Author Archives: user469294

Kapo eavesdropped on Savisaar outside criminal procedure

kaitsepolitsei

Lawyers defending Edgar Savisaar are hopeful to kill criminal case against the Centre chairman with just one move – asking that the initial evidence, the basis for all the rest, be declared invalid. This would be the piece of information acquired by security police which afterwards triggered the whole criminal case – by eavesdropping a private conversation between then Mayor of Tallinn Mr Savisaar and Meriton Hotel owner Aleksander Kofkin at the Balalaika.

While talking about the food, a topic slipped in which made police ears perk up. [..] After years of eavesdropping on Mr Savisaar, this for the security police seemed to be a sign that the mayor was involved in issues outside of official responsibilities. [..] While Mr Savisaar is contesting that, the main issue is the method of acquiring the information may not have been legally justified and thus the basis for all the rest of the case would fall off.

In Estonia, security agencies are allowed to eavesdrop on people and institutions outside criminal procedure to prevent danger and in the interests of security. For this, special permission is granted by an expert administrative judge. All related information and related issues (such as statistics) is state secret.

Years of eavesdropping without having a right to ever find it out, and overall statistics being a state secret. As EFF says: When electronic searches are done in secret, we lose our right to challenge the legality of law enforcement invasions of privacy.

Links:
http://news.postimees.ee/3785723/lawyers-of-savisaar-see-ray-of-hope

Estonian Internet voting system to be rewritten from scratch

1 Reply

e-voting_estonia

The new system should provide end-to-end verifiability features:

The current software, created in 2004, needs overhaul as the gradual updates (such as adding the Mobile-ID capacity and others) have rendered the grasp on the source code structure challenging. “The new system will be more universal, allowing more possible applications, in addition to using it for Estonian nation-wide elections and referendums – such as internal elections of large corporations, local government polls and also abroad,” said Tarvi Martens, chairman of Estonian Electronic Voting Committee.

The voting procedure will remain the same for the voter and the source code will remain open. “The planned changes will allow the observers to keep an eye on how the stored e-votes will become election results more efficiently, based on mathematical proof,” Martens explained. “In other words, mathematics will prevail over the human factor. Technical proof allows us to control the system with much more efficiency,” he added.

The full cost of the first contract is 236 800 euros (VAT excluded). The bid was open to all EU entities and received bids from three companies. Cybernetica has won the bid for developing the Estonian electronic voting system, entailing a renewal of the system for the local government elections in October 2017.

Links:
http://uudised.err.ee/v/eesti/fe86efd4-9811-48cc-ae2b-234acd4e6c60/vabariigi-valimiskomisjon-soovib-e-haaletamise-susteemi-uuesti-ules-ehitada
https://cyber.ee/en/news/cybernetica-selected-to-renew-estonian-internet-voting-software/

Database with non-anonymized judicial decisions available online

Leave a reply

Riigi_Teataja_anonymization_failure

Estonia features a punishments register with misdemeanours and crimes listed by all people. For the benefit of potential employers, for instance. Then there is a judicial decisions database where expired crimes can often still be detected. In these two, names and other data of victims and witnesses are almost never found – the occasional typo excluded. Turns out, there is a third database with judicial decisions prior to 2006. In it, glaring problems are obvious regarding personal data protection, as it holds details of entire criminal acts as well as names of criminals, victims, witnesses and experts. At times, names of close relatives are included, and home addresses at the time.

Estonian Data Protection Inspectorate PR-adviser Maire Iro agrees and says and claims people responsible at State Gazette (Riigi Teataja) database have repeatedly been notified of the problem. The justice ministry press rep Maria-Elisa Tuulik said the data has been uploaded pursuant to old legislation and the people had the right, and still do, to apply to relevant courts for removal of their data in such instances. Ms Tuulik admits people might have difficulty doing that and have insufficient knowledge. She cites the excessive amount of manual labour required to sort out the data. They may thus take it all offline as public interest is waning anyway, with time passing.

For some of the decisions State Gazette has tried to anonymize personal data, but using ineffective technical means (see picture above).

Links:
http://news.postimees.ee/3762007/the-national-victims-register
https://www.riigiteataja.ee/kohtuteave/kohtulahendite_otsing/kriminaalasjad.html
https://www.riigiteataja.ee/docs//public/dokument_279468.pdf

Privacy concerns over fingerprint collecting from e-residents

Leave a reply

Biometric data of all individuals who have applied for or own Estonian identity cards, irrespective of whether they are national identity documents or digital identity documents meant exclusively for e-identification, are stored in digital database, archived and retained for 50 years (in case of e-residency, this is done to avoid conferring duplicate identities to one person).

From the perspective of e-residents, this is immaterial — the digital identity documents issued do not serve as travel documents, as has been established above. Nevertheless, due to the fact that under the Estonian Identity Documents Act the term “digital identity card” denotes both the e-IDs of nationals as well as e-residents’ e-ID cards, the requirement of biometric identifiers also applies to both.

Drawing on the aforementioned, the authors of the given chapter claim that the failure to differentiate between the two types of documents leads to unnecessary collection of biometric data that is in contradiction with the Data Protection Directive Article 6 principles of purpose and proportionality.

Biometrics as security technology cannot be “thrown in” for good measure, as Estonia seems to have done, without proper analysis of risks for the protection of fundamental rights and freedoms, not considering whether the purpose to be achieved could not be achieved by less intrusive means.

The practice is indeed questionable, since in case EU citizen applies for Estonian residency, the objective of “avoiding conferring duplicate identities to one person” is achieved by less intrusive means without fingerprints being collected.

Links:
http://link.springer.com/chapter/10.1007%2F978-3-319-26896-5_4

Kapo ex-employee convicted for allowing access to state secrets

Leave a reply

kapo_state_secrets

A former employee of the Internal Security Service (ISS) was given a prison sentence for enabling illegal access to state secrets, spokespeople for ISS said. The man had taken home confidential documents.

The verdict against Aleksandr Gontšarov, 54, entered into force on Wednesday. Gontšarov, who had retired five years ago, was detained on Jan. 6 and taken into custody two days later. He admitted his guilt during the pre-trial investigation.

The first-tier Harju County Court found him guilty of enabling illegal access to state secrets and sentenced him to two years and four months, six months of which were to be served immediately and the rest not required if he did not commit a new offense within a probation period of two years and six months. Gontšarov didn’t appeal.

Gontšarov had worked in different positions in the security police between 1994 and 2011. In September 2011 he took home various documents and data storage media that were in his hands in connection with his job. He kept them in the apartments he owned in Tallinn, thereby allowing the materials to be unlawfully accessed by persons not cleared for access to state secrets.

From the wording it reads that Gontšarov did not deliberately leak state secrets to third persons. Then the question is who were the persons that got the access. Random relatives of Gontšarov or Russian intelligence officers?

KAPO annual review 2016 mentions the case:

According to the court judgement, before leaving employment in September 2011, he took documents and data media containing state secrets, which he had in his possession for work-related purposes, out of the Internal Security Service’s secure area. He kept them outside of the secure area, in the apartments he owns in Tallinn, thus enabling unauthorised people without a need to know to have illegal access to state secrets.

And provides picture of boxes full of Estonian state secrets lying about the household of Alexander Goncharov:

Links:
http://news.err.ee/v/news/0df30636-2772-459e-9f1f-2d7147d5efe2/ex-iss-member-convicted-for-allowing-access-to-state-secrets
https://kapo.ee/sites/default/files/public/content_page/Annual%20Review%202016.pdf

Interdisciplinary Cyber Research (ICR) workshop 2016

Leave a reply

TTU_centre_for_digital_forensics_and_cyber_security

2nd of July, 2016 — Tallinn, Estonia

The aim of the workshop is to bring together young as well as established scholars undertaking research in various disciplines related to information and communication technologies such as computer sciences, political and social sciences, and law.

Agenda:
09:00 – Opening words, Ms Anna-Maria Osula & Prof Olaf Maennel
09:10 – Keynote, “On Artificial Intelligence and Steering the Future”, Mr Jaan Tallinn
10:05 – Keynote, “Artificial Intelligence: Will Judges and Lawyers Ever Enter the 20th Century (Never Mind the 21st Century)?”, Mr Stephen Mason
11:00 – Coffee Break

11:30 – 13:00 SESSION 1: Use and Abuse of the Internet
Maarja Pild, “Liability for Posting, Liking, Tagging, Sharing or Doing Nothing at All on Facebook”
Lolita Berzina, “Application of the Right to Be Forgotten and the Jurisdiction in Internet”
Eva Vīksna, “Taming the Online Environment – Protection of Copyright on the Internet”
Mari Kert-Saint Aubyn, “Case Study: Ukrainian Electrical Grid Hack”

11:30 – 13:00 SESSION 2: Technology and Emerging Threats
Hayretdin Bahsi, “Mission Impact Assessment of Cyber Threats”
Ismail Melih Tas, Basak Gencer Unsalver, “Our Proposed SIP – Based Distributed Reflection Denial of Service (DRDoS) Attacks & Effective Defense Mechanism”
Johann David Krister Andersson, “Using Internet Protocol Packet Visualization to Support Defence Exercise Debriefing”
Huishi Yin, “Implementation and Evaluation of Kano-like Models Using Data from Online Sources”

13:00 – Lunch
14:00 – 15:30 SESSION 3: Crime and Digital Technologies
Andra Siibak, “”People Who Defend Their Homeland”: Reasons and Motivations for Joining an Anti-Immigration Group on Facebook”
Tõnu Mets, “Admissibility of Digital Evidence”
Tiia Sõmer, “Visualising Cyber Crime based on the E-Crime Project: Mapping the Journeys of Cyber Criminals”
Margus Ernits, “How to Educate the Defenders of Cyberspace”

14:00 – 15:30 SESSION 4: Internet of Things
Michael Hua, “Security Analysis: NFC Tags and Signature RTD”
Petko Stefanov, “An Analysis of Security Flaws in the NFC Communication Protocol of Modern Mobile Devices”
Prescient Kannampuzha, “Security Investigation of a CAN Bus IoT Network Implementation and its Interface to the Internet”
Michael Bassi, “Engineering Change Management for Industrial Control System Security”

15:30 – Coffee break
15:50 – 17:00 SESSION 5: E-Governance
Gerli Aavik, “The Electronic Identification and Trust Service Regulation (EIDAS): An Analysis of its Compatibility with the Estonian E-Government System (EES)”
Sandra Särav, “E-Residency as the Estonian E-Government Éclat: How More Security Can Result in Less Privacy”
Nenin Hadzic, “Determining Specifications of Secure Database Architecture for Use within Australian Online Government”
Osura Jayasundara, “Recommendation of a Unified ID System for E-Government of Australia”

15:50 – 17:00 SESSION 6: Identity Theft and Verification
Torsten Schmickler, “Biometrics: the Future of Identity Verification”
Adrian Daniele, “Ethernet Device Anomaly Detection Using a Digital Fingerprint”
Olga Rodionova, “Medical Data Security of Wearable Fitness Devices”
Arnis Paršovs, “Security Analysis of Instant Messenger TorChat”

Registration deadline for non-authors is 27th of June 2016.

Links:
http://cybercentre.cs.ttu.ee/en/icr2016/

Legislation allows to open a bank account remotely

2 Replies

Parliament yesterday 88 votes in favor and no votes against adopted the amendments to the law that will give residents and e-residents of Estonia the opportunity to open a bank account without visiting bank office. It will be possible to open a bank account, for example, interacting with a representative of bank through a video call. Identification of a person is still a need for identity document in the home country, but the opening of an account becomes much more comfortable this way.

Some limits will be applied for this mode of authentication. Individual persons each month will be able to transfer money in the amount of up to EUR 10 000, but legal persons up to EUR 25 000.

Links:
http://geenius.ee/uudis/riigikogu-vottis-vastu-seaduse-mis-lubab-pangakontot-avada-ilma-kontorisse-minemata
https://www.siseministeerium.ee/en/news/draft-legislation-allows-open-bank-account-without-going-bank-branch

Court decision on alleged SMIT account blocker

Leave a reply

Tor-Anonymity-Tor-path

We wrote about the case before. Here is a summary of court’s decision:

According to the first-level Harju County Court decision, Mart Pirita (45) was pleaded guilty for disrupting the remote services of Ministry of the Interior (SM). According to the verdict, he used anonymous Tor network to enter multiple wrong passwords for 14 users, thereby blocking their access to the infrastructure.

The actions were qualified according to Penal Code paragraph 207 part 1 for “Illegal interference with or hindering of the functioning of computer systems by way of uploading, transmitting, deleting, damaging, altering or blocking of data”.

Pirita’s attorney Raul Ainla challenged the qualification of the alleged crime. In county court’s opinion, the qualification was correct, since Mart Pirita entered without lawful permission wrong passwords for 14 user accounts, by which their accounts were disabled, interfering the functioning of the computer system for SM employees.

The first-level court’s decision was appealed and District Court of Tallinn made a decision, that it was not possible to certainly establish a connection between Mart Pirita and the attacks.

In the initial verdict, it was claimed that the attack was performed through three IP addresses which are known to be Tor exit nodes. Furthermore, it was established that Pirita downloaded Tor software from Debian repository (ftp.ee.debian.org). In addition, according to Pirita’s ISP Elion metadata logs, Pirita was connected to the Tor network approximately at the time of the attacks.

District court judged that the county court has incorrectly evaluated the evidence presented. Namely, the IP addresses, where the attacks were performed from, belong to the Tor exit nodes and thus the attacks were performed through Tor network. However, the county court did not consider the technology of the Tor network. Every connection through Tor network is established via random paths and are encrypted, thus it is impossible to know who is the initial source of the communication and what are the messages. Thus, even though Pirita connected to the Tor network, it is impossible to link him to the attacks from the exit nodes.

Additionally, the prosecuror Piret Paukštys claimed that, since on the Pirita’s hard drive was found file “cached-microdesc-consensus” which included the IP addresses of Tor exit nodes participating in the attack, it proves the connection between Pirita and the exit nodes. However, this claim was found to be false, since the file is a catalog of all public Tor nodes and is included in every Tor installation. Thus, every Tor user possibly could be behind the attack.

According to prosecutor, another evidence pointing to Pirita was that Pirita had Debian Linux installed in his virtual machine and attacker’s user agent “Mozilla/5.0 (Linux; U; Debian Linux; en-US; rv: 1.8.1.12) Gecko/20080201 Firefox/2.0.0.12” presented to the court has Debian Linux operating system in it.

However, Tiit Hallas, the head of information security of SMIT could not provide to the court any log file which backed the claim of this user agent being present. The claimant couldn’t even describe from which log file this user agent was given from and why the logs weren’t presented as evidence.

Finally, the court found that there is a clear discrepancy between the times in the log files provided as evidence. Firstly, according to ftp.ee.debian.org logs, Pirita downloaded Tor software on 17.08.2014 at 00:57. However, the attacks started on 17.08.2014 at 00:14. Elion’s metadata logs show that Pirita connected Tor network after attacks started. Furthermore, an independent expert from Estonian Forensic Science Institute (EKEI) Oliver Olt stated that there are no connections between Elion’s metadata logs and attacks in claimant’s logs. The expert added that he couldn’t explain how the attack could be performed which would correspond to the logs. Thus, by his opinion, the logs rather contradicted the prosecutor’s claim.

It was said that Pirita had motive to perform the attacks as he was fired from SMIT due to loss of trust. However, the management of SMIT acknowledged that he was not the only one to be fired for this reason. There were up to ten people who could have the motive to perform the attacks. Furthermore, the fact that the attacker knew correct access point is not sufficient to claim that it was performed by current or previous employee of SMIT.

Concluding these aspects, the district court decided that the indirect proof was not sufficient to claim the guilt of Pirita with high probability. According to previous National Court decision, if it is possible that there was anyone else who could have performed the attack, then the accused should not be convicted.

The district court reviewed the previous decision and acquitted Pirita. Additionally, he was compensated for the legal fees in the amount of 7500€. The fee for IT expertise was covered by the government. The disk copy of Pirita’s hard disk is to be destroyed to assure the privacy of Pirita.

The prosecutor did not appeal the district court’s decision.

Links:
https://www.riigiteataja.ee/kohtulahendid/detailid.html?id=180104716
http://www.delfi.ee/news/paevauudised/krimi/pevkuri-ja-vaheri-meilikontode-lukustamise-parast-kohtu-all-olnud-mart-pirita-oigeks-moistmine-on-nuud-loplik?id=74558039
http://www.postimees.ee/3149415/it-spetsialist-jai-ministeeriumi-arvutikontode-blokeerimises-suudi

Study on the lifecycle of cryptographic algorithms 2016

2 Replies

cybernetica_ria_crypto_algorithms_report

This study is a natural continuation of three previous studies conducted in 2011, 2013 and 2015. The fourth version of cryptographic algorithms life cycle study published on June 9, has more than 10 authors and has 163 reference source. The 2016 report is the first one in its sequence to be written in English, because the study is unique on a global scale, and the previous versions has been of great international interest.

The foreword of the report has been written by Anto Veldre:

The Dutch DigiNotar case in 2011 demonstrated the hard choices a country faces if a PKI supporting its government’s IT systems is compromised. [..] Therefore, it was decided in 2011 to assemble a scientific task force to analyse the problems and risks that reliance on cryptography is posing on the sustainable functioning of our society.

Among the usual topics in cryptography, there is quite revealing section “Cryptographic protocols over radio connection”. For example, there the authors find that Estonian public transportation cards are vulnerable to various kinds of Denial of Service and cloning attacks:

The transportation cards in Tallinn are built on MIFARE Classic, whereas in Tartu MIFARE Ultralight C cards are used. However, even though both of the cards support cryptographic authentication, this functionality is not used. In both cases, the protocol running between the card and the reader is essentially the same, consisting of transmitting the card’s unique ID and a signature. [..] While this measure prevents unauthorised parties from issuing new cards, it does not stop the card cloning attack. [..] Cloning a card that carries a monthly ticket causes direct financial loss to the transportation service provider and must hence be urgently addressed.

Even though the ID fields of transportation cards are not writeable, other fields may be. This is for example the case with Tartu bus cards that allow e.g. the signature field to be overwritten by a standard app working on a regular NFC-capable smartphone. As a result, the card will become invalid, giving us a potential Denial of Service attack.

The report analyzes different radio frequency card technologies used for physical access control. There are many problems – transparency issues, use of weak cryptography or no cryptography at all. The authors have also interviewed Hardmeier and G4S to study deployment issues. Some of the deployment issues revealed are quite disturbing:

Interview with a company installing NFC-based access control systems revealed that it is common practice to use same keys also in several installations, making e.g. door keys of one company work at the door of another company, too.

Links:
https://www.ria.ee/public/RIA/Cryptographic_Algorithms_Lifecycle_Report_2016.pdf
https://www.ria.ee/ee/eriik-2018-valmis-2016-aasta-kruptograafiliste-algoritmide-elutsukli-uuring.html
https://blog.ria.ee/ria-aastakonverentsi-i-sessiooni-otseblogi/

Cyber Security master’s theses defense in Tallinn University of Technology (June 2016)

1 Reply

logo_tut

Monday, June 6th 2016, Akadeemia Tee 15a, Room ICT-315.

Defense committee: Rain Ottis (chairman), Hayretdin Bahsi, Ahto Buldas, Andro Kull, Risto Vaarandi, Raimundas Matulevicius.
The grades received (in random order): 4,4,4,3,3,3,3,3,2,1,0.

Time: 09:00
Student: Ferenc Szalai
Title: Does Cyber Security Exercise Information Sharing Work?
Supervisor: Olaf Manuel Maennel
Reviewer: Lauri Palkmets

Time: 09:40
Student: Taavi Sonets
Title: Improving User Simulation Team Workflow in the Context of Cyber Defense Exercise
Supervisor: Elar Lang, Rain Ottis
Reviewer: Priit Raspel

Time: 10:20
Student: Karl Kristjan Raik
Title: Improving Web Attack Campaign Overview in Cyber Defense Exercises
Supervisor: Elar Lang, Rain Ottis
Reviewer: Jaan Priisalu

Break 11:00 – 11:10

Time: 11:10
Student: Eve N Hunter
Title: A Comparative Analysis of Cybersecurity Guidelines and Standards for Nuclear Power Plants
Supervisor: Rain Ottis, Harry Kantola
Reviewer: Sten Mäses

Time: 11:40
Student: Alvar Ristikivi
Title: Failover test measurements of load balanced infrastructure
Supervisor: Toomas Lepik
Reviewer: Risto Vaarandi

Break 12:20 – 13:00

Time: 13:00
Student: Kristo Kapten
Title: Threat Modeling framework for Home Gaming Consoles
Supervisor: Hayretdin Bahsi
Reviewer: Emin Caliskan

Time: 13:40
Student: Sho Yano
Title: Security Analysis on Healthcare IoT Project
Supervisor: Olaf Manuel Maennel
Reviewer: Andro Kull

Time: 14:20
Student: Juan Manuel Rodríguez López
Title: Security Risk Assessment To The Use Of Digital Charting In Colombia
Supervisor: Alexander Horst Norta
Reviewer: Olaf Manuel Maennel

Break 15:00 – 15:10

Time: 15:10
Student: Florian Gasteiger
Title: R3AD an architecture to include UAVs in National Airspace
Supervisor: Olaf Manuel Maennel
Reviewer: Toomas Lepik

Time: 15:50
Student: Nisham Kizhakkedathil
Title: A Study Into the Prospects of Implementing End-to-End Verifiability in Estonian I-Voting
Supervisor: Tanel Tammet, Vadims Žuravļovs
Reviewer: Arnis Paršovs

Time: 16:30
Student: Rando Kulla
Title: Migrating PDF signing to New KSI Format
Supervisor: Jaan Priisalu, Ahto Truu
Reviewer: Ahto Buldas

Tuesday, June 7th 2016, Akadeemia Tee 15a, Room ICT-315.

The grades received (in random order): 5,5,4,0,?,?,?,?,?,?,?

Time: 09:00
Student: Teet Laeks
Title: Raising the Awareness of Cyber Security Based on Estonian Defence Forces
Supervisor: Tiia Sõmer, Danel Apse
Reviewer: Andri Rebane

Time: 09:40
Student: Andres Sumin
Title: Evaluation method for cyber awareness course
Supervisor: Sten Mäses, Liina Randmann
Reviewer: Sten Mäses

Time: 10:20
Student: Kevin Lwakatare
Title: Contributions of Understanding and Defending Against Social Engineering Attacks
Supervisor: Anton Vedeshin
Reviewer: Alexander Horst Norta

Break 11:00 – 11:10

Time: 11:10
Student: Alexandria Elaine Farár
Title: A Deceptive Methodology Towards Early Detection of Advanced Cyber Threats
Supervisor: Hayretdin Bahsi, Bernhards Blumbergs
Reviewer: Risto Vaarandi

Time: 11:40
Student: Onur Aydin Korkmaz
Title: Comprehensive Analysis of Cyber Attacks and Malware Using Low- and High-Interaction Honeypot
Supervisor: Truls Ringkjob
Reviewer: Mauno Pihelgas

Break 12:20 – 13:00

Time: 13:00
Student: Mina Gerges
Title: Log Monitoring and Event Correlation on Microsoft® Windows™ Using Simple Event Correlator
Supervisor: Risto Vaarandi
Reviewer: Tiit Hallas

Time: 13:40
Student: Chen Zhuge
Title: C-Based Implementation of Logcluster, a Data Clustering and Pattern Mining Algorithm for Event Logs
Supervisor: Risto Vaarandi
Reviewer: Innar Liiv

Time: 14:20
Student: Morteza Fakoorrad
Title: Application Layer of Software Defined Networking: pros and cons in terms of security
Supervisor: Olaf Manuel Maennel
Reviewer: Truls Ringkjob

Break 15:00 – 15:10

Time: 15:10
Student: Zaghum Wahab Awan
Title: A GUI Simulator For WSNs Based Protocols with Energy Harvesting and Proposed Hash Based Mathematical Modelling for the Security
Supervisor: Truls Ringkjob
Reviewer: Hayretdin Bahsi

Time: 15:50
Student: Jaan Vahtre
Title: Detection of ransomware on Windows operating systems
Supervisor: Jaan Priisalu
Reviewer: Toomas Lepik

Time: 16:30
Student: Vjatšeslav Panov
Title: Implementation of a Hash Function for Portable Executable Based on Structural Information
Supervisor: Truls Ringkob
Reviewer: Toomas Lepik

Wednesday, June 8th 2016, Akadeemia Tee 15a, Room ICT-315.

Defense committee: Raimundas Matulevicius (chairman), Hayretdin Bahsi, Rain Ottis, Meelis Roos, Vitaly Skachek.

Time: 09:00
Student: Luis Carlos Herrera Velasquez
Title: A Comprehensive Instrument for Identifying Critical Information Infrastructure Services
Supervisor: Olaf Manuel Maennel
Reviewer: Hayretdin Bahsi

Time: 09:40
Student: Camilo Andres Pantoja Viveros
Title: Analysis of the Cyber Attacks against ADS-B Perspective of Aviation Experts
Abstract: The present paper has a profound literature review of the relation between cyber security, aviation and the vulnerabilities prone by the increasing use of information systems in aviation realm.
Supervisor: Olaf Manuel Maennel, Raimundas Matulevicius
Reviewer: Sten Mäses

Time: 10:20
Student: Santiago Andres Sarmiento Bernal
Title: Detection solution analysis for simplistic spoofing attacks in commercial mini and micro UAVs
Abstract: This work analysis several spoofing detection methods found in the open literature, and selects the ones which can be suitable for mini and micro UAV technical specifications and operational scenario, for proposing a GPS spoofing detection solution developed in the application layer of an open source code Ground Control Station software SDK.
Supervisor: Olaf Manuel Maennel, Raimundas Matulevicius
Reviewer: Juhan-Peep Ernits

Break 11:00 – 11:10

Time: 11:10
Student: Allyson Ivy Hauptman
Title: Designing Digital Forensics Challenges for Multinational Cyber Defense Exercises
Supervisor: Patrycjusz Zdzichowski, Rain Ottis
Reviewer: Toomas Lepik

Time: 11:50
Student: Luis Alejandro Velasquez Hurtado
Title: Colombia and the intelligence cycle in the 21st century, the digital age
Supervisor: Olaf Manuel Maennel
Reviewer: Rain Ottis

Break 12:30 – 13:20

Time: 13:20
Student: Didier Dubey Suarez Medina
Title: Assessment of Web-based Information Security Awareness Courses
Supervisor: Maria Claudia Solarte Vasquez
Reviewer: Rain Ottis

Time: 14:00
Student: Yuri Andrea Pinto Rojas
Title: Development of National Cyber Security Strategies (NCSSs), and an Application of Perspective to the Colombian Case
Supervisor: Maria Claudia Solarte Vasquez
Reviewer: Hayretdin Bahsi

Break 14:40 – 14:50

Time: 14:50
Student: Alex Uriel Duran Santos
Title: Organizational Interaction Mechanisms Affecting Strategic Decision-Making During Cybercrime Investigations
Supervisor: Maria Claudia Solarte Vasquez
Reviewer: Jaan Priisalu

Time: 15:30
Student: Carlos Arturo Martinez Forero
Title: Tabletop Exercise For Cybersecurity Educational Training; Theoretical Grounding And Development
Abstract: The purpose of this thesis is to suggest the improvement of potential and perceived weaknesses on the educational components of cyber security strategies, discussing awareness-training models with significant impact on the participants, focusing on strategic decision-making level personnel that could partake of cyber related incidents.
Supervisor: Maria Claudia Solarte Vasquez, Raimundas Matulevicius
Reviewer: Uko Valtenberg, Tarmo Tuisk

Links:
https://livettu-my.sharepoint.com/personal/elena_vaarmets_ttu_ee/_layouts/15/WopiFrame.aspx?guestaccesstoken=rRFwY2aM1FudPqoucCsEwNvjb2YvdduB4x%2bLFywQvpo%3d&docid=0c199fcd8c7204b8b908fa40ad8e14730&action=view
http://www.cs.ut.ee/sites/default/files/2016/loput88d/DEFENCE%20OF%20CYBER%20SECURITY%20CURRICULUM%20THESES_in%20Tallinn_2016.pdf