Tag Archives: Ahto Buldas

Cyber Security master’s theses defense in TalTech (May 2021)

Cyber Security curriculum MSc theses defences on May 27th 2021 (online):

Time: 10:00
Student: Tarvo Arikas
Title: Streaming event correlation and complex event processing using open-source solutions
Supervisor: Risto Vaarandi
Reviewer: Mauno Pihelgas

Time: 10:40
Student: Janno Arnek
Title: Improving cybersecurity level of Estonian small and medium sized enterprises through coordination with national level
Supervisor: Sille Laks
Reviewer: Anna-Maria Osula

Time: 11:50
Student: Tedel Baca
Title: Critical infrastructure protection in the Republic of Kosovo: A policy-analysis on the protection of electric-energy and water-supply sectors
Supervisor: Mika Kerttunen, Kristine Hovhannisyan
Reviewer: Adrian Venables

Time: 12:30
Student: Risto Kasepuu
Title: Designing an artifact to support cybersecurity policy development in small and medium enterprises
Supervisor: Mika Kerttunen, Andro Kull
Reviewer: Adrian Venables

Time: 13:20
Student: Dariana Khisteva
Title: A proposal of integrating open-source IDS into vessel’s bridge network
Supervisor: Olaf Maennel, Gabor Visky
Reviewer: Risto Vaarandi

Time: 14:00
Student: Stanislav Mekinulashvili
Title: Sniffing encrypted BLE traffic after changing connection parameters, using low-cost hardware that captures only one channel at a time
Supervisor: Olaf Maennel
Reviewer: Toomas Lepik

Time: 14:40
Student: Yazeed Basim Aeadah Alhaddad
Title: Ghost Injection Attack on Automatic Dependent Surveillance-Broadcast Equipped Drones Impact on Human Behavior
Supervisor: Erwin Orye
Reviewer: Jaan Priisalu

Cyber Security curriculum MSc theses defences on May 28th 2021 (online):

Time: 10:00
Student: Juan Manuel Delgado Garcia
Title: Forensic Analysis of Privacy-Oriented Cryptocurrency Wallets
Supervisor: Hayretdin Bahsi
Reviewer: Pavel Tsikul

Time: 10:40
Student: Faisal Sumaila
Title: Extraction and Analysis of Forensic Artifacts from Automotive Maintenance Applications
Supervisor: Hayretdin Bahsi
Reviewer: Matthew Sorell

Time: 11:50
Student: Yoshihisa Furushita
Title: Sources of artifacts in video
Supervisor: Matthew Sorell, Pavel Tšikul
Reviewer: Richard Matthews

Time: 12:30
Student: Kärte Pärend
Title: Forensic Traces of Messaging Applications on Android and iOS Mobile Phones
Supervisor: Sten Mäses, Priit Lahesoo
Reviewer: Matthew Sorell

Time: 13:20
Student: Karoliina Koppel
Title: Securing Software Supply-Chain Using OWASP Application Security Verification Standard: A SimplBooks Case Study
Supervisor: Toomas Lepik
Reviewer: Andrew Roberts

Time: 14:00
Student: Rooya Karimnia
Title: Culturally-Sensitive Instructional Design Of A Cybersecurity Awareness Program For High School Students In Iran, Hormozgan
Supervisor: Kaie Maennel, Mahtab Shahin
Reviewer: Stefan Sütterlin

Cyber Security curriculum MSc theses defences on May 31th 2021 (online):

Time: 10:00
Student: Jelizaveta Vakarjuk
Title: Converting a post-quantum signature scheme to a two-party signature scheme
Supervisor: Ahto Buldas, Jan Willemson
Reviewer: Ahto Truu

Time: 10:40
Student: Esteban Josue Ramirez Rojas
Title: Preserving Information’s Integrity and Confidentiality with Blockchain in the Service Supply Chain
Supervisor: Jaan Priisalu, Alex Norta
Reviewer: Nikita Snetkov

Time: 11:50
Student: Ali Ghasempour
Title: HTTP based Network Intrusion Detection System by Using Machine Learning-Based Classifier
Supervisor: Risto Vaarandi, Alejandro Manzanares
Reviewer: Hayretdin Bahsi

Time: 12:30
Student: Mauricio Antonio Duarte Lara
Title: Prototyping A Serious Game On Information Manipulation
Supervisor: Maria Claudia Solarte Vasquez, Adrian Venables
Reviewer: Rain Ottis

Time: 13:20
Student: Madis Männik
Title: Smart meter threat detection based on log analysis
Supervisor: Gabor Visky
Reviewer: Risto Vaarandi

Time: 14:00
Student: Alex Bindevald
Title: Cyber security at schools – challenges, oppurtunities and needs for CTF-solution
Supervisor: Birgy Lorenz
Reviewer: Tiia Sõmer

Cyber Security master’s theses defense in TalTech/UT (August 2020)

Defences of master theses of Cyber Security curriculum on August 17th 2020. The defences will take place online.

Time: 9:30
Student: Tarmo Oja
Title: X-ROAD TRUST MODEL AND TECHNOLOGY THREAT ANALYSIS
Supervisor: Ahto Buldas, Mari Seeba
Reviewer: Aleksandr Lenin

Time: 10:10
Student: Nikita Snetkov
Title: PRACTICAL IMPLEMENTABILITY OF TWO-PARTY ECDSA SIGNATURE SCHEMES
Supervisor: Ahto Buldas
Reviewer: Aleksandr Lenin

Time: 10:50
Student: Liubomyr Kushnir
Title: BENCHMARKING OF POST-HOC LOCAL INTERPRETABILITY METHODS FOR CLASSIFYING MALICIOUS TRAFFIC
Supervisor: Hayretdin Bahsi, Sven Nõmm
Reviewer: Pavel Tšikul

Time: 12:00
Student: Timm Jeff E Luyten
Title: RAISING CYBER AWARENESS WITH NON-IT PROFESSIONALS WORKING IN A HOME OFFICE ENVIRONMENT USING A PILOT VIDEO GAME CONCEPT
Supervisor: Birgy Lorenz
Reviewer: Sten Mäses

Time: 12:40
Student: Andrew J Roberts
Title: Development of a cybersecurity evaluation test bed for autonomous self-driving vehicles
Supervisor: Olaf Maennel
Reviewer: Tobias Eggendorfer

Time: 13:20
Student: Ilkin Huseynov
Title: THE ANALYSIS OF THE CURRENT CYBER SECURITY ACTIONS TAKEN IN THE E-GOVERNMENT OF AZERBAIJAN AND PROPOSAL OF THE IMPROVEMENT PLAN
Supervisor: Mika Kerttunen
Reviewer: Adrian Venables

Time: 14:15
Student: Andres Pihlak
Title: CONTINUOUS DOCKER IMAGE ANALYSIS AND INTRUSION DETECTION BASED ON OPEN-SOURCE TOOLS
Supervisor: Mauno Pihelgas
Reviewer: Kristian Kivimägi

Time: 14:55
Student: Eduard Iltšuk
Title: Two-Party ECDSA Protocol for Smart-ID
Supervisor: Arnis Paršovs
Reviewer: Jan Villemson

Time: 15:35
Student: Aivo Toots
Title: Zero-Knowledge Proofs for Business Processes
Supervisor: Peeter Laud
Reviewer: Marlon Dumas, Janno Siim

Cyber Security master’s theses defense in TalTech (May/June 2020)

Defence of master theses of Cyber Security curriculum on May 28th 2020 online

Time: 10:00
Student: Cheng-Yu Lu
Title: Analyse Journal of XFS Filesystem for Assisting in Event Reconstruction
Supervisor: Pavel Laptev
Reviewer: Hayretdin Bahsi

Time: 10:40
Student: Simon Victor Jean Laurent Brun
Title: Comprehensive Digital Forensics Analysis of Smart Home Environment
Supervisor: Hayretdin Bahsi, Pavel Tšikul
Reviewer: Matthew Sorell

Time: 11:20
Student: Shaymaa Mamdouh Mohammed Radwan Khalil
Title: Analysis of Windows 10 Hibernation File
Supervisor: Hayretdin Bahsi, Pavel Tšikul
Reviewer: Matthew Sorell

Time: 12:40
Student: Kevin Patric Schmidt
Title: EXTRACTION OF FORENSIC ARTIFACTS FROM HOME ROUTERS
Supervisor: Hayretdin Bahsi
Reviewer: Matthew Sorell

Time: 13:20
Student: Weerarathna Patabendige Samoda Abeydeera
Title: Fileless Malware Detection in Cloud Environment Using Machine Learning Techniques
Supervisor: Alejandro Guerra Manzanares
Reviewer: Sven Nõmm

Defence of master theses of Cyber Security curriculum on May 29th 2020 online

Time: 10:00
Student: Andreas Jürimäe
Title: The Effectiveness of DMARC and Usage of DMARC in Estonian Government Institutions
Supervisor: Kieren Lovell
Reviewer: Dan Heering

Time: 10:40
Student: Liubomyr Kushnir
Title: Benchmarking of Post-hoc Local Interpretability Methods for Classifying Malicious Traffic
Supervisor: Hayretdin Bahsi, Sven Nõmm
Reviewer: Alejandro Manzanares

Time: 11:20
Student: Huu Phuc Nguyen
Title: Research Method in Detecting Swapped Face Image and Video Forgery
Supervisor: Matthew Sorell
Reviewer: Pavel Tšikul

Time: 12:40
Student: Rohin Sambath Kumar
Title: Analyzing the Face Value of Fake Accounts in Online Social Networks
Supervisor: Birgy Lorenz
Reviewer: Adrian Venables

Time: 13:20
Student: Mykyta Zaitsev
Title: Developing learning pathways for massive open online courses by the example of the rangeforce cyberskills training platform
Supervisor: Olaf Maennel, Margus Ernits
Reviewer: Birgy Lorenz

Time: 14:00
Student: Martin Chmelař
Title: Utilizing Mitre att&ck to Create Adversary Reports of Live-fire Cybersecurity Exercises for Feedback Purposes
Supervisor: Olaf Maennel
Reviewer: Rain Ottis

Time: 14:40
Student: Ilkin Huseynov
Title: The Analysis of the Current Cyber Security Actions Taken in the e-Government of Azerbaijan and Proposal of the Improvement Plan
Supervisor: Mika Juha Kerttunen
Reviewer: Adrian Venables

Time: 15:20
Student: Belgin Tastan
Title: Comparing the Security Assessment Models on the Detection of Critical Vulnerabilities in Web Services
Supervisor: Mika Kerttunen, Andro Kull
Reviewer: Pavel Tšikul

Defence of master theses of Cyber Security curriculum on June 1st 2020 in ICT-315 (closed defences) & online

Time: 10:00
Student: Juri Kononov
Title: Network Policy Management is Service Rich Environment
Supervisor: Olaf Maennel, Jaan Priisalu
Reviewer: Mart Järvi, Uko Valtenberg

Time: 10:40
Student: Maria Toomsalu
Title: Vulnerability Analysis of an Organisation on the basis of a Semi-Formal Model
Supervisor: Peeter Laud, Jaan Priisalu
Reviewer: Aleksandr Lenin

Time: 11:20
Student: Kaarel Allemann
Title: Effects of the New Integration Design on the KOLT Security
Supervisor: Ahto Buldas
Reviewer: Aleksandr Lenin

Time: 14:00
Student: Fernando Gonzalo Bauzá Sáinz De Baranda
Title: How to Mess with Log Collectors and Analyze their Response in Microsoft Networks with an Example of the Elk Stack
Supervisor: Toomas Lepik
Reviewer: Risto Vaarandi

Time: 14:40
Student: Andres Pihlak
Title: Continuous Docker Image Analysis and Intrusion Detection Based on Open-source Tools
Supervisor: Mauno Pihelgas
Reviewer: Kristian Kivimägi

Time: 15:20
Student: Maarja-Liisa Tammepõld
Title: Securing the centralized logging system by the example of Elasticsearch
Supervisor: Toomas Lepik
Reviewer: Risto Vaarandi

Defence of master theses of Cyber Security curriculum on June 2nd 2020 online

Time: 10:00
Student: Kadri Cahani
Title: Aligning Information Security Risks with Strategic Goals
Supervisor: Hayretdin Bahsi
Reviewer: Kaie Maennel

Time: 10:40
Student: Martin Leppik
Title: Improving AWS S3 Security at a Medium-sized Company: Challenges and Solutions
Supervisor: Hayretdin Bahsi
Reviewer: Tiia Sõmer

Time: 11:20
Student: Karl Lubja
Title: Systematic Generation of Cyber Attack Scenarios Against A Ship
Supervisor: Hayretdin Bahsi
Reviewer: Olaf Maennel

Time: 12:40
Student: Illia Petrash
Title: User Behaviour During Covid-19 from the Perspective of a Telco Server
Supervisor: Olaf Maennel
Reviewer: Toomas Lepik

Time: 13:20
Student: Rishikesh Ram Shankaran
Title: Comparative Study on Perception and Preparedness of a User Towards Cybersecurity Threats in IoT and Mobile Devices
Supervisor: Stefan Sütterlin
Reviewer: Eneken Tikk

Time: 14:00
Student: Ilja Šmarjov
Title: OWASP secure coding practices checklist and training: assessment of effectiveness in a technology company
Supervisor: Olaf Maennel
Reviewer: Margus Ernits

Time: 14:40
Student: Marvin Uku
Title: Evaluation method for smart home and smart grid authentication protocols
Supervisor: Olaf Maennel
Reviewer: Hayretdin Bahsi

Time: 15:20
Student: Sania Akif Malik
Title: The Effect of Interindividual Differences in Metacognitive Accuracy on Cybersecurity Decisions
Supervisor: Stefan Sütterlin
Reviewer: Mika Juha Kerttunen

Cyber Security master’s theses defense in TalTech (January 2020)

January 9th, 2020, Akadeemia Tee 15a, room ICT-411.

Time: 10:00
Student: Deniz Basar
Title: Uniqueness Criteria for Blockchain Type Distributed Ledgers
Supervisor: Ahto Buldas
Reviewer: Aleksandr Lenin

Time: 10:40
Student: Kristian Kivimägi
Title: Predicting students’ success using technical labs as part of university admission to a cyber security program
Supervisor: Kaie Maennel, Olaf Maennel
Reviewer: Stefan Sütterlin

Time: 11:20
Student: Alessandro Mirani
Title: User Behavior Analysis for Predictive Virtual Reality Applications: An Ethical and Data Security Perspective
Supervisor: Aleksei Tepljakov, Hayretdin Bahsi
Reviewer: Eduard Petlenkov

Cybersecurity related bachelor’s and master’s theses in University of Tartu 2018/2019 (June)

The defences are taking place on the first and second week of June.

Student: Ivo Pure (Cyber Security MSc)
Title: An Automated Methodology for Validating Web Related Cyber Threat Intelligence by Implementing a Honeyclient
Supervisor: Risto Vaarandi, Raimundas Matulevicius
Reviewer: Alejandro Manzanares

Student: Bruno Didier Produit (Cyber Security MSc)
Title: Optimization of the ROCA (CVE-2017-15361) Attack
Supervisor: Arnis Paršovs
Reviewer: Jan Villemson

Student: Kärt Padur (Cyber Security MSc)
Title: Information Security Risk Assessment in the Context of Outsourcing in a Financial Institution
Supervisor: Raimundas Matulevičius, Liis Rebane, Toomas Vaks
Reviewer: Andro Kull

Student: Marek Matsalu (Cyber Security MSc)
Title: The Development of Digital Forensics Workforce Competency on the Example of Estonian Defence League
Supervisor: Raimundas Matulevičius, Hillar Põldmaa
Reviewer: Hayretdin Bahsi

Student: Pubudini Gayanjalie Dissanayake (Cyber Security MSc)
Title: A Comparison of Security Risk Analysis in the In-house IT Infrastructure and Cloud Infrastructure for the Payment Gateway System
Supervisor: Hayretdin Bahsi, Raimundas Matulevičius
Reviewer: Alexander Horst Norta

Student: Lukáš Bortník (Cyber Security MSc)
Title: Mobile Phone Digital Evidence Providers to Investigate Driver’s Distraction
Supervisor: Pavel Laptev, Satish Narayana Srirama
Reviewer: Matthew Sorell

Student: Mari Seeba (Conversion Master in IT)
Title: A Specification of Layer-Based Information Security Management System for the Issue Tracking System
Supervisor: Raimundas Matulevičius, Ahto Buldas
Reviewer: Meelis Roos

Student: Doris Sarapuu (Conversion Master in IT)
Title: Penetration Testing of Glia’s Web Application
Supervisor: Kristjan Krips, Carlos Paniagua
Reviewer: Riivo Talviste

Student: Kaspar Kala (Conversion Master in IT)
Title: Refinement of the General Data Protection Regulation (GDPR) Model: Administrative Fines Perspective
Supervisor: Raimundas Matulevičius, Jake Tom
Reviewer: Eneken Tikk

Student: Maksym Yerokhin (Software Engineering MSc)
Title: Multi-level Policy-aware Privacy Analysis
Supervisor: Pille Pullonen, Luciano García-Bañuelos
Reviewer: Sara Belluccini

Student: Reelika Tõnisson (Computer Science MSc)
Title: Tighter Post-quantum Secure Encryption Schemes Using Semi-classical Oracles
Supervisor: Dominique Peer Ghislain Unruh
Reviewer: Sven Laur

Student: Helen Tera (Computer Science BSc)
Title: Introduction to Post-Quantum Cryptography in Scope of NIST’s Post-Quantum Competition
Supervisor: Dominique Unruh
Reviewer: Raul-Martin Rebane

Student: Omar Purik (Computer Science BSc)
Title: Creation of Practical Assignments on Information Security for High School Students
Supervisor: Kristjan Krips, Tauno Palts
Reviewer:

Links:
https://comserv.cs.ut.ee/ati_thesis/index.php?year=2019
https://www.cs.ut.ee/sites/default/files/www_ut/kaitsmised_v_30-05.pdf

Cyber Security master’s theses defense in TalTech (May 2019)

May 27th, 2019, Akadeemia Tee 15a, Room ICT-411.

Time: 10:00
Student: Olesia Yaremenko
Title: Skills Evaluation of Participants of Cybersecurity Exercises on the Example of a Virtual Hands-on Forensic Lab
Supervisor: Sten Mäses
Reviewer: Kaie Maennel

Time: 10:40
Student: Saber Yari
Title: Creating Cyber Security Exercises for Open Source Intelligence and Reverse Engineering
Supervisor: Sten Mäses
Reviewer: Birgy Lorenz

Time: 11:20
Student: Heleri Aitsam
Title: Teaching Cyberethics and Measuring Cyberethical Behavior in a Classroom Setting
Supervisor: Sten Mäses
Reviewer: Birgy Lorenz

LUNCH 12:00-12:40

Time: 12:40
Student: Jaana Metsamaa
Title: Framework for Measuring and Maximizing Security Feature Impact in Business to Business SaaS Products
Supervisor: Andro Kull
Reviewer: Erwin Orye

Time: 13:20
Student: Bitchiko Kodua
Title: Creating Labs for Web Application Security and Methods of Defining Difficulty Levels
Supervisor: Hayretdin Bahsi
Reviewer: Kaie Maennel

BREAK 14:00-14:30

Time: 14:30
Student: Jorge Alberto Medina Galinda
Title: Generation of Malware Behavioral Datasets in a Medium Scale IoT Networks
Supervisor: Hayretdin Bahsi
Reviewer: Olaf Maennel

Time: 15:10
Student: Roman Kononov
Title: Macintosh Operating System Exploitation and Intrusion Prevention
Supervisor: Toomas Lepik
Reviewer: Olaf Maennel

Time: 15:50
Student: Kristine Hovhannisyan
Title: Applying Confidence-Building Measures to Cyber Conflict: Computer Emergency Response Cooperation and Cyber Espionage
Supervisor: Eneken Tikk; Olaf Maennel
Reviewer: Anna-Maria Osula

May 28th, 2019, Akadeemia Tee 15a, Room ICT-315.

Time: 10:00
Student: Alberto Zorrilla Garza
Title: Beaconleak: Use and Detection of 802.11 Beacon Stuffing as a Covert Channel
Supervisor: Olaf Maennel
Reviewer: Hayretdin Bahsi

Time: 10:40
Student: Krishna Vaishnav
Title: Analysis of WhatsApp Data Obtained before the General Election (Lok Sabha) 2019 in India
Supervisor: Olaf Maennel
Reviewer: Adrian Venables

Time: 11:20
Student: Alessandro Mirani
Title: Unintentional Cybercrime
Supervisor: Tiia Sõmer
Reviewer: Sten Mäses

LUNCH 12:00-12:40

Time: 12:40
Student: Abenezer Berhanu Weldegiorgis
Title: Developing National Cybersecurity Strategy for Ethiopia
Supervisor: Mika Kerttunen
Reviewer: Tiia Sõmer

Time: 13:20
Student: Tambet Paljasma
Title: Validating Docker Image and Container Security Using Best Practices and Company Policies
Supervisor: Margus Ernits
Reviewer: Alejandro Guerra Manzanares

BREAK 14:00-14:20

Time: 14:20
Student: Kirke Pralla
Title: Creation of Freely Accessible Interactive Training Materials for Secure Android Development
Supervisor: Margus Ernits
Reviewer: Alejandro Guerra Manzanares

Time: 15:00
Student: Annika Aavaste
Title: How to Improve Data Protection and Information Security in Local Governments Using GDPR compliant training
Supervisor: Eneken Tikk
Reviewer: Matthew Sorell

Time: 15:40
Student: Randel Raidmets
Title: A Comparative Analysis of Open-Source Full Packet Capture Software Solutions
Supervisor: Mauno Pihelgas
Reviewer: Risto Vaarandi

May 29th, 2019, Akadeemia Tee 15a, Room ICT-315.

Time: 10:00
Student: Nikita Kuznietsov
Title: Researching Underground Forums to Improve Fraud Detection at TransferWise [RESTRICTED defense]
Supervisor: Jaan Priisalu; Sandra Horma
Reviewer: Aleksandr Lenin

Time: 10:40
Student: Kristopher Ryan Price
Title: Analysis of the Impact of Poisoned Data within Twitter Classification Models
Supervisor: Jaan Priisalu; Sven Nõmm
Reviewer: Kieren Lovell

Time: 11:20
Student: Andreas Jürimäe
Title: The Security Implications of DMARC in Estonian Goverment Institutions Based on Phishing Attacks in Cambridge University
Supervisor: Kieren Lovell
Reviewer: Hayretdin Bahsi

LUNCH 12:00-12:40

Time: 12:40
Student: Vita Krainik
Title: Distributed Consensus Problems and Protocols: a Systematic Literature Review
Supervisor: Ahto Buldas
Reviewer: Alex Norta

Time: 13:20
Student: Deniz Basar
Title: Uniqueness Criteria for Blockchain Type Distributed Ledgers
Supervisor: Ahto Buldas
Reviewer: Jaan Priisalu

BREAK 14:00-14:20

Time: 14:20
Student: Henry Okere
Title: Analysis of a Node-based Integrity Attack on Networked SCADA Power Plant
Supervisor: Hayretdin Bahsi
Reviewer: Ahto Buldas

Time: 15:00
Student: Mostafa Hadi
Title: Making the shift from DevOps to DevSecOps at Distribusion Technologies GmbH
Supervisor: Hayretdin Bahsi
Reviewer: Kieren Lovell

Time: 15:40
Student: Joanna Rose Castillon Del Mar
Title: Automated Photo Categorization for Digital Forensic Analysis Using a Machine Learning-Based Classifier
Supervisor: Hayretdin Bahşi; Leo Mršić; Krešimir Hausknecht
Reviewer: Matthew Sorell

May 30th, 2019, Akadeemia Tee 15a, Room ICT-315.

Time: 10:00
Student: Kayla Marie Cannon
Title: America’s Panopticon: Privacy Implications of Facial Recognition By Law Enforcement
Supervisor: Mika Kerttunen
Reviewer: Hayretdin Bahsi

Time: 10:40
Student: Andres Antonen
Title: Securing an Automated Code Testing System
Supervisor: Ago Luberg
Reviewer: Toomas Lepik

Time: 11:20
Student: Jessica Ai Truong
Title: Evaluating the Detection Accuracy of JA3 and JA3S in Security Monitoring of SSL Communication
Supervisor: Hayretdin Bahsi
Reviewer: Toomas Lepik

LUNCH 12:00-12:40

Time: 12:40
Student: Tornike Nanobashvili
Title: Improving the Use of a Cyber-Insurance Product in Georgia: the Example of Commercial Banks
Supervisor: Eneken Tikk; Mika Kerttunen
Reviewer: Hayretdin Bahsi

Time: 13:20
Student: Arefeh Fathollahi Kalkhoran
Title: Data Breach: NIST and GDPR
Supervisor: Eneken Tikk
Reviewer: Mika Kerttunen

BREAK 14:00-14:20

Time: 14:20
Student: Chinmay Khandekar
Title: Cookie Security and its Implementation in the Light of GDPR and E-Privacy Regulation
Supervisor: Eneken Tikk
Reviewer: Rain Ottis

Time: 15:00
Student: Nurbanu Konayeva
Title: Application of Active Learning for Botnet Detection
Supervisor: Hayretdin Bahsi; Sven Nõmm
Reviewer: Risto Vaarandi

Time: 15:40
Student: Raul Ezequiel Jimenez Haro
Title: Forensic Tool to Study and Carve Virtual Machine Hard Disk Files
Supervisor: Pavel Laptev
Reviewer: Hayretdin Bahsi

May 31th, 2019, Akadeemia Tee 15a, Room ICT-315.

Time: 10:00
Student: Maarja Heinsoo
Title: Implications of Information Security Culture on Risk Management – Case of a Technology Company
Supervisor: Hayretdin Bahsi
Reviewer: Kaie Maennel

Time: 10:40
Student: Prabin Krishna Subedi
Title: Forensics Analysis of Client-Side Artifacts in Cloud-Based Applications
Supervisor: Hayretdin Bahsi
Reviewer: Matthew Sorell

Time: 11:20
Student: John Chukwufumnanya George
Title: Analysis of the Impact of Bank Verification Number on Financial Security in Nigeria and Potential Cyber Threat Through Social Engineering
Supervisor: Andro Kull
Reviewer: Sten Mäses

LUNCH 12:00-12:40

Time: 12:40
Student: Roman Müller
Title: Analysis of the Estonian X-tee network based on centralized log data [RESTRICTED defence]
Supervisor: Jaan Priisalu; Sven Nõmm
Reviewer: Peeter Laud

Time: 13:20
Student: Ragnar Kobin
Title: A Model for Evaluating State Cyber Security Exercises
Supervisor: Rain Ottis; Kim Joonsoo
Reviewer: Tiia Sõmer

Time: 14:20
Student: Sasan Rezaeifars
Title: Hands-on Lab for Teaching Security Misconfiguration and Broken Authentication
Supervisor: Sten Mäses
Reviewer: Andro Kull

Cyber Security master’s theses defense in Tallinn University of Technology (May 2018)

Monday, May 28th 2018, Akadeemia Tee 15a, Room ICT-315.

Time: 09:30
Student: Kristiina Renel
Title: Compliance with EU Personal Data Protection Framework in the Context of Public Sector Logging
Supervisor: Kaie Maennel
Supervisor: Kristjan Kikerpill
Reviewer: Andro Kull

Time: 10:10
Student: Belgin Tastan
Title: Securing Systems and Networks Using Deceptions With Cyber Kill Chain Methodology
Supervisor: Ahmed Tauseef
Reviewer: Risto Vaarandi

Time: 11:00
Student: Raquel Tabuyo Benito
Title: Forensic Analysis of a Steam Based Online Game
Supervisor: Hayretdin Bahsi
Reviewer: Jens Getreu

Time: 11:40
Student: Kim Vahturov
Title: Using Indicators of Compromise to Automate Incident Triage. Proof of Concept
Supervisor: Toomas Lepik
Supervisor: Lauri Palkmets
Reviewer: Hayretdin Bahsi

Time: 13:00
Student: Alejandro Guerra Manzanares
Title: Application of Full Machine Learning Workflow for Malware Detection in Android on the Basis of System Calls And Permissions
Supervisor: Hayretdin Bahsi
Supervisor: Sven Nõmm
Reviewer: Toomas Lepik

Time: 13:40
Student: Romet Saaliste
Title: Estonian Government Related Challenges in Protection of Personal Data
Supervisor: Olaf Maennel
Reviewer: Birgy Lorenz

Time: 14:20
Student: Moira Gabriella Nguegaum
Title: A Structured Approach to the Identification of IPV6 Vulnerabilities in IPV4-only Local Area Networks
Supervisor: Olaf Maennel
Reviewer: Bernhards Blumbergs

Time: 15:20
Student: Stefano Panarese
Title: Nessuno: A Friend-to-Friend Anonymous Communication Protocol
Supervisor: Olaf Maennel
Reviewer: Ahto Buldas

Time: 16:00
Student: Amirhossein Akbari
Title: A Novel Approach for Securing HTML5 Client-Side Database, INDEXEDDB
Supervisor: Olaf Maennel
Reviewer: Aleksander Lenin

Tuesday, May 29th 2018, Akadeemia Tee 15a, Room ICT-315.

Time: 09:30
Student: Andres Rauschecker
Title: User-Oriented Privacy Enhancements for Web-Browsers
Supervisor: Olaf Maennel
Reviewer: Hayretdin Bahsi

Time: 10:10
Student: Artur Luik
Title: The Design and Implementation of Automated Vulnerability Application Framework
Supervisor: Tanel Tetlov
Reviewer: Toomas Lepik

Time: 11:00
Student: Daniele Mucci
Title: TED – The ELF Doctor. A Container Based Tool to Perform Security Risk Assessment for ELF Binaries
Supervisor: Bernhards Blumbergs
Reviewer: Toomas Lepik

Time: 11:40
Student: Aleks Koha
Title: Impact Assessment of an EU GDPR Self-Assessment Qestionnaire on Entrepreneurs
Supervisor: Sten Mäses
Supervisor: Anu Baum
Reviewer: Tiia Sõmer

Time: 13:00
Student: Kayode Olaitan Omotoye
Title: Business Process-Based Cyber Risk Assessment Using Healthcare System as Case Study
Supervisor: Hayretdin Bahsi
Reviewer: Alexander Norta

Time: 13:40
Student: Mari Jääger
Title: Developing Records of Processing Activities in a Small Enterprise
Supervisor: Priit Raspel
Reviewer: Raimundas Matulevicius

Time: 14:20
Student: Simo Antero Hurttila
Title: From Information Security to Cyber Security Management – ISO 27001 & 27032 Approach
Supervisor: Andro Kull
Reviewer: Kaie Maennel

Time: 15:20
Student: Aditya Raj Das
Title: Comparing Battery Consumption of Malware Scanning Applications
Supervisor: Hayretdin Bahsi
Reviewer: Sten Mäses

Time: 16:00
Student: Danny Lopez Murillo
Title: A Balanced Lab for Teaching Ethical Hacking to Undergraduate and Graduate Students
Supervisor: Hayretdin Bahsi
Reviewer: Sten Mäses

Wednesday, May 30th 2018, Akadeemia Tee 15a, Room ICT-315.

Time: 09:30
Student: Sille Laks
Title: Basic cyber security awareness training in a paramilitary organization (RESTRICTED)
Supervisor: Sten Mäses
Supervisor: Markko Liutkevičius
Reviewer: Rain Ottis

Time: 10:10
Student: Andres Elliku
Title: Scalable Course on Cyber Attack Detection
Supervisor: Margus Ernits
Reviewer: Mauno Pihelgas

Time: 11:00
Student: Javid Asadli
Title: Proposing Action Plan in Cyber Security Capacity Building for Azerbaijan
Supervisor: Tiia Sõmer
Supervisor: Leyla Aliyeva
Reviewer: Sten Mäses

Time: 11:40
Student: Even Langfeldt Friberg
Title: The Cyber-Insurance Market in Norway: An Empirical Study of the Supply-Side and a Small Sample of the Maritime Demand-Side
Supervisor: Hayretdin Bahsi
Supervisor: Ulrik Franke
Reviewer: Birgy Lorenz

Time: 13:00
Student: Nishaant Verma
Title: Comparative Analysis of Online Privacy and Security Concerns Between Generation Y and Generation Z in North India: A Pilot Study
Supervisor: Hayretdin Bahsi
Supervisor: Mare Teichmann
Reviewer: Maria Claudia Solarte Vasquez

Time: 13:40
Student: Taimur Tufail
Title: Comparing the National Cyber Security Framework of Pakistan with India and United Kingdom
Supervisor: Hayretdin Bahsi
Reviewer: Tiia Sõmer

Time: 14:40
Student: Fernando Rafael Garcia-Granado
Title: Cybersecurity Knowledge Requirements for Non-IT Strategic Level Decision Makers
Supervisor: Hayretdin Bahsi
Reviewer: Andro Kull

Time: 15:20
Student: Hindrek Baum
Title: Detection of VLAN Hopping Attacks Using Switch’s Monitoring Options
Supervisor: Jaan Priisalu
Reviewer: Aleksander Lenin

Study on the lifecycle of cryptographic algorithms 2017

This year we have ordered and will publish cryptographic algorithms life cycle report in parts. The first part is now available.

The first and the most important chapter gives overview of the current state of algorithms.

The second chapter writes about the cryptographic side of the last fall ID card crisis. The report describes what happened, what was done and how on the cryptographic side the new solution (elliptic curves) for ID cards works.

The third chapter gives overview of block-chain technologies and in addition provides Estonian-language terminology for block-chain related English terms.

The report has been ordered by RIA and written by Cybernetica researchers Ahto Buldas, Jan Willemson and Arne Ansper.

Links:
https://blog.ria.ee/ria-kruptouuring-id-kaart-ja-plokiahelad/
https://www.ria.ee/public/RIA/kruptograafiliste_algoritmide_elutsukli_uuring_2017.pdf
https://geenius.ee/uudis/nsa-usub-et-eesti-id-kaart-peaks-vastu-pidama-ka-kvantarvuti-runnakule/

Estonian cryptographer rejects claims of being Bitcoin’s creator

Los Angeles lawyer Justin Sobaje is convinced that Helger Lipmaa, senior researcher of the University of Tartu’s computer science institute, is Satoshi Nakamoto – the creator of bitcoin, and says he has analyses and studies that prove it.

Sobaje writes that he is convinced – based on an article in which Nakamoto first describes the nature of bitcoin – that the author or authors of the piece had to have been experts of timestamping technology and hash trees. That is the focus of Helger Lipmaa’s doctoral thesis and scientific papers published in the late 1990s. Lipmaa has cited another two articles the original creator of the bitcoin also cites on his homepage. Conclusion: Lipmaa knows five out of eight articles.

Sobaje continues: “Satoshi was an experienced C++ programmer. Lipmaa created timestamping software while working at Cybernetica.” He lists the years Lipmaa spent working for the company until two years before the birth of bitcoin. How was the name Satoshi Nakamoto created? Sobaje has found three Japanese cryptographers mentioned on Lipmaa’s website – Satoshi Obana, Junko Nakajima, Takeshi Okamoto – and concludes that the name of the world’s most wanted man is a combination of the three.

Helger Lipmaa, commenting on the matter to Postimees, rejects the idea. “I’m certainly not Satoshi and I don’t understand how he got to my name of all things,” he said, adding that bitcoin’s original creator wasn’t a cryptographer.

Professor of software science at the Tallinn University of Technology Ahto Buldas, who worked with Lipmaa on timestamping technology in the late 1990s, laughs out loud when told an American lawyer believes Lipmaa to be Nakamoto. “The number of scientists that worked on it at the time was not great, while there are other candidates for Nakamoto. I don’t want to say that Lipmaa is not Satoshi Nakamoto; even though I don’t really believe it, it cannot be ruled out either,” he says. “We could all have been Nakamotos.

This could be a potential topic for BSc/MSc thesis, to use open source intelligence to verify if there is some correlation between public activities of Satoshi and Helger/Ahto.

Links:
https://news.err.ee/652328/estonian-cryptographer-rejects-claims-alleging-he-created-bitcoin
https://news.postimees.ee/4365547/hunt-for-the-world-s-most-wanted-man-reaches-estonia
http://novaator.err.ee/648962/tartu-ulikooli-vorguteenused-sattusid-pahatahtliku-runnaku-alla

 

Smart-ID paper: Server-Supported RSA Signatures for Mobile Devices

Abstract
We propose a new method for shared RSA signing between the user and the server so that: (a) the server alone is unable to create valid signatures; (b) having the client’s share, it is not possible to create a signature without the server; (c) the server detects cloned client’s shares and blocks the service; (d) having the password-encrypted client’s share, the dictionary attacks cannot be performed without alerting the server; (e) the composite RSA signature “looks like” an ordinary RSA signature and verifies with standard crypto-libraries. We use a modification of the four-prime RSA scheme of Damgård, Mikkelsen and Skeltved from 2015, where the client and the server have independent RSA private keys. As their scheme is vulnerable to dictionary attacks, in our scheme, the client’s RSA private exponent is additively shared between server and client. Our scheme has been deployed and has over 200,000 users.

The paper was published in proceedings of the conference ESORICS 2017, Oslo, Norway, September 11-15, 2017.

The paper contains several pages of cryptographic proofs. The RSA key generation involves “l-safe” primes, which is not a standard practice in generating RSA primes. This is worrisome, especially after it became known that the flaw in ID card was caused by other instance of nonstandard RSA prime generation.

Links:
https://link.springer.com/chapter/10.1007/978-3-319-66402-6_19