Author Archives: user469294

Cybersecurity related bachelor’s and master’s theses in University of Tartu 2015/2016

1 Reply

university_of_tartu_logo

Defense committee: Dominique Unruh (chairman), Siim Karus, Vitaly Skachek, Dirk Oliver Theis, Raimundas Matulevicius.

A Cost-Effective Approach to Key Management in Online Voting Scenarios
Abstract: Since smart cards both offer reasonable prices and expose an API for development, this document evaluates different approaches to implement threshold encryption over smart cards to support an electoral process.
Student: Sergio Andrés Figueroa Santos
Curriculum: NordSecMob (MSc)
Supervisor: Sven Heiberg, Helger Lipmaa, Tuomas Aura
Reviewer: Ivo Kubjas
Defense: 02.06.2016, 09:00, Liivi 2-405

Revision of Security Risk-oriented Patterns for Distributed Systems
Abstract: In this thesis, we target the secure system development problem by suggesting application of security risk-oriented patterns. The applicability of these security risk-oriented patterns is validated on business processes from aviation turnaround system.
Student: Silver Samarütel
Curriculum: Software Engineering (MSc)
Supervisor: Raimundas Matulevicius
Reviewer: Alexander Horst Norta
Defense: 02.06.2016, 09:00, Liivi 2-405

Role Based Access Control as SecureUML Model in Web Applications Development with Spring Security
Abstract: In order to support and simplify the model-driven approach for a web application development with Spring platform, realization of a concept plugin for Eclipse IDE is proposed. This plugin supports the recognition of Spring Security notations with capability to visualize the RBAC model on top of them.
Student: Andrey Sergeev
Curriculum: Cyber Security (MSc)
Supervisor: Raimundas Matulevicius
Reviewer: Henri Lakk
Defense: 02.06.2016, 09:00, Liivi 2-405

Secure and Efficient Mix-Nets
Abstract: This thesis studies a zero-knowledge shuffle argument proposed by J. Furukawa in 2005. Firstly, we provide a more detailed and easily readable description of the shuffle and shuffle-decryption zero-knowledge protocols than in the original paper. Secondly, we provide two new characterizations of a permutation matrix and two simple modifications of the shuffle protocol that reduce the computational complexity.
Student: Janno Siim
Curriculum: Computer Science (MSc)
Supervisor: Helger Lipmaa
Reviewer: Sven Laur
Defense: 02.06.2016, 09:00, Liivi 2-405

A Comprehensive Protocol Suite for Secure Two-Party Computation
Abstract: In some scenarios, a two-party model is a better fit when no natural third party is involved in the application. In this work, we design and implement a full protocol suite for two-party computations on Sharemind, providing an alternative and viable solution in such cases.
Student: Sander Siim
Curriculum: Computer Science (MSc)
Supervisor: Dan Bogdanov, Pille Pullonen
Reviewer: Dominique Unruh
Defense: 06.06.2016, 09:00, Liivi 2-405

An improved type system for a privacy-aware programming language and its practical applications
Abstract: he goal of this thesis is to make it easier to add protection domain kinds to the SecreC language by allowing the programmer to define the protection domain kind data types, arithmetic operations and type conversions in the SecreC language without changing the compiler.
Student: Ville Sokk
Curriculum: Computer Science (MSc)
Supervisor: Dan Bogdanov, Jaak Randmets
Reviewer: Vesal Vojdani
Defense: 06.06.2016, 09:00, Liivi 2-405

Energy Harvesting in Cooperative Communications
Abstract: Energy harvesting (EH) is a crucial technology for a variety of wireless systems that have limited access to a reliable electricity supply or recharging sources. In this thesis, the design of a multiple access relay system (MARS) using EH is considered.
Student: Akashkumar Rajaram
Curriculum: Cyber Security (MSc)
Supervisor: Nalin Jayakody, Vitaly Skachek
Reviewer: Bin Chen
Defense: 06.06.2016, 09:00, Liivi 2-405

Security of Eduroam Passwords
Abstract: The University of Tartu has decided that the university’s eduroam accounts will share the same user credentials as the rest of the university’s services. This could potentially be abused by exploiting weaknesses in wireless security in order to gain access to a user’s university account. The aim of this research was to uncover any such weaknesses.
Student: Raul-Martin Rebane
Curriculum: Computer Science (BSc)
Supervisor: Dominique Unruh
Reviewer: Meelis Roos
Defense: 06.06.2016, 09:00, Liivi 2-405

Applying a Security Testing Methodology: a Case Study
Abstract: This thesis aims to describe and apply a process necessary to verify the security of a web application. A checklist of security requirements was gathered combining OWASP ASVS web application security standard and OWASP Top Ten project.
Student: Karin Klooster
Curriculum: Computer Science (BSc)
Supervisor: Meelis Roos, Margus Freudenthal
Reviewer: Kritjan Krips
Defense: 08.06.2016

Word frequency based log analysis
Abstract: The purpose of this bachelor thesis is to explore if you can use word frequency based analysis for log files and find interesting events without knowing the log structure.
Student: Karl Lääts
Curriculum: Computer Science (BSc)
Supervisor: Meelis Roos
Reviewer: Artjom Lind
Defense: 08.06.2016

Randomly Distributed PIN Code Input Layout
Abstract: This thesis examines the possibility of reducing the visual security breach of PIN code input by randomising the input field.
Student: Rain Tõugjas
Curriculum: Computer Science (BSc)
Supervisor: Tauno Palts, Kristjan Krips
Reviewer:
Defense: 08.2016

Smart Home Hacking
Abstract: This work investigates the security and privacy issues found at an emerging smart home technology such as the CoSSMic platform.
Student: Suela Kodra
Curriculum: NordSecMob (MSc)
Supervisor: Danilo Gligoroski, Marie Moe, Dominique Unruh
Reviewer: Raimundas Matulevičius
Defense: 18.08.2016, 09:30, Liivi 2-403

Cache-Timing Techniques: Exploiting the DSA Algorithm
Abstract: This work explains some of the cache-timing techniques commonly used to exploit vulnerable software. Using a particular combination of techniques and exploiting a vulnerability found in the implementation of the DSA signature scheme in the OpenSSL shared library, a cache-timing attack is performed against the DSA’s sliding window exponentiation algorithm.
Student: Cesar Pereida Garcia
Curriculum: NordSecMob (MSc)
Supervisor: Billy Bob Brumley, Dominique Unruh, N. Asokan
Reviewer: Arnis Paršovs
Defense: 26.08.2016, 11:00, Liivi 2-403

Links:
https://comserv.cs.ut.ee/ati_thesis/index.php?year=2016
http://www.cs.ut.ee/sites/default/files/2016/loput88d/Kaitsmiste%20ajakava.pdf

IT Law Conference on Legal Technology

Leave a reply

it_law_conference_legal_technology

9:00 – Registration and Coffee
9:30 – Welcome and Introduction
Ülle Madise, Chancellor of Justice in Estonia
Helen Eenmaa-Dimitrieva, Director of the IT Law Programme, University of Tartu
9:45 – Keynote Address
Hannes Vallikivi, Chairman of the Board, Estonian Bar Association
10:15 – Innovative Technologies Influencing the Legal Sector
Ermo Täks, Associate Professor, Tallinn University of Technology
10:45 – Interoperability between IT and Law
Priit Parmakson, Architect, Estonian Information System Authority
11:15 – Blockchain Technology and the Law
Alex Norta, Associate Professor, Tallinn University of Technology
12:00 – Lunch Break
13:00 – IT Law Lab
Laura Kask, Legal Advisor at the Department of State Information Systems, Estonian Ministry of Economic Affairs and Communications
Ave Lauringson, Leading Specialist at the Information Society Unit, Estonian Ministry of Economic Affairs and Communications
Ave Piik, Head of the Intellectual Property and IT Law Commission, Estonian Bar Association; Head of IP/IT, COBALT
Karmen Turk, Litigation Attorney, Triniti Law Firm; Expert, Council of Europe; Visiting Lecturer in IT Law, University of Tartu
14:00 – Launch of the Legal Tech Competition
Hannes Vallikivi, Chairman of the Board, Estonian Bar Association
14:10 – 3-minute Pitches from Legal Startups
14:30 – Keynote Address: From Research to Innovative Legal Tech Products
Anna Ronkainen, Chief Scientist and Co-Founder, TrademarkNow
15:30 – Coffee Break
16:00 – Compliance and Digitalization. Launch of MyFondia Legal Platform
Bradley Mitchell, Senior Legal Counsel, Fondia
Anti Kodar, Managing Director, Fondia Baltic
17:00 – The Future of Legal Services
Risto Hübner, Chief Legal Officer, Nortal; Founder, Estonia Legal Hackers (Moderator)
Bradley Mitchell, Senior Legal Counsel, Fondia
Anna Ronkainen, Chief Scientist and Co-Founder, TrademarkNow
Tanel Erik Podar, Legal Counsel, Fortumo
Hannes Vallikivi, Chairman of the Board of the Estonian Bar Association
17:45 – Closing Remarks
Anne Veerpalu, Visiting Lecturer in IT Law, University of Tartu; Associate Partner, NJORD Law Firm; Founder, Estonian Legal Hackers
18:00 – Networking and Snacks

Links:
http://www.oi.ut.ee/en/studies/it-law-conference-legal-technology

RIA Cyber Security Report 2015

Leave a reply

RIA_cybersec_report_2015

Some insights:

2015 proved that the continuity of vital services can be affected, or even crippled, by simple ransomware campaigns that weren’t even intended to disrupt those services.

Around-the-clock manned monitoring of Estonian cyberspace has taken place since the summer of 2015. We also adopted new and improved monitoring technologies.As a result of the around-the-clock monitoring, we have prevented, discovered, and reacted to signifcantly more security incidents than in past years.

In 2015, the lessons learned from the CyberHEDGEHOG 2015 exercise, the amendment of the Emergency Act, and the adoption of the European Union Network and Information Security Directive (NIS) confrmed the need for a clear cyber security law that takes into account modern conditions.

In 2015 we became convinced about the necessity of thoroughly analysing both the legal questions associated with using cloud technologies and the risks connected to the integrity and confidentiality of data being processed in the cloud as well as the need to develop sufficient security measures to minimise those risks.

While European Union structural funds have been a welcome source of support for Estonian cyber security development, and indeed for the whole country’s IT development, it is clear that this situation is not sustainable for the country in the long term.

Links:
https://www.ria.ee/public/Kuberturvalisus/2015-RIA-Annual-cyber-report.pdf

Russian special forces operated fake GSM base station in Pärnu

Leave a reply

imsi-catcher_Parnu

In April 2015 NATO brought their special forces to Estonia for a secret NATO exercise. In the days that followed Russia unleashed a series of aggressive counter measures to monitor their exercises.

Estonian signals intelligence quickly discovered an IMSI-catcher – a false cell phone tower in the local cellular network. NATO believes that the Russians attempted to identify the key NATO personnel.

Classified NATO report: “The ghost tower came online briefly twice during the day. It overtook all local towers and hijacked all the local recipients before it dropped offline.”

Links:
https://www.aldrimer.no/claims-russian-special-forces-are-operating-inside-estonia/
http://news.postimees.ee/3680481/experts-say-lion-s-share-of-nato-leak-is-hot-air
http://tehnika.postimees.ee/3682041/drooniluureskandaal-eestlaste-koned-on-rangelt-kapo-kontrolli-all

District Court acquits alleged Ministry of the Interior user account blocker

Leave a reply

ministry_of_the_interior_estonia

The District Court of Tallinn acquitted Mart Pirita (45), who was accused of locking down the e-mail accounts of the Minister of the Interior Hanno Pevkur and the Director General of Police and Border Guard Board (PPA) Elmar Vaher, because his guilt was not proved.

The District Court overruled the previous verdict by Harju County Court. The Harju County Court convicted Pirita and imposed a financial penalty of 270 daily rates, which is EUR 13’159.80.

The Prosecutor’s Office accused the ex-employee of IT and Development Centre at the Estonian Ministry of the Interior (SMIT) of illegal disrupting of computer systems by entering data. According to accusation, in August 2014 Pirita entered without permission different incorrect passwords for 14 user accounts in SM jurisdiction, which resulted in these user accounts being blocked. The attack was performed through TOR network which allows using the Internet anonymously and hide one’s tracks. The accusation noted that Pirita may have been motivated by the termination of his employment contract.

Presenting as a witness in the court, Tiit Hallas, the head of information security of SMIT described to the court that TOR network is used by child pornography and malware distributors. During the attack an IP address belonging to the company E-Positive.ee owned by Mart Pirita was logged into the TOR network.

The District Court found that the County Court made mistakes in evaluating the evidence and accidentally attested that the act was performed by Mart Pirita. Only the fact that Mart Pirita used the TOR network is not sufficient, as anyone using the network at that time could have performed the illegal act. The evidence collected by the prosecutor do not show direct relation to the act. The District Court admitted that several circumstances hinted that the blocker was related to SMIT but this is not enough for convicting someone. There are no direct evidence and indirect evidences are weak, found the District Court.

Links:
http://www.postimees.ee/3657891/ringkonnakohus-moistis-oigeks-hanno-pevkuri-ja-elmar-vaheri-vaidetava-meilikontode-lukustaja

Supreme Court declares mediation of Bitcoins subject to anti-money-laundering supervision

Leave a reply

bitcoin_logo

Yesterday’s verdict put an end to longstanding doubts whether trades with the cyber money should be treated as economic activity requiring special permit or not – in a landmark stand, Supreme Court declared mediation of Bitcoins an economic activity subject to anti-money-laundering supervision.

Uku Tampere, Police and Border Guard Board press representative:

For ordinary people buying or selling cryptocurrency in occasional transactions for own use, the Supreme Court judgement essentially alters nothing. However, when an individual begins to publicly offer cryptocurrency mediation service, he needs to apply for activity licence and meet the requirements prescribed by Money Laundering and Terrorist Financing Prevention Act.

Links:
http://news.postimees.ee/3652435/supreme-court-subjects-bitcoins-trade-to-money-laundering-rules
http://news.err.ee/v/business/5659f790-778f-4710-807e-782281aff8a0/supreme-court-bitcoin-has-financial-value-hence-trading-it-to-be-considered-economic-activity

Estonian Internal Security Service (KaPo) Yearbook 2015

Leave a reply

kapo_yearbook_cybersecurity

In providing cyber security, the objective of the Internal Security Service is to identify cyber-attacks that could have been initiated by a foreign state or may threaten national security. The Information System Authority, the Estonian Information Board and the Police and Border Guard Board play an important role in the national cyber security community.

ISS doesn’t have much to inform us about. The section “Cyber Security” on page 22 and 23 contains mainly compilation of cyber security best practices.

Defacement and denial-of-service attacks can also become parts of sending a message to the enemy, i.e. influence operations. Some Estonian websites were defaced with Daesh symbols and messages in 2015. Although this was part of a global marketing campaign, it could also be regarded as a message to Estonian society.

Links:
https://kapo.ee/sites/default/files/public/content_page/Annual%20Review%202015.pdf

Plan to regulate private detective market

Leave a reply

private_detective

In February 29th interior ministry sent interest groups a letter inquiring about how many private detectives there might be in Estonia and how the domain ought to be regulated.

Mr Rüütel says almost everything is currently possible with help of public registers, but it is complicated to the absurd. For instance, anyone may have recourse to population register, pay €5 and ask is some definite individual has a mother and a father. «If they should answer that yes but they are dead, then I have a new question: do they have sisters or brothers. But for that I will again need to pay five euros. This is ridiculous,» said Mr Rüütel.

Pursuant to the Security Service Act in force, security companies are forbidden to provide private detective services i.e. security and private detective business cannot be combined. «For us, this is questionable. I think these services definitely should not be mutually exclusive,» said Mr Kuusik.

But if a law is created, he says it should grant expanded rights to private detectives. «The law makes no sense if covert photographs are not allowed in public space, which is a much needed service to collect evidence. The same with recording etc,» listed Mr Kala.

Links:
http://news.postimees.ee/3611981/private-detectives-behold-business-boom-on-horizon

Cyber Security Summer School 2016: “Digital Forensics — technology and law”

Leave a reply

cybersecurity_summerschool_estonia

July 3-8, 2016, Estonian Information Technology College, Tallinn

Cyber Security Summer School 2016 is organised by Information Technology Foundation for Education in collaboration with Tallinn University of Technology, University of Tartu and The University of Adelaide.

Speakers:
• Hein Dries-Ziekenheiner
• Jeffrey Moulton (LSU)
• Merike Kaeo (Double Shot Security)
• Pavel Gladyshev (University College Dublin)
• Stephen Mason (www.stephenmason.eu)

Timeline:
Applications open until May 9, 2016
Confirmation of admission by May 23, 2016

Monday, July 4
09:00 – 10:00 Opening of the Summer School
Welcoming words by Erki Urva, Chairman of the Board of HITSA
Introduction of the speakers and mentors by organizers Olaf Maennel and Helen Eenmaa-Dimitrieva
11:15 – 13:00 “Introduction to Electronic Evidence”, “Evidential Foundations and Authenticity” Stephen Mason and Hein Dries-Ziekenheiner
14:00 – 16:00 “Forensic Tools” Pavel Laptev

Tuesday, July 5
09:30 – 11:00 “Case assessment and Interpretation in digital forensic casework” Didier Meuwly
11:15 – 13:00 “Social media, big data, internet forensics” Hein Dries-Ziekenheiner
14:00 – 16:00 Exercise “State of Connecticut v Julie Amero” Stephen Mason and Hein Dries-Ziekenheiner

Wednesday, July 6
09:00 – 09:30 “Application to court” Stephen Mason
09:30 – 11:00 “Network Forensics As Evidence: What Can You Trust and What Is Admissible in a Court of Law” Merike Kaeo
16:15 – 17:30 “IT Forensics: Why post-mortem is dead. Whay over preserving evidence is bad.” Tobias Eggendorfer

Thursday, July 7
14:15 – 16:00 “This is Personal”, “Risk Management Framework” Jeffrey Moulton
16:15 – 18:00 “Frameworks for International Cyber Security” Eneken Tikk-Ringas

Friday, July 8
09:15 – 11:00 First Round of Moot Court
14:00 – 16:00 Best groups in a Public Moot
16:00 – 16:30 Summary and closing of the Summer School

Links:
http://studyitin.ee/c3s

Report of Estonian Information Board: International Security and Estonia in 2016

Leave a reply

teabeamet_logo

In cyberspace, Russia is the source of the greatest threat to Estonia, the European Union and NATO. Estonia is a target of hostile cyber acts both as an individual country, and as a member of the EU and NATO.

Cyber operations and cyber warfare have become a part of modern warfare.

Page 45 has section “Cyber threats”. Two pages of text contain no new information.

Links:
http://www.teabeamet.ee/pdf/2016-en.pdf