainted with the course<br />
* '''November - December 2018''' Signing up for the course, selecting the topic area, starting a literature review<br />
* '''January 2019''' Option to participate at Research Bootcamp at the University of Adelaide. Over the two weeks, you should find other participants interested in your research, ideally working in related areas, willing to support you over the year. Obviously, you should be willing to support them as well. Participation at the Research Bootcamp is not mandatory. For travel support, it is possible to apply for the scholarship for Dora Plus Short-Term study mobility measure. Read more about the scholarship: [[https://www.ttu.ee/studying/phd-studies/programmes-6/dora-scholarships/ | HERE]]<br />
* '''February - May 2019''' Regular meetings with the supervisors. During the spring, the students will meet with the supervisors regularly and discusses progress and questions arising from the work. This also includes discussions on topics such as 'how to conduct a literature review', 'research methodology', 'how to select a conference or journal', etc. Also submitting a 1,000 word research abstract and initial findings to the ICR2019: 5th Interdisciplinary Cyber Research workshop. Submission of abstract is mandatory<br />
* '''June 2019''' Attend at ICR2019 and present (if accepted) ongoing research at the workshop<br />
* '''July 2019''' Option to participate at the Cyber Security Summer School C3S2019 “Blockchain and Quantum Cryptography” <br />
* '''Autumn 2019''' In the second half of the year we will more focus on analysing data, writing-up a paper using latex, etc<br />
* '''October 2019''' Poster presenting research methodology, and results<br />
* '''January 2020''' Research paper draft ready to submit to journal or conference<br />
<br />
<br />
Please note that semester at University of Tartu will not affect the eligibility for taking this course.<br />
<br />
==Research topics==<br />
<br />
Students are welcome to propose their own topics, or work with a supervisor on a per-defined topic. An initial list of per-defined projects include (list will be expanded over time):<br />
<br />
* '''Application of Machine Learning to the Cyber Security Problems''' <br />
In this project, the student(s) will apply machine learning algorithms to solve a cyber security problem which is mainly detecting a cyber attack in the selected network environment. There exist various publicly available datasets that include legitimate and attack records obtained from enterprise networks, SCADA systems, IoT networks, mobile systems. The student will select a problem domain (such as internal threat, IoT botnet, mobile malware, SCADA attacks) and create machine learning classifiers that discriminate attack records from legitimate ones with high accuracy detection rates. <br />
<br />
* '''Establishing an IoT Security Test Setup''' <br />
In this project, the student(s) will establish a test setup that resembles a realistic IoT network. The main goal is to launch the cyber attacks in the environment where the normal traffic is also simulated and create a dataset that can be used by the other researchers. This test setup can be also utilized in an attack-defence type of course and may enable us to deal with some research problems about cyber security exercises/games. <br />
<br />
* '''Establishing a SCADA Security Test Setup''' <br />
In this topic, the student(s) will create a test setup that includes physical/virtual components of SCADA networks. The main goal is to launch the cyber attacks in the environment where the normal traffic is also simulated and create a dataset that can be used by the other researchers. This test setup can be also utilized in an attack-defence type of course. The further study can be conducted for understanding how to create a totally virtual system that can be easily replicated for cyber security exercises. One other interesting question could be the comparison of the degree of fidelity provided by the physically established system and totally virtual one.<br />
<br />
* '''Conducting a Study in the Area of Cyber Doctrine Development'''<br />
On 14 June 2016 the defence ministers of NATO countries agreed to recognise cyberspace as a domain of warfare at that year’s Warsaw Summit. However, although now regarded as equal to operations on land, sea, air and space, cyber doctrine is still immature and developing. The production of coherent strategy is further hindered by a lack of alignment in a definition of cyberspace. In this topic, the student(s) will have an opportunity to study in this area. <br />
<br />
* '''Maritime Cyber Security''' <br />
In collaboration with Tallink we offer several projects on cyber security aspects of smart bridges or smart passenger desks. This project builds knowledge in secure system design, and penetration testing, risk analysis.<br />
<br />
* '''Projects in collaboration with Avira Operations''' <br />
Please find the complete list of project proposals here: [[Media:Avira-project-proposals.pdf|PDF]]<br />
<br />
==ECTS==<br />
<br />
The course is running through all 2019 and valued at 15 ECTS (6 ECTS for spring semester 2019, 6 ECTS for autumn semester 2019, 3 ECTS C3S Summer School).<br />
<br />
=Participants=<br />
<br />
==Target group==<br />
<br />
The course is targeted at Cyber Security MSc students, who have a strong interest in pursuing an academic career, conducting research, and publishing papers. Furthermore, we encourage MSc students to participate in this course in order to understand the more academic perspective early on and then join our PhD program and thereby strengthens Estonia's Cyber Security research.<br />
<br />
==Important dates and events==<br />
<br />
Please keep track of the following dates and deadlines:<br />
<br />
===In 2018===<br />
<br />
* Cyber Security Student Briefing on '''5 November 2018''' at 15:00 - 17:00. Venue: '''Auditorium U01-202 TalTech University main building''' (Ehitajate tee 5). Official launch of the course, briefing, possible to meet organisers and mentors, Q&A. Find the agenda: [https://www.ttu.ee/institutes/centre-for-digital-forensics-cyber-security/news-16/ HERE]<br />
* Sign up for the course by '''6 November 2018''' at 23:59. <br />
* Course eligibility will be determined based on interviews on '''7 November 2018''' For signing up for the course, please book an interview time: [https://doodle.com/poll/qyy7nskhxnp67xwu HERE] Interviews will take place in '''TalTech University ICT building''' (Akadeemia tee 15a) room '''ICT-420'''.<br />
* Option to participate at Cybersecurity University Industry Networking (CUIN) at Startup Week TLN on '''21 November 2018''' at 14:00 - 17:00. Venue: '''TalTech Mektory''' (Raja 15). CUIN is a cyber security industry and university networking event which will bring young researchers and practicing experts in the cyber domain closer to stimulate research and development collaboration between the University and Industry. More information about the event, agenda and registration [https://www.facebook.com/events/247219845956105/ HERE]<br />
<br />
''The list to be updated''<br />
<br />
===In 2019===<br />
* Research Bootcamp at the University of Adelaide '''14 - 25 January 2019''' (optional)<br />
* Abstract submission deadline for ICR2019 '''15 April 2019''' (mandatory)<br />
* Notification if accepted for presenting at ICR2019 '''6 May 2019'''<br />
* ICR2019: 5th Interdisciplinary Cyber Research workshop '''29 June 2019''' at TalTech. More information about the event: [https://taltech.ee/institutes/centre-for-digital-forensics-cyber-security/news-16/icr2019-2 HERE] <br />
* Optional Cyber Security Summer School C3S2019 “Blockchain and Quantum Cryptography” '''1 - 5 July 2019''' at University of Tartu<br />
<br />
''The list to be updated''<br />
<br />
=Administrative matters=<br />
<br />
==Contacts==<br />
<br />
* Kristi Ainen kristi.ainen[at]taltech.ee Project Manager at TalTech University, Administrative Support<br />
<br />
* Prof. Dr Olaf Maennel olaf.maenne[at]taltech.ee Professor of Cyber Security at TalTech University, Scientific Lead<br />
<br />
* Dr Matthew Sorell, University of Adelaide, Representing partner university, and Adjunct Professor in Digital Forensics at TalTech University<br />
<br />
* Prof. Dr Tobias Eggendorfer, University of Applied Sciences Ravensburg-Weingarten, Representing partner university</div>Kristihttp://courses.cs.taltech.ee/w/index.php?title=Cyber_security_research_excellence_course&diff=7712Cyber security research excellence course2018-11-09T11:54:50Z<p>Kristi: /* Timeline */</p>
<hr />
<div>=Introduction=<br />
<br />
==Objective==<br />
<br />
The objective of the Cyber Security Research Excellence Course is to strengthen Estonia's position on international cyber security research excellence. The main purpose is to give our cyber security students a unique experience in academic research, working on industry-related projects, academic writing, and presenting the work to an international audience. This builds the basis for establishing long-term collaborations on an international level. The starting point for this will be working on some concrete projects in cyber security that build the basis for a MSc thesis, an academic career or industry collaboration.<br />
<br />
==Outcome==<br />
<br />
The students will write a paper to be published at a conference or in a journal on original research done over the year. They will gain experience in conducting research and academic writing, build international long-term collaborations with students and supervisors at TalTech University as well as the partner universities.<br />
<br />
==Partners==<br />
<br />
This course will take place in collaboration between three universities:<br />
* '''TalTech University''' (Estonia) [https://en.wikipedia.org/wiki/Tallinn_University_of_Technology]<br />
* '''University of Adelaide''' (Australia) [https://en.wikipedia.org/wiki/University_of_Adelaide]<br />
* '''University of Applied Sciences Ravensburg-Weingarten''' (Germany) [https://en.wikipedia.org/wiki/University_of_Applied_Sciences_Ravensburg-Weingarten]<br />
<br />
<br />
We cooperate with the following industry partners:<br />
* '''Tallink''' - the largest passenger and cargo shipping company in the Baltic Sea region [https://en.wikipedia.org/wiki/Tallink]<br />
* '''Avira Operations GmbH & Co.''' - Avira is German antivirus company offering security solutions against malware, viruses and spyware [https://en.wikipedia.org/wiki/Avira]<br />
<br />
=Organisation=<br />
<br />
==Timeline==<br />
<br />
It is expected from the students that they will actively "drive" the course, set their own milestones and be responsible for their progress. Throughout the course the students will be constantly mentored on a one-to-one basis. Furthermore, the students can get help from mentors participating in this collaboration, which currently includes academics working at the University of Adelaide, TalTech University and University of Applied Sciences Ravensburg-Weingarten.<br />
<br />
* '''October 2018''' Getting acquainted with the course<br />
* '''November - December 2018''' Signing up for the course, selecting the topic area, starting a literature review<br />
* '''January 2019''' Option to participate at Research Bootcamp at the University of Adelaide. Over the two weeks, you should find other participants interested in your research, ideally working in related areas, willing to support you over the year. Obviously, you should be willing to support them as well.<br />
* '''February - May 2019''' Regular meetings with the supervisors. During the spring, the students will meet with the supervisors regularly and discusses progress and questions arising from the work. This also includes discussions on topics such as 'how to conduct a literature review', 'research methodology', 'how to select a conference or journal', etc. Also submitting a 1,000 word research abstract and initial findings to the ICR2019: 5th Interdisciplinary Cyber Research workshop. Submission of abstract is mandatory<br />
* '''June 2019''' Attend at ICR2019 and present (if accepted) ongoing research at the workshop<br />
* '''July 2019''' Option to participate at the Cyber Security Summer School C3S2019 “Blockchain and Quantum Cryptography” <br />
* '''Autumn 2019''' In the second half of the year we will more focus on analysing data, writing-up a paper using latex, etc<br />
* '''October 2019''' Poster presenting research methodology, and results<br />
* '''January 2020''' Research paper draft ready to submit to journal or conference<br />
<br />
<br />
Please note that semester at University of Tartu will not affect the eligibility for taking this course.<br />
<br />
==Research topics==<br />
<br />
Students are welcome to propose their own topics, or work with a supervisor on a per-defined topic. An initial list of per-defined projects include (list will be expanded over time):<br />
<br />
* '''Application of Machine Learning to the Cyber Security Problems''' <br />
In this project, the student(s) will apply machine learning algorithms to solve a cyber security problem which is mainly detecting a cyber attack in the selected network environment. There exist various publicly available datasets that include legitimate and attack records obtained from enterprise networks, SCADA systems, IoT networks, mobile systems. The student will select a problem domain (such as internal threat, IoT botnet, mobile malware, SCADA attacks) and create machine learning classifiers that discriminate attack records from legitimate ones with high accuracy detection rates. <br />
<br />
* '''Establishing an IoT Security Test Setup''' <br />
In this project, the student(s) will establish a test setup that resembles a realistic IoT network. The main goal is to launch the cyber attacks in the environment where the normal traffic is also simulated and create a dataset that can be used by the other researchers. This test setup can be also utilized in an attack-defence type of course and may enable us to deal with some research problems about cyber security exercises/games. <br />
<br />
* '''Establishing a SCADA Security Test Setup''' <br />
In this topic, the student(s) will create a test setup that includes physical/virtual components of SCADA networks. The main goal is to launch the cyber attacks in the environment where the normal traffic is also simulated and create a dataset that can be used by the other researchers. This test setup can be also utilized in an attack-defence type of course. The further study can be conducted for understanding how to create a totally virtual system that can be easily replicated for cyber security exercises. One other interesting question could be the comparison of the degree of fidelity provided by the physically established system and totally virtual one.<br />
<br />
* '''Conducting a Study in the Area of Cyber Doctrine Development'''<br />
On 14 June 2016 the defence ministers of NATO countries agreed to recognise cyberspace as a domain of warfare at that year’s Warsaw Summit. However, although now regarded as equal to operations on land, sea, air and space, cyber doctrine is still immature and developing. The production of coherent strategy is further hindered by a lack of alignment in a definition of cyberspace. In this topic, the student(s) will have an opportunity to study in this area. <br />
<br />
* '''Maritime Cyber Security''' <br />
In collaboration with Tallink we offer several projects on cyber security aspects of smart bridges or smart passenger desks. This project builds knowledge in secure system design, and penetration testing, risk analysis.<br />
<br />
* '''Projects in collaboration with Avira Operations''' <br />
Please find the complete list of project proposals here: [[Media:Avira-project-proposals.pdf|PDF]]<br />
<br />
==ECTS==<br />
<br />
The course is running through all 2019 and valued at 15 ECTS (6 ECTS for spring semester 2019, 6 ECTS for autumn semester 2019, 3 ECTS C3S Summer School).<br />
<br />
=Participants=<br />
<br />
==Target group==<br />
<br />
The course is targeted at Cyber Security MSc students, who have a strong interest in pursuing an academic career, conducting research, and publishing papers. Furthermore, we encourage MSc students to participate in this course in order to understand the more academic perspective early on and then join our PhD program and thereby strengthens Estonia's Cyber Security research.<br />
<br />
==Important dates and events==<br />
<br />
Please keep track of the following dates and deadlines:<br />
<br />
===In 2018===<br />
<br />
* Cyber Security Student Briefing on '''5 November 2018''' at 15:00 - 17:00. Venue: '''Auditorium U01-202 TalTech University main building''' (Ehitajate tee 5). Official launch of the course, briefing, possible to meet organisers and mentors, Q&A. Find the agenda: [https://www.ttu.ee/institutes/centre-for-digital-forensics-cyber-security/news-16/ HERE]<br />
* Sign up for the course by '''6 November 2018''' at 23:59. <br />
* Course eligibility will be determined based on interviews on '''7 November 2018''' For signing up for the course, please book an interview time: [https://doodle.com/poll/qyy7nskhxnp67xwu HERE] Interviews will take place in '''TalTech University ICT building''' (Akadeemia tee 15a) room '''ICT-420'''.<br />
* Option to participate at Cybersecurity University Industry Networking (CUIN) at Startup Week TLN on '''21 November 2018''' at 14:00 - 17:00. Venue: '''TalTech Mektory''' (Raja 15). CUIN is a cyber security industry and university networking event which will bring young researchers and practicing experts in the cyber domain closer to stimulate research and development collaboration between the University and Industry. More information about the event, agenda and registration [https://www.facebook.com/events/247219845956105/ HERE]<br />
<br />
''The list to be updated''<br />
<br />
===In 2019===<br />
* Research Bootcamp at the University of Adelaide '''14 - 25 January 2019''' (optional)<br />
* Abstract submission deadline for ICR2019 '''15 April 2019''' (mandatory)<br />
* Notification if accepted for presenting at ICR2019 '''6 May 2019'''<br />
* ICR2019: 5th Interdisciplinary Cyber Research workshop '''29 June 2019''' at TalTech. More information about the event: [https://taltech.ee/institutes/centre-for-digital-forensics-cyber-security/news-16/icr2019-2 HERE] <br />
* Optional Cyber Security Summer School C3S2019 “Blockchain and Quantum Cryptography” '''1 - 5 July 2019''' at University of Tartu<br />
<br />
''The list to be updated''<br />
<br />
=Administrative matters=<br />
<br />
==Contacts==<br />
<br />
* Kristi Ainen kristi.ainen[at]taltech.ee Project Manager at TalTech University, Administrative Support<br />
<br />
* Prof. Dr Olaf Maennel olaf.maenne[at]taltech.ee Professor of Cyber Security at TalTech University, Scientific Lead<br />
<br />
* Dr Matthew Sorell, University of Adelaide, Representing partner university, and Adjunct Professor in Digital Forensics at TalTech University<br />
<br />
* Prof. Dr Tobias Eggendorfer, University of Applied Sciences Ravensburg-Weingarten, Representing partner university</div>Kristihttp://courses.cs.taltech.ee/w/index.php?title=Cyber_security_research_excellence_course&diff=7711Cyber security research excellence course2018-11-09T11:52:17Z<p>Kristi: /* In 2019 */</p>
<hr />
<div>=Introduction=<br />
<br />
==Objective==<br />
<br />
The objective of the Cyber Security Research Excellence Course is to strengthen Estonia's position on international cyber security research excellence. The main purpose is to give our cyber security students a unique experience in academic research, working on industry-related projects, academic writing, and presenting the work to an international audience. This builds the basis for establishing long-term collaborations on an international level. The starting point for this will be working on some concrete projects in cyber security that build the basis for a MSc thesis, an academic career or industry collaboration.<br />
<br />
==Outcome==<br />
<br />
The students will write a paper to be published at a conference or in a journal on original research done over the year. They will gain experience in conducting research and academic writing, build international long-term collaborations with students and supervisors at TalTech University as well as the partner universities.<br />
<br />
==Partners==<br />
<br />
This course will take place in collaboration between three universities:<br />
* '''TalTech University''' (Estonia) [https://en.wikipedia.org/wiki/Tallinn_University_of_Technology]<br />
* '''University of Adelaide''' (Australia) [https://en.wikipedia.org/wiki/University_of_Adelaide]<br />
* '''University of Applied Sciences Ravensburg-Weingarten''' (Germany) [https://en.wikipedia.org/wiki/University_of_Applied_Sciences_Ravensburg-Weingarten]<br />
<br />
<br />
We cooperate with the following industry partners:<br />
* '''Tallink''' - the largest passenger and cargo shipping company in the Baltic Sea region [https://en.wikipedia.org/wiki/Tallink]<br />
* '''Avira Operations GmbH & Co.''' - Avira is German antivirus company offering security solutions against malware, viruses and spyware [https://en.wikipedia.org/wiki/Avira]<br />
<br />
=Organisation=<br />
<br />
==Timeline==<br />
<br />
It is expected from the students that they will actively "drive" the course, set their own milestones and be responsible for their progress. Throughout the course the students will be constantly mentored on a one-to-one basis. Furthermore, the students can get help from mentors participating in this collaboration, which currently includes academics working at the University of Adelaide, TalTech University and University of Applied Sciences Ravensburg-Weingarten.<br />
<br />
* '''October 2018''' Getting acquainted with the course<br />
* '''November - December 2018''' Signing up for the course, selecting the topic area, starting a literature review<br />
* '''January 2019''' Option to participate at Research Bootcamp at the University of Adelaide<br />
* '''February - May 2019''' Regular meetings with the supervisors. During the spring, the students will meet with the supervisors regularly and discusses progress and questions arising from the work. This also includes discussions on topics such as 'how to conduct a literature review', 'research methodology', 'how to select a conference or journal', etc. Also submitting a 1,000 word research abstract and initial findings to the ICR2019: 5th Interdisciplinary Cyber Research workshop. Submission of abstract is mandatory<br />
* '''June 2019''' Attend at ICR2019 and present (if accepted) ongoing research at the workshop<br />
* '''July 2019''' Option to participate at the Cyber Security Summer School C3S2019 “Blockchain and Quantum Cryptography” <br />
* '''Autumn 2019''' In the second half of the year we will more focus on analysing data, writing-up a paper using latex, etc<br />
* '''October 2019''' Poster presenting research methodology, and results<br />
* '''January 2020''' Research paper draft ready to submit to journal or conference<br />
<br />
<br />
Please note that semester at University of Tartu will not affect the eligibility for taking this course.<br />
<br />
==Research topics==<br />
<br />
Students are welcome to propose their own topics, or work with a supervisor on a per-defined topic. An initial list of per-defined projects include (list will be expanded over time):<br />
<br />
* '''Application of Machine Learning to the Cyber Security Problems''' <br />
In this project, the student(s) will apply machine learning algorithms to solve a cyber security problem which is mainly detecting a cyber attack in the selected network environment. There exist various publicly available datasets that include legitimate and attack records obtained from enterprise networks, SCADA systems, IoT networks, mobile systems. The student will select a problem domain (such as internal threat, IoT botnet, mobile malware, SCADA attacks) and create machine learning classifiers that discriminate attack records from legitimate ones with high accuracy detection rates. <br />
<br />
* '''Establishing an IoT Security Test Setup''' <br />
In this project, the student(s) will establish a test setup that resembles a realistic IoT network. The main goal is to launch the cyber attacks in the environment where the normal traffic is also simulated and create a dataset that can be used by the other researchers. This test setup can be also utilized in an attack-defence type of course and may enable us to deal with some research problems about cyber security exercises/games. <br />
<br />
* '''Establishing a SCADA Security Test Setup''' <br />
In this topic, the student(s) will create a test setup that includes physical/virtual components of SCADA networks. The main goal is to launch the cyber attacks in the environment where the normal traffic is also simulated and create a dataset that can be used by the other researchers. This test setup can be also utilized in an attack-defence type of course. The further study can be conducted for understanding how to create a totally virtual system that can be easily replicated for cyber security exercises. One other interesting question could be the comparison of the degree of fidelity provided by the physically established system and totally virtual one.<br />
<br />
* '''Conducting a Study in the Area of Cyber Doctrine Development'''<br />
On 14 June 2016 the defence ministers of NATO countries agreed to recognise cyberspace as a domain of warfare at that year’s Warsaw Summit. However, although now regarded as equal to operations on land, sea, air and space, cyber doctrine is still immature and developing. The production of coherent strategy is further hindered by a lack of alignment in a definition of cyberspace. In this topic, the student(s) will have an opportunity to study in this area. <br />
<br />
* '''Maritime Cyber Security''' <br />
In collaboration with Tallink we offer several projects on cyber security aspects of smart bridges or smart passenger desks. This project builds knowledge in secure system design, and penetration testing, risk analysis.<br />
<br />
* '''Projects in collaboration with Avira Operations''' <br />
Please find the complete list of project proposals here: [[Media:Avira-project-proposals.pdf|PDF]]<br />
<br />
==ECTS==<br />
<br />
The course is running through all 2019 and valued at 15 ECTS (6 ECTS for spring semester 2019, 6 ECTS for autumn semester 2019, 3 ECTS C3S Summer School).<br />
<br />
=Participants=<br />
<br />
==Target group==<br />
<br />
The course is targeted at Cyber Security MSc students, who have a strong interest in pursuing an academic career, conducting research, and publishing papers. Furthermore, we encourage MSc students to participate in this course in order to understand the more academic perspective early on and then join our PhD program and thereby strengthens Estonia's Cyber Security research.<br />
<br />
==Important dates and events==<br />
<br />
Please keep track of the following dates and deadlines:<br />
<br />
===In 2018===<br />
<br />
* Cyber Security Student Briefing on '''5 November 2018''' at 15:00 - 17:00. Venue: '''Auditorium U01-202 TalTech University main building''' (Ehitajate tee 5). Official launch of the course, briefing, possible to meet organisers and mentors, Q&A. Find the agenda: [https://www.ttu.ee/institutes/centre-for-digital-forensics-cyber-security/news-16/ HERE]<br />
* Sign up for the course by '''6 November 2018''' at 23:59. <br />
* Course eligibility will be determined based on interviews on '''7 November 2018''' For signing up for the course, please book an interview time: [https://doodle.com/poll/qyy7nskhxnp67xwu HERE] Interviews will take place in '''TalTech University ICT building''' (Akadeemia tee 15a) room '''ICT-420'''.<br />
* Option to participate at Cybersecurity University Industry Networking (CUIN) at Startup Week TLN on '''21 November 2018''' at 14:00 - 17:00. Venue: '''TalTech Mektory''' (Raja 15). CUIN is a cyber security industry and university networking event which will bring young researchers and practicing experts in the cyber domain closer to stimulate research and development collaboration between the University and Industry. More information about the event, agenda and registration [https://www.facebook.com/events/247219845956105/ HERE]<br />
<br />
''The list to be updated''<br />
<br />
===In 2019===<br />
* Research Bootcamp at the University of Adelaide '''14 - 25 January 2019''' (optional)<br />
* Abstract submission deadline for ICR2019 '''15 April 2019''' (mandatory)<br />
* Notification if accepted for presenting at ICR2019 '''6 May 2019'''<br />
* ICR2019: 5th Interdisciplinary Cyber Research workshop '''29 June 2019''' at TalTech. More information about the event: [https://taltech.ee/institutes/centre-for-digital-forensics-cyber-security/news-16/icr2019-2 HERE] <br />
* Optional Cyber Security Summer School C3S2019 “Blockchain and Quantum Cryptography” '''1 - 5 July 2019''' at University of Tartu<br />
<br />
''The list to be updated''<br />
<br />
=Administrative matters=<br />
<br />
==Contacts==<br />
<br />
* Kristi Ainen kristi.ainen[at]taltech.ee Project Manager at TalTech University, Administrative Support<br />
<br />
* Prof. Dr Olaf Maennel olaf.maenne[at]taltech.ee Professor of Cyber Security at TalTech University, Scientific Lead<br />
<br />
* Dr Matthew Sorell, University of Adelaide, Representing partner university, and Adjunct Professor in Digital Forensics at TalTech University<br />
<br />
* Prof. Dr Tobias Eggendorfer, University of Applied Sciences Ravensburg-Weingarten, Representing partner university</div>Kristihttp://courses.cs.taltech.ee/w/index.php?title=Cyber_security_research_excellence_course&diff=7710Cyber security research excellence course2018-11-09T11:51:40Z<p>Kristi: /* In 2019 */</p>
<hr />
<div>=Introduction=<br />
<br />
==Objective==<br />
<br />
The objective of the Cyber Security Research Excellence Course is to strengthen Estonia's position on international cyber security research excellence. The main purpose is to give our cyber security students a unique experience in academic research, working on industry-related projects, academic writing, and presenting the work to an international audience. This builds the basis for establishing long-term collaborations on an international level. The starting point for this will be working on some concrete projects in cyber security that build the basis for a MSc thesis, an academic career or industry collaboration.<br />
<br />
==Outcome==<br />
<br />
The students will write a paper to be published at a conference or in a journal on original research done over the year. They will gain experience in conducting research and academic writing, build international long-term collaborations with students and supervisors at TalTech University as well as the partner universities.<br />
<br />
==Partners==<br />
<br />
This course will take place in collaboration between three universities:<br />
* '''TalTech University''' (Estonia) [https://en.wikipedia.org/wiki/Tallinn_University_of_Technology]<br />
* '''University of Adelaide''' (Australia) [https://en.wikipedia.org/wiki/University_of_Adelaide]<br />
* '''University of Applied Sciences Ravensburg-Weingarten''' (Germany) [https://en.wikipedia.org/wiki/University_of_Applied_Sciences_Ravensburg-Weingarten]<br />
<br />
<br />
We cooperate with the following industry partners:<br />
* '''Tallink''' - the largest passenger and cargo shipping company in the Baltic Sea region [https://en.wikipedia.org/wiki/Tallink]<br />
* '''Avira Operations GmbH & Co.''' - Avira is German antivirus company offering security solutions against malware, viruses and spyware [https://en.wikipedia.org/wiki/Avira]<br />
<br />
=Organisation=<br />
<br />
==Timeline==<br />
<br />
It is expected from the students that they will actively "drive" the course, set their own milestones and be responsible for their progress. Throughout the course the students will be constantly mentored on a one-to-one basis. Furthermore, the students can get help from mentors participating in this collaboration, which currently includes academics working at the University of Adelaide, TalTech University and University of Applied Sciences Ravensburg-Weingarten.<br />
<br />
* '''October 2018''' Getting acquainted with the course<br />
* '''November - December 2018''' Signing up for the course, selecting the topic area, starting a literature review<br />
* '''January 2019''' Option to participate at Research Bootcamp at the University of Adelaide<br />
* '''February - May 2019''' Regular meetings with the supervisors. During the spring, the students will meet with the supervisors regularly and discusses progress and questions arising from the work. This also includes discussions on topics such as 'how to conduct a literature review', 'research methodology', 'how to select a conference or journal', etc. Also submitting a 1,000 word research abstract and initial findings to the ICR2019: 5th Interdisciplinary Cyber Research workshop. Submission of abstract is mandatory<br />
* '''June 2019''' Attend at ICR2019 and present (if accepted) ongoing research at the workshop<br />
* '''July 2019''' Option to participate at the Cyber Security Summer School C3S2019 “Blockchain and Quantum Cryptography” <br />
* '''Autumn 2019''' In the second half of the year we will more focus on analysing data, writing-up a paper using latex, etc<br />
* '''October 2019''' Poster presenting research methodology, and results<br />
* '''January 2020''' Research paper draft ready to submit to journal or conference<br />
<br />
<br />
Please note that semester at University of Tartu will not affect the eligibility for taking this course.<br />
<br />
==Research topics==<br />
<br />
Students are welcome to propose their own topics, or work with a supervisor on a per-defined topic. An initial list of per-defined projects include (list will be expanded over time):<br />
<br />
* '''Application of Machine Learning to the Cyber Security Problems''' <br />
In this project, the student(s) will apply machine learning algorithms to solve a cyber security problem which is mainly detecting a cyber attack in the selected network environment. There exist various publicly available datasets that include legitimate and attack records obtained from enterprise networks, SCADA systems, IoT networks, mobile systems. The student will select a problem domain (such as internal threat, IoT botnet, mobile malware, SCADA attacks) and create machine learning classifiers that discriminate attack records from legitimate ones with high accuracy detection rates. <br />
<br />
* '''Establishing an IoT Security Test Setup''' <br />
In this project, the student(s) will establish a test setup that resembles a realistic IoT network. The main goal is to launch the cyber attacks in the environment where the normal traffic is also simulated and create a dataset that can be used by the other researchers. This test setup can be also utilized in an attack-defence type of course and may enable us to deal with some research problems about cyber security exercises/games. <br />
<br />
* '''Establishing a SCADA Security Test Setup''' <br />
In this topic, the student(s) will create a test setup that includes physical/virtual components of SCADA networks. The main goal is to launch the cyber attacks in the environment where the normal traffic is also simulated and create a dataset that can be used by the other researchers. This test setup can be also utilized in an attack-defence type of course. The further study can be conducted for understanding how to create a totally virtual system that can be easily replicated for cyber security exercises. One other interesting question could be the comparison of the degree of fidelity provided by the physically established system and totally virtual one.<br />
<br />
* '''Conducting a Study in the Area of Cyber Doctrine Development'''<br />
On 14 June 2016 the defence ministers of NATO countries agreed to recognise cyberspace as a domain of warfare at that year’s Warsaw Summit. However, although now regarded as equal to operations on land, sea, air and space, cyber doctrine is still immature and developing. The production of coherent strategy is further hindered by a lack of alignment in a definition of cyberspace. In this topic, the student(s) will have an opportunity to study in this area. <br />
<br />
* '''Maritime Cyber Security''' <br />
In collaboration with Tallink we offer several projects on cyber security aspects of smart bridges or smart passenger desks. This project builds knowledge in secure system design, and penetration testing, risk analysis.<br />
<br />
* '''Projects in collaboration with Avira Operations''' <br />
Please find the complete list of project proposals here: [[Media:Avira-project-proposals.pdf|PDF]]<br />
<br />
==ECTS==<br />
<br />
The course is running through all 2019 and valued at 15 ECTS (6 ECTS for spring semester 2019, 6 ECTS for autumn semester 2019, 3 ECTS C3S Summer School).<br />
<br />
=Participants=<br />
<br />
==Target group==<br />
<br />
The course is targeted at Cyber Security MSc students, who have a strong interest in pursuing an academic career, conducting research, and publishing papers. Furthermore, we encourage MSc students to participate in this course in order to understand the more academic perspective early on and then join our PhD program and thereby strengthens Estonia's Cyber Security research.<br />
<br />
==Important dates and events==<br />
<br />
Please keep track of the following dates and deadlines:<br />
<br />
===In 2018===<br />
<br />
* Cyber Security Student Briefing on '''5 November 2018''' at 15:00 - 17:00. Venue: '''Auditorium U01-202 TalTech University main building''' (Ehitajate tee 5). Official launch of the course, briefing, possible to meet organisers and mentors, Q&A. Find the agenda: [https://www.ttu.ee/institutes/centre-for-digital-forensics-cyber-security/news-16/ HERE]<br />
* Sign up for the course by '''6 November 2018''' at 23:59. <br />
* Course eligibility will be determined based on interviews on '''7 November 2018''' For signing up for the course, please book an interview time: [https://doodle.com/poll/qyy7nskhxnp67xwu HERE] Interviews will take place in '''TalTech University ICT building''' (Akadeemia tee 15a) room '''ICT-420'''.<br />
* Option to participate at Cybersecurity University Industry Networking (CUIN) at Startup Week TLN on '''21 November 2018''' at 14:00 - 17:00. Venue: '''TalTech Mektory''' (Raja 15). CUIN is a cyber security industry and university networking event which will bring young researchers and practicing experts in the cyber domain closer to stimulate research and development collaboration between the University and Industry. More information about the event, agenda and registration [https://www.facebook.com/events/247219845956105/ HERE]<br />
<br />
''The list to be updated''<br />
<br />
===In 2019===<br />
* Research Bootcamp at the University of Adelaide '''14 - 25 January 2019''' (optional)<br />
* Abstract submission deadline for ICR2019 '''15 April 2019'''<br />
* Notification if accepted for presenting at ICR2019 '''6 May 2019'''<br />
* ICR2019: 5th Interdisciplinary Cyber Research workshop '''29 June 2019''' at TalTech. More information about the event: [https://taltech.ee/institutes/centre-for-digital-forensics-cyber-security/news-16/icr2019-2 HERE] <br />
* Optional Cyber Security Summer School C3S2019 “Blockchain and Quantum Cryptography” '''1 - 5 July 2019''' at University of Tartu<br />
<br />
''The list to be updated''<br />
<br />
=Administrative matters=<br />
<br />
==Contacts==<br />
<br />
* Kristi Ainen kristi.ainen[at]taltech.ee Project Manager at TalTech University, Administrative Support<br />
<br />
* Prof. Dr Olaf Maennel olaf.maenne[at]taltech.ee Professor of Cyber Security at TalTech University, Scientific Lead<br />
<br />
* Dr Matthew Sorell, University of Adelaide, Representing partner university, and Adjunct Professor in Digital Forensics at TalTech University<br />
<br />
* Prof. Dr Tobias Eggendorfer, University of Applied Sciences Ravensburg-Weingarten, Representing partner university</div>Kristihttp://courses.cs.taltech.ee/w/index.php?title=Cyber&diff=7663Cyber2018-11-06T10:00:35Z<p>Kristi: /* News for Fall 2018 */</p>
<hr />
<div>== Accomodation ==<br />
<br />
Campus information<br />
<br />
To find your way around the TalTech campus, please take a look at [https://www.ttu.ee/university/ttu-in-brief/ttu-campus/], there is also a map available there. <br />
<br />
Accommodation<br />
<br />
The dormitory situation in TalTech is very tight, so please make sure you book your places well ahead. <br />
<br />
The information how to book a place at the dormitories can be found [http://www.ttu.ee/studying/new-and-current-student/accommodation-4/ here] <br />
<br />
'''For new students''', please make sure you file your applications on the '''1st of June!''' The system opens on June 1st, and the sooner you apply the higher you are in the queue. You should not file it earlier either because then your application will end in a pile with all other students, and it takes longer. Student can choose only two houses on the application, so have a look at different dormitory buildings here:[https://www.ttu.ee/organizations/campus/student-residence/] Siidisaba building is located not in the campus, but in Kristiine area, which is closer to city centre, but away from university. Campus office will start giving out offers starting July 3. Have a look at the campus website: [https://www.ttu.ee/organizations/campus/applicant/first-year-international-students/] For students who plan to move after Autumn semester, November is about the latest time when to file an application with CampusTTU. Please note that students who have not stayed in TalTech dormitories can follow the link "Send application". Students who have previously stayed at the dormitories need to follow the link "e-kyla login" and file the application from there. You can send yourself a password reminder from the page.<br />
<br />
== News for Fall 2018 ==<br />
Rearranged with new items at the top.<br />
* Slides from 5th of November student brief: [[Meedia:2018-11-05_student_brief.pdf | Slides from 5th of Nov student brief]]<br />
* It is now possible to sign up for the [[Cyber_security_research_excellence_course | Cyber Security Research Excellence Course]]<br />
* Slides from the intro brief: [[Meedia:2018-08-29_IVCM_welcome_brief.pdf]]<br />
* IVCM09/18 version of the curriculum introduces major changes and phases out a number of old courses. For example, this is the last year that the ITC8050 will be taught. In some cases you can just take the new course, in other cases you will have to find an alternative. Contact Siiri if you are having trouble finding the course you need.<br />
* ITC8120 (Malware I) and ITX8042 (Malware) is replaced by I905<br />
* ITX8110 (Introduction to Combinatorics and Elementary Cryptography) is replaced by ITC8240<br />
* ITC8010 (Legal Aspects of Cyber Security)is replaced by ITC8220. This also substitutes the course HOE7040. The course ITC8220 starts on Sept. 18th.<br />
* ITV8040 Network Technology I is replaced by LTAT.06.004.in Tartu<br />
* ITX8090 Information and Cyber Security Assurance in Organisations is replaced by ITC8230.<br />
<br />
* ITC8020 Computer Network Security is taught this fall. Lectures are Mon. 19:00-20:30 in ICT-402; Lab on Wed. at 19:30- 20:30 in ICT-401 (Timetable can be found under Optional courses in OIS) FEEL FREE TO DECLARE IT, many empty spots yet!<br />
* ITX8200 System Forensics is also taught this fall. Lectures are on Thurs. 12:00- 15:30 in ICT-405 (Timetable can be found under Optional courses in OIS)<br />
<br />
* '''ITC8001 (Teaching Practice):'''<br />
** If you will teach this semester (any subject, not just cyber security related teaching; does not have to be in TalTech), then you can sign up for ITC8001 in your study plan. Make sure you send Rain Ottis a summary of your teaching plans first, though, because he needs to assess if it meets the requirements. The summary should cover the topics, volume (total teaching hours), level (MSc course, BSc course, etc.) and type of teaching (lectures, hands-on, teaching assistance, etc.). <br />
** If you are not teaching this semester, but have considerable teaching practice in the past, you can get credit for ITC8001 via the VÕTA/APEL procedure. <br />
* The [http://www.ttu.ee/faculties/school-of-information-technologies/it-studies/organization-of-studies-2/procedure-for-processing-contemptible-behavior/ policy for handling academic dishonesty] (plagiarism, cheating, etc.) in the IT Faculty. <br />
* TalTech [http://ttu.ee/students/study-information-2/academic-information/study-regulations-2/ academic policies]. Please note §23.<br />
* There are multiple versions of the curriculum. In general, the one that applies to you is the one that corresponds to the year of your enrollment.<br />
* If you have not done so already, please indicate your specialization (Cyber Security, Digital Forensics or Cryptography) in OIS. If you do not make a selection, then some of the courses will end up in the wrong study module. Ask the Dean's office for assistance, if necessary.<br />
* General note: you can replace courses with more advanced IT courses that have at least the same ECTS. Consult with Siiri before committing to any changes, though. <br />
* General note: if you take more ECTS than required in any module then this will count towards your Free Choice module. It is not necessary to actually move the courses to Free Studies in this case.<br />
* General note: contact Siiri Taveter if you need to move a replacement course to the correct module (it may show up under Free Choice). Please note your specialization in your request (Cryptography, Cyber Security or Digital Forensics). You must have passed the course before it can be moved.<br />
<br />
== Studies ==<br />
<br />
==== Administrative information ====<br />
<br />
* Academic calendar[//tark.taltech.ee/studying/practical/academic-calendar-5/] in English <br />
<br />
* Academic calendar[https://tark.taltech.ee/tudengile/oppeinfo/akadeemiline-kalender/] in Estonian <br />
<br />
[https://ois2.ttu.ee/ Study portal]. Read about the OIS guide for the students [https://ttu.ee/students/study-information-2/academic-information/study-information-system-materials/ois-guide/ here]<br />
<br />
* Navigate to the Cyber Security curriculum: click ENG on the right, Select Curricula on the left, Select by "structural units" under Curricula, Open (click to the little +) "Faculty of Information Technology", "10. IVCM09 IVCM09/13 Cybersecurity" in the middle table <br />
<br />
* You must declare your courses for the semester by the so-called "red line" date, which is generally mid-September or mid-February, depending on the semester. Use the [http://ois.ttu.ee/pls/portal/ois2.ois_public.main OIS study portal] to declare courses. <br />
<br />
* Please contact Dean's office for necessary passwords if you cannot log in with your ID-card and for any other kind of technical administrative help!<br />
<br />
==== Course web sites ====<br />
<br />
Please note that this is not a complete list.<br />
<br />
* '''ITC8050''' [[ITC8050 | Strategic and Operational Aspects of Cyber Security]]<br />
<br />
* '''ITV8060''' Computer Network Security (4 ECP) is available and free on Fall for second year students and can be moved to Specialization module after you have got a grade.<br />
<br />
* '''ITX8040''' [http://courses.cs.ttu.ee/pages/ITX8040 Cyber Defence seminar] <br />
<br />
* '''ITX8042''' [[Malware:ITX8042:2014 | 2014 Malware]] <br />
<br />
* '''ITX8050''' [[ITX8050 | Special Course in Cyber Security]]<br />
<br />
* '''ITX8060''' [[Malware:ITX8042:2014 | 2014 Malware II]]<br />
<br />
* '''ITX8062''' [[ITX8062 | Information Systems Mass Attacks and Defence]]<br />
<br />
* '''ITX8063''' [[ITX8063 | Information Systems Hacking Attacks and Defence]]<br />
<br />
* '''ITX8071''' Cyber Defense Monitoring Solutions replaces the course ITX8070 Log Mining and Disc Forensics. <br />
<br />
* '''ITX8090''' [[ITX8090 | Information and Cyber Security Assurance in Organisations]]<br />
<br />
* '''ITX8220/ITX8221''' [[ITX8220 | Special Course in Digital Forensics]]<br />
<br />
* '''ITC8060''' [[ITC8060|Network Protocol Design.]]<br />
<br />
The courses are free (the invoices are cancelled) to Cyber Security RE students and can be moved to Specialization module after you get a grade.<br />
<br />
==== Sources for free choice courses ====<br />
<br />
You can look for additional free choice courses from the following sources<br />
<br />
Scan the [http://ois.ttu.ee OIS study portal] for available courses this semester (takes effort, but it is useful to learn to find your way in OIS). You can find all the courses given in English (timetables of all international programs) in TalTech by looking at OIS -> Timetables -> click to GB flag in the center of the page.<br />
<br />
You can take [http://www.ttu.ee/faculty-of-social-sciences/language-centre-2/student-guidelines-2/ some other language course] (French, German, Russian, Finnish) offered by the [http://www.ttu.ee/faculty-of-social-sciences/language-centre-2/ Language Centre] in addition to the courses (HLI2200, HLX8040) in your curriculum. Some of the alternative courses may not be free to study. In such a case OIS will give notice when you declare the course.<br />
<br />
==== ITX8512 Practical Training in Information Technology ====<br />
You can get credits if you have working experience in IT field. More information can be found here: [[ITX8512]]<br />
<br />
== Thesis and graduation ==<br />
The fourth semester is reserved for writing your thesis. This is a demonstration of your professional knowledge and skills, and the process typically involves the following steps (with the help of your supervisor):<br />
* identify a problem that matters<br />
* research possible solutions, and select or develop the most suitable one<br />
* implement the solution<br />
* analyze the results of your work<br />
* present your work in a professional manner in written (thesis) and oral (thesis defence) form<br />
<br />
[http://courses.cs.ttu.ee/pages/Thesis Thesis information] - deadlines, proposed topics, requirements, etc.<br />
<br />
* [https://courses.cs.ttu.ee/pages/Defended_thesis_cyber Defended thesis]<br />
<br />
== Scholarships ==<br />
<br />
There are special IT-Academy scholarships available for Cyber Security students. The scholarships are awarded based on rank in admission and the study results in the previous semesters. You will have to apply for this scholarship on OIS and OIS will also tell you if you qualify for it. Check also: [http://www.ttu.ee/public/i/infotehnoloogia-teaduskond/Tudengile/ITA/IT_Academy__stipend_M_english.docx statute of the scholarship], which is available on the faculty web site.<br />
<br />
== Contact ==<br />
* [http://www.ttu.ee/?lang=en Tallinn University of Technology]<br />
** [http://www.ttu.ee/studying/new-and-current-student/ International Study Centre] will help you in the first steps at TalTech and provides useful help along your studies.<br />
** See also [http://www.ttu.ee/public/u/ulikool/kontakt/TTU_Campusekaart_juuli2010.pdf campus maps]<br />
** [http://www.ttu.ee/faculty-of-information-technology/faculty-of-information-technology-1/home-2/ Faculty of Information Technology]<br />
** Dean's Office of IT dept: room ICT-120, phone 6203528, email i@ttu.ee <br />
** program coordinator Rain Ottis, rain.ottis@ttu.ee, room ICT-430, Akadeemia 15a. Consultancy registration via e-mail.<br />
** research coordinator [http://www.ttu.ee/en/personnel-search/&kood=T0067160 Olaf Maennel], olaf.maennel@ttu.ee, ICT-420, Akadeemia 15a. Consultancy registration via e-mail.<br />
* [http://www.ut.ee/en University of Tartu]<br />
** [http://www.cs.ut.ee/en Institute of Computer Science]<br />
** program coordinator [http://vvv.cs.ut.ee/~unruh/ Dominique Unruh]<br />
<br />
== Historic information from Fall 2017 ==<br />
Rearranged with new items at the top.<br />
* Slides from the new student intro brief on 30AUG17: [[Meedia:IVCM_intro_brief_2017.pdf]]<br />
* The '''Information Systems Attacks and Defence''' (ITC8070) course will start 31 Oct 2017.<br />
* '''ITC8001 (Teaching Practice):'''<br />
** If you will teach this semester (any subject, not just cyber security related teaching; does not have to be in TalTech), then you can sign up for ITC8001 in your study plan. Make sure you send Rain Ottis a summary of your teaching plans first, though, because he needs to assess if it meets the requirements. The summary should cover the topics, volume (total teaching hours), level (MSc course, BSc course, etc.) and type of teaching (lectures, hands-on, teaching assistance, etc.). <br />
** If you are not teaching this semester, but have considerable teaching practice in the past, you can get credit for ITC8001 via the VÕTA/APEL procedure. <br />
** Teaching practice is a General Studies module course. However, if you teach on the subjects of cyber security or forensics, it may be suitable for Special Studies.<br />
* For students who are studying based on the '''2016 or earlier''' version of the curriculum and can't find a course you need to complete your studies: <br />
** Once you pass the replacement course, contact the Dean's Office to move it to the correct module.<br />
** '''IDK1011 (Introduction to Programming)''' is replaced by ICS0015 Fundamentals of Python.<br />
** '''ITV8060 (Computer Network Security)''' is replaced by ITC8020 Computer Network Security. The new course is 6 ECTS.<br />
** '''ITX8040 (Cyber Defence seminar)''' and '''ITX8230 (Digital Forensics seminar)''' are replaced with ITC8100 (Seminar). It is offered in the fall semester and is designed to help students with their thesis writing process. <br />
** '''ITX8041 (Legal Aspects of Cyber Security)''' is replaced by ITC8010 (same name). There are minor changes in content and the course is now given on both semesters. <br />
** '''ITX8042 (Malware)''' is replaced by ITC8120 Malware.<br />
** '''ITX8060 (Malware II)''' is replaced by ITC8130 Malware II.<br />
** '''ITX8062 (Information Systems Mass Attacks and Defence)''' is replaced by ITC8050 (Strategic and Operational Aspects of Cyber Security), which will be offered on both semesters. The course is designed for second year students and there are limited number of seats available. If you do not fit into this semester, you can take it in the next one. <br />
** '''ITX8063 (Information Systems Hacking Attacks and Defence)''' and '''ITC8070 (Information Systems Attacks and Defence)''' are replaced by ITC8075 Information Systems Attacks and Defence in the 2017 curriculum. This fall is the last year where ITC8070 is taught. From 2018 we will switch to ITC8075.<br />
** '''ITX8215 (Digital Evidence)''' is replaced by HOE7023 (same name).<br />
** '''TMJ0110 (Introduction to Entrepreneurship)''' is replaced by TMJ3300 Entrepreneurship and Business Planning.<br />
* The [http://www.ttu.ee/faculties/school-of-information-technologies/it-studies/organization-of-studies-2/procedure-for-processing-contemptible-behavior/ policy for handling academic dishonesty] (plagiarism, cheating, etc.) in the IT Faculty. <br />
* TalTech [http://ttu.ee/students/study-information-2/academic-information/study-regulations-2/ academic policies]. Please note §23.<br />
* There are multiple versions of the curriculum. In general, the one that applies to you is the one that corresponds to the year of your enrollment.<br />
* If you have not done so already, please indicate your specialization (Cyber Security, Digital Forensics or Cryptography) in OIS. If you do not make a selection, then some of the courses will end up in the wrong study module. Ask the Dean's office for assistance, if necessary.<br />
* '''ITC8010 Legal Aspects of Cyber Security''' will be offered on both semesters. <br />
* '''ITC8050 Strategic and Operational Aspects of Cyber Security''' will be offered on both semesters. [https://courses.cs.ttu.ee/pages/ITC8050 Details]<br />
* General note: you can replace '''Intro to IT''' and '''Intro to Programming''' with more advanced IT courses that have at least the same ECTS. Consult with Rain Ottis before committing to any changes, though. <br />
* General note: if you take more ECTS than required in the Special Studies module then this will count towards your Free Choice module. It is not necessary to actually move the courses to Free Studies in this case.<br />
* General note: contact Siiri Taveter if you need to move a replacement course to the correct module (it may show up under Free Choice). Please note your specialization in your request (Cyber Security or Digital Forensics). You must have passed the course before it can be moved.<br />
<br />
== Historic information from Spring 2017 ==<br />
Rearranged with new items at the top.<br />
* '''Please check this page often during the first few weeks of the semester. There will be many changes.'''<br />
* [[ITC8060|'''ITC8061 Network Protocol Design''']] (instructor: Olaf Maennel) will start Tue, 31 Jan at 14.00-15.30 in ICT-315.<br />
* '''MTAT.03.248 Introduction to Internet Psychology''' (instructor: Kätlin Konstabel) will take place '''in Tallinn''' on Tuesdays 1000-1400 on the dates of 14 FEB, 28FEB, 14MAR, 28MAR, 11APR, 2MAY, 9MAY, 16MAY. Room ICT-315. Sign up via Tartu University OIS. The dates have been de-conflicted with ITC8050.<br />
* '''Special Courses'''<br />
** These special courses are suitable for your special studies module, regardless of your specialization. Once you pass the course, it can be moved to the special studies module.<br />
** There will be a Special Course for students who want to participate in the '''Locked Shields 2017''' exercise. Register for it under ITX8220, ITX8221 or ITC8112 (USE ONLY ONE CODE!) with professor Maennel as the instructor. There are limited slots, participation is strictly restricted to students who hold a passport issued by a Nato member country. The first meeting will be on 13 Feb 2017 at 18.00-20.30 in ICT-315. [https://courses.cs.ttu.ee/w/images/7/7e/LS17_Course_at_TTU.pdf More info here].<br />
** There will be a Special Course on '''Historical Cryptosystems'''. You can register for it under ITC8111 or ITC8112 with dr Aleksandr Lenin as instructor. The course will look at the history of cryptography and students will have first hand experience using and breaking things like substitution ciphers. More info coming soon.<br />
** There will be a Special course for students who want to participate in the '''Student Challenge 9/12'''. You can register for it under ITC8111 or ITC8112 with dr Hayretdin Bahsi as instructor. Emin Caliskan will serve as co-instructor. This is a competition that focuses on the strategic aspects of cyber security. Our aim is to send a student team to Switzerland later this spring, provided they pass the entry round. There will be limited slots. The lessons will take place in weeks 2,4,5,8,9,10 and 13 in room ICT 312 on Tuesdays between 18:00-20:30. Please enrol in [https://ained.ttu.ee/course/view.php?id=87 TTU Moodle Course Page].<br />
<br />
* '''ITC8001 (Teaching Practice):'''<br />
** If you will teach this semester (any subject, not just cyber security related teaching; does not have to be in TalTech), then you can sign up for ITC8001 in your study plan. Make sure you send Rain Ottis a summary of your teaching plans first, though, because he needs to assess if it meets the requirements. The summary should cover the topics, volume (total teaching hours), level (MSc course, BSc course, etc.) and type of teaching (lectures, hands-on, teaching assistance, etc.). <br />
** If you are not teaching this semester, but have considerable teaching practice in the past, you can get credit for ITC8001 via the VÕTA/APEL procedure. <br />
** Teaching practice is a General Studies module course. However, if you teach on the subjects of cyber security or forensics, it may be suitable for Special Studies.<br />
* For students who are studying based on the '''2015 or earlier''' version of the curriculum and can't find a course you need to complete your studies:<br />
** '''ITX8040 (Cyber Defence seminar)''' and '''ITX8230 (Digital Forensics seminar)''' are replaced with ITC8100 (Seminar). It is offered in the fall semester and is designed to help students with their thesis writing process. <br />
** '''ITX8041 (Legal Aspects of Cyber Security)''' is replaced by ITC8010 (same name). There are minor changes in content and the course is now given on both semesters. <br />
** '''ITX8215 (Digital Evidence)''' is replaced by HOE7023 (same name).<br />
** '''ITX8062 (Information Systems Mass Attacks and Defence)''' is replaced by ITC8050 (Strategic and Operational Aspects of Cyber Security), which will be offered on both semesters. The course is designed for second year students and there are limited number of seats available. If you do not fit into this semester, you can take it in the next one. <br />
** '''ITX8063 (Information Systems Hacking Attacks and Defence)''' is replaced by ITC8070 (Information Systems Attacks and Defence). The new course is 4 ECTS and there are limited slots available. <br />
** Once you pass the replacement course, contact the Dean's Office to move it to the correct module.<br />
* The [http://www.ttu.ee/faculties/school-of-information-technologies/it-studies/organization-of-studies-2/procedure-for-processing-contemptible-behavior/ policy for handling academic dishonesty] (plagiarism, cheating, etc.) in the IT Faculty. <br />
* TalTech [http://ttu.ee/students/study-information-2/academic-information/study-regulations-2/ academic policies]. Please note §23.<br />
* There are multiple versions of the curriculum. In general, the one that applies to you is the one that corresponds to the year of your enrollment.<br />
* If you have not done so already, please indicate your specialization (Cyber Security, Digital Forensics or Cryptography) in OIS. If you do not make a selection, then some of the courses will end up in the wrong study module. Ask the Dean's office for assistance, if necessary.<br />
* '''ITC8010 Legal Aspects of Cyber Security''' will be offered on both semesters. Instructor: Anna-Maria Osula. <br />
* '''ITC8050 Strategic and Operational Aspects of Cyber Security''' will be offered on both semesters. [https://courses.cs.ttu.ee/pages/ITC8050 Details]<br />
* General note: you can replace '''Intro to IT''' and '''Intro to Programming''' with more advanced IT courses that have at least the same ECTS. Consult with Rain Ottis before committing to any changes, though. <br />
* General note: if you take more ECTS than required in the Special Studies module then this will count towards your Free Choice module. It is not necessary to actually move the courses to Free Studies in this case.<br />
* General note: contact Rain Ottis if you need to move HOE7023, ITC8010, ITC8050 or ITC8070 to the correct module (it may show up under Free Choice). Please note your specialization in your request (Cyber Security or Digital Forensics). You must have passed the course before it can be moved.<br />
* Tartu University courses '''MTAT.03.246''' and '''MTAT.03.247''' are combined into one 6 ECTS course '''MTAT.03.307''' (Principles of Secure Software Design). <br />
* Tartu University Research Seminar on Cryptography (MTAT.07.019) gets a new code: '''MTAT.07.022'''.<br />
<br />
== Historic information from fall of 2016 ==<br />
Rearranged with new items at the top.<br />
* '''Please check this page often during the first few weeks of the semester. There will be many changes.'''<br />
* '''[[ITC8100 course page]] (Seminar)'''.<br />
* '''ITC8001 (Teaching Practice):'''<br />
** If you will teach this semester (any subject, not just cyber security related teaching; does not have to be in TalTech), then you can sign up for ITC8001 in your study plan. Make sure you send Rain Ottis a summary of your teaching plans first, though, because he needs to assess if it meets the requirements. The summary should cover the topics, volume (total teaching hours), level (MSc course, BSc course, etc.) and type of teaching (lectures, hands-on, teaching assistance, etc.). <br />
** If you are not teaching this semester, but have considerable teaching practice in the past, you can get credit for ITC8001 via the VÕTA/APEL procedure. <br />
** Teaching practice is a General Studies module course. However, if you teach on the subjects of cyber security or forensics, it may be suitable for Special Studies.<br />
* '''ITX8220 Special Course in Digital Forensics''' will be offered in the second half of this semester. The instructor is Emin Caliskan. You can also declare it as ITX8221, if you have already taken ITX8220. The course will take place during the second half of the semester (weeks 9-16) on Tuesdays 1745-2100 in room ICT-403. There will be an intro brief on Tuesday the 13th of September at 1745 in ICT-315. The course will be available for both specializations as a special study course, but Forensics students have priority.<br />
* '''ITX8090 Information and Cyber Security Assurance in Organisations''' is scheduled for Tuesdays 1400-1715 in room ICT-312.<br />
* For students who are studying based on the '''2015 or earlier''' version of the curriculum and can't find a course you need to complete your studies:<br />
** '''ITX8040 (Cyber Defence seminar)''' and '''ITX8230 (Digital Forensics seminar)''' are replaced with ITC8100 (Seminar). It is offered in the fall semester and is designed to help students with their thesis writing process.<br />
** '''ITX8041 (Legal Aspects of Cyber Security)''' is replaced by ITC8010 (same name). There are minor changes in content and the course is now given on both semesters. <br />
** '''ITX8215 (Digital Evidence)''' is replaced by HOE7023 (same name).<br />
** '''ITX8062 (Information Systems Mass Attacks and Defence)''' is replaced by ITC8050 (Strategic and Operational Aspects of Cyber Security), which will be offered on both semesters. The course is designed for second year students and there are limited number of seats available. If you do not fit into this fall's version, you can take it in the spring. <br />
** '''ITX8063 (Information Systems Hacking Attacks and Defence)''' is replaced by ITC8070 (Information Systems Attacks and Defence). The new course will be 4 ECTS and there are limited slots available. <br />
* There is a new policy for handling academic dishonesty (plagiarism, cheating, etc.) in the IT Faculty. It is currently available in Estonian in [http://www.ttu.ee/infotehnoloogia-teaduskond/infotehnoloogia-teaduskond-1/it-tudengile/oppetookorraldus-3/vaaritu-kaitumise-menetlemise-kord/ here]. English version will follow soon.<br />
* If you have a time conflict with a practice session and another lecture (for example, ITV8040 practice during ITC8100), then you can check the schedule for alternative practice sessions (IVCM11 / IVCM13).<br />
* '''ITC8080 Hardening operating systems and services''' will not be offered this semester. It will be offered next year to second year students.<br />
* '''ITX8080 Simulation of Attacks and Defense''' will not be offered this semester.<br />
* Students who plan to specialize in '''Cryptography''' (in Tartu) should contact Rain Ottis ASAP.<br />
* There is an EST MoD [http://www.kaitseministeerium.ee/et/eesmargid-tegevused/teadus-ja-arendustegevus/kaitsealaste-magistritoode-stipendiumikonkurss scholarship] (page in Estonian, but all can apply) for the incoming students (2016) who will write a defence related thesis. Deadline for application is 07 SEP 2016.<br />
* There is an EST MoD [http://www.kaitseministeerium.ee/et/eesmargid-tegevused/teadus-ja-arendustegevus/kuberkaitse-magistrioppe-stipendium scholarship] (page in Estonian, but all can apply) for the cyber security students.<br />
* TalTech [http://ttu.ee/students/study-information-2/academic-information/study-regulations-2/ academic policies]. Please note §23.<br />
* There are multiple versions of the curriculum. In general, the one that applies to you is the one that corresponds to the year of your enrollment.<br />
* If you have not done so already, please indicate your specialization (Cyber Security or Digital Forensics) in OIS. If you do not make a selection, then some of the courses will end up in the wrong study module. Ask the Dean's office for assistance, if necessary.<br />
* '''IDN0110 Data Mining and Network Analysis''' will be offered this semester. Instructor: dr Sven Nõmm. [https://courses.cs.ttu.ee/pages/Data_Mining_and_network_analysis_IDN0110 Details]<br />
* '''ITC8010 Legal Aspects of Cyber Security''' will be offered on both semesters. Instructor: Anna-Maria Osula. <br />
* '''ITC8050 Strategic and Operational Aspects of Cyber Security''' will be offered on both semesters. [https://courses.cs.ttu.ee/pages/ITC8050 Details]<br />
* General note: you can replace '''Intro to IT''' and '''Intro to Programming''' with more advanced IT courses that have at least the same ECTS. Consult with Rain Ottis before committing to any changes, though. <br />
* General note: if you take more ECTS than required in the Special Studies module then this will count towards your Free Choice module. It is not necessary to actually move the courses to Free Studies in this case.<br />
* General note: contact Rain Ottis if you need to move HOE7023, ITC8010, ITC8050 or ITC8070 to the correct module (it may show up under Free Choice). Please note your specialization in your request (Cyber Security or Digital Forensics). You must have passed the course before it can be moved.<br />
* Tartu University courses '''MTAT.03.246''' and '''MTAT.03.247''' are combined into one 6 ECTS course '''MTAT.03.307''' (Principles of Secure Software Design). <br />
* Tartu University Research Seminar on Cryptography (MTAT.07.019) gets a new code: '''MTAT.07.022'''.<br />
* ITC8070 (Information Systems Attacks and Defence), will run in the 2nd half of the semester (week 9-16). There will be an information session on Monday, 12 September at 17.45 in ITC-315, for all those students who are undecided if they want to take it or not. No content will be covered on 12 Sep, and attending this session is optional.<br />
<br />
== Historic information from spring 2016 ==<br />
Rearranged with new items at the top.<br />
* There is an EST MoD [http://www.kaitseministeerium.ee/et/eesmargid-tegevused/teadus-ja-arendustegevus/kaitsealaste-magistritoode-stipendiumikonkurss scholarship] (page in Estonian, but all can apply) for the incoming students (2016) who will write a defence related thesis. Deadline for application is 07 SEP 2016.<br />
* There is an EST MoD [http://www.kaitseministeerium.ee/et/eesmargid-tegevused/teadus-ja-arendustegevus/kuberkaitse-magistrioppe-stipendium scholarship] (page in Estonian, but all can apply) for the cyber security students.<br />
* TalTech [http://ttu.ee/students/study-information-2/academic-information/study-regulations-2/ academic policies]. Please note §23.<br />
* There are multiple versions of the curriculum. In general, the one that applies to you is the one that corresponds to the year of your enrollment.<br />
* If you have not done so already, please indicate your specialization (Cyber Security or Digital Forensics) in OIS. If you do not make a selection, then some of the courses will end up in the wrong study module. Ask the Dean's office for assistance, if necessary.<br />
* '''June thesis defence''' candidates - please indicate your thesis topic by 01 FEB in Moodle. See the [https://courses.cs.ttu.ee/pages/Thesis Thesis] page for more details. <br />
* '''IDN0110 Data Mining and Network Analysis''' will be offered this semester. Lectures are on Mondays 1745-1915, practice on Tuesdays 1400-1530. Instructor: dr Sven Nõmm. [https://courses.cs.ttu.ee/pages/Data_Mining_and_network_analysis_IDN0110 Details]<br />
* '''ITC8010 Legal Aspects of Cyber Security''' will be offered this semester and in the fall semester. Instructor: Anna-Maria Osula. Fridays 1200-1530 in room ICT-315. <br />
* '''ITC8050 Strategic and Operational Aspects of Cyber Security''' will be offered this semester and in the fall semester. For this semester, the course is on even week Wednesdays 1745-2100 in ICT-315. '''First lecture on 10 FEB at 2000-2100; 2nd lecture re-scheduled for spring (TBA)'''. [https://courses.cs.ttu.ee/pages/ITC8050 Details]<br />
* '''[https://courses.cs.ttu.ee/pages/ITC8060 ITC8061 Network Protocol Design]''' replaces ITC8060 (instructor: prof Olaf Maennel). ITC8061 will be '''6 ECTS''' (elective in Special Studies module, both specializations).<br />
* [[ITC8111]] Special Course''' on '''Locked Shields''' will take place. This will be available for both specializations. Instructor: Kaur Kasak.<br />
* '''ITC8112 Special Course''' on '''current cyber security topics''' will take place in ICT-312 on odd week Wednesdays 1745-2015. This will be available for both specializations. Instructor: dr Hayretdin Bahsi. [https://courses.cs.ttu.ee/pages/ITC8112 Details] You can access to course information via [https://ained.ttu.ee/course/view.php?id=32 Moodle]<br />
* '''MTAT.03.248 Introduction to Internet Psychology''' (instructor: Kätlin Konstabel) will take place '''in Tallinn''' during first half of the semester on Tuesdays 1000-1400 on the dates of 16 FEB, 01 MAR, 15 MAR, 29 MAR - total of 4 lectures. Room ICT-315. Sign up via Tartu University OIS (admin problems -> hanna-liisa.ennet@ut.ee). '''NB! First lecture now on 16 FEB. Monday lectures cancelled.'''<br />
* '''MTAT.03.307 Secure Software Design''' will be available with a '''mostly remote study''' option (minimal travel needed) this semester. The first lecture in Tartu on 18 FEB is mandatory. Sign up via Tartu University OIS (admin problems -> hanna-liisa.ennet@ut.ee). [https://courses.cs.ut.ee/2016/ssd/spring Details]<br />
* It is highly recommended that '''Digital Forensics students''' take at least one course from Tartu University (see the previous two bullets for possible candidates that require little or no travel). <br />
* General note: you can replace '''Intro to IT''' and '''Intro to Programming''' with more advanced IT courses that have at least the same ECTS. Consult with Rain Ottis before committing to any changes, though. <br />
* General note: if you take more ECTS than required in the Special Studies module than this will count towards your Free Choice module. It is not necessary to actually move the courses to Free Studies in this case.<br />
* General note: contact Rain Ottis if you need to move HOE7023, ITC8010, ITC8050 or ITC8070 to the correct module (it may show up under Free Choice). Please note your specialization in your request (Cyber Security or Digital Forensics). You must have passed the course before it can be moved.<br />
* If you took the Oxford course in the fall, you can get credit through the VÕTA system as IDU0402. More details from the Dean's office. It is suitable for Free or Special studies.<br />
* Tartu University courses '''MTAT.03.246''' and '''MTAT.03.247''' are combined into one 6 ECTS course '''MTAT.03.307''' (Principles of Secure Software Design). <br />
* Tartu University Research Seminar on Cryptography (MTAT.07.019) gets a new code: '''MTAT.07.022'''.<br />
<br />
<br />
== Historic information from fall 2015 ==<br />
<br />
Note this is historic information for last semester and only may only used as reference. <br />
<br />
* '''January thesis defence dates:''' <br />
** 14 DEC - deadline for applying for defence in OIS (thesis code ITC70LT). <br />
** 05 JAN - deadline for submitting your thesis for review. <br />
** 18 JAN - thesis defence day.''' <br />
<br />
* The new instructor for '''ITX8090''' (Information and Cyber Security Assurance in Organisations) is Dr Andro Kull.<br />
<br />
* If a course does not show up on your schedule: <br />
** try a manual search for that specific course. Electives (especially from different departments) are often not added to the full schedule.<br />
** wait. Some of them are not in the system yet, but this should be resolved by the end of this week.<br />
<br />
* '''ITX8041''' (Legal Aspects of Cyber Security) is replaced by '''ITC8010''' (same name). There are minor changes in content and the course is now given on both semesters. For the fall semester of 2015 the course is given by Agnes Käsper. Do not take it, if you have already passed ITX8041. <br />
<br />
* '''ITX8215''' (Digital Evidence) is replaced by '''HOE7023''' (same name); taught by Agnes Käsper. There are no significant changes to the content. Do not take it, if you have already passed ITX8215. '''NB! Schedule change: it takes place every week for weeks 1-8 in U03-222 on Mondays at 1745-2100.'''<br />
<br />
* '''ITX8062''' (Information Systems Mass Attacks and Defence) is replaced by '''ITC8050''' (Strategic and Operational Aspects of Cyber Security), which will be offered on both semesters. The course will be given on odd weeks throughout the semester (previously taught on weeks 1-8). The course is designed for second year students and there are limited number of seats available. If you do not fit into this fall's version, you can take it in the spring. Do not take it, if you have already passed ITX8062. '''NB! Schedule change: it takes place on odd weeks throughout the semester in ICT-A1 on Wednesday 1745-2100.'''<br />
<br />
* '''ITX8063''' (Information Systems Hacking Attacks and Defence) is replaced by '''ITC8070''' (Information Systems Attacks and Defence). The new course will be 4 ECTS and there are limited slots available. Do not take it, if you have already passed ITX8063. '''NB! Schedule change: it takes place every week on weeks 9-16 in SOC-212 on Tuesday 1745-2100.'''<br />
<br />
* If you enrolled in 2014 or earlier, then the replacement courses (see above) may not display in the correct modules. Do not worry about this, we will move them at the end of the semester. Just contact Rain Ottis during the exam session and let him know what the situation is.<br />
<br />
* A special course on forensics takes place ('''ITX8220/ITX8221''' - you should pick a code that you have not used yet) in the second half of the semester. This will be a hands on course that is going to look at the forensics tools in Kali Linux. It is taught by Erika Matsak. If you consider taking it, you will have to sign up for it by September 10th. '''NB! Schedule change: it takes place every week on weeks 9-16 in ICT-403 on Monday 1930-2100 and Thursday 1930-2100.'''<br />
<br />
* The seminars [https://courses.cs.ttu.ee/pages/ITX8040 '''ITX8040''' and '''ITX8230'''] (depending on your focus) are taking place together on Tuesdays, 1600-1730 in room ICT-315. They are designed to help you with your thesis and should be taken on the third semester. However, you can also take it during your first semester, if you already have some idea about your thesis. You can only sign up for one seminar. If you have passed either one in the past, then you can attend, but not get credit for it. <br />
<br />
* There will be a Special Course on Cyber Security ([https://courses.cs.ttu.ee/pages/ITX8050 '''ITX8050''']) that focuses on national and international cyber security questions (policy/strategy level). The course is designed to prepare candidates for the Cyber Challenge, although there is no guarantee that those who pass the course actually get to go. Last year we sent a team to Switzerland and they did very well. This course will be run by Tiia Sõmer during the second half of the semester, on Thursday evenings at 1800-1930 in ICT-315. <br />
<br />
* Information about '''language courses''' in [http://www.ttu.ee/faculty-of-social-sciences/language-centre-2/student-guidelines-2/ English] and in [http://www.ttu.ee/?id=14217 Estonian].<br />
<br />
* '''IDN0110''' and '''ITX8080''' are not offered this semester.</div>Kristi