Erinevus lehekülje "Thesis" redaktsioonide vahel

Allikas: Kursused
Mine navigeerimisribale Mine otsikasti
(ei näidata 10 kasutaja 368 vahepealset redaktsiooni)
1. rida: 1. rida:
 
=Thesis info for Cyber Security students=
 
=Thesis info for Cyber Security students=
  
== Overview ==
+
== Important Deadlines for January 2025 Defence ==
 +
* Submission of the problem statement and research design document: 18 August 2024
 +
* Declaring your thesis topic in your study plan in ois: 9 September 2024
 +
* Submission of the thesis to the reviewer: 8th December 2024
 +
* OIS declaration: 16 December 2024
 +
* Submission of the final version of the thesis: 2 January 2025
 +
* Defences: TBA (possibly 13/14 January 2025)
  
Writing and defending a MSc thesis is an important part of the Cyber Security curriculum, as it shows that you can go deep into a specific cyber security research area. This page gives a rough overview over the process, but details should be discussed with your supervisor. Generally the process should start during the first year, by finding a topic-area of interest and by identifying a suitable supervisor. At the end of the second semester you should have an idea about your topic and you should have discussed this with your supervisor.
+
Moodle: https://moodle.taltech.ee/course/view.php?id=33513#section-1
  
It is recommended that you take the literature review seminar ([https://courses.cs.ttu.ee/pages/ITX8040 '''ITX8040''' and '''ITX8230''']) in the 3rd semester. The purpose of this seminar is two-fold: (a) you need to do a literature review for your thesis anyway (e.g., see [https://web.stanford.edu/class/cee320/CEE320A/POD.pdf here]), and (b) learning from others about research-papers they have read for their thesis broadens your overall horizon and should help you in discussing challenges you are facing in your own literature review.
+
== Important Deadlines for May/June 2025 Defence ==
  
The purpose of the literature review is that you obtain a good understanding of the state-of-the-art research in your selected area of research. Typically during this reading phase the problem statement (the question you aim to address/solve in your thesis) will be refined/changed.  You should aim to have a solid problem statement fixed and agreed with your supervisor during the 3rd semester, ideally well before December (assuming a regular 4 semester study-plan).  You will have to register for defence in [https://ained.ttu.ee/course/view.php?id=18 TUT-Moodle] system (see more information below).
+
* Submission of problem statement and research design document: 15 December 2024
 +
* Declaring your thesis topic in your study plan in ois: 10 February 2025
 +
* Submission of the thesis to the reviewer: 20 April 2025
 +
* OIS declaration: 12 May 2025
 +
* Submission of the final version of the thesis: 18 May 2025
 +
* Defences: TBA (possibly 28 - 30 May OR 2 - 4 June 2025)
  
The next step in the process would be conducting the research. Please reserve sufficient time for this, as this is going to be the main contribution of your thesis. Plan to finish this work early to mid-April, so that your supervisor can review your thesis, give you feedback and you have time to address the feedback before your thesis is being sent to the reviewer/opponent.  Jointly with your supervisor you should then make a decision if your work is ready to be submitted for June defence (or if you need more time and prefer to submit for a January defence).  For students planning to defend in June, expect the deadline to submit your thesis for review, to be around early May.  For students aiming to defend in January, expect early December.  The opponent will review your thesis and give you feedback.  Clearly, you will be allowed to continue working on your thesis, but keep in mind any results or insights that you produce during that time won't be visible to your opponent.  You can and should, however, include them in the final defence presentation.  Expect that you should receive the review from your opponent about a week or two before the final deadline.  This will allow you to make minor modifications, e.g., fix some typos or clarify some sections, which the reviewer pointed out.
+
Moodle: https://moodle.taltech.ee/course/view.php?id=33512#section-3
  
At the final submission deadline, you will have to hand-in two printed hard-copies of your thesis.  On the day of defence, you are expected to give a 15 minute presentation of your work, followed by Q&A from the opponent, committee, supervisor & audience. Make sure you prepare your 15 min presentation well, this should not be left for the evening before the defence.
+
== Thesis Defence Overview ==
  
Below some more detailed information.  
+
Writing and defending an MSc thesis is an important part of the Cyber Security curriculum, as it shows that you can go deep into a specific cyber security research area.  This page gives a rough overview of the process, but details should be discussed with your supervisor. This overview part is given according to the assumption that you are following a 4-semester study plan and aim to defend in the May period. If you want to defend in January, then you can adjust the planning phases accordingly.
  
Good luck!
+
Generally, the process should start during the first year, by finding a topic-area of interest and by identifying a suitable supervisor. At the end of the second semester, it is highly recommended to have an idea about your topic and have discussed this with your supervisor.
  
== Important Deadlines for 2017 January Defence ==
+
In early December, you should submit a problem statement and research design document (please, find the details, below). Sending this document is considered as a registration to the defence that will take place in next term.  
* Submission to reviewer via [https://ained.ttu.ee/course/view.php?id=18#section-2 TUT Moodle]: 1 December 2016
 
* OIS declaration: 19 December 2016
 
* Submission of final copy via [https://ained.ttu.ee/course/view.php?id=18#section-2 TUT Moodle]: 2 January 2017
 
* Submission of paper copies (room ICT-429): 6 January 2017 (between 9:00 and 17:00)
 
* Defences: 9 January 2017
 
  
== Important Deadlines for 2017 June Defence ==
+
The next step in the process would be conducting the research.  As the thesis submission deadline is around the third week of April (for students aiming to defend in January, this deadline is early December), please, plan to finish your work early April, so that your supervisor can review your thesis, give you feedback and you have time to address the feedback before your thesis is being sent to the reviewer/opponent. Jointly with your supervisor, you should then make a decision if your work is ready to be submitted for May defence (or if you need more time and prefer to submit for a January defence). The reviewer will review your thesis and give you feedback. Expect that you should receive the review about a week before the final deadline. You can continue to update your work until the final submission date. You can and should, however, incorporate the review feedback into the final copy of your thesis and defence presentation.   This will allow you to make modifications, e.g., fix some typos or clarify some sections, which the reviewer pointed out.
* Submission of problem statement and research design document via [https://ained.ttu.ee/course/view.php?id=18#section-1 TUT Moodle]: 01 December 2016
 
* Submission to reviewer via [https://ained.ttu.ee/course/view.php?id=18#section-2 TUT Moodle]: 24 April 2017
 
* Submission of final copy via [https://ained.ttu.ee/course/view.php?id=18#section-2 TUT Moodle]: 8 May 2017
 
* OIS declaration: 15 May 2017
 
* Submission of paper copies: 24 - 26 May 2017 (exact date will be announced) 
 
* Defences: 29 May - 2 June 2017 (depending on the number of students)
 
  
== Time-line considerations ==
+
At the final submission deadline, you will have to submit your thesis. On the day of defence, you are expected to give a 15-minute presentation of your work, followed by Q&A from the opponent, committee, supervisor & audience. Make sure you prepare your 15-minute presentation well, this should not be left for the evening before the defence.
  
The following is just a rough guideline with milestone dates, but should give a view how far in the process you should be roughly by what time.  
+
Below some more detailed information.  
  
==== January defence ====
+
Good luck! 
  
* April, May, June: conduct your '''literature review''' and work on formulating a clear problem statement.
+
=== Registration and submission of problem statement and research design document ===
* Not later than 15 June:  Have your 2-page problem statement well formulated and written-up. This must be submitted in Moodle, you will receive feedback.
+
Each student is required to submit a problem statement and research design document having a length up to 10 pages. '''The document must include your name and also the names of thesis and supervisor''' (and co-supervisor if exists).
* July, August, September:  Complete the '''research work''' of the thesis. 
 
* Early to Mid-November:  send a copy to your supervisor.  Agree the dates with your supervisor, but expect that it might take a week for your supervisor to comment on your work.   Plan also for time to address the comments from your supervisor.
 
* 1 December: submit to thesis to reviewer. 
 
* Mid-December: receive review and enjoy christmas/new year time to address comments, you will still have to declare your intention to defend in January in OIS.   
 
* 2 January:  submission of final thesis.  This is the ultimate hard deadline to submit your thesis.
 
* 6-9 January: defence
 
  
==== June defence ====
+
About half a year before the defence, the students are required to indicate their intent to defend by this document.  See deadlines above set for each semester. Typically this will be around Early December for May defences and Mid June for January defences.  You will need to submit this via the TTU Moodle link given in "important deadlines" section of relevant defence period. You'll have to self-enrol yourself in that link.  Feedback on the problem statement and research design document should be received within 3-4 weeks via the email account that you defined in TTU Moodle.
 +
 
 +
The document should include the following sections and content:
  
* September, October, November: conduct your '''literature review''' and work on formulating a clear problem statement.
+
• The topic of the thesis
* 1 December:  Have your problem statement well formulated, written-up and submitted via [https://ained.ttu.ee/course/view.php?id=18 Moodle]). 
 
* December, January, February:  Complete the '''research work''' of the thesis
 
* March to Early/Mid-April: Focus only on writing-up and polishing.  Every student is different, but past experience shows that over 1+ month is needed to finish the writing process. 
 
* Early April:  send a copy to your supervisor.  Agree the dates with your supervisor, but expect that it might take a week or two for your supervisor to comment on your work.  Plan also for time to address the comments from your supervisor.
 
* 24 April: submit to thesis to reviewer. 
 
* 15 May receive review and have about one-week time to address comments.
 
* 8 May:  submission of final thesis.  This is a university deadline, and is the ultimate hard deadline to submit your thesis.
 
* 29 May -2 June defence 
 
  
 +
• The name of the author
  
== Thesis defence ==
+
The name of the supervisor
The thesis defences are typically held in early June or January.
 
  
The procedure for thesis defence is set by TUT regulations.  
+
• Motivation: An overview of the addressed problem is given here. It should be explained why the problem is important and deserves a research study.
  
==== Submission of problem statement and research design document ====
+
• Research Problem/Hypothesis/Question: It is imperative to write a proper research problem/hypothesis/question statement(s).
Each student is required to submit a problem statement and research design document via [https://ained.ttu.ee/course/view.php?id=18 Moodle].
 
  
The reason for this is to catch potential problems early. About half a year before the defence, the students are required to indicate their intent to defend by this document.  See deadlines above set for each semester. Typically this will be around Early December for June defences, and Mid June for January defences.  You will need to submit this via [https://ained.ttu.ee/course/view.php?id=18 TUT Moodle]. Instructions on how to access the TUT Moodle can be found [https://courses.cs.ttu.ee/pages/Instructions_for_accessing_ained.ttu.ee here]. The course is called "IVCM: Cyber security MSc thesis @ TUT". You'll have to self-enroll yourself in this course.  Feedback on the problem statement and research design document should be received within 3-4 weeks via TUT Moodle.
+
• Scope and Goal: This section defines the goal of the study and describes the main outcomes. It is required to specify the scope, limitations and key assumptions of the study.
 
 
The document should include very brief answers to below questions in two or three pages.
 
  
What is the research problem/hypothesis/question?
+
Literature Review: This section includes the analysis of similar studies in the literature and gives a discussion of the research gap. It is important to link this research gap explanation with the research problem.
  
What are the goals of the study?
+
Novelty: This section justifies the novelty of your study, explains what the main contribution is and what the differences are when compared to similar studies.
 +
 +
• Research Methods: The research methods that you will apply in your study are given here. The data collection and analysis methods are also covered in this section. It is needed to explain how your research outcome will be validated.
 +
 +
• References: The resources referenced in the document are listed here. 
  
• Why is this study important?
+
This document is evaluated according to the following criteria:
• What are the possible outcomes of the study?
 
• What are the limitations and key assumptions of the study?
 
• What is missing in the literature?
 
• Which methodologies will be used for solving the problem and validation of the study?
 
  
This document is evaluated according to the following criteria:
 
 
Whether the author
 
Whether the author
 +
 
• has a well-defined problem statement,
 
• has a well-defined problem statement,
 +
 
• successfully presents the significance of the problem,
 
• successfully presents the significance of the problem,
 +
 
• knows the literature and the limits of existing solutions,
 
• knows the literature and the limits of existing solutions,
 +
 
• have thought about possible methods,
 
• have thought about possible methods,
 +
 
• have thought about how to validate the proposed solution,
 
• have thought about how to validate the proposed solution,
 +
 
• brings a novelty to the literature.
 
• brings a novelty to the literature.
  
==== OIS decleration====
+
You can find detailed information about research methods [https://courses.cs.ttu.ee/pages/Research_Method here.]
Before a student can proceed to the thesis defence, they have to declare the thesis topic in OIS and get approval from their supervisor. The deadline for handing in the final version of the thesis (hardcopy and softcopy) is typically at least one week before the defence deadline. Please pay careful attention to the OIS declaration deadline, as without this you will not be permitted to attend the defence.
 
  
==== Reviewer ====
+
=== Submission to Reviewer ===
 
Each thesis will be assigned a reviewer or sometimes called opponent. The reviewer must have at least a Master's degree and relevant knowledge or experience in the field of the thesis topic, and they must not have a conflict of interest (such as being members in the same research group). Students and supervisor may recommend reviewer candidates, but the final assignment will be done by the thesis defence committee.  
 
Each thesis will be assigned a reviewer or sometimes called opponent. The reviewer must have at least a Master's degree and relevant knowledge or experience in the field of the thesis topic, and they must not have a conflict of interest (such as being members in the same research group). Students and supervisor may recommend reviewer candidates, but the final assignment will be done by the thesis defence committee.  
  
105. rida: 94. rida:
 
Based on the student's performance at the defence the reviewer may change the recommended grade.
 
Based on the student's performance at the defence the reviewer may change the recommended grade.
  
The reviewer will receive a copy of the thesis about a month before the final/hard university deadline for submitting the thesis.  The reason for this is that typically reviewers point typos and small factual mistakes that can be fixed in short time (about a week).  The student will receive the review 1-2 weeks before the final university deadline and therefore is able to address some of the comments before submitting the final version.  The student can also still decide not to submit the thesis this round, but rather work on improving the quality and then submit an improve version 6 month later.
+
The reviewer will receive a copy of the thesis about two-three weeks before the final/hard university deadline for submitting the thesis.  The reason for this is that typically reviewers point out the typos and small factual mistakes that can be fixed in short time (about a week).  The student will receive the review one week before the final submission deadline and therefore is able to address some of the comments before submitting the final version.  The student can also still decide not to submit the thesis this round, but rather work on improving the quality and then submit an improved version in the next defence period.
 +
 
 +
=== OIS declaration===
 +
Before a student can proceed to the thesis defence, they have to declare the thesis topic in OIS and get approval from their supervisor. Please pay careful attention to the OIS declaration deadline, as without this you will not be permitted to attend the defence. If you will defend your thesis in Tartu University, then you should do your OIS declaration to their systems according to their deadlines.
 +
 
 +
OIS declaration deadlines can be found in the Academic Calendar!
 +
 
 +
=== Submission of Final Copy===
  
== Submission ==
+
Each student will submit the pdf version of the thesis, the relevant thesis metadata and licence information via moodle course page link given in "important deadlines" section of relevant defence period. Please complete the steps 1, 2 and 3 of the thesis submission on this page. 
  
Each student will submit the pdf version of the thesis, the relevant thesis metadata and licence information via moodle course page. Here is the link to page [https://ained.ttu.ee/course/view.php?id=18#section-2]. Please complete the steps 1, 2 and 3 of the thesis submission on this page. 
 
  
In addition to submission of above materials via Moodle, two paper copies of your thesis will be collected before defences. The details will be announced one or two weeks before the deadline.   
+
If you will defend your thesis in Tartu University, then you should submit final copy according to the procedures and deadlines of Tartu University.   
  
 
   
 
   
NB!  Do not forget that you need to prepare a 15 min presentation for your defence.  This should really not be left to the evening before the defence!
+
NB!  Do not forget that you need to prepare a '''15 min presentation for your defence'''.  This should really not be left to the evening before the defence!
  
==== The defence procedure ====
+
=== The defence procedure ===
On the day of defence, students will be heard according to the announced schedule. Generally, the results will be announced at the end of the day.
+
On the day of defence, students will present their theses according to the announced schedule. Generally, the results will be announced at the end of the day.
  
 
The defence procedure for each student consists of the following steps:
 
The defence procedure for each student consists of the following steps:
129. rida: 124. rida:
 
NB! The recommended grades by the reviewer and the supervisor are not binding to the committee, who makes the final decision.
 
NB! The recommended grades by the reviewer and the supervisor are not binding to the committee, who makes the final decision.
  
 
+
* After the thesis defence, you may visit the Dean's Office for more information about final formalities if you'd like.
* After the thesis defence, please visit the Dean's Office for more information about final formalities.
 
 
* [http://lab.cs.ttu.ee/theses Upload your thesis if you would like to have it public]
 
* [http://lab.cs.ttu.ee/theses Upload your thesis if you would like to have it public]
  
 
== Formal Requirements and recommendations ==
 
== Formal Requirements and recommendations ==
  
Until further notice, please use the formatting guide ([http://ati.ttu.ee/FILES/ATI_autorikomplekt_Authors_toolkit_v.2.5.1.zip .zip]) from the Computer Engineering Department. Please note that you will have to change the title page to read "Department of Computer Science", adding "TUT Centre for Digital Forensics and Cyber Security" on the following line.
+
Until further notice, please use the formatting guide from the School of Information Technologies (link to the guide is given [https://www.taltech.ee/en/thesis-and-graduation-it#p43359 here]). Please note that you will have to change the title page as of 01.01.2017:
 +
* write "School of Information Technology" instead of "Faculty of Information Technology"
 +
* write "Department of Software Science" instead of "Department of Computer Engineering".
  
 
The thesis code for IVCM is ITC70LT.
 
The thesis code for IVCM is ITC70LT.
  
General information. The following advice is a good idea to consider for a master thesis:
+
The following advices can be considered for a master thesis
 
* a title page, an author declaration, an annotation in English and Estonian, a list of contents, and references are required in the thesis
 
* a title page, an author declaration, an annotation in English and Estonian, a list of contents, and references are required in the thesis
 
* 50-80 pages + appendices if needed
 
* 50-80 pages + appendices if needed
 
* Times New Roman (or similar), font size 12, 1.5 spacing used for the ordinary text
 
* Times New Roman (or similar), font size 12, 1.5 spacing used for the ordinary text
* headings are numbered and no more than 3 levels used
+
* Headings are numbered and no more than 3 levels used
 
* Don't forget page numbers
 
* Don't forget page numbers
* 2 bound hard copies are submitted, you will get one back afterwards. You also have to submit the license agreement granting TUT the right to store and publish the thesis.
 
* A soft copy of the thesis (in pdf format) and the thesis meta data sheet are sent to thesis@cs.ttu.ee.
 
  
 
== Topic and supervisor ==
 
== Topic and supervisor ==
Every student must have an supervisor when writing the thesis. The supervisor's role is to provide guidance on topic selection and research methods, as well as to give feedback on your work. It is not the supervisor's duty to correct spelling mistakes or formatting errors - they may point such things out, but the responsibility remains with you. Before a thesis will be accepted for defence, the supervisor has to agree that it is of sufficient quality.
+
Every student must have a supervisor when writing the thesis. The supervisor's role is to provide guidance on topic selection and research methods, as well as to give feedback on your work. It is not the supervisor's duty to correct spelling mistakes or formatting errors - they may point such things out, but the responsibility remains with you. Before a thesis will be accepted for defence, the supervisor has to agree that it is of sufficient quality.
  
Almost any professor and lecturer you have met in your curriculum can act as an supervisor of your thesis. Some of them have some open problems suitable for doing research and writing a thesis, but many may not have a topic to offer right away. It is usually more helpful to have an initial idea of a topic of your thesis and ask someone with interests in the related field to advise you. You can have a supervisor not related to the university, but he can act only as a co-supervisor and you need to agree to somebody related to the curricula or the [http://www.ttu.ee/faculty-of-information-technology/faculty-of-information-technology-1/about-faculty-2/departments/department-of-computer-science-2/ leading institute] of the curriculum to be an official co-supervisor. All (co-)supervisor must have at least a Master's degree.
+
Almost any professor and lecturer you have met in your curriculum can act as an supervisor of your thesis. Some of them have some open problems suitable for doing research and writing a thesis, but many may not have a topic to offer right away. It is usually more helpful to have an initial idea of a topic of your thesis and ask someone with interests in the related field to advise you. You can have a supervisor not related to the university, but he can act only as a co-supervisor and you need to agree to somebody related to the curricula or the [http://www.ttu.ee/faculty-of-information-technology/faculty-of-information-technology-1/about-faculty-2/departments/department-of-computer-science-2/ leading institute] of the curriculum to be an official co-supervisor. All (co-)supervisors must have at least a Master's degree.
  
 
When refining a topic idea, make sure it has a clear connection with cyber security.
 
When refining a topic idea, make sure it has a clear connection with cyber security.
 +
 +
NB!
 +
Theses supervised by supervisors from the University of Tartu (UT) have to be defended in UT. Exceptions are possible, but need do be approved by the program manager.
 +
 +
If you will defend your thesis in UT, then you should do your thesis declaration according to the procedures and deadlines of UT. Thesis related guidelines and regulations are available at: https://cs.ut.ee/en/content/thesis-deadlines-and-guidelines In case of any questions contact UT Institute of Computer Science Academic Affairs Specialist Paula Luks (paula.luks@ut.ee).
  
 
== Potential supervisors & proposed topics ==
 
== Potential supervisors & proposed topics ==
 
   
 
   
The topics below are offered by potential (co-)supervisors (in alphabetical order). The list is updated as new offers emerge.
+
'''The topics below are offered by potential (co-)supervisors (in alphabetical order). The list is updated as new offers emerge.'''
  
==== From Hayretdin Bahsi, Tallinn University of Technology, hayretdin.bahsi@ttu.ee ====
+
==== From Marko Arik, Industry PhD student, Talgen Cybersecurity Ltd. maarik@ttu.ee ====
  
Interested topics are classified as technical, organizational and strategic. Below are listed some interesting
+
* Cyber Operations
topics. If you already have specific topics, we can discuss them and decide to work
+
* Informational Environment
together. 
+
* Individual competences in Cyber
  
Technical Issues
+
==== From Sille Arikas, Industry PhD student, Clarified Security ==== 
  
* Security of Industrial Control Systems (ICSs)
+
* No topics available for 2023/2024
  
Development of an ICS security testbed, ICS honeypots, attacks targeting ICS, intrusion detection systems in ICS, event correlation systems in ICS, forensics issues in ICSs.
+
==== From Hayretdin Bahsi, Tallinn University of Technology, hayretdin.bahsi@taltech.ee ====
  
* Situational Awareness and Cyber Threat Intelligence
+
I am interested in various topics which can be categorized as technical and organizational. If you already have specific topics in your mind, we can discuss them and decide to work together. 
  
Analysis and comparison of cyber threat information sharing protocols, privacy preserved sharing of cyber threat intelligence, generation of threat profiles out of cyber exercises, situational awareness outputs for tactical and strategic layers of organizations,requirement analysis of nationwide cyber awareness system         
+
Technical Topics
     
 
Organizational Issues
 
  
* Framework for providing security in supply chain management
+
* Application of machine learning and data mining methods to the following cyber security problems: Malware detection, botnet identification, code security review, intrusion detection in cyber-physical systems, IoT network or robotic systems   
* Security framework for information sharing with third party entities
+
* Cyber security of IoT, cyber-physical systems: Development of a security testbed, threat modelling, honeypots, intrusion detection systems
* Analysis of security operation center models
+
* Digital Forensics: Forensics issues in cyber-physical systems, IoT networks or robotics systems, mobile forensics, blockchain forensics
  
Strategic Issues
+
Organizational Topics
  
* High-level information flows and reporting mechanisms among the major entities of national cyber security governance
+
* Security operation center (SOC) models
* Maturity models for the analysis of national cyber security capability
+
* Case studies for the improvement of SOC processes such as threat monitoring, incident handling, vulnerability management or situational awareness
  
==== From Bernhards Blumbergs ====  
+
==== From Aivo Kalu, Cybernetica AS ====
* network security
 
* exploit development,
 
* advanced threats
 
* security evasion,
 
* IPv6
 
  
==== From Aivo Kalu, Cybernetica AS ====
+
No topics available for 2023/2024 academic year.
* Pilveteenuste ohuanalüüs ja võrdlus ISKE-ga
+
 
 +
==== From Shaymaa Khalil, PhD STudent, TalTech ====
 +
 
 +
Interested in (but not limited to) topics related to:
 +
* Industrial Control Systems: threat modeling, security, testbeds for education, penetration testing and digital forensics
 +
* Digital forensics related topics, especially topics related to IoT,  Windows OS and Digital Forensics tools benchmarking
 +
 
 +
==== From Toomas Lepik, Tallinn University of Technology ====
 +
 
 +
toomas.lepik@taltech.ee
 +
 
 +
General areas:
 +
 
 +
* Network Forensic (related data analysis)
 +
* Reverse engineering (including malware analysis)
 +
* SCADA security
 +
* Incident Handling.
 +
* Log Analysis
 +
 
 +
Specific ideas:
 +
 
 +
* Implications of DOH on security and availability + next step from https://www.netmeister.org/blog/doh-dot-dnssec.html
 +
* Domain name availability and how DNS registrant and registrar policy changes affect cybercrime
 +
* Heuristics on ip leasing operations
 +
* Defending organization that does not have internal network
 +
* Do applications do what they promise
 +
* Identifying specific applications based network fingerprints
 +
* Evaluation log collecting methods for Microsoft networks considering log poisoning attacks
 +
* Log collecting frameworks for organisations without internal networks
 +
* Information attributes and their  influence on the organisational security beyond CIA
 +
* Frame works for cybersecurity devices / software evaluation
 +
* Evaluation specific software /hardware using ATT&CK Framwork
 +
* ATT&CK -Descriptions and false positives
 +
* Anatomy of cyber fractions during the Russian-Ukrainian war
 +
* Forensic Leaked materials of cyber criminal groups.
 +
* ...
  
==== From Jüri Kivimaa, Tallinn University of Technology ====
+
==== From Birgy Lorenz, Tallinn University of Technology ====
* IT security economics
+
birgy.lorenz@ttu.ee
* security cost optimization
 
  
==== From Aleksandr Lenin, Cybernetica AS. ====
+
No topics as of 2023/2024
  
Contact e-mails:
+
==== From Seyed Mohammad Hadi Mirsadeghi, PhD Student, Tallinn University of Technology ====
  
aleksandr.lenin@ttu.ee
+
Students can approach Hadi with topics in the following: adversarial machine learning, deep learning, network security, intrusion detection/prevention, software-defined networking (SDN), programmable networking, distributed intelligence
 +
seyed.mirsadeghi@taltech.ee
  
aleksandr.lenin@cyber.ee
+
==== From Sten Mäses, Tallinn University of Technology ====
  
* Aleksandr Lenin: quantitative security risk analysis, security modelling (attack process graphs), security modelling patterns (e.g. attack patterns), analysis of strategic interactions of malicious decision makers, security games (game theory), security decision making and optimization, fuzzy metrics for security, fuzzy decision making and control, fuzzy security analysis, algorithms for security analysis (development, optimization, benchmarking), enhancing ISKE by integrating other analysis tools into the ISKE tool, social aspects of security (modeling and analysing social engineering attacks).
+
* Creating educational hands-on virtual labs in rangeforce.com platform
  
'''''[[Aleksandr_Lenin_MSc_Thesis_topics|Click here for a list and details]].'''''
+
==== From Andrew Roberts, PhD Student, Tallinn University of Technology ====
 +
Topics:
 +
1. Evaluation of Methods for Threat and Risk Assessment of Autonomous Self-Driving Vehicles
 +
2. Design and Development of a cyber range for Autonomous self-driving vehicles
 +
Contribution:
  
==== From Toomas Lepik, Tallinn University of Technology ====
+
Topic 1: The outcome of this work will form part of TUT contribution to standards and methods research within the International Alliance for Mobility Testing and Standardisation (IAMTS).
  
* forensics
+
Topic 2: The developed cyber range will be integrated into the EU ECHO-Federated Cyber Range.
* malware
 
* anti-malware
 
  
==== From [https://maennel.net Olaf Maennel], Tallinn University of Technology, olaf.maennel@ttu.ee ====
+
==== From Aleksi Kajander, Tallinn University of Technology ====
  
I am only able to supervise students, who are taking my '''Research Methods''' course as well.
+
* legal aspects of cyber security  
* big data & big data forensics.
+
* international law
* serious games/auto-configured cyber security exercises:
 
** [http://conferences.sigcomm.org/sigcomm/2015/pdf/papers/p113.pdf i-tee] by Margus Ernits 
 
* aviation related cyber security projects:
 
** [https://en.wikipedia.org/wiki/Future_Air_Navigation_System FANS] security and secure protocols.
 
** drones who deliver the mail every morning and fly between houses in the university.
 
* psychological & cognitive cyber security questions
 
* network security, network monitoring: 
 
** we try to break the university it-infrastructure (with approval from the IT-department). 
 
* insider threads, intrusion detection.
 
* measurements (active & passive):
 
** what type of traffic do we have on TOR?
 
** can we phish spear phishers?
 
* IPv6 & IPv4 and address sharing technologies.
 
  
 
==== From Rain Ottis, Tallinn University of Technology ====
 
==== From Rain Ottis, Tallinn University of Technology ====
241. rida: 257. rida:
 
* serious games in cyber security/cyber security exercises
 
* serious games in cyber security/cyber security exercises
  
==== From Arnis Paršovs, University of Tartu, arnis@ut.ee ====
+
==== From Mauno Pihelgas NATO CCDCOE ====  
* eID
+
* system and network monitoring
* PKI
+
* observability and situation awareness
* TLS
 
* Smart cards
 
 
 
==== From Mauno Pihelgas ====  
 
* system monitoring
 
* network monitoring
 
 
* IDS/IPS systems
 
* IDS/IPS systems
* insider threat detection
+
* automating cyber defences
  
 
==== From Jaan Priisalu, Tallinn University of Technology ====
 
==== From Jaan Priisalu, Tallinn University of Technology ====
257. rida: 267. rida:
 
* TBD
 
* TBD
  
==== From Truls Ringkjob ====
+
==== From Muaan Ur Rehman, PhD Student, Tallinn University of Technology ====
 +
 
 +
Research focus is on machine learning in intrusion detection, security monitoring of maritime systems and android malware analysis. Students can come up with their own idea/research topic and contact Rehman through email muaan.ur@taltech.ee
 +
 
 +
==== From Nikita Snetkov, Industry PhD Student, Cybernetica / Tallinn University of Technology ====
 +
* Comparative study of migration to post-quantum cryptography in Estonia
 +
* Implementing post-quantum cryptography on ID-card
 +
* Implementing post-quantum variant of Smart-ID
 +
* Blind Smart-ID signatures
 +
 
 +
Topics are not limited by ones above. If a student has a topic in mind, Nikita's research interests are cryptography, e-voting, digital identity, cryptographic security proofs, post-quantum cryptography.
  
* various
+
==== From Matthew Sorell, Tallinn University of Technology / Adelaide University Australia ====
  
==== Tiia Sõmer ====
+
Matthew James Sorell <matthew.sorell@taltech.ee>
  
Currently no topics on offer.  
+
Topics in digital forensic science may be available.
 +
Students should come with an idea that can be turned into a proposal.
 +
 
 +
==== From Eneken Tikk, Tallinn University of Technology ====
 +
* Technical and organizational implementation of the GDPR
 +
* Monetization of personal data
 +
* Economics of cybersecurity (the cost of implementation relative to the anticipated and evidenced gains)
 +
* Cyber insurance
 +
* Non-military strategies for national and international cybersecurity
 +
* Legal aspects of cybersecurity
  
 
==== From Risto Vaarandi, Tallinn University of Technology ====
 
==== From Risto Vaarandi, Tallinn University of Technology ====
  
* log collection and analysis
+
Here are potential areas for selecting a thesis topic:
 +
 
 +
* event log collection
 +
* event log analysis
 
* event correlation
 
* event correlation
 
* network monitoring
 
* network monitoring
* security monitoring.  
+
* intrusion detection
'''Application for supervision requires passing the Cyber Defense Monitoring Solutions course with grade 4 or 5.'''
+
* data mining methods for security monitoring
 +
* machine learning methods for security monitoring
 +
* any area that is connected to security monitoring
 +
* other system security engineering topics (for example, system hardening or firewalling)
 +
 
 +
When applying for supervision, make sure you have selected at least one initial thesis topic suggestion with a background research about its validity.
 +
 
 +
==== From Jelizaveta Vakarjuk, Industry PhD Student, Cybernetica / Tallinn University of Technology ====
 +
 
 +
Jelizaveta's general research interest includes different privacy-preserving technologies and multiparty computation with its usage for the digital identity management systems. Additionally, post-quantum cryptography (with main focus on digital signatures) and migration to post-quantum cryptography. She does not have any specific topics to offer for the 2023/2024 academic year, but if something from her research interest sound appealing, please feel free to contact her (jelizaveta.vakarjuk@cyber.ee).
 +
 
 +
==== From Adrian Venables, Tallinn University of Technology ====
 +
 
 +
* Cyber security aspects of Information Warfare
 +
* Strategic Communications doctrine development
 +
* Information Operations doctrine development
 +
* Cognitive Warfare in the Digital Information Environment
 +
 
 +
Note: a background in International Relations, Political Science or Strategic Studies is required
  
==== From the TUT IT office ====
+
==== From Gabor Visky, PhD Student, NATO  CCDCOE / TalTech ====
Infrastructure
 
* Migrating TUT Campus LAN to IPv6; Edgars Zigurs
 
* Implementing a freeware SIEM solution in TUT; Edgars Zigurs
 
* Campus WiFi quality and signal strength modeling (3D); Edgars Zigurs
 
  
Development
+
Gabor Visky <gabor.visky@ccdcoe.org>
* electronic door signs, room calendars, etc.; Thomas Lepik
 
* VoIP solutions - softphone, integration with existing information systems; Thomas Lepik
 
* integrating last generation BMS (Building Management System); Thomas Lepik
 
* the student view of OIS (usability, security, re-design); Enn Rebane
 
  
==== From Estonian Police ====
+
* Network traffic analysis in the maritime cyber-lab
* Vaatlustarkvarade EnCase ja Autopsy võrdlus (selgituseks, et Autopsy on EnCase analoog, kuid tasuta. Vajalik oleks täpne analüüs, et mida Autopsy võimaldab ja mida mitte võrreldes EnCase ja/või FTKga).
+
 
 +
==== From Kaido Kikkas, Tallinn University of Technology, IT College. kaido.kikkas@taltech.ee ====
 +
 
 +
* Cyber security risks in telepresence robotics and their mitigation (practical experimenting is possible at IT College; see [https://cm.taltech.ee]
 +
* Cyber security lessons from the COVID-19 pandemic (incl. surveys in Estonia)
 +
* Evolution of Cyberwar (Estonia 2007, Georgia 2007, Ukraine 2014/2022
 +
* Total defence in cyberspace (might try to suggest a strategy for Estonia)
 +
* Specific traits of cyber capabilities in totalitarian societies
 +
 
 +
 
 +
Some more possible keywords to spark Thesis topic ideas:
 +
(e-)learning/training, FLOSS/Linux, smart devices, IoT, social engineering, usability/accessibility vs security/privacy
 +
 
 +
Also might study cyber counterparts to (legal) self-defence and citizen's arrest
 +
 
 +
==== From Ricardo Gregorio Lugo, Tallinn University of Technology, Estonian Maritime Academy ==== 
 +
 
 +
Any topic from Human Aspects and cyberpsychology are actual.
 +
 
 +
Topics can include:
 +
* Human performance in cybersecurity
 +
* Individual and Team Processes in Cybersecurity defense/exercises
 +
* Human computer interaction in cybersecurity
 +
* Human-AI trust and decision-making
 +
* Communication and Decision-making in recognized cyber threat situations
 +
* Human Perception and Information Visualizations in cybersecurity
 +
* Cognitive factors in risk perception and decision-making
 +
* Mental Health in Cybersecurity
 +
 
 +
==== From the TalTech IT office ====
 +
 
 +
* Security implications in Migrating Taltech Campus LAN to IPv6; Toomas Lepik
 +
* Improving SOC and Information security processes; Toomas Lepik
 +
* Auditing  Taltech EITS compliance based on public information; Toomas Lepik
 +
* Improving Log analysis pipelines; Toomas Lepik
 +
 
 +
==== From the TalTech Space Centre ====
 +
 
 +
NB: Please contact Adrian Venables, if interested in any of these topics.
 +
 
 +
*Methods and tools for capturing, identifying, analyzing, and reverse engineering satellite protocols
 +
 
 +
*Study of security features and use of cryptography in nanosatellite communication protocols
 +
 
 +
*Reusable low-footprint cryptographic primitives for microcontrollers with limited resources
 +
 
 +
*Testing framework for nanosatellite communication protocol implementation correctness and robustness
 +
 
 +
*Adaptation of existing protocol or designing a new protocol for the next Taltech nanosatellite
 +
 
 +
*Implementation of a fully reusable and secure protocol stack as part of the platform for future nanosatellites
 +
 
 +
*Implementation of the new Taltech nanosatellite protocol for ground station
 +
 
 +
*Security review of TTU100/TTU101 software to identify errors and risks that should be avoided in software for the next satellites
 +
 
 +
*Suitability, performance, properties, and security of LoRa technologies when used for nanosatellites
 +
 
 +
==== From the University of Tartu ====
 +
NB! Theses supervised by supervisors from the University of Tartu (UT) have to be defended in UT.
 +
Exceptions are possible, but need do be approved by the program manager.
 +
If you will defend your thesis in UT, then you should do your thesis declaration according to the procedures and deadlines of UT.
 +
Thesis related guidelines and regulations are available at: https://cs.ut.ee/en/content/thesis-deadlines-and-guidelines
 +
In case of any questions contact UT Institute of Computer Science Academic Affairs Specialist Paula Luks (paula.luks@ut.ee).
 +
 
 +
 
 +
Cybersecurity-related research in the University of Tartu is conducted by the following persons:
 +
 
 +
- Arnis Paršovs, University of Tartu, <arnis.parsovs@ut.ee>
 +
 
 +
- Danielle Morgan, University of Tartu, <danielle.morgan@ut.ee>
 +
 
 +
- Alo Peets, University of Tartu, <alo.peets@ut.ee>
 +
 
 +
- Dominique Unruh, University of Tartu, <dominique.unruh@ut.ee>
 +
 
 +
- Vitaly Skachek, University of Tartu, <vitaly.skachek@ut.ee>
 +
 
 +
- Mubashar Iqbal, University of Tartu, <mubashar.iqbal@ut.ee>
 +
 
 +
- Abasi-Amefon Obot Affia, University of Tartu, <amefon.affia@ut.ee>
 +
 
 +
- Mari Seeba, University of Tartu, <mari.seeba@ut.ee>
  
* Erinevate suhtlustarkvarade (WhatsApp, Viber, FB Messenger, Skype jt) jäljed mobiiltelefonides ja nende analüüsimine (selgituseks, et üldjuhul loovad suhtlustarkvarad mingi andmebaasi vestlustega ka telefoni, kas see on krüpteeritud või mitte? Osad vestlused XRY tuvastab, aga millistel juhtudel? Millised võimalused oleks neid faile nö käsitsi uurida?).
+
- Sabah Suhail, University of Tartu,
  
* Tõendiahela kirjeldamine elektrooniliste tõendite fikseerimisel (chain of custody)/Elektroonilise sisu erikohtlemine asitõendi vaatlusel/Digitaaltõendite vaatluse kord – erinevate riikid analüüs ja võrdlus.
+
- Raimundas Matulevicius, University of Tartu, <raimundas.matulevicius@ut.ee>
  
* P2P võrkudes lastest ebasündsate piltide levitajate tuvastamine/P2P võrkudes illegaalse internetisisu levitajate tuvastamine.
 
  
* Koolituskava väljatöötamine uurijale/menetlejale, kes puutub kokku digitaalsete tõenditega- erinevate riikide praktika võrdlus.
+
Some topics are provided at <https://infosec.cs.ut.ee/Main/ThesisTopics>.
 +
For other topics, students can contact directly the supervisors and course lecturers.
  
* Ask Rain Ottis for a POC on these topics.
 
  
 +
A full list of thesis topics offered by the [https://acs.cs.ut.ee/ Applied Cyber Security Group (UT)]
 +
is available in the [https://comserv.cs.ut.ee/ati_thesis_offers/index.php?year=all&keywords=acs thesis topics database].
 +
Students can also get access to various [https://acs.cs.ut.ee/hardware/ hardware] that can be used for research experiments.
 +
 +
==== From Estonian Police ====
 +
TBD
  
 
== Useful links ==
 
== Useful links ==
 
[https://drive.google.com/file/d/0B7yq33Gize8ydEh5X0NxeWtZc3c/edit ITX8040 Thesis advice slides]
 
[https://drive.google.com/file/d/0B7yq33Gize8ydEh5X0NxeWtZc3c/edit ITX8040 Thesis advice slides]
  
[http://www.cs.ut.ee/en/node/3301/mid/1046 Some advice and requirements for writing a thesis in UT]
+
[https://www.taltech.ee/en/thesis-and-graduation-it#p43359 Format requirements of a thesis and MS-Word Template (TalTech)]
  
[http://www.ttu.ee/infotehnoloogia-teaduskond/arvutiteaduse-instituut/at-tudengile/lopetamine-2/ Some advice and requirements for writing a thesis in TUT (in Estonian)]
+
[https://gitlab.cs.ttu.ee/templates/phd-thesis LATEX template for master thesis (TalTech) (accessible by UNI-ID)]
  
 
[http://www.lib.ttu.ee/dbs/abaasid.asp Databases, books, research papers accessible from the TTU network]
 
[http://www.lib.ttu.ee/dbs/abaasid.asp Databases, books, research papers accessible from the TTU network]
 +
 +
[https://courses.cs.ttu.ee/pages/Research_Method An Overview of Research Methods]
 +
 +
[https://courses.cs.ttu.ee/pages/Defended_thesis_cyber Previously Defended Theses]

Redaktsioon: 17. juuni 2024, kell 06:54

Thesis info for Cyber Security students

Important Deadlines for January 2025 Defence

  • Submission of the problem statement and research design document: 18 August 2024
  • Declaring your thesis topic in your study plan in ois: 9 September 2024
  • Submission of the thesis to the reviewer: 8th December 2024
  • OIS declaration: 16 December 2024
  • Submission of the final version of the thesis: 2 January 2025
  • Defences: TBA (possibly 13/14 January 2025)

Moodle: https://moodle.taltech.ee/course/view.php?id=33513#section-1

Important Deadlines for May/June 2025 Defence

  • Submission of problem statement and research design document: 15 December 2024
  • Declaring your thesis topic in your study plan in ois: 10 February 2025
  • Submission of the thesis to the reviewer: 20 April 2025
  • OIS declaration: 12 May 2025
  • Submission of the final version of the thesis: 18 May 2025
  • Defences: TBA (possibly 28 - 30 May OR 2 - 4 June 2025)

Moodle: https://moodle.taltech.ee/course/view.php?id=33512#section-3

Thesis Defence Overview

Writing and defending an MSc thesis is an important part of the Cyber Security curriculum, as it shows that you can go deep into a specific cyber security research area. This page gives a rough overview of the process, but details should be discussed with your supervisor. This overview part is given according to the assumption that you are following a 4-semester study plan and aim to defend in the May period. If you want to defend in January, then you can adjust the planning phases accordingly.

Generally, the process should start during the first year, by finding a topic-area of interest and by identifying a suitable supervisor. At the end of the second semester, it is highly recommended to have an idea about your topic and have discussed this with your supervisor.

In early December, you should submit a problem statement and research design document (please, find the details, below). Sending this document is considered as a registration to the defence that will take place in next term.

The next step in the process would be conducting the research. As the thesis submission deadline is around the third week of April (for students aiming to defend in January, this deadline is early December), please, plan to finish your work early April, so that your supervisor can review your thesis, give you feedback and you have time to address the feedback before your thesis is being sent to the reviewer/opponent. Jointly with your supervisor, you should then make a decision if your work is ready to be submitted for May defence (or if you need more time and prefer to submit for a January defence). The reviewer will review your thesis and give you feedback. Expect that you should receive the review about a week before the final deadline. You can continue to update your work until the final submission date. You can and should, however, incorporate the review feedback into the final copy of your thesis and defence presentation. This will allow you to make modifications, e.g., fix some typos or clarify some sections, which the reviewer pointed out.

At the final submission deadline, you will have to submit your thesis. On the day of defence, you are expected to give a 15-minute presentation of your work, followed by Q&A from the opponent, committee, supervisor & audience. Make sure you prepare your 15-minute presentation well, this should not be left for the evening before the defence.

Below some more detailed information.

Good luck!

Registration and submission of problem statement and research design document

Each student is required to submit a problem statement and research design document having a length up to 10 pages. The document must include your name and also the names of thesis and supervisor (and co-supervisor if exists).

About half a year before the defence, the students are required to indicate their intent to defend by this document. See deadlines above set for each semester. Typically this will be around Early December for May defences and Mid June for January defences. You will need to submit this via the TTU Moodle link given in "important deadlines" section of relevant defence period. You'll have to self-enrol yourself in that link. Feedback on the problem statement and research design document should be received within 3-4 weeks via the email account that you defined in TTU Moodle.

The document should include the following sections and content:

• The topic of the thesis

• The name of the author

• The name of the supervisor

• Motivation: An overview of the addressed problem is given here. It should be explained why the problem is important and deserves a research study.

• Research Problem/Hypothesis/Question: It is imperative to write a proper research problem/hypothesis/question statement(s).

• Scope and Goal: This section defines the goal of the study and describes the main outcomes. It is required to specify the scope, limitations and key assumptions of the study.

• Literature Review: This section includes the analysis of similar studies in the literature and gives a discussion of the research gap. It is important to link this research gap explanation with the research problem.

• Novelty: This section justifies the novelty of your study, explains what the main contribution is and what the differences are when compared to similar studies.

• Research Methods: The research methods that you will apply in your study are given here. The data collection and analysis methods are also covered in this section. It is needed to explain how your research outcome will be validated.

• References: The resources referenced in the document are listed here.

This document is evaluated according to the following criteria:

Whether the author

• has a well-defined problem statement,

• successfully presents the significance of the problem,

• knows the literature and the limits of existing solutions,

• have thought about possible methods,

• have thought about how to validate the proposed solution,

• brings a novelty to the literature.

You can find detailed information about research methods here.

Submission to Reviewer

Each thesis will be assigned a reviewer or sometimes called opponent. The reviewer must have at least a Master's degree and relevant knowledge or experience in the field of the thesis topic, and they must not have a conflict of interest (such as being members in the same research group). Students and supervisor may recommend reviewer candidates, but the final assignment will be done by the thesis defence committee.

A reviewer will provide written feedback (typically about two pages) on the thesis. The review should cover the following points:

  • short description of the thesis
  • strengths and weaknesses of the thesis
  • recommended grade (0-5, where 0 is a failing thesis and 5 is an excellent thesis) based on the clarity of the problem and the solution, complexity of the problem, suitability of the chosen solution, proper execution of the solution, and the proper formatting and language use in the thesis.
  • at least three questions that can be asked during the defence.

Based on the student's performance at the defence the reviewer may change the recommended grade.

The reviewer will receive a copy of the thesis about two-three weeks before the final/hard university deadline for submitting the thesis. The reason for this is that typically reviewers point out the typos and small factual mistakes that can be fixed in short time (about a week). The student will receive the review one week before the final submission deadline and therefore is able to address some of the comments before submitting the final version. The student can also still decide not to submit the thesis this round, but rather work on improving the quality and then submit an improved version in the next defence period.

OIS declaration

Before a student can proceed to the thesis defence, they have to declare the thesis topic in OIS and get approval from their supervisor. Please pay careful attention to the OIS declaration deadline, as without this you will not be permitted to attend the defence. If you will defend your thesis in Tartu University, then you should do your OIS declaration to their systems according to their deadlines.

OIS declaration deadlines can be found in the Academic Calendar!

Submission of Final Copy

Each student will submit the pdf version of the thesis, the relevant thesis metadata and licence information via moodle course page link given in "important deadlines" section of relevant defence period. Please complete the steps 1, 2 and 3 of the thesis submission on this page.


If you will defend your thesis in Tartu University, then you should submit final copy according to the procedures and deadlines of Tartu University.


NB! Do not forget that you need to prepare a 15 min presentation for your defence. This should really not be left to the evening before the defence!

The defence procedure

On the day of defence, students will present their theses according to the announced schedule. Generally, the results will be announced at the end of the day.

The defence procedure for each student consists of the following steps:

  • the committee Chairman announces the name of the student, the topic of the thesis, and the names of the supervisor(s) and reviewer.
  • the student presents his or her thesis in 15 minutes.
  • the student answers the reviewer's questions and the reviewer recommends a grade. This recommendation may differ from the preliminary recommendation, based on how successful the defence was.
  • the student answers questions from the committee.
  • the student answers questions from the audience.
  • the supervisor gives his or her opinion of the thesis and recommends a grade.

NB! The recommended grades by the reviewer and the supervisor are not binding to the committee, who makes the final decision.

Formal Requirements and recommendations

Until further notice, please use the formatting guide from the School of Information Technologies (link to the guide is given here). Please note that you will have to change the title page as of 01.01.2017:

  • write "School of Information Technology" instead of "Faculty of Information Technology"
  • write "Department of Software Science" instead of "Department of Computer Engineering".

The thesis code for IVCM is ITC70LT.

The following advices can be considered for a master thesis

  • a title page, an author declaration, an annotation in English and Estonian, a list of contents, and references are required in the thesis
  • 50-80 pages + appendices if needed
  • Times New Roman (or similar), font size 12, 1.5 spacing used for the ordinary text
  • Headings are numbered and no more than 3 levels used
  • Don't forget page numbers

Topic and supervisor

Every student must have a supervisor when writing the thesis. The supervisor's role is to provide guidance on topic selection and research methods, as well as to give feedback on your work. It is not the supervisor's duty to correct spelling mistakes or formatting errors - they may point such things out, but the responsibility remains with you. Before a thesis will be accepted for defence, the supervisor has to agree that it is of sufficient quality.

Almost any professor and lecturer you have met in your curriculum can act as an supervisor of your thesis. Some of them have some open problems suitable for doing research and writing a thesis, but many may not have a topic to offer right away. It is usually more helpful to have an initial idea of a topic of your thesis and ask someone with interests in the related field to advise you. You can have a supervisor not related to the university, but he can act only as a co-supervisor and you need to agree to somebody related to the curricula or the leading institute of the curriculum to be an official co-supervisor. All (co-)supervisors must have at least a Master's degree.

When refining a topic idea, make sure it has a clear connection with cyber security.

NB! Theses supervised by supervisors from the University of Tartu (UT) have to be defended in UT. Exceptions are possible, but need do be approved by the program manager.

If you will defend your thesis in UT, then you should do your thesis declaration according to the procedures and deadlines of UT. Thesis related guidelines and regulations are available at: https://cs.ut.ee/en/content/thesis-deadlines-and-guidelines In case of any questions contact UT Institute of Computer Science Academic Affairs Specialist Paula Luks (paula.luks@ut.ee).

Potential supervisors & proposed topics

The topics below are offered by potential (co-)supervisors (in alphabetical order). The list is updated as new offers emerge.

From Marko Arik, Industry PhD student, Talgen Cybersecurity Ltd. maarik@ttu.ee

  • Cyber Operations
  • Informational Environment
  • Individual competences in Cyber

From Sille Arikas, Industry PhD student, Clarified Security

  • No topics available for 2023/2024

From Hayretdin Bahsi, Tallinn University of Technology, hayretdin.bahsi@taltech.ee

I am interested in various topics which can be categorized as technical and organizational. If you already have specific topics in your mind, we can discuss them and decide to work together.

Technical Topics

  • Application of machine learning and data mining methods to the following cyber security problems: Malware detection, botnet identification, code security review, intrusion detection in cyber-physical systems, IoT network or robotic systems
  • Cyber security of IoT, cyber-physical systems: Development of a security testbed, threat modelling, honeypots, intrusion detection systems
  • Digital Forensics: Forensics issues in cyber-physical systems, IoT networks or robotics systems, mobile forensics, blockchain forensics

Organizational Topics

  • Security operation center (SOC) models
  • Case studies for the improvement of SOC processes such as threat monitoring, incident handling, vulnerability management or situational awareness

From Aivo Kalu, Cybernetica AS

No topics available for 2023/2024 academic year.

From Shaymaa Khalil, PhD STudent, TalTech

Interested in (but not limited to) topics related to:

  • Industrial Control Systems: threat modeling, security, testbeds for education, penetration testing and digital forensics
  • Digital forensics related topics, especially topics related to IoT, Windows OS and Digital Forensics tools benchmarking

From Toomas Lepik, Tallinn University of Technology

toomas.lepik@taltech.ee

General areas:

  • Network Forensic (related data analysis)
  • Reverse engineering (including malware analysis)
  • SCADA security
  • Incident Handling.
  • Log Analysis

Specific ideas:

  • Implications of DOH on security and availability + next step from https://www.netmeister.org/blog/doh-dot-dnssec.html
  • Domain name availability and how DNS registrant and registrar policy changes affect cybercrime
  • Heuristics on ip leasing operations
  • Defending organization that does not have internal network
  • Do applications do what they promise
  • Identifying specific applications based network fingerprints
  • Evaluation log collecting methods for Microsoft networks considering log poisoning attacks
  • Log collecting frameworks for organisations without internal networks
  • Information attributes and their influence on the organisational security beyond CIA
  • Frame works for cybersecurity devices / software evaluation
  • Evaluation specific software /hardware using ATT&CK Framwork
  • ATT&CK -Descriptions and false positives
  • Anatomy of cyber fractions during the Russian-Ukrainian war
  • Forensic Leaked materials of cyber criminal groups.
  • ...

From Birgy Lorenz, Tallinn University of Technology

birgy.lorenz@ttu.ee

No topics as of 2023/2024

From Seyed Mohammad Hadi Mirsadeghi, PhD Student, Tallinn University of Technology

Students can approach Hadi with topics in the following: adversarial machine learning, deep learning, network security, intrusion detection/prevention, software-defined networking (SDN), programmable networking, distributed intelligence seyed.mirsadeghi@taltech.ee

From Sten Mäses, Tallinn University of Technology

  • Creating educational hands-on virtual labs in rangeforce.com platform

From Andrew Roberts, PhD Student, Tallinn University of Technology

Topics: 1. Evaluation of Methods for Threat and Risk Assessment of Autonomous Self-Driving Vehicles 2. Design and Development of a cyber range for Autonomous self-driving vehicles Contribution:

Topic 1: The outcome of this work will form part of TUT contribution to standards and methods research within the International Alliance for Mobility Testing and Standardisation (IAMTS).

Topic 2: The developed cyber range will be integrated into the EU ECHO-Federated Cyber Range.

From Aleksi Kajander, Tallinn University of Technology

  • legal aspects of cyber security
  • international law

From Rain Ottis, Tallinn University of Technology

  • national cyber security
  • serious games in cyber security/cyber security exercises

From Mauno Pihelgas NATO CCDCOE

  • system and network monitoring
  • observability and situation awareness
  • IDS/IPS systems
  • automating cyber defences

From Jaan Priisalu, Tallinn University of Technology

  • TBD

From Muaan Ur Rehman, PhD Student, Tallinn University of Technology

Research focus is on machine learning in intrusion detection, security monitoring of maritime systems and android malware analysis. Students can come up with their own idea/research topic and contact Rehman through email muaan.ur@taltech.ee

From Nikita Snetkov, Industry PhD Student, Cybernetica / Tallinn University of Technology

  • Comparative study of migration to post-quantum cryptography in Estonia
  • Implementing post-quantum cryptography on ID-card
  • Implementing post-quantum variant of Smart-ID
  • Blind Smart-ID signatures

Topics are not limited by ones above. If a student has a topic in mind, Nikita's research interests are cryptography, e-voting, digital identity, cryptographic security proofs, post-quantum cryptography.

From Matthew Sorell, Tallinn University of Technology / Adelaide University Australia

Matthew James Sorell <matthew.sorell@taltech.ee>

Topics in digital forensic science may be available. Students should come with an idea that can be turned into a proposal.

From Eneken Tikk, Tallinn University of Technology

  • Technical and organizational implementation of the GDPR
  • Monetization of personal data
  • Economics of cybersecurity (the cost of implementation relative to the anticipated and evidenced gains)
  • Cyber insurance
  • Non-military strategies for national and international cybersecurity
  • Legal aspects of cybersecurity

From Risto Vaarandi, Tallinn University of Technology

Here are potential areas for selecting a thesis topic:

  • event log collection
  • event log analysis
  • event correlation
  • network monitoring
  • intrusion detection
  • data mining methods for security monitoring
  • machine learning methods for security monitoring
  • any area that is connected to security monitoring
  • other system security engineering topics (for example, system hardening or firewalling)

When applying for supervision, make sure you have selected at least one initial thesis topic suggestion with a background research about its validity.

From Jelizaveta Vakarjuk, Industry PhD Student, Cybernetica / Tallinn University of Technology

Jelizaveta's general research interest includes different privacy-preserving technologies and multiparty computation with its usage for the digital identity management systems. Additionally, post-quantum cryptography (with main focus on digital signatures) and migration to post-quantum cryptography. She does not have any specific topics to offer for the 2023/2024 academic year, but if something from her research interest sound appealing, please feel free to contact her (jelizaveta.vakarjuk@cyber.ee).

From Adrian Venables, Tallinn University of Technology

  • Cyber security aspects of Information Warfare
  • Strategic Communications doctrine development
  • Information Operations doctrine development
  • Cognitive Warfare in the Digital Information Environment

Note: a background in International Relations, Political Science or Strategic Studies is required

From Gabor Visky, PhD Student, NATO CCDCOE / TalTech

Gabor Visky <gabor.visky@ccdcoe.org>

  • Network traffic analysis in the maritime cyber-lab

From Kaido Kikkas, Tallinn University of Technology, IT College. kaido.kikkas@taltech.ee

  • Cyber security risks in telepresence robotics and their mitigation (practical experimenting is possible at IT College; see [1]
  • Cyber security lessons from the COVID-19 pandemic (incl. surveys in Estonia)
  • Evolution of Cyberwar (Estonia 2007, Georgia 2007, Ukraine 2014/2022
  • Total defence in cyberspace (might try to suggest a strategy for Estonia)
  • Specific traits of cyber capabilities in totalitarian societies


Some more possible keywords to spark Thesis topic ideas: (e-)learning/training, FLOSS/Linux, smart devices, IoT, social engineering, usability/accessibility vs security/privacy

Also might study cyber counterparts to (legal) self-defence and citizen's arrest

From Ricardo Gregorio Lugo, Tallinn University of Technology, Estonian Maritime Academy

Any topic from Human Aspects and cyberpsychology are actual.

Topics can include:

  • Human performance in cybersecurity
  • Individual and Team Processes in Cybersecurity defense/exercises
  • Human computer interaction in cybersecurity
  • Human-AI trust and decision-making
  • Communication and Decision-making in recognized cyber threat situations
  • Human Perception and Information Visualizations in cybersecurity
  • Cognitive factors in risk perception and decision-making
  • Mental Health in Cybersecurity

From the TalTech IT office

  • Security implications in Migrating Taltech Campus LAN to IPv6; Toomas Lepik
  • Improving SOC and Information security processes; Toomas Lepik
  • Auditing Taltech EITS compliance based on public information; Toomas Lepik
  • Improving Log analysis pipelines; Toomas Lepik

From the TalTech Space Centre

NB: Please contact Adrian Venables, if interested in any of these topics.

  • Methods and tools for capturing, identifying, analyzing, and reverse engineering satellite protocols
  • Study of security features and use of cryptography in nanosatellite communication protocols
  • Reusable low-footprint cryptographic primitives for microcontrollers with limited resources
  • Testing framework for nanosatellite communication protocol implementation correctness and robustness
  • Adaptation of existing protocol or designing a new protocol for the next Taltech nanosatellite
  • Implementation of a fully reusable and secure protocol stack as part of the platform for future nanosatellites
  • Implementation of the new Taltech nanosatellite protocol for ground station
  • Security review of TTU100/TTU101 software to identify errors and risks that should be avoided in software for the next satellites
  • Suitability, performance, properties, and security of LoRa technologies when used for nanosatellites

From the University of Tartu

NB! Theses supervised by supervisors from the University of Tartu (UT) have to be defended in UT. Exceptions are possible, but need do be approved by the program manager. If you will defend your thesis in UT, then you should do your thesis declaration according to the procedures and deadlines of UT. Thesis related guidelines and regulations are available at: https://cs.ut.ee/en/content/thesis-deadlines-and-guidelines In case of any questions contact UT Institute of Computer Science Academic Affairs Specialist Paula Luks (paula.luks@ut.ee).


Cybersecurity-related research in the University of Tartu is conducted by the following persons:

- Arnis Paršovs, University of Tartu, <arnis.parsovs@ut.ee>

- Danielle Morgan, University of Tartu, <danielle.morgan@ut.ee>

- Alo Peets, University of Tartu, <alo.peets@ut.ee>

- Dominique Unruh, University of Tartu, <dominique.unruh@ut.ee>

- Vitaly Skachek, University of Tartu, <vitaly.skachek@ut.ee>

- Mubashar Iqbal, University of Tartu, <mubashar.iqbal@ut.ee>

- Abasi-Amefon Obot Affia, University of Tartu, <amefon.affia@ut.ee>

- Mari Seeba, University of Tartu, <mari.seeba@ut.ee>

- Sabah Suhail, University of Tartu,

- Raimundas Matulevicius, University of Tartu, <raimundas.matulevicius@ut.ee>


Some topics are provided at <https://infosec.cs.ut.ee/Main/ThesisTopics>. For other topics, students can contact directly the supervisors and course lecturers.


A full list of thesis topics offered by the Applied Cyber Security Group (UT) is available in the thesis topics database. Students can also get access to various hardware that can be used for research experiments.

From Estonian Police

TBD

Useful links

ITX8040 Thesis advice slides

Format requirements of a thesis and MS-Word Template (TalTech)

LATEX template for master thesis (TalTech) (accessible by UNI-ID)

Databases, books, research papers accessible from the TTU network

An Overview of Research Methods

Previously Defended Theses