Erinevus lehekülje "ITX8062" redaktsioonide vahel
| 169. rida: | 169. rida: | ||
|   - If you do not see your initials behind the correct date (after a few days) please contact the instructor again. |   - If you do not see your initials behind the correct date (after a few days) please contact the instructor again. | ||
| − | As of  | + | As of 30.12.2013: | 
|   - 18.12.2013 1800 at ICT411 (registration closed)(Registered: LX, IT, CH, MA, AJ, KK, XL, EI) |   - 18.12.2013 1800 at ICT411 (registration closed)(Registered: LX, IT, CH, MA, AJ, KK, XL, EI) | ||
| − |   - 07.01.2014 1800 at ICT411 ( | + |   - 07.01.2014 1800 at ICT411 (7 slots open)(Registered: RZ, OA, IK, AR, AP) | 
| − |   - 09.01.2014 1800 at ICT411 ( | + |   - 09.01.2014 1800 at ICT411 (2 slots open)(Registered: TM, AS, KL, VT, AS, TS, PU, MK, AK, CM) | 
| − |   - 20.01.2014 1800 at ICT411 ( | + |   - 20.01.2014 1800 at ICT411 (1 slot open)(Registered: YY, CR, SM, TT, PK, VT, LD, SS, KK, TL, AK) | 
| </b> | </b> | ||
Redaktsioon: 30. detsember 2013, kell 16:38
Information Systems Mass Attacks and Defence (fall 2013)
Weeks 1-8 of the Fall Semester
Tuesdays 17:45-21:00
Room ICT-A1 (new IT building at Akadeemia 15a, second floor)
Instructors
Rain Ottis, PhD, Associate Professor at TUT
Jaan Priisalu, Director General, Estonian Information System's Authority
Practice led by Tiit Hallas
Contact: rain dot ottis at ttu dot ee
Schedule
NB! Check the schedule for updates before each lesson.
Lesson 1
03.09.2013
Introduction (Priisalu, Hallas) [Slides]
Research paper topic assignment (Priisalu, Hallas)
Lesson 2
10.09.2013
Review of research paper requirements (Ottis) [Slides]
Lecture: cyber conflict and espionage (Ottis) [Slides]
Topics covered: Estonia 2007 and Georgia 2008 cyber conflicts, StuxNet, PRISM, discussion.
Practice (Hallas)
Topics covered: overview of exercises, introduction of tabletop exercises in the context of this course, explaining the need for processes based on the real life examples.
Lesson 3
17.09.2013
Lecture: cyber crime and terrorism (Ottis, Priisalu) [Slides]
Topics covered: criminal attacks, experiences from the banking sector, attack methods, motives, cooperation.
Practice (Hallas)
Topics covered: Creating teams, assigning team roles, introducing scenarios and injects, playing the first game.
Lesson 4
24.09.2013
Lecture: politically motivated attacks (Ottis) [Slides]
Topics covered: hactivism, private hacking for political reasons, state sponsored cyber attacks, cyber espionage, methods, motives, countermeasures.
Practice (Hallas)
Topics covered: Analysing the last game, playing by scenarios and with injects
Lesson 5
01.10.2013
Lecture: cyber security planning (Priisalu)
Topics covered: cyber security planning.
Practice (Hallas)
Topics covered: Explaining “the final game”, discussing self-written scenarios.
Lesson 6
08.10.2013
Lecture: incident handling and CIIP (Priisalu)
Topics covered: CIIP overall, CIIP in Estonia, crisis management, CERT perspective, law enforcement perspective, incident handling process in Estonia.
Lesson 7
15.10.2013
Practice (Hallas, Ottis, Priisalu)
Tabletop exercise
Lesson 8
22.09.2013
Course summary and feedback (Ottis, Priisalu, Hallas)
Grade assignment
30% - Performance at the tabletop exercises
30% - Written assignment (research paper, 2000-4000 words)
40% - Oral exam
Tabletop Exercise (practice component)
It's game time! In this part of the course we will learn about war games. We will discuss their importance and practical applications in the real world and see how those games are organized. We will not only talk about them, but we will try them out as well.
The goal of this is to analyse the importance of communication processes and to understand the need to test those processes using tabletop exercises. We will create different teams with different tasks that will fall into two main categories: Red teams and Blue teams.
To the blue teams we will show that you might not have the full understanding of the situation, not enough information and resources.
To the red teams we will show that even though you might have a perfect plan, things will not go as you would want them to go.
Agenda
Lesson 2
Introduction
Processes and testing
Examples of different exercises and games from real life
Lesson 3
Creating teams, assigning roles
Introducing scenarios and injects
Playing the first game to understand what we are doing
Lesson 4
Playing the first game with scenarios and injects
Analysing the game and reports
Lesson 5
Discussing self-written scenarios and injects
Explaining the "final game" and the methods
Lesson 7
Final game
Lesson 8
Feedback
General information
Red teams will get to do less during the class exercises. However - their performance during the last exercise will be watched and graded with more detail. It requires much more independent work from the team to prepare.
If you have questions, comments or ideas about the topic then you can contact me via e-mail hallas at ut dot ee.
EXAM
Exam times
- Note that there are limited exam slots available for each date, so register (via e-mail to dr Ottis) as soon as possible. - Send in your paper at least one week before the exam date. - Be present at the beginning of the exam. - If you do not see your initials behind the correct date (after a few days) please contact the instructor again.
As of 30.12.2013:
- 18.12.2013 1800 at ICT411 (registration closed)(Registered: LX, IT, CH, MA, AJ, KK, XL, EI) - 07.01.2014 1800 at ICT411 (7 slots open)(Registered: RZ, OA, IK, AR, AP) - 09.01.2014 1800 at ICT411 (2 slots open)(Registered: TM, AS, KL, VT, AS, TS, PU, MK, AK, CM) - 20.01.2014 1800 at ICT411 (1 slot open)(Registered: YY, CR, SM, TT, PK, VT, LD, SS, KK, TL, AK)
Admin notes
- This is an oral exam. - You are allowed to use your computer/notes during the preparation. - At the beginning of the exam, each student will get two questions (may contain sub-questions). - At least one of the questions will be related to the individual paper topic or the paper itself. - Students will have time to prepare their answers.