Erinevus lehekülje "Cyber second year" redaktsioonide vahel
38. rida: | 38. rida: | ||
* integrating last generation BMS (Building Management System); Thomas Lepik | * integrating last generation BMS (Building Management System); Thomas Lepik | ||
* the student view of OIS (usability, security, re-design); Enn Rebane | * the student view of OIS (usability, security, re-design); Enn Rebane | ||
+ | |||
+ | ===== From Arnis Parsovs, University of Tartu, arnis@ut.ee ===== | ||
+ | * Topic: Security analysis of peer-to-peer messaging protocol TorChat. | ||
+ | Task: Find out and describe how secure message exchange is established and what is the threat model it protects against. | ||
+ | Describe how it could possibly be attacked and review if secure coding practices are followed. | ||
+ | |||
+ | * Topic: Security of Estonian ID card signing in the browser | ||
+ | Task: Describe the threat model and the current security issues with EstEID browser plugin. | ||
+ | Implement WYSeeIWYSign feature for EstEID firefox plugin that can protect against malicious server. Document improved API. | ||
+ | |||
+ | * Topic: On-the-fly encryption for car DVR | ||
+ | Task: Implement on-the-fly encryption functionality for Prestigio car DVR (by patching publicly available firmware - possibly by hooking write calls). | ||
+ | Use of hybrid encryption is recommended, however, implementation of scrambling (e.g., XORing with a fixed key) might already be considered success. | ||
+ | Describe the threat model, how it was done and how to use it. | ||
=== Formal Requirements and recommendations === | === Formal Requirements and recommendations === |
Redaktsioon: 11. september 2013, kell 16:56
Courses
- ITX8080 Simulation of Attacks and Defense
- ITV8060 Computer Network Security (4 EAP) is available and free on Fall for cybersecurity 2. year students and can be moved to Specialization module after you have got a grade.
- ITX8071 Cyber Defense Monitoring Solutions replaces the course ITX8070 Log Mining and Disc Forensics.
- ITX8040 Cyberdefence seminar will take place on Spring semester
- ITX8042 Malware
- ITX8042 Malware II
The courses are free to cybersecurity RE students (the invoices are cancelled) and can be moved to Specialization module after you get a grade.
Writing a Thesis
Topic and advisor
Almost any professor and lecturer you have met in your curricula can act as an advisor of you thesis. Some of them have some open problems suitable for doing research and writing a thesis, but many don't have a topic to offer. It is usually more helpful to have an initial idea of a topic of your thesis and ask someone with interests in the related field to advise you. You can have an advisor not related to the university, but he can act only as a co-advisor and you need to agree to somebody related to the curricula or the leading institute of the curricula to be an official advisor.
When refining topic ideas, make sure it has a clear connection with cyber security.
The topics or keywords below are offered by potential (co-)supervisors. It is updated as new offers emerge.
From the TUT IT office
Infrastructure
- Migrating TUT Campus LAN to IPv6; Edgars Zigurs
- Implementing a freeware SIEM solution in TUT; Edgars Zigurs
- Campus WiFi quality and signal strength modeling (3D); Edgars Zigurs
Development
- electronic door signs, room calendars, etc.; Thomas Lepik
- VoIP solutions - softphone, integration with existing information systems; Thomas Lepik
- integrating last generation BMS (Building Management System); Thomas Lepik
- the student view of OIS (usability, security, re-design); Enn Rebane
From Arnis Parsovs, University of Tartu, arnis@ut.ee
- Topic: Security analysis of peer-to-peer messaging protocol TorChat.
Task: Find out and describe how secure message exchange is established and what is the threat model it protects against. Describe how it could possibly be attacked and review if secure coding practices are followed.
- Topic: Security of Estonian ID card signing in the browser
Task: Describe the threat model and the current security issues with EstEID browser plugin. Implement WYSeeIWYSign feature for EstEID firefox plugin that can protect against malicious server. Document improved API.
- Topic: On-the-fly encryption for car DVR
Task: Implement on-the-fly encryption functionality for Prestigio car DVR (by patching publicly available firmware - possibly by hooking write calls). Use of hybrid encryption is recommended, however, implementation of scrambling (e.g., XORing with a fixed key) might already be considered success. Describe the threat model, how it was done and how to use it.
Formal Requirements and recommendations
There are no strict rules on formatting your thesis. Some general advices that are good to follow for a master thesis:
- a title page, an author declaration, an annotation in english and estonian, a list of contents, and references are required in the thesis
- around 50 pages + appendixes if needed
- Times New Roman (or similar), font size 12, 1.5 spacing used for the ordinary text
- headings are numbered and no more than 3 levels used
- 2 copies are submitted, you will get one back afterwards.
The Cyber Security Seminar is designed to provide advice on the thesis requirements and writing process to Cyber Security Master's students.
Dates (2013 spring)
- May 13 deadline for application of defending the thesis
- May 27, 9.00 - 11.00 and 15.00 - 17.00, submission of the thesis (two copies to ICT-411)
- June 3 (Schedule) defenses of the thesis (presentation 15 minutes + discussion)
- After defense, please, visit Dean's Office for more information about final formalities
- June 19 - 28 final ceremony
- Upload your thesis if you would like to have it public
Your advisor may have different suggestions, but if they don't say anything then you should plan to have a first draft ready by the end of April.
Links
Some advises and requirements for writing a thesis in UT
Some advises and requirements for writing a thesis in TTU (in Estonian)
Databases, books, research papers accessible from the TTU network