Cyber Security master’s theses defense in Tallinn University of Technology (May 2018)

Monday, May 28th 2018, Akadeemia Tee 15a, Room ICT-315.

Time: 09:30
Student: Kristiina Renel
Title: Compliance with EU Personal Data Protection Framework in the Context of Public Sector Logging
Supervisor: Kaie Maennel
Supervisor: Kristjan Kikerpill
Reviewer: Andro Kull

Time: 10:10
Student: Belgin Tastan
Title: Securing Systems and Networks Using Deceptions With Cyber Kill Chain Methodology
Supervisor: Ahmed Tauseef
Reviewer: Risto Vaarandi

Time: 11:00
Student: Raquel Tabuyo Benito
Title: Forensic Analysis of a Steam Based Online Game
Supervisor: Hayretdin Bahsi
Reviewer: Jens Getreu

Time: 11:40
Student: Kim Vahturov
Title: Using Indicators of Compromise to Automate Incident Triage. Proof of Concept
Supervisor: Toomas Lepik
Supervisor: Lauri Palkmets
Reviewer: Hayretdin Bahsi

Time: 13:00
Student: Alejandro Guerra Manzanares
Title: Application of Full Machine Learning Workflow for Malware Detection in Android on the Basis of System Calls And Permissions
Supervisor: Hayretdin Bahsi
Supervisor: Sven Nõmm
Reviewer: Toomas Lepik

Time: 13:40
Student: Romet Saaliste
Title: Estonian Government Related Challenges in Protection of Personal Data
Supervisor: Olaf Maennel
Reviewer: Birgy Lorenz

Time: 14:20
Student: Moira Gabriella Nguegaum
Title: A Structured Approach to the Identification of IPV6 Vulnerabilities in IPV4-only Local Area Networks
Supervisor: Olaf Maennel
Reviewer: Bernhards Blumbergs

Time: 15:20
Student: Stefano Panarese
Title: Nessuno: A Friend-to-Friend Anonymous Communication Protocol
Supervisor: Olaf Maennel
Reviewer: Ahto Buldas

Time: 16:00
Student: Amirhossein Akbari
Title: A Novel Approach for Securing HTML5 Client-Side Database, INDEXEDDB
Supervisor: Olaf Maennel
Reviewer: Aleksander Lenin

Tuesday, May 29th 2018, Akadeemia Tee 15a, Room ICT-315.

Time: 09:30
Student: Andres Rauschecker
Title: User-Oriented Privacy Enhancements for Web-Browsers
Supervisor: Olaf Maennel
Reviewer: Hayretdin Bahsi

Time: 10:10
Student: Artur Luik
Title: The Design and Implementation of Automated Vulnerability Application Framework
Supervisor: Tanel Tetlov
Reviewer: Toomas Lepik

Time: 11:00
Student: Daniele Mucci
Title: TED – The ELF Doctor. A Container Based Tool to Perform Security Risk Assessment for ELF Binaries
Supervisor: Bernhards Blumbergs
Reviewer: Toomas Lepik

Time: 11:40
Student: Aleks Koha
Title: Impact Assessment of an EU GDPR Self-Assessment Qestionnaire on Entrepreneurs
Supervisor: Sten Mäses
Supervisor: Anu Baum
Reviewer: Tiia Sõmer

Time: 13:00
Student: Kayode Olaitan Omotoye
Title: Business Process-Based Cyber Risk Assessment Using Healthcare System as Case Study
Supervisor: Hayretdin Bahsi
Reviewer: Alexander Norta

Time: 13:40
Student: Mari Jääger
Title: Developing Records of Processing Activities in a Small Enterprise
Supervisor: Priit Raspel
Reviewer: Raimundas Matulevicius

Time: 14:20
Student: Simo Antero Hurttila
Title: From Information Security to Cyber Security Management – ISO 27001 & 27032 Approach
Supervisor: Andro Kull
Reviewer: Kaie Maennel

Time: 15:20
Student: Aditya Raj Das
Title: Comparing Battery Consumption of Malware Scanning Applications
Supervisor: Hayretdin Bahsi
Reviewer: Sten Mäses

Time: 16:00
Student: Danny Lopez Murillo
Title: A Balanced Lab for Teaching Ethical Hacking to Undergraduate and Graduate Students
Supervisor: Hayretdin Bahsi
Reviewer: Sten Mäses

Wednesday, May 30th 2018, Akadeemia Tee 15a, Room ICT-315.

Time: 09:30
Student: Sille Laks
Title: Basic cyber security awareness training in a paramilitary organization (RESTRICTED)
Supervisor: Sten Mäses
Supervisor: Markko Liutkevičius
Reviewer: Rain Ottis

Time: 10:10
Student: Andres Elliku
Title: Scalable Course on Cyber Attack Detection
Supervisor: Margus Ernits
Reviewer: Mauno Pihelgas

Time: 11:00
Student: Javid Asadli
Title: Proposing Action Plan in Cyber Security Capacity Building for Azerbaijan
Supervisor: Tiia Sõmer
Supervisor: Leyla Aliyeva
Reviewer: Sten Mäses

Time: 11:40
Student: Even Langfeldt Friberg
Title: The Cyber-Insurance Market in Norway: An Empirical Study of the Supply-Side and a Small Sample of the Maritime Demand-Side
Supervisor: Hayretdin Bahsi
Supervisor: Ulrik Franke
Reviewer: Birgy Lorenz

Time: 13:00
Student: Nishaant Verma
Title: Comparative Analysis of Online Privacy and Security Concerns Between Generation Y and Generation Z in North India: A Pilot Study
Supervisor: Hayretdin Bahsi
Supervisor: Mare Teichmann
Reviewer: Maria Claudia Solarte Vasquez

Time: 13:40
Student: Taimur Tufail
Title: Comparing the National Cyber Security Framework of Pakistan with India and United Kingdom
Supervisor: Hayretdin Bahsi
Reviewer: Tiia Sõmer

Time: 14:40
Student: Fernando Rafael Garcia-Granado
Title: Cybersecurity Knowledge Requirements for Non-IT Strategic Level Decision Makers
Supervisor: Hayretdin Bahsi
Reviewer: Andro Kull

Time: 15:20
Student: Hindrek Baum
Title: Detection of VLAN Hopping Attacks Using Switch’s Monitoring Options
Supervisor: Jaan Priisalu
Reviewer: Aleksander Lenin

Cyber Security Summer School 2018: “Maritime Cyber Security”

11-15 June 2018, Tallinn, ESTONIA, Estonian Maritime Academy

This year’s Cyber Security Summer School will focus on maritime cyber security. With experts from maritime sector, marine technology industries and cyber security establishments, the Summer School will give an overview of the tools and communications used in shipping industry, discuss their vulnerabilities and also introduce new trends in autonomous shipping and its dangers and risks.

Program
MONDAY, June 11th
8:00-9:00 Registration. Breakfast
09:00 Welcoming words and opening of Summer School by Organizers
10:00 Opening keynotes: TBD
12:00 Lunch
13:00 – 15:30 (room I) Track 1: Traditional maritime communication and navigation methods for Cyber Security Students (including GPS spoofing, Navigation messages, AIS etc).
13:00 – 15:30 (room II) Track 2: Ship Hacking Demo & introduction to cyber security for seafarers.
15:30 Coffee break
16:00 – 16:45 Practical exercises (e.g., HF call interception)
16:45 – 17:00 Feedback and closure for the first day

TUESDAY, June 12th
09:00 Breakfast
09:30 Modern methods – autonomous ship, sat voms, loT by D4V team
12:00 Lunch
13:00 Afternoon at Mektory joint event with Cyber Spike Competition. Tour in Mektory
14:00 Human factors & OSINT by Jenny Radcliffe & Lisa Forte
15:15 Panel Discussion on Maritime Cyber Security by Jeff Moulton and Jenny Radcliffe
16:00 Winners of CyberSpike and cake by Birgy Lorenz

WEDNESDAY, June 13th
09:00 Breakfast
A broader look at other sectors with experience:
09:30 Car hacking & forensics
10:15 Cyber Security in Aviation and joint efforts to secure the transportation industry from a regulator perspective by Gerry NGU EASA & European Centre for Cybersecurity in Aviation (ECCSA).
10:45 Coffee Break
11:00 Real-world malware stories by Anders Carlsson & Alex
12:00 Lunch
13:00 Political and cyber-warfare aspects of maritime cyber security by Joe Burton
14:30 Coffee break
15:00 Fake-GPS and Fake-Nav-chart attacks
15:30 TBD by Jeff Moulton
16:00 Practical exercise: cyber warfare exercise preparation by Mentors
19:00 Gala dinner

THURSDAY, June 14th
09: 00 Breakfast
09:30 Practical exercises in EMERA simulators
12:00 Lunch
13:00 Practical exercises in EMERA simulators
15:00 Coffee break
15:30 Practical exercises in EMERA simulators
16:30 Feedback and discussion by Organizers

FRIDAY, June 15th
09:00 Breakfast
09:30 Friendly student competition in EMERA simulators. Mentors
12:00 Lunch
13:00 – 14:00 Feedback and conclusions of the summer school by organizers

Links:
http://www.studyitin.ee/c3s2018/

Interdisciplinary Cyber Research (ICR) workshop 2018


9th of June, 2018 — Tallinn, Estonia

The aim of the workshop is to bring together young as well as established scholars undertaking research in various disciplines related to information and communication technologies such as computer sciences, political and social sciences, and law.

You can participate as a speaker (submitting an abstract+delivering a presentation) or simply join our wonderful audience. Speakers are requested to submit a 1000-word abstract.

Timeline:
Call for abstracts deadline: 9 April 2018 at Easychair
Notification of authors: 16 April 2018
Registration open until: 4 June 2018

Keynotes:
Head of Computer Emergency Response at University of Cambridge Mr Kieren Nicolas Lovell – “Command, Control & Communications within Cyber Incidents”

ICR2018 registration is open until 4th of June 2018: (be sure to register early, both last years’ events have been fully booked)

Links:
http://cybercentre.cs.ttu.ee/icr2018/

ID card “The Lessons We Learned” conference

Estonian Information System Authority (RIA) is organising an international conference on 9th of May in 2018 in Tallinn (Tallinn Creative Hub – Kultuurikatel) to discuss the impact and consequences of the security risk found in the Infineon chips in autumn 2017 by the researchers at Masaryk University in the Czech Republic.

The aim of this conference is to bring together parties affected by the security risk to discuss our lessons, experiences and responsibility, because the security flaw affected many companies and countries in Europe as well as elsewhere in the world. If possible, we aim to agree on a joint plan of follow-up activities or a memorandum to provide input to different authorities who establish regulative rules. Researchers from Masaryk University have announced their participation in the conference – they will make an opening presentation about their research.

The conference is aimed at policymakers as well as specialists in the eID field, opinion leaders, representatives of authorities and companies that are dependent on the functioning of Estonian ID-cards and e-services, developers of e-government and IT systems, and other parties related to the issue from both Estonia and Europe.

Agenda:
09.30-10.00 Delegate registration opens. Welcome coffee
10.00-11.30 Welcome and Opening of the Conference / Session 1
• Welcome by moderator Andres Kütt
• Welcome speech by the Prime Minister Jüri Ratas
• The goal of the research (ROCA vulnerability ) – Petr Svenda, the University of Masaryk
• The influence and the distinctness on Estonian ID-card and its use – Taimar Peterkop, the head of Information System Authority
• The examples of actions of different countries – Ulrich Latzenhofer, Austrian Regulatory Authority for Broadcasting and Telecommunications
11.30-12.00 Coffee break
12.00-13.30 Session 2
• Lessons we learned (Estonia) – Rain Ottis, Associate Professor at Tallinn University of Technology
• The contract of ID-card – who´s responsible of what? – Kaija Kirch, Police and Border Guard Board, ID expert
• Discussion How did we manage and what to do better next time? Expert panel lead by Rain Ottis. Attending: Kaija Kirch, Margus Arm, Ilmar Raag
13.30-14.30 Lunch
14.30-16.30 Session 3
• eIDAS perspective of the ROCA vulnerability – Security Expert and Information Security Officer, Marnix Dekker, ENISA
• Lessons we learned (global view) – Liisa Past, Chief research officer, Information System Authority
• Lessons we learned (Commission view) – Andrea Servida, European Commission
• Discussion What can we do better in the future? Expert panel lead by Liisa Past. Attending: Marnix Dekker, Andrea Servida, Ulrich Latzenhofer, Petr Svenda
• Conference conclusion by moderator Andres Kütt
16.30-17.30 Goodbye coffee and networking

Links:
https://lessonslearned.publicon.ee/conference-agenda/

Study on the lifecycle of cryptographic algorithms 2017

This year we have ordered and will publish cryptographic algorithms life cycle report in parts. The first part is now available.

The first and the most important chapter gives overview of the current state of algorithms.

The second chapter writes about the cryptographic side of the last fall ID card crisis. The report describes what happened, what was done and how on the cryptographic side the new solution (elliptic curves) for ID cards works.

The third chapter gives overview of block-chain technologies and in addition provides Estonian-language terminology for block-chain related English terms.

The report has been ordered by RIA and written by Cybernetica researchers Ahto Buldas, Jan Willemson and Arne Ansper.

Links:
https://blog.ria.ee/ria-kruptouuring-id-kaart-ja-plokiahelad/
https://www.ria.ee/public/RIA/kruptograafiliste_algoritmide_elutsukli_uuring_2017.pdf
https://geenius.ee/uudis/nsa-usub-et-eesti-id-kaart-peaks-vastu-pidama-ka-kvantarvuti-runnakule/

Computational Law & Blockchain Festival 2018

The first annual Computational Law & Blockchain Festival (#clbfest2018) is a three-day global event bringing together coders, designers, lawyers, policymakers, researchers, and students to co-create the future of law, legal practice, and policy. In the spirit of decentralization, the Festival will be hosted at independent, self-organized nodes in cities around the world.

DETAILED SCHEDULE (amended):

16 March 2018 @ Näituse 13a-201, Tartu

COFFEE OFFERED

10:15-11:45 TRACK LEARN
Electronic signature and enforceability of electronic contracts in civil law countries
Presentor: attorney Liisi Jürgen, NJORD Law Firm, lecturer of the IT Law Master´s programme

COFFEE BREAK

12:00-13:30 TRACK LEARN
Digital identities, e-residency and e-wallets – identity and digital footprint
Presentors: attorney Anne Veerpalu and attorney Liisi Jürgen, NJORD Law Firm, lecturers of the IT Law Master´s programme

13:30-15:00 TIME FOR A BREAK
(no lunch is offered by Legal Hackers)

15:00-15:45 TRACK LEARN
Decentralization and innovation ecology – what type of ecology is needed for legaltech to accelerate it innovation? Introducing many technologies which in themselves are not going to revolutionize everything.
Presentor: Michael Gallagher

COFFEE BREAK

16:00-17:30 SESSION 3: COMPUTERIZED LAW
Visualisation of law: An Automated Legal Content Capture and Visualisation Method (Automaatne meetod õigusteabe hankimiseks ja visualiseerimiseks)
Presentor: Ermo Täks, PhD (Computer Science, TTÜ)

17:30- 18:15 SESSION 3: INTRO TO SMART CONTRACTS (pre-recorded)
TBA
Presentor: Dr. Martin Ploom, who has worked for the last years for Man Investments, Credit Suisse and UBS in In-house Consulting / Project Management roles. He is an MBA, Dipl. Inf., Ms. Ec. and finished CFA Level III in 2010. He has been a crypto currencies enthusiast since Autumn 2012.

17 March 2018 @ Näituse 13a- 201, Tartu

COFFEE OFFERED

10:15-11:45 TRACK LEARN
Virtual currencies: legal and tax issues
Presentor: attorney Priit Lätt, PWC Legal, lecturer of the IT Law Master´s programme

11:45-13:00 TIME FOR A BREAK
(no lunch is offered by Legal Hackers)

13.00 – 13:30 INTRO TO HACK TRACK WILL TAKE PLACE @ Näituse 13A, TARTU

24h Hackaton – participants are welcomed to either listen to the next LEARN TRACK SESSION 3 or go to a separate location to work with their team
Hackaton location: J. Liivi 2 – 111, Institute of Computer Science, University of Tartu
Open from 1 pm on 17th March
Coffee break at 3 pm- 3.30 pm
Moderator: Stanislav Degtjarjov, Agrello.io

GLOBAL HACKATON registration available here:
https://docs.google.com/forms/d/e/1FAIpQLScQPaWitG8GKZ0xTdipHptwZlBeH9atPGjScI5768pRl5mC0w/viewform

LOCAL HACKATONS introduced at SESSION 2 and 1 pm on 17th March @ Näituse 13a, Tartu

13:30-16:00 TRACK LEARN/DISCUSS

SESSION 3: Blockchain Computing & Its Security Challenges

* Miao ZhiCheng, from decentral.ee, ex Skyper, ex. Twilion – “Blockchain computing vs. traditional computing – an overview”
* Dr. Marlon Dumas “Automating Business Processes With Smart Contracts”
* Agrello team : “Smart contracts technical standards”
* (recorded video) Dan Selman, from claus.io, “Accord Project – The Techno-Legal Standards”
* Risto Alas from Guardtime – “the DAO and the vulnerabilities discovered in Ethereum smart contracts”
* Taimo Peelo, “Ethereum Honeypots”
PANEL led by Miao ZhiCheng

16:15-16:45 TRACK LEARN
Tax issues at ICO and post-ICO
Presentor: attorney Elvira Tulvik, MAGNUSSON

Links:
https://www.meetup.com/Estonia-Legal-Hackers/events/247447020/

Estonian intelligence chief invites hackers to work


The Estonian Foreign Intelligence Service (Välisluureamet) was previously known as the Estonian Information Board (Teabeamet).

This world is very fast and very good experts are required. Your homepage, which has become a little more informative recently, suggests that you are also looking for new people?
Of course we are looking. Do not we compete on the same market as other public authorities and the private sector? If we are talking about a big data or a better use of public sources in obtaining our information, then everyone with this competence is very much in demand.

At the end of the annual report (Estonian version), I found one challenge. These who can solve this could work for you?
Since we have a publication once a year, where we talk about our work openly, we also intended to use this publication to expand our recruiting field. If people reach to the last page of the document, then there may be some who can solve the puzzle and send the solution to us. I can not guarantee that the solution ensures a job, as other processes need to be followed. However, it definitely shows that the person has competence and analytical mind in cryptography.

You are giving interviews that would have been a big surprise many years ago. You reject the public myths about intelligence work. Your agency publishes puzzles to find potential employees. What is the future of your agency?
Yes, over the last few years, we have come out of the shadows and closer to the public. My clear view is that if you are not in the picture then you do not exist. However, if we want to recruit the best specialists, it is very difficult to find people for an institution that does not exist. Of course, we must at the same time be aware of security, but these risks can be handled. But in the future of intelligence, there are two keywords: co-operation and technology.

Crypto challenge:

Signal intelligence was able to capture an encrypted message: SDZROZDBITGNUMYNSF
However, the receiver was unable to decrypt the message and the message was transmitted again: YHDRCRLBUTIPUCMFGF

Questions:
(a) What was content of the message
(b) What key was used to encrypt

The solutions can be sent to info@valisluureamet.ee with topic “Nuputamisülesanne”

The crypto challenge seems just as a way to get attention. We are living in times where end-point exploitation is the tool to obtain intelligence. The capability to break ancient substitution cipher is unlikely to help.

Links:
https://geenius.ee/uudis/eesti-luurejuht-kutsub-toole-hakkereid-see-elus-ainulaadne-voimalus/
https://news.err.ee/681856/estonian-intelligence-chief-threat-of-direct-russian-military-attack-low
https://www.valisluureamet.ee/pdf/raport-2018-ENG-web.pdf
https://valisluureamet.ee/pdf/raport-2018-EST-web.pdf
https://news.postimees.ee/4404323/russia-looking-for-agents-of-influence-in-estonia

Cyber Security master’s theses defense in Tallinn University of Technology (January 2018)

January 8th, 2018, Akadeemia Tee 15a, Room ICT-315.

Time: 10:00
Student: Silvia Väli
Title: Analysis of Electron-based applications to identify XSS flaws escalating to code execution in open-source applications
Supervisor: Olaf Manuel Maennel
Reviewer: Bernhards Blumbergs

Time: 10:40
Student: Juhan Kaalep
Title: The Status, Reasons And Perspective of Cyber Security of Estonian SME-s in the Context of the Cyber Essentials Scheme
Supervisor: Andro Kull
Reviewer: Tiia Sõmer

Time: 11:20
Student: Tiiu Mamers
Title: The Art and Science of Information Security Investments for Small Enterprises
Supervisor: Olaf Manuel Maennel
Reviewer: Andro Kull

ETV showed sensitive information on the screen

On Tuesday, “Ringview” had the episode in which the reporter Jüri Muttika traveled around the editorial office of ERR and asked ETV TV presenters to demonstrate their handwriting. An embarrassing error by the video editors allowed the frame to be broadcasted, which contained “Terevisiooni” file transfer protocol (FTP) username and password, hence allowing everyone to view the content on the servers.

The clip shows that the TV presenters tried to hide their notebooks and computer screens from the camera, which makes it especially embarrassing – basically everyone was able to watch broadcast materials.

The error in ERR was quickly recognized and now the password should be changed. The topic is also up in Facebook IT-man’s group, where the IT people write jokingly: “No such user and password do not really hide anything.”

Wouldn’t we expect the ETV internal FTP server to be firewalled from the external world?

Links:
http://publik.delfi.ee/news/kino/sajandi-teleaps-ringvaade-naitas-ekraanil-tundlikku-siseinfot?id=80476232

State confiscates first criminally obtained bitcoins

The employees of the Criminal Police organized crime department in the summer arrested a young man living in Estonia who sold large amount of different drugs on the darkweb. With the help from the cybercrime unit of the Central Criminal Police, the bitcoins earned from the sale of drugs were also obtained, which, by the present moment, based on the county court order have been confiscated. The information about the amount of bitcoins sized is not available.

According to the Prosecutor General Vahur Verte, it is true that identifying the owner of the crypto money and tracking the movement of money is more complicated, but certainly not impossible.

How did the police technically size the bitcoins? Were they transfered to state-owned bitcoin wallet? Who paid for the transaction fees?

Links:
https://geenius.ee/uudis/eesti-riik-arestis-esimesed-kuritegelikul-teel-saadud-bitcoinid/