Thesis
Thesis info for Cyber Security students
Deadlines for 2015 spring
- March 1 - send an e-mail to Rain Ottis stating your intent to defend your thesis in June, your topic and the name and contact information of your thesis advisor.
- March-May - pre-defence of selected students
- TBD / May - deadline for application of defending the thesis in OIS
- TBD / May - submission of the thesis (two hard copies to ICT-411)
- TBD / June - defenses of the thesis (presentation 15 minutes + discussion)
- After the thesis defense, please visit the Dean's Office for more information about final formalities
- TBD (June) - final ceremony
- Upload your thesis if you would like to have it public
Topic and advisor
Every student must have an advisor when writing the thesis. The advisor's role is to provide guidance on topic selection and research methods, as well as to give feedback on your work. It is not the advisor's duty to correct spelling mistakes or formatting errors - they will point such things out, but the responsibility remains with the student. Before a thesis will be accepted for defence, the advisor has to agree that it is of sufficient quality.
Almost any professor and lecturer you have met in your curriculum can act as an advisor of your thesis. Some of them have some open problems suitable for doing research and writing a thesis, but many may not have a topic to offer right away. It is usually more helpful to have an initial idea of a topic of your thesis and ask someone with interests in the related field to advise you. You can have an advisor not related to the university, but he can act only as a co-advisor and you need to agree to somebody related to the curricula or the leading institute of the curriculum to be an official co-advisor. All (co-)advisors must have at least a Master's degree.
When refining a topic idea, make sure it has a clear connection with cyber security.
Potential supervisors
- Olaf Maennel - network security, network monitoring, intrusion section, measurements (active & passive), IPv6 & IPv4 and address sharing technologies, future Internet technology & network virtualization, topology modelling/inference & traffic engineering, abstractions of networks for configuration management systems
- Rain Ottis - national cyber security, serious games in cyber security, cyber security exercises
- Risto Vaarandi - log collection and analysis, event correlation, network monitoring, security monitoring. Application for supervision requires passing the Cyber Defense Monitoring Solutions course with grade 4 or 5.
- Toomas Lepik - forensics, malware, anti-malware
- Hayretdin Bahsi - Cyber security of industrial control systems, security monitoring, cyber situational awareness, cyber threat intelligence, information sharing, organizational security issues (e.g. security in supply chain management, security operation centres), national cyber security governance (e.g national cyber security policies, national cyber security capabilities)
- Tiia Sõmer
- Truls Ringkjob - various
- Jüri Kivimaa - IT security economics, security cost optimization
- Bernhards Blumbergs - network security, exploit development, advanced threats, security evasion, IPv6
- Aleksandr Lenin: quantitative security risk analysis, security modelling (attack process graphs), security modelling patterns (e.g. attack patterns), analysis of strategic interactions of malicious decision makers, security games (game theory), security decision making and optimization, fuzzy metrics for security, fuzzy decision making and control, fuzzy security analysis, algorithms for security analysis (development, optimization, benchmarking), enhancing ISKE by integrating other analysis tools into the ISKE tool, social aspects of security (modeling and analysing social engineering attacks).
- Mauno Pihelgas - system monitoring, network monitoring, IDS/IPS systems, insider threat detection
Proposed topics
The topics below are offered by potential (co-)supervisors. The list is updated as new offers emerge.
From the TUT IT office
Infrastructure
- Migrating TUT Campus LAN to IPv6; Edgars Zigurs
- Implementing a freeware SIEM solution in TUT; Edgars Zigurs
- Campus WiFi quality and signal strength modeling (3D); Edgars Zigurs
Development
- electronic door signs, room calendars, etc.; Thomas Lepik
- VoIP solutions - softphone, integration with existing information systems; Thomas Lepik
- integrating last generation BMS (Building Management System); Thomas Lepik
- the student view of OIS (usability, security, re-design); Enn Rebane
From Olaf Maennel, Tallinn University of Technology, olaf.maennel@ttu.ee
- Please contact me for topics. In particular i'm interested in network security, network monitoring, intrusion detection, routing (BGP, IS-IS), measurements (active & passive), IPv6 & IPv4 address sharing technologies, future Internet technology & network virtualization, topology modelling/inference & traffic engineering, abstractions of networks for configuration management systems.
From Arnis Paršovs, University of Tartu, arnis@ut.ee
- Topic: On-the-fly encryption for car DVR
Task: Implement on-the-fly encryption functionality for Prestigio car DVR (by patching publicly available firmware - possibly by hooking write calls). Use of hybrid encryption is recommended, however, implementation of scrambling (e.g., XORing with a fixed key) might already be considered success. Describe the threat model, how it was done and how to use it.
- Topic: Parallel tallying for Estonian i-voting
Task: Describe security risks that could be reduced if election observers would be allowed to perform vote verification and counting using their computers. Propose changes to the i-voting procedures and develop parallel tallying reference implementation and test data set. Analyse new risks introduced and propose counter measures.
- Topic: Perfect Secrecy for TLS
Task: Create an Internet Draft proposing a TLS cipher suite or extension that would ensure perfect secrecy using one-time pad. Develop a proof-of-concept patch for OpenSSL/mod_ssl and Firefox. Analyze the security and usability, describe the use cases.
- Topic: TLS Session Resumption and ID card Authentication
Task: Study how TLS session resumption is implemented in browsers. Measure and compare the performance improvement TLS session resumption provides. Measure the performance impact if the TLS client certificate authentication is performed using a smart card.
From Hayretdin Bahsi, Tallinn University of Technology, hayretdin.bahsi@ttu.ee
I classified my interested topics as technical, organizational and strategic ones. I listed some interesting topics I have in my mind. If you already have specific topics, we can discuss them and decide to work together.
Technical Issues
- Security of Industrial Control Systems (ICSs)
Development of an ICS Security Testbed Development of ICS honeypots Analysis of attack types targeting ICS Evaluation of existing Intrusion Detection Systems in ICS Event correlation systems in ICS Forensics issues in ICSs.
- Situational Awareness and Cyber Threat Intelligence
- Analysis and comparison of cyber threat information sharing protocols - Privacy preserved sharing of cyber threat intelligence - Generation of threat profiles out of cyber exercises - Situational awareness outputs for tactical and strategic layers of organizations - Requirement analysis of nationwide cyber awareness system
Organizational Issues
- Framework for providing security in supply chain management
- Security framework for information sharing with third party entities
- Analysis of security operation center models
Strategic Issues
- High-level information flows and reporting mechanisms among the major entities of
national cyber security governance
- Maturity models for the analysis of national cyber security capability
TREsPASS project
- Research project: Technology-supported Risk Estimation by Predictive Assessment of Socio-technical Security
The project is also suitable for PhD research, following the completion of the Master's studies. Contacts: Dr Peeter Laud, Dr Jan Willemson, Aleksandr Lenin.
From Aleksandr Lenin, Cybernetica AS.
Contact e-mails:
aleksandr.lenin@ttu.ee
aleksandr.lenin@cyber.ee
From Aivo Kalu, Cybernetica AS
- Pilveteenuste ohuanalüüs ja võrdlus ISKE-ga
From Tanel Alumäe, Institute of Cybernetics
- Eestikeelse telefonikõne automaatne transkribeerimine
Task: Töö sisuks on kõnetuvastussüsteemi loomine, mis suudaks võimalikult hästi transkribeerida eestikeelset inimestevahelist spontaanset telefonikõnet. Süsteem implementeeritakse kasutades olemasolevat kõnetuvastusmootorit. Kõnemudelite treenimiseks kasutatakse suurt hulka käsitsi transkribeeritud telefonikõnesid. Töö suurimaks väljakutseks on treeningkorpuses olevate kõnetranskriptsioonide joondamine helisignaalidega, et võimaldada telefonikõne-spetsiifiliste mudelite treenimist.
- Võtmesõnade otsimine eestikeelsest telefonikõnest
Task: Töö käigus luuakse süsteem, mis suudab kiiresti leida inimestevahelisest eestikeelsest sponaansest telefonikõnest kohti, kus suure tõenäosusega esineb sõna mingist võtmesõnade hulgast. Süsteem implementeeritakse kasutades olemasolevat kõnetuvastusmootorit. Kõnemudelite treenimiseks kasutatakse suurt hulka käsitsi transkribeeritud telefonikõnesid. Töö suurimaks väljakutseks on treeningkorpuses olevate kõnetranskriptsioonide joondamine helisignaalidega, et võimaldada telefonikõne-spetsiifiliste mudelite treenimist. Töö teiseks väljakutseks on erinevate võtmesõnaotsingu meetodite testimine.
Formal Requirements and recommendations
There are no strict rules on formatting your thesis. Some general advice that is good to follow for a master thesis:
- a title page, an author declaration, an annotation in English and Estonian, a list of contents, and references are required in the thesis
- around 50 pages + appendixes if needed
- Times New Roman (or similar), font size 12, 1.5 spacing used for the ordinary text
- headings are numbered and no more than 3 levels used
- 2 bound hard copies are submitted, you will get one back afterwards. You also have to submit the license agreement granting TUT the right to store and publish the thesis.
- A soft copy of the thesis (in pdf format) and the thesis meta data sheet are sent to thesis@cs.ttu.ee.
The Cyber Defence Seminar (ITX8040) is designed to provide advice on the thesis requirements and writing process to Cyber Security Master's students.
Thesis defence
The thesis defence is typically held in early June. On a case-by-case basis, alternate thesis defence dates can and have been offered (for example, following the Fall semester).
The procedure for thesis defence is set by TUT regulations.
Declarations
In order to catch potential problems early, students are required to indicate their intent to defend (plus topic and advisor info) by the deadline set for each semester. This will be done over e-mail. Selected students will then be assigned a date for an informal pre-defence that is designed to provide them feedback.
Before a student can proceed to the thesis defence, they have to declare the thesis topic in OIS and get approval from their advisor. The deadline for handing in the final version of the thesis (hardcopy and softcopy) is typically at least one week before the defence deadline.
Reviewer
Each thesis will be assigned a reviewer. The reviewer must have at least a Master's degree and relevant knowledge or experience in the field of the thesis topic, and they must not have a conflict of interest (such as being members in the same research group). Students and advisors may recommend reviewer candidates, but the final assignment will be done by the thesis defence committee.
A reviewer will provide written feedback on the thesis, which includes some questions to the student (which will be asked and answered at the defence) and a preliminary grade proposal.
The defence procedure
On the day of defence, students will be heard according to the announced schedule. Generally, the results will be announced at the end of the day.
The defence procedure for each student consists of the following steps:
- the committee Chairman announces the name of the student, the topic of the thesis, and the names of the advisor(s) and reviewer.
- the student presents his or her thesis in 15 minutes.
- the student answers the reviewer's questions and the reviewer recommends a grade. This recommendation may differ from the preliminary recommendation, based on how successful the defence was.
- the student answers questions from the committee.
- the student answers questions from the audience.
- the advisor gives his or her opinion of the thesis and recommends a grade.
NB! The recommended grades by the reviewer and the advisor are not binding to the committee, who make the final decision.
Useful links
Some advice and requirements for writing a thesis in UT
Some advice and requirements for writing a thesis in TUT (in Estonian)
Databases, books, research papers accessible from the TTU network