Erinevus lehekülje "Thesis" redaktsioonide vahel

Allikas: Kursused
Mine navigeerimisribale Mine otsikasti
152. rida: 152. rida:
 
* Application of machine learning and data mining methods to the following cyber security problems
 
* Application of machine learning and data mining methods to the following cyber security problems
  
  Mobile malware detection, botnet identification, intrusion detection in SCADA systems and extraction of cyber threat intelligence     
+
Mobile malware detection, botnet identification, intrusion detection in SCADA systems and extraction of cyber threat intelligence     
  
 
* Security of Industrial Control Systems (ICSs)
 
* Security of Industrial Control Systems (ICSs)
  
  Development of an ICS security testbed, ICS honeypots, attacks targeting ICS, intrusion detection systems in ICS, event correlation systems in ICS,  
+
Development of an ICS security testbed, ICS honeypots, attacks targeting ICS, intrusion detection systems in ICS, event correlation systems in ICS,  
  forensics issues in ICSs
+
forensics issues in ICSs
  
 
* Situational Awareness and Cyber Threat Intelligence
 
* Situational Awareness and Cyber Threat Intelligence
  
  Analysis and comparison of cyber threat information sharing protocols, privacy preserved sharing of cyber threat intelligence, generation of threat  
+
Analysis and comparison of cyber threat information sharing protocols, privacy preserved sharing of cyber threat intelligence, generation of threat  
  profiles out of cyber exercises           
+
profiles out of cyber exercises           
 
        
 
        
 
Organizational Issues
 
Organizational Issues

Redaktsioon: 17. aprill 2018, kell 11:55

Thesis info for Cyber Security students

Overview

Writing and defending a MSc thesis is an important part of the Cyber Security curriculum, as it shows that you can go deep into a specific cyber security research area. This page gives a rough overview over the process, but details should be discussed with your supervisor. This overview part is given according to the assumption that you are following 4 semester study plan and aim to defend in June period. If you want to defend in January, then you can adjust the planning phases accordingly.

Generally the process should start during the first year, by finding a topic-area of interest and by identifying a suitable supervisor. At the end of the second semester, you should have an idea about your topic and you should have discussed this with your supervisor.

It is recommended that you take the literature review seminar (ITX8040 and ITX8230) in the 3rd semester. The purpose of this seminar is two-fold: (a) you need to do a literature review for your thesis anyway (e.g., see here), and (b) learning from others about research-papers they have read for their thesis broadens your overall horizon and should help you in discussing challenges you are facing in your own literature review.

The purpose of the literature review is that you obtain a good understanding of the state-of-the-art research in your selected area of research. Typically during this reading phase, the problem statement (the question you aim to address/solve in your thesis) will be refined/changed. You should aim to have a solid problem statement fixed and agreed with your supervisor during the 3rd semester, ideally well before December.

The next step in the process would be conducting the research. Please reserve sufficient time for this, as this is going to be the main contribution of your thesis. Plan to finish this work early April, so that your supervisor can review your thesis, give you feedback and you have time to address the feedback before your thesis is being sent to the reviewer/opponent. Jointly with your supervisor you should then make a decision if your work is ready to be submitted for June defence (or if you need more time and prefer to submit for a January defence). For students planning to defend in June, expected deadline to submit your thesis for review, to be around late April. For students aiming to defend in January, expect early December. The opponent will review your thesis and give you feedback. Clearly, you will be allowed to continue working on your thesis, but keep in mind any results or insights that you produce during that time won't be visible to your opponent. You can and should, however, include them in the final copy of your thesis and defence presentation. Expect that you should receive the review from your opponent about a week or two before the final deadline. This will allow you to make minor modifications, e.g., fix some typos or clarify some sections, which the reviewer pointed out.

At the final submission deadline, you will have to submit your thesis. On the day of defence, you are expected to give a 15 minute presentation of your work, followed by Q&A from the opponent, committee, supervisor & audience. Make sure you prepare your 15 min presentation well, this should not be left for the evening before the defence.

Below some more detailed information.

Good luck!

Thesis defence

The thesis defences are typically held in early June or January.

Important Deadlines for Spring Semester 2018 Defence

  • Registration and submission of problem statement and research design document via TTU Ained: 1 December 2017
  • Submission to reviewer: 23. April 2018 via TTU ained
  • Submission of final version of the theses: 7. May 2018
  • OIS declaration: 14 May 2018
  • Submission of one paper copy: 14. May 2018 (between 10:00-12:00 or 13:00-16:30 in ICT-429), please contact Siiri Tavater (siiri.taveter@ttu.ee) in case of any problem
  • Defences: 28. - 30. May at 10:00 in ICT-315

The procedure for thesis defence is set by TTU regulations. The students who have supervisor from TTU but want to defend their theses in Tartu University in order to fulfill the minimum credit requirements will follow the first two steps (registration and submission of problem statement and submission to reviewer) as given above. However, OIS declaration, submission of final version and defence should be done according to the deadlines and procedures of Tartu University.

Registration and submission of problem statement and research design document

Each student is required to submit a problem statement and research design document. The document must include your name, student number, and also the name of thesis and supervisor (and co-supervisor, if exists).


The reason for this is to catch potential problems early. About half a year before the defence, the students are required to indicate their intent to defend by this document. See deadlines above set for each semester. Typically this will be around Early December for June defences, and Mid June for January defences. You will need to submit this via the TTU Moodle link given in "important deadlines" section of relevant defence period. You'll have to self-enroll yourself in that link. Instructions on how to access the TTU Moodle can be found here. Feedback on the problem statement and research design document should be received within 3-4 weeks via TTU Moodle.

The document should include very brief answers to below questions in two or three pages.

• What is the research problem/hypothesis/question?

• What are the goals of the study?

• Why is this study important?

• What are the possible outcomes of the study?

• What are the limitations and key assumptions of the study?

• What is missing in the literature?

• Which methodologies will be used for solving the problem and validation of the study?

This document is evaluated according to the following criteria:

Whether the author

• has a well-defined problem statement,

• successfully presents the significance of the problem,

• knows the literature and the limits of existing solutions,

• have thought about possible methods,

• have thought about how to validate the proposed solution,

• brings a novelty to the literature.

You can find detailed information about research methods here.

Submission to Reviewer

Each thesis will be assigned a reviewer or sometimes called opponent. The reviewer must have at least a Master's degree and relevant knowledge or experience in the field of the thesis topic, and they must not have a conflict of interest (such as being members in the same research group). Students and supervisor may recommend reviewer candidates, but the final assignment will be done by the thesis defence committee.

A reviewer will provide written feedback (typically about two pages) on the thesis. The review should cover the following points:

  • short description of the thesis
  • strengths and weaknesses of the thesis
  • recommended grade (0-5, where 0 is a failing thesis and 5 is an excellent thesis) based on the clarity of the problem and the solution, complexity of the problem, suitability of the chosen solution, proper execution of the solution, and the proper formatting and language use in the thesis.
  • at least three questions that can be asked during the defence.

Based on the student's performance at the defence the reviewer may change the recommended grade.

The reviewer will receive a copy of the thesis about a month before the final/hard university deadline for submitting the thesis. The reason for this is that typically reviewers point typos and small factual mistakes that can be fixed in short time (about a week). The student will receive the review 1-2 weeks before the final university deadline and therefore is able to address some of the comments before submitting the final version. The student can also still decide not to submit the thesis this round, but rather work on improving the quality and then submit an improve version in the next defence period.

OIS declaration

Before a student can proceed to the thesis defence, they have to declare the thesis topic in OIS and get approval from their supervisor. The deadline for handing in the final version of the thesis (hardcopy and softcopy) is typically at least one week before the defence deadline. Please pay careful attention to the OIS declaration deadline, as without this you will not be permitted to attend the defence. If you will defend your thesis in Tartu University, then you should do your OIS declaration to their systems according to their deadlines.

Submission of Final Copy

Each student will submit the pdf version of the thesis, the relevant thesis metadata and licence information via moodle course page link given in "important deadlines" section of relevant defence period. Please complete the steps 1, 2 and 3 of the thesis submission on this page.

In addition to submission of above materials via Moodle, one paper copy of your thesis will be collected before defence, which you will get back after defence. The details will be announced one or two weeks before the deadline.

If you will defend your thesis in Tartu University, then you should submit final copy according to the procedures and deadlines of Tartu University.


NB! Do not forget that you need to prepare a 15 min presentation for your defence. This should really not be left to the evening before the defence!

The defence procedure

On the day of defence, students will present their theses according to the announced schedule. Generally, the results will be announced at the end of the day.

The defence procedure for each student consists of the following steps:

  • the committee Chairman announces the name of the student, the topic of the thesis, and the names of the supervisor(s) and reviewer.
  • the student presents his or her thesis in 15 minutes.
  • the student answers the reviewer's questions and the reviewer recommends a grade. This recommendation may differ from the preliminary recommendation, based on how successful the defence was.
  • the student answers questions from the committee.
  • the student answers questions from the audience.
  • the supervisor gives his or her opinion of the thesis and recommends a grade.

NB! The recommended grades by the reviewer and the supervisor are not binding to the committee, who makes the final decision.


Formal Requirements and recommendations

Until further notice, please use the formatting guide (.zip) from the Computer Engineering Department. Please note that you will have to change the title page as of 01.01.2017:

  • write "School of Information Technology" instead of "Faculty of Information Technology"
  • write "Department of Software Science" instead of "Department of Computer Engineering".

The thesis code for IVCM is ITC70LT.

General information. The following advice is a good idea to consider for a master thesis:

  • a title page, an author declaration, an annotation in English and Estonian, a list of contents, and references are required in the thesis
  • 50-80 pages + appendices if needed
  • Times New Roman (or similar), font size 12, 1.5 spacing used for the ordinary text
  • headings are numbered and no more than 3 levels used
  • Don't forget page numbers
  • 1 bound hard copy is submitted, you will get that back afterwards. You also have to submit the license agreement granting TUT the right to store and publish the thesis.
  • A soft copy of the thesis (in pdf format) and the thesis meta data sheet are sent to thesis@cs.ttu.ee.

Topic and supervisor

Every student must have an supervisor when writing the thesis. The supervisor's role is to provide guidance on topic selection and research methods, as well as to give feedback on your work. It is not the supervisor's duty to correct spelling mistakes or formatting errors - they may point such things out, but the responsibility remains with you. Before a thesis will be accepted for defence, the supervisor has to agree that it is of sufficient quality.

Almost any professor and lecturer you have met in your curriculum can act as an supervisor of your thesis. Some of them have some open problems suitable for doing research and writing a thesis, but many may not have a topic to offer right away. It is usually more helpful to have an initial idea of a topic of your thesis and ask someone with interests in the related field to advise you. You can have a supervisor not related to the university, but he can act only as a co-supervisor and you need to agree to somebody related to the curricula or the leading institute of the curriculum to be an official co-supervisor. All (co-)supervisor must have at least a Master's degree.

When refining a topic idea, make sure it has a clear connection with cyber security.

Potential supervisors & proposed topics

The topics below are offered by potential (co-)supervisors (in alphabetical order). The list is updated as new offers emerge.

From Hayretdin Bahsi, Tallinn University of Technology, hayretdin.bahsi@ttu.ee

I am interested in many topics which can be classified as technical, organizational and strategic. If you already have specific topics, we can discuss them and decide to work together.

Technical Issues

  • Application of machine learning and data mining methods to the following cyber security problems
Mobile malware detection, botnet identification, intrusion detection in SCADA systems and extraction of cyber threat intelligence    
  • Security of Industrial Control Systems (ICSs)
Development of an ICS security testbed, ICS honeypots, attacks targeting ICS, intrusion detection systems in ICS, event correlation systems in ICS, 
forensics issues in ICSs
  • Situational Awareness and Cyber Threat Intelligence
Analysis and comparison of cyber threat information sharing protocols, privacy preserved sharing of cyber threat intelligence, generation of threat 
profiles out of cyber exercises          
     

Organizational Issues

  • Cyber Insurance
  • Security framework for information sharing with third party entities
  • Analysis of security operation center models

Strategic Issues

  • High-level information flows and reporting mechanisms among the major entities of national cyber security governance
  • Maturity models for the analysis of national cyber security capability

From Bernhards Blumbergs

  • network security
  • exploit development,
  • advanced threats
  • security evasion,
  • IPv6

From Aivo Kalu, Cybernetica AS

  • Pilveteenuste ohuanalüüs ja võrdlus ISKE-ga

From Jüri Kivimaa, Tallinn University of Technology

  • IT security economics
  • security cost optimization

From Aleksandr Lenin, Cybernetica AS.

Contact e-mails:

aleksandr.lenin@ttu.ee

aleksandr.lenin@cyber.ee

  • Aleksandr Lenin: quantitative security risk analysis, security modelling (attack process graphs), security modelling patterns (e.g. attack patterns), analysis of strategic interactions of malicious decision makers, security games (game theory), security decision making and optimization, fuzzy metrics for security, fuzzy decision making and control, fuzzy security analysis, algorithms for security analysis (development, optimization, benchmarking), enhancing ISKE by integrating other analysis tools into the ISKE tool, social aspects of security (modeling and analysing social engineering attacks).

Click here for a list and details.

From Toomas Lepik, Tallinn University of Technology

  • forensics
  • malware
  • anti-malware

From Olaf Maennel, Tallinn University of Technology, olaf.maennel@ttu.ee

No slots available anymore. Accepting next students only who are working towards June 2019 (or later) defences.

From Rain Ottis, Tallinn University of Technology

  • national cyber security
  • serious games in cyber security/cyber security exercises

From Arnis Paršovs, University of Tartu, arnis@ut.ee

  • eID
  • PKI
  • TLS
  • Smart cards

From Mauno Pihelgas

  • system monitoring
  • network monitoring
  • IDS/IPS systems
  • insider threat detection

From Jaan Priisalu, Tallinn University of Technology

  • TBD

From Truls Ringkjob

  • various

Tiia Sõmer

Currently no topics on offer.

From Kaie Maennel, Tallinn University of Technology

(kaie.maennel@ttu.ee)

- cyber awareness and hygiene

- cyber security learning and teaching (e.g., serious games, cyber defense exercises, etc.)

- learning analytics in cyber security training context

- human factors in cyber security

From Risto Vaarandi, Tallinn University of Technology

  • log collection and analysis
  • event correlation
  • network monitoring
  • security monitoring.

Application for supervision requires passing the Cyber Defense Monitoring Solutions course with grade 4 or 5.

From the TUT IT office

Infrastructure

  • Migrating TUT Campus LAN to IPv6; Edgars Zigurs
  • Implementing a freeware SIEM solution in TUT; Edgars Zigurs
  • Campus WiFi quality and signal strength modeling (3D); Edgars Zigurs

Development

  • electronic door signs, room calendars, etc.; Thomas Lepik
  • VoIP solutions - softphone, integration with existing information systems; Thomas Lepik
  • integrating last generation BMS (Building Management System); Thomas Lepik
  • the student view of OIS (usability, security, re-design); Enn Rebane

From Estonian Police

  • Vaatlustarkvarade EnCase ja Autopsy võrdlus (selgituseks, et Autopsy on EnCase analoog, kuid tasuta. Vajalik oleks täpne analüüs, et mida Autopsy võimaldab ja mida mitte võrreldes EnCase ja/või FTKga).
  • Erinevate suhtlustarkvarade (WhatsApp, Viber, FB Messenger, Skype jt) jäljed mobiiltelefonides ja nende analüüsimine (selgituseks, et üldjuhul loovad suhtlustarkvarad mingi andmebaasi vestlustega ka telefoni, kas see on krüpteeritud või mitte? Osad vestlused XRY tuvastab, aga millistel juhtudel? Millised võimalused oleks neid faile nö käsitsi uurida?).
  • Tõendiahela kirjeldamine elektrooniliste tõendite fikseerimisel (chain of custody)/Elektroonilise sisu erikohtlemine asitõendi vaatlusel/Digitaaltõendite vaatluse kord – erinevate riikid analüüs ja võrdlus.
  • P2P võrkudes lastest ebasündsate piltide levitajate tuvastamine/P2P võrkudes illegaalse internetisisu levitajate tuvastamine.
  • Koolituskava väljatöötamine uurijale/menetlejale, kes puutub kokku digitaalsete tõenditega- erinevate riikide praktika võrdlus.
  • Ask Rain Ottis for a POC on these topics.


Useful links

ITX8040 Thesis advice slides

Some advice and requirements for writing a thesis in UT

Some advice and requirements for writing a thesis in TUT (in Estonian)

Databases, books, research papers accessible from the TTU network

An Overview of Research Methods