Tag Archives: Jaan Priisalu

Cyber Security master’s theses defense in TalTech (May 2021)

Cyber Security curriculum MSc theses defences on May 27th 2021 (online):

Time: 10:00
Student: Tarvo Arikas
Title: Streaming event correlation and complex event processing using open-source solutions
Supervisor: Risto Vaarandi
Reviewer: Mauno Pihelgas

Time: 10:40
Student: Janno Arnek
Title: Improving cybersecurity level of Estonian small and medium sized enterprises through coordination with national level
Supervisor: Sille Laks
Reviewer: Anna-Maria Osula

Time: 11:50
Student: Tedel Baca
Title: Critical infrastructure protection in the Republic of Kosovo: A policy-analysis on the protection of electric-energy and water-supply sectors
Supervisor: Mika Kerttunen, Kristine Hovhannisyan
Reviewer: Adrian Venables

Time: 12:30
Student: Risto Kasepuu
Title: Designing an artifact to support cybersecurity policy development in small and medium enterprises
Supervisor: Mika Kerttunen, Andro Kull
Reviewer: Adrian Venables

Time: 13:20
Student: Dariana Khisteva
Title: A proposal of integrating open-source IDS into vessel’s bridge network
Supervisor: Olaf Maennel, Gabor Visky
Reviewer: Risto Vaarandi

Time: 14:00
Student: Stanislav Mekinulashvili
Title: Sniffing encrypted BLE traffic after changing connection parameters, using low-cost hardware that captures only one channel at a time
Supervisor: Olaf Maennel
Reviewer: Toomas Lepik

Time: 14:40
Student: Yazeed Basim Aeadah Alhaddad
Title: Ghost Injection Attack on Automatic Dependent Surveillance-Broadcast Equipped Drones Impact on Human Behavior
Supervisor: Erwin Orye
Reviewer: Jaan Priisalu

Cyber Security curriculum MSc theses defences on May 28th 2021 (online):

Time: 10:00
Student: Juan Manuel Delgado Garcia
Title: Forensic Analysis of Privacy-Oriented Cryptocurrency Wallets
Supervisor: Hayretdin Bahsi
Reviewer: Pavel Tsikul

Time: 10:40
Student: Faisal Sumaila
Title: Extraction and Analysis of Forensic Artifacts from Automotive Maintenance Applications
Supervisor: Hayretdin Bahsi
Reviewer: Matthew Sorell

Time: 11:50
Student: Yoshihisa Furushita
Title: Sources of artifacts in video
Supervisor: Matthew Sorell, Pavel Tšikul
Reviewer: Richard Matthews

Time: 12:30
Student: Kärte Pärend
Title: Forensic Traces of Messaging Applications on Android and iOS Mobile Phones
Supervisor: Sten Mäses, Priit Lahesoo
Reviewer: Matthew Sorell

Time: 13:20
Student: Karoliina Koppel
Title: Securing Software Supply-Chain Using OWASP Application Security Verification Standard: A SimplBooks Case Study
Supervisor: Toomas Lepik
Reviewer: Andrew Roberts

Time: 14:00
Student: Rooya Karimnia
Title: Culturally-Sensitive Instructional Design Of A Cybersecurity Awareness Program For High School Students In Iran, Hormozgan
Supervisor: Kaie Maennel, Mahtab Shahin
Reviewer: Stefan Sütterlin

Cyber Security curriculum MSc theses defences on May 31th 2021 (online):

Time: 10:00
Student: Jelizaveta Vakarjuk
Title: Converting a post-quantum signature scheme to a two-party signature scheme
Supervisor: Ahto Buldas, Jan Willemson
Reviewer: Ahto Truu

Time: 10:40
Student: Esteban Josue Ramirez Rojas
Title: Preserving Information’s Integrity and Confidentiality with Blockchain in the Service Supply Chain
Supervisor: Jaan Priisalu, Alex Norta
Reviewer: Nikita Snetkov

Time: 11:50
Student: Ali Ghasempour
Title: HTTP based Network Intrusion Detection System by Using Machine Learning-Based Classifier
Supervisor: Risto Vaarandi, Alejandro Manzanares
Reviewer: Hayretdin Bahsi

Time: 12:30
Student: Mauricio Antonio Duarte Lara
Title: Prototyping A Serious Game On Information Manipulation
Supervisor: Maria Claudia Solarte Vasquez, Adrian Venables
Reviewer: Rain Ottis

Time: 13:20
Student: Madis Männik
Title: Smart meter threat detection based on log analysis
Supervisor: Gabor Visky
Reviewer: Risto Vaarandi

Time: 14:00
Student: Alex Bindevald
Title: Cyber security at schools – challenges, oppurtunities and needs for CTF-solution
Supervisor: Birgy Lorenz
Reviewer: Tiia Sõmer

Cyber Security master’s theses defense in TalTech (May/June 2020)

Defence of master theses of Cyber Security curriculum on May 28th 2020 online

Time: 10:00
Student: Cheng-Yu Lu
Title: Analyse Journal of XFS Filesystem for Assisting in Event Reconstruction
Supervisor: Pavel Laptev
Reviewer: Hayretdin Bahsi

Time: 10:40
Student: Simon Victor Jean Laurent Brun
Title: Comprehensive Digital Forensics Analysis of Smart Home Environment
Supervisor: Hayretdin Bahsi, Pavel Tšikul
Reviewer: Matthew Sorell

Time: 11:20
Student: Shaymaa Mamdouh Mohammed Radwan Khalil
Title: Analysis of Windows 10 Hibernation File
Supervisor: Hayretdin Bahsi, Pavel Tšikul
Reviewer: Matthew Sorell

Time: 12:40
Student: Kevin Patric Schmidt
Title: EXTRACTION OF FORENSIC ARTIFACTS FROM HOME ROUTERS
Supervisor: Hayretdin Bahsi
Reviewer: Matthew Sorell

Time: 13:20
Student: Weerarathna Patabendige Samoda Abeydeera
Title: Fileless Malware Detection in Cloud Environment Using Machine Learning Techniques
Supervisor: Alejandro Guerra Manzanares
Reviewer: Sven Nõmm

Defence of master theses of Cyber Security curriculum on May 29th 2020 online

Time: 10:00
Student: Andreas Jürimäe
Title: The Effectiveness of DMARC and Usage of DMARC in Estonian Government Institutions
Supervisor: Kieren Lovell
Reviewer: Dan Heering

Time: 10:40
Student: Liubomyr Kushnir
Title: Benchmarking of Post-hoc Local Interpretability Methods for Classifying Malicious Traffic
Supervisor: Hayretdin Bahsi, Sven Nõmm
Reviewer: Alejandro Manzanares

Time: 11:20
Student: Huu Phuc Nguyen
Title: Research Method in Detecting Swapped Face Image and Video Forgery
Supervisor: Matthew Sorell
Reviewer: Pavel Tšikul

Time: 12:40
Student: Rohin Sambath Kumar
Title: Analyzing the Face Value of Fake Accounts in Online Social Networks
Supervisor: Birgy Lorenz
Reviewer: Adrian Venables

Time: 13:20
Student: Mykyta Zaitsev
Title: Developing learning pathways for massive open online courses by the example of the rangeforce cyberskills training platform
Supervisor: Olaf Maennel, Margus Ernits
Reviewer: Birgy Lorenz

Time: 14:00
Student: Martin Chmelař
Title: Utilizing Mitre att&ck to Create Adversary Reports of Live-fire Cybersecurity Exercises for Feedback Purposes
Supervisor: Olaf Maennel
Reviewer: Rain Ottis

Time: 14:40
Student: Ilkin Huseynov
Title: The Analysis of the Current Cyber Security Actions Taken in the e-Government of Azerbaijan and Proposal of the Improvement Plan
Supervisor: Mika Juha Kerttunen
Reviewer: Adrian Venables

Time: 15:20
Student: Belgin Tastan
Title: Comparing the Security Assessment Models on the Detection of Critical Vulnerabilities in Web Services
Supervisor: Mika Kerttunen, Andro Kull
Reviewer: Pavel Tšikul

Defence of master theses of Cyber Security curriculum on June 1st 2020 in ICT-315 (closed defences) & online

Time: 10:00
Student: Juri Kononov
Title: Network Policy Management is Service Rich Environment
Supervisor: Olaf Maennel, Jaan Priisalu
Reviewer: Mart Järvi, Uko Valtenberg

Time: 10:40
Student: Maria Toomsalu
Title: Vulnerability Analysis of an Organisation on the basis of a Semi-Formal Model
Supervisor: Peeter Laud, Jaan Priisalu
Reviewer: Aleksandr Lenin

Time: 11:20
Student: Kaarel Allemann
Title: Effects of the New Integration Design on the KOLT Security
Supervisor: Ahto Buldas
Reviewer: Aleksandr Lenin

Time: 14:00
Student: Fernando Gonzalo Bauzá Sáinz De Baranda
Title: How to Mess with Log Collectors and Analyze their Response in Microsoft Networks with an Example of the Elk Stack
Supervisor: Toomas Lepik
Reviewer: Risto Vaarandi

Time: 14:40
Student: Andres Pihlak
Title: Continuous Docker Image Analysis and Intrusion Detection Based on Open-source Tools
Supervisor: Mauno Pihelgas
Reviewer: Kristian Kivimägi

Time: 15:20
Student: Maarja-Liisa Tammepõld
Title: Securing the centralized logging system by the example of Elasticsearch
Supervisor: Toomas Lepik
Reviewer: Risto Vaarandi

Defence of master theses of Cyber Security curriculum on June 2nd 2020 online

Time: 10:00
Student: Kadri Cahani
Title: Aligning Information Security Risks with Strategic Goals
Supervisor: Hayretdin Bahsi
Reviewer: Kaie Maennel

Time: 10:40
Student: Martin Leppik
Title: Improving AWS S3 Security at a Medium-sized Company: Challenges and Solutions
Supervisor: Hayretdin Bahsi
Reviewer: Tiia Sõmer

Time: 11:20
Student: Karl Lubja
Title: Systematic Generation of Cyber Attack Scenarios Against A Ship
Supervisor: Hayretdin Bahsi
Reviewer: Olaf Maennel

Time: 12:40
Student: Illia Petrash
Title: User Behaviour During Covid-19 from the Perspective of a Telco Server
Supervisor: Olaf Maennel
Reviewer: Toomas Lepik

Time: 13:20
Student: Rishikesh Ram Shankaran
Title: Comparative Study on Perception and Preparedness of a User Towards Cybersecurity Threats in IoT and Mobile Devices
Supervisor: Stefan Sütterlin
Reviewer: Eneken Tikk

Time: 14:00
Student: Ilja Šmarjov
Title: OWASP secure coding practices checklist and training: assessment of effectiveness in a technology company
Supervisor: Olaf Maennel
Reviewer: Margus Ernits

Time: 14:40
Student: Marvin Uku
Title: Evaluation method for smart home and smart grid authentication protocols
Supervisor: Olaf Maennel
Reviewer: Hayretdin Bahsi

Time: 15:20
Student: Sania Akif Malik
Title: The Effect of Interindividual Differences in Metacognitive Accuracy on Cybersecurity Decisions
Supervisor: Stefan Sütterlin
Reviewer: Mika Juha Kerttunen

Cyber Security master’s theses defense in TalTech (May 2019)

May 27th, 2019, Akadeemia Tee 15a, Room ICT-411.

Time: 10:00
Student: Olesia Yaremenko
Title: Skills Evaluation of Participants of Cybersecurity Exercises on the Example of a Virtual Hands-on Forensic Lab
Supervisor: Sten Mäses
Reviewer: Kaie Maennel

Time: 10:40
Student: Saber Yari
Title: Creating Cyber Security Exercises for Open Source Intelligence and Reverse Engineering
Supervisor: Sten Mäses
Reviewer: Birgy Lorenz

Time: 11:20
Student: Heleri Aitsam
Title: Teaching Cyberethics and Measuring Cyberethical Behavior in a Classroom Setting
Supervisor: Sten Mäses
Reviewer: Birgy Lorenz

LUNCH 12:00-12:40

Time: 12:40
Student: Jaana Metsamaa
Title: Framework for Measuring and Maximizing Security Feature Impact in Business to Business SaaS Products
Supervisor: Andro Kull
Reviewer: Erwin Orye

Time: 13:20
Student: Bitchiko Kodua
Title: Creating Labs for Web Application Security and Methods of Defining Difficulty Levels
Supervisor: Hayretdin Bahsi
Reviewer: Kaie Maennel

BREAK 14:00-14:30

Time: 14:30
Student: Jorge Alberto Medina Galinda
Title: Generation of Malware Behavioral Datasets in a Medium Scale IoT Networks
Supervisor: Hayretdin Bahsi
Reviewer: Olaf Maennel

Time: 15:10
Student: Roman Kononov
Title: Macintosh Operating System Exploitation and Intrusion Prevention
Supervisor: Toomas Lepik
Reviewer: Olaf Maennel

Time: 15:50
Student: Kristine Hovhannisyan
Title: Applying Confidence-Building Measures to Cyber Conflict: Computer Emergency Response Cooperation and Cyber Espionage
Supervisor: Eneken Tikk; Olaf Maennel
Reviewer: Anna-Maria Osula

May 28th, 2019, Akadeemia Tee 15a, Room ICT-315.

Time: 10:00
Student: Alberto Zorrilla Garza
Title: Beaconleak: Use and Detection of 802.11 Beacon Stuffing as a Covert Channel
Supervisor: Olaf Maennel
Reviewer: Hayretdin Bahsi

Time: 10:40
Student: Krishna Vaishnav
Title: Analysis of WhatsApp Data Obtained before the General Election (Lok Sabha) 2019 in India
Supervisor: Olaf Maennel
Reviewer: Adrian Venables

Time: 11:20
Student: Alessandro Mirani
Title: Unintentional Cybercrime
Supervisor: Tiia Sõmer
Reviewer: Sten Mäses

LUNCH 12:00-12:40

Time: 12:40
Student: Abenezer Berhanu Weldegiorgis
Title: Developing National Cybersecurity Strategy for Ethiopia
Supervisor: Mika Kerttunen
Reviewer: Tiia Sõmer

Time: 13:20
Student: Tambet Paljasma
Title: Validating Docker Image and Container Security Using Best Practices and Company Policies
Supervisor: Margus Ernits
Reviewer: Alejandro Guerra Manzanares

BREAK 14:00-14:20

Time: 14:20
Student: Kirke Pralla
Title: Creation of Freely Accessible Interactive Training Materials for Secure Android Development
Supervisor: Margus Ernits
Reviewer: Alejandro Guerra Manzanares

Time: 15:00
Student: Annika Aavaste
Title: How to Improve Data Protection and Information Security in Local Governments Using GDPR compliant training
Supervisor: Eneken Tikk
Reviewer: Matthew Sorell

Time: 15:40
Student: Randel Raidmets
Title: A Comparative Analysis of Open-Source Full Packet Capture Software Solutions
Supervisor: Mauno Pihelgas
Reviewer: Risto Vaarandi

May 29th, 2019, Akadeemia Tee 15a, Room ICT-315.

Time: 10:00
Student: Nikita Kuznietsov
Title: Researching Underground Forums to Improve Fraud Detection at TransferWise [RESTRICTED defense]
Supervisor: Jaan Priisalu; Sandra Horma
Reviewer: Aleksandr Lenin

Time: 10:40
Student: Kristopher Ryan Price
Title: Analysis of the Impact of Poisoned Data within Twitter Classification Models
Supervisor: Jaan Priisalu; Sven Nõmm
Reviewer: Kieren Lovell

Time: 11:20
Student: Andreas Jürimäe
Title: The Security Implications of DMARC in Estonian Goverment Institutions Based on Phishing Attacks in Cambridge University
Supervisor: Kieren Lovell
Reviewer: Hayretdin Bahsi

LUNCH 12:00-12:40

Time: 12:40
Student: Vita Krainik
Title: Distributed Consensus Problems and Protocols: a Systematic Literature Review
Supervisor: Ahto Buldas
Reviewer: Alex Norta

Time: 13:20
Student: Deniz Basar
Title: Uniqueness Criteria for Blockchain Type Distributed Ledgers
Supervisor: Ahto Buldas
Reviewer: Jaan Priisalu

BREAK 14:00-14:20

Time: 14:20
Student: Henry Okere
Title: Analysis of a Node-based Integrity Attack on Networked SCADA Power Plant
Supervisor: Hayretdin Bahsi
Reviewer: Ahto Buldas

Time: 15:00
Student: Mostafa Hadi
Title: Making the shift from DevOps to DevSecOps at Distribusion Technologies GmbH
Supervisor: Hayretdin Bahsi
Reviewer: Kieren Lovell

Time: 15:40
Student: Joanna Rose Castillon Del Mar
Title: Automated Photo Categorization for Digital Forensic Analysis Using a Machine Learning-Based Classifier
Supervisor: Hayretdin Bahşi; Leo Mršić; Krešimir Hausknecht
Reviewer: Matthew Sorell

May 30th, 2019, Akadeemia Tee 15a, Room ICT-315.

Time: 10:00
Student: Kayla Marie Cannon
Title: America’s Panopticon: Privacy Implications of Facial Recognition By Law Enforcement
Supervisor: Mika Kerttunen
Reviewer: Hayretdin Bahsi

Time: 10:40
Student: Andres Antonen
Title: Securing an Automated Code Testing System
Supervisor: Ago Luberg
Reviewer: Toomas Lepik

Time: 11:20
Student: Jessica Ai Truong
Title: Evaluating the Detection Accuracy of JA3 and JA3S in Security Monitoring of SSL Communication
Supervisor: Hayretdin Bahsi
Reviewer: Toomas Lepik

LUNCH 12:00-12:40

Time: 12:40
Student: Tornike Nanobashvili
Title: Improving the Use of a Cyber-Insurance Product in Georgia: the Example of Commercial Banks
Supervisor: Eneken Tikk; Mika Kerttunen
Reviewer: Hayretdin Bahsi

Time: 13:20
Student: Arefeh Fathollahi Kalkhoran
Title: Data Breach: NIST and GDPR
Supervisor: Eneken Tikk
Reviewer: Mika Kerttunen

BREAK 14:00-14:20

Time: 14:20
Student: Chinmay Khandekar
Title: Cookie Security and its Implementation in the Light of GDPR and E-Privacy Regulation
Supervisor: Eneken Tikk
Reviewer: Rain Ottis

Time: 15:00
Student: Nurbanu Konayeva
Title: Application of Active Learning for Botnet Detection
Supervisor: Hayretdin Bahsi; Sven Nõmm
Reviewer: Risto Vaarandi

Time: 15:40
Student: Raul Ezequiel Jimenez Haro
Title: Forensic Tool to Study and Carve Virtual Machine Hard Disk Files
Supervisor: Pavel Laptev
Reviewer: Hayretdin Bahsi

May 31th, 2019, Akadeemia Tee 15a, Room ICT-315.

Time: 10:00
Student: Maarja Heinsoo
Title: Implications of Information Security Culture on Risk Management – Case of a Technology Company
Supervisor: Hayretdin Bahsi
Reviewer: Kaie Maennel

Time: 10:40
Student: Prabin Krishna Subedi
Title: Forensics Analysis of Client-Side Artifacts in Cloud-Based Applications
Supervisor: Hayretdin Bahsi
Reviewer: Matthew Sorell

Time: 11:20
Student: John Chukwufumnanya George
Title: Analysis of the Impact of Bank Verification Number on Financial Security in Nigeria and Potential Cyber Threat Through Social Engineering
Supervisor: Andro Kull
Reviewer: Sten Mäses

LUNCH 12:00-12:40

Time: 12:40
Student: Roman Müller
Title: Analysis of the Estonian X-tee network based on centralized log data [RESTRICTED defence]
Supervisor: Jaan Priisalu; Sven Nõmm
Reviewer: Peeter Laud

Time: 13:20
Student: Ragnar Kobin
Title: A Model for Evaluating State Cyber Security Exercises
Supervisor: Rain Ottis; Kim Joonsoo
Reviewer: Tiia Sõmer

Time: 14:20
Student: Sasan Rezaeifars
Title: Hands-on Lab for Teaching Security Misconfiguration and Broken Authentication
Supervisor: Sten Mäses
Reviewer: Andro Kull

Cybersecurity related bachelor’s and master’s theses in University of Tartu 2017/2018

Cyber Security Msc thesis:

Cost-Benefit Analysis of a Hybrid Terrorist Attack on a Power Plant
Student: Avramenko Valeriia
Supervisor: Hayretdin Bahşi, Raimundas Matulevičius

HoneyProxy Implementation in Cloud Environment with Docker HoneyFarm
Student: Ahmed Elazazy
Supervisor: Anton Vedeshin, Truls Tuxen Ringkjob, Raimundas Matulevicius

Testing the Security Awareness Using Open-Source Tools – Spear Phishing
Student: Karina Filipczak
Supervisor: Sten Mäses, Raimundas Matulevičius

Assessing Generational Differences in Susceptibility to Social Engineering Attacks. A Comparison Between Millennial and Baby Boomer Generations
Student: Lejla Islami
Supervisor: Olaf Manuel Maennel, PhD Raimundas Matulevicius, PhD

How to Conduct Email Phishing Experiments
Student: Kaspar Jüristo
Supervisor: Sten Mäses, Olaf M. Maennel, Raimundas Matulevičius

Evaluation of Efficiency of Cybersecurity
Student: Mikko Luomala
Supervisor: Yannick Le Moullec, Jyri Paasonen, Meelis Roos

Fingerprinting a Organization Using Metadata of Public Documents
Student: Karl Mendelman
Supervisor: Olaf Manuel Maennel, Raimundas Matulevicius

Detecting Social Spamming on Facebook Platform
Student: Ghada Zakaria Mohamed
Supervisor: Innar Liiv , Raimundas Matulevičius

Forensic Data Properties of Digital Signature BDOC and ASiC-E Files on Classic Disk Drives
Student: Raul Nugis
Supervisor: Pavel Laptev, Raimundas Matulevičius

Online Cyber Security Exercise to Evaluate and Improve Individual Technical Specialists’ Cyber Incident Reporting Skills
Student: Andres Oras
Supervisor: Sten Mäses, Margus Ernits, Raimundas Matulevicius

Ensuring the Integrity of Electronic Health Records
Student: Alvar Ristikivi
Supervisor: MSc Jaan Priisalu, PhD Raimundas Matulevičius

Related thesis from other curricula:

A Tool for Supporting Multi-Perspective System Development Through Security Risk Management
Student: Madis Kaasik
Supervisor: Raimundas Matulevičius
Master – Software Engineering

Post-Quantum Secure Time-Stamping
Student: Raul-Martin Rebane
Supervisor: Dominique Peer Ghislain Unruh
Master – Computer Science

Prediction Model for Tendencies in Cybersecurity
Student: Erik Räni
Supervisor: Justinas Janulevičius, Raimundas Matulevičius
Master – Software Engineering

Quantum-Secure Coin Toss Protocol Using Collapse-Binding Commitments
Student: Kristiine Saarmann
Supervisor: Dominique Unruh
Bachelor – Computer Science

Tool Support for Privacy-Enhanced Business Process Model and Notation
Student: Aivo Toots
Supervisor: Pille Pullonen, Luciano García-Bañuelos
Bachelor – Computer Science

Dangers of Phishing Based on a Tech-Company
Student: Lauri Välja
Supervisor: Kristjan Krips
Bachelor – Computer Science

Finding Java Security Vulnerabilities Using Static Analysis: Whence the Problem?
Student: Harald Astok
Supervisor: Vesal Vojdani
Bachelor – Computer Science

Links:
https://comserv.cs.ut.ee/ati_thesis/index.php?year=2018

Cyber Security master’s theses defense in Tallinn University of Technology (May 2018)

Monday, May 28th 2018, Akadeemia Tee 15a, Room ICT-315.

Time: 09:30
Student: Kristiina Renel
Title: Compliance with EU Personal Data Protection Framework in the Context of Public Sector Logging
Supervisor: Kaie Maennel
Supervisor: Kristjan Kikerpill
Reviewer: Andro Kull

Time: 10:10
Student: Belgin Tastan
Title: Securing Systems and Networks Using Deceptions With Cyber Kill Chain Methodology
Supervisor: Ahmed Tauseef
Reviewer: Risto Vaarandi

Time: 11:00
Student: Raquel Tabuyo Benito
Title: Forensic Analysis of a Steam Based Online Game
Supervisor: Hayretdin Bahsi
Reviewer: Jens Getreu

Time: 11:40
Student: Kim Vahturov
Title: Using Indicators of Compromise to Automate Incident Triage. Proof of Concept
Supervisor: Toomas Lepik
Supervisor: Lauri Palkmets
Reviewer: Hayretdin Bahsi

Time: 13:00
Student: Alejandro Guerra Manzanares
Title: Application of Full Machine Learning Workflow for Malware Detection in Android on the Basis of System Calls And Permissions
Supervisor: Hayretdin Bahsi
Supervisor: Sven Nõmm
Reviewer: Toomas Lepik

Time: 13:40
Student: Romet Saaliste
Title: Estonian Government Related Challenges in Protection of Personal Data
Supervisor: Olaf Maennel
Reviewer: Birgy Lorenz

Time: 14:20
Student: Moira Gabriella Nguegaum
Title: A Structured Approach to the Identification of IPV6 Vulnerabilities in IPV4-only Local Area Networks
Supervisor: Olaf Maennel
Reviewer: Bernhards Blumbergs

Time: 15:20
Student: Stefano Panarese
Title: Nessuno: A Friend-to-Friend Anonymous Communication Protocol
Supervisor: Olaf Maennel
Reviewer: Ahto Buldas

Time: 16:00
Student: Amirhossein Akbari
Title: A Novel Approach for Securing HTML5 Client-Side Database, INDEXEDDB
Supervisor: Olaf Maennel
Reviewer: Aleksander Lenin

Tuesday, May 29th 2018, Akadeemia Tee 15a, Room ICT-315.

Time: 09:30
Student: Andres Rauschecker
Title: User-Oriented Privacy Enhancements for Web-Browsers
Supervisor: Olaf Maennel
Reviewer: Hayretdin Bahsi

Time: 10:10
Student: Artur Luik
Title: The Design and Implementation of Automated Vulnerability Application Framework
Supervisor: Tanel Tetlov
Reviewer: Toomas Lepik

Time: 11:00
Student: Daniele Mucci
Title: TED – The ELF Doctor. A Container Based Tool to Perform Security Risk Assessment for ELF Binaries
Supervisor: Bernhards Blumbergs
Reviewer: Toomas Lepik

Time: 11:40
Student: Aleks Koha
Title: Impact Assessment of an EU GDPR Self-Assessment Qestionnaire on Entrepreneurs
Supervisor: Sten Mäses
Supervisor: Anu Baum
Reviewer: Tiia Sõmer

Time: 13:00
Student: Kayode Olaitan Omotoye
Title: Business Process-Based Cyber Risk Assessment Using Healthcare System as Case Study
Supervisor: Hayretdin Bahsi
Reviewer: Alexander Norta

Time: 13:40
Student: Mari Jääger
Title: Developing Records of Processing Activities in a Small Enterprise
Supervisor: Priit Raspel
Reviewer: Raimundas Matulevicius

Time: 14:20
Student: Simo Antero Hurttila
Title: From Information Security to Cyber Security Management – ISO 27001 & 27032 Approach
Supervisor: Andro Kull
Reviewer: Kaie Maennel

Time: 15:20
Student: Aditya Raj Das
Title: Comparing Battery Consumption of Malware Scanning Applications
Supervisor: Hayretdin Bahsi
Reviewer: Sten Mäses

Time: 16:00
Student: Danny Lopez Murillo
Title: A Balanced Lab for Teaching Ethical Hacking to Undergraduate and Graduate Students
Supervisor: Hayretdin Bahsi
Reviewer: Sten Mäses

Wednesday, May 30th 2018, Akadeemia Tee 15a, Room ICT-315.

Time: 09:30
Student: Sille Laks
Title: Basic cyber security awareness training in a paramilitary organization (RESTRICTED)
Supervisor: Sten Mäses
Supervisor: Markko Liutkevičius
Reviewer: Rain Ottis

Time: 10:10
Student: Andres Elliku
Title: Scalable Course on Cyber Attack Detection
Supervisor: Margus Ernits
Reviewer: Mauno Pihelgas

Time: 11:00
Student: Javid Asadli
Title: Proposing Action Plan in Cyber Security Capacity Building for Azerbaijan
Supervisor: Tiia Sõmer
Supervisor: Leyla Aliyeva
Reviewer: Sten Mäses

Time: 11:40
Student: Even Langfeldt Friberg
Title: The Cyber-Insurance Market in Norway: An Empirical Study of the Supply-Side and a Small Sample of the Maritime Demand-Side
Supervisor: Hayretdin Bahsi
Supervisor: Ulrik Franke
Reviewer: Birgy Lorenz

Time: 13:00
Student: Nishaant Verma
Title: Comparative Analysis of Online Privacy and Security Concerns Between Generation Y and Generation Z in North India: A Pilot Study
Supervisor: Hayretdin Bahsi
Supervisor: Mare Teichmann
Reviewer: Maria Claudia Solarte Vasquez

Time: 13:40
Student: Taimur Tufail
Title: Comparing the National Cyber Security Framework of Pakistan with India and United Kingdom
Supervisor: Hayretdin Bahsi
Reviewer: Tiia Sõmer

Time: 14:40
Student: Fernando Rafael Garcia-Granado
Title: Cybersecurity Knowledge Requirements for Non-IT Strategic Level Decision Makers
Supervisor: Hayretdin Bahsi
Reviewer: Andro Kull

Time: 15:20
Student: Hindrek Baum
Title: Detection of VLAN Hopping Attacks Using Switch’s Monitoring Options
Supervisor: Jaan Priisalu
Reviewer: Aleksander Lenin

Estonian “data embassy” to open in Luxembourg

Data of the Estonian administration may be stored on servers in Luxemburg as well as in Estonia already towards the end of this year. The “data embassy” created this way will contain information vital to the functioning of the state, and make an attack on the country’s systems more difficult.

As cyber security expert of Tallinn’s NATO Cyber Defence Centre of Excellence, Jaan Priisalu, says, “If an operator is planning to occupy another country, one of their objectives is going to be to take over the existing institutions, or to suppress them, and if you can make these institutions ex-territorial, take them out of reach of the potential attacker, you increase the political price of the attack.”

According to advisor to the ministry’s state information systems department, Laura Kask, negotiations were held with other countries as well, but the ones with Luxembourg had developed the furthest. “For one thing, they offer data centers with a very high level of security, and for another they are quite similar to us in terms of their IT development and their way of thinking,” Kask said. In terms of money, there are no exact figures available, but the data center in Luxemburg will be markedly more expensive than running a similar infrastructure in Estonia. There is one entry in the government’s schedule concerning the data embassies, showing an allocation of €240,000.

The physical location of the servers will remain secret, and only people will have access to them that are cleared by the Estonian state.

The data to be backed up in Luxembourg so far covers ten priority databases, including the information system of the Governmental Payments Office (the Estonian treasury), the pensions insurance register, the business register, the population register, the cadaster, and the identity documents database.

Even now nothing forbids Estonian state to store data backups in Estonian embassies located in foreign states. Most likely the plan is to build failover system that is kept in sync in real time.

Links:
http://news.err.ee/592384/first-data-embassy-to-open-in-luxembourg
http://www.opengovasia.com/articles/7597-exclusive%E2%80%94whats-next-for-data-management-in-estonian-government%E2%80%93data-embassies-expanding-e-residency
http://news.err.ee/602273/estonian-government-approves-setting-up-data-embassy-in-luxembourg

Cybersecurity related bachelor’s and master’s theses in University of Tartu 2016/2017

Managing Security Risks Using Attack-Defense Trees
Abstract: The In this thesis, we have addressed risk management using Attack Tree. The contribution to resolve the problem in this thesis includes three steps. Obtaining an alignment from Attack-Defense trees to ISSRM. Measurement of the metrics of the nodes of tree using historical data.
Student: Salman Lashkarara
Curriculum: Software Engineering (MSc)
Supervisor: Raimundas Matulevicius
Reviewer: Meelis Roos
Defense: 01.06.2017, Tartu, J.Liivi 2-404

On Secure Bulletin Boards for E-Voting
Abstract: In this thesis, we propose a formal model for analysis of security and functionality of a bulletin board system motivated by the security requirements Culnane and Schneider introduced in Computer Security Foundations Symposium 2014.
Student: Annabell Kuldmaa
Curriculum: Computer Science (MSc)
Supervisor: Helger Lipmaa
Reviewer: Ahto Buldas
Defense: 01.06.2017, Tartu, J.Liivi 2-404

Research and Proof of Concept of Selected ISKE Highest Level Integrity Requirements
Abstract: This work takes integrity domain under detail research to meet ISKE requirements and security objectives demanded for data with highest integrity needs.
Student: Deivis Treier
Curriculum: Cyber Security (MSc)
Supervisor: Raimundas Matulevičius
Reviewer: Andrey Sergeev
Defense: 02.06.2017, Tartu, J.Liivi 2-404

Method for Effective PDF Files Manipulation Detection
Abstract: The aim of this thesis is to ease the process of detecting manipulations in PDF files by addressing its source code, before having to use other methods such as image processing or text-line examination.  The result is the construction of a solid and effective method for PDF file investigation and analysis to determine its integrity.
Student: Gema Fernández Bascuñana
Curriculum: Cyber Security (MSc)
Supervisor: Pavel Laptev, Inna Ivask, Raimundas Matulevičius
Reviewer: Hayretdin Bahsi
Defense: 02.06.2017, Tartu, J.Liivi 2-404

Establishing, Implementing and Auditing Linux Operating System Hardening Standard for Security Compliance
Abstract: This paper provides a proof-of-concept solution for being compliant with operating system hardening requirements of the company by establishing, implementing and auditing Linux (Debian) operating system hardening standard.
Student: Martin Jõgi
Curriculum: Cyber Security (MSc)
Supervisor: Truls Tuxen Ringkjob, Raimundas Matulevičius
Reviewer: Marko Kääramees
Defense: 02.06.2017, Tartu, J.Liivi 2-404

A Prototype For Learning Privacy-Preserving Data Publising
Abstract:  This master thesis will discuss different threats to privacy, discuss and compare different privacy-preserving methods to mitigate these threats. The thesis will give an overview of different possible implementations for these privacy-preserving methods. The other output of this thesis is educational purpose software that allows students to learn and practice privacy-preserving methods.
Student: Rain Oksvort
Curriculum: Software Engineering (MSc)
Supervisor: Raimundas Matulevičius
Reviewer: Benson Muite
Defense: 05.06.2017, Tartu, J.Liivi 2-404

Filesystem Fuzz Testing Framework
Abstract: In the present thesis a fuzz testing framework was built, which can be used for finding time-of-check-to-time-of-use type bugs in Linux filesystems.
Student: Vladislav Alenitsev
Curriculum: Computer Science (BSc)
Supervisor: Meelis Roos, Kristjan Krips
Reviewer: Karl Tarbe
Defense: 07.06.2017, Tartu, J.Liivi 2-404

Performance Testing Bulletin Board Implementations for Online Voting
Abstract: This work takes a look at two software solutions that can be used for such purpose and analyses their performance in testing environment imitating real election workload.
Student: Marek Pagel
Curriculum: Computer Science (BSc)
Supervisor: Sven Heiberg, Janno Siim
Reviewer: Ivo Kubjas
Defense: 07.06.2017, Tartu, J.Liivi 2-404

Cybersecurity theses defence on June 9, 2017 in Tartu J. Liivi 2-403 at 10.00 AM.
Defence Committee: Raimundas Matulevičius (chairman), Olaf Manuel Maennel, Vitaly Skachek, Meelis Roos, Hayretdin Bahsi.
Grades received (random order): A, B, C, C, D.

Improving and Measuring Learning at Cyber Defence Exercises
Abstract:  This thesis takes a fresh look at learning in Cyber Defence Exercises (CDXs) and focuses on measuring learning outcomes. As such exercises come in a variety of formats, this thesis focuses on technical CDXs with Red and Blue teaming elements.
Student: Kaie Maennel
Curriculum: Cyber Security (MSc)
Supervisor: Rain Ottis, Liina Randmann, Raimundas Matulevičius
Reviewer: Sten Mäses
Defense: 09.06.2017, Tartu, J.Liivi 2-403

Federation of Cyber Ranges
Abstract: This study compares two cyber ranges and looks into possibilities of pooling and sharing of national facilities and to the establishment of a logical federation of interconnected cyber ranges. The thesis gives recommendations on information flow, proof of concept, guide-lines and prerequisites to achieve an initial interconnection with pooling and sharing capabilities.
Student: Allar Vallaots
Curriculum: Cyber Security (MSc)
Supervisor: Jaan Priisalu, Uko Valtenberg, Raimundas Matulevičius
Reviewer: Rain Ottis
Defense: 09.06.2017, Tartu, J.Liivi 2-403

A New Heuristic Based Phishing Detection Approach Utilizing Selenium Webdriver
Abstract: In this paper, we focus on detecting login phishing pages, pages that contain forms with email and password fields to allow for authorization to personal/restricted content. We present the design, implementation, and evaluation of our phishing detection tool “SeleniumPhishGuard”, a novel heuristic-based approach to detect phishing login pages.
Student: Ahmed Nafies Okasha Mohamed
Curriculum: Cyber Security (MSc)
Supervisor: Olaf Manuel Maennel, Raimundas Matulevicius
Reviewer: Hayretdin Bahsi
Defense: 09.06.2017, Tartu, J.Liivi 2-403

Analysis of Exploit-kit Incidents and Campaigns Through a Graph Database Framework
Abstract: A great deal of automation can be achieved here by using public APIs such as VirusTotal, whois databases, IP blacklists, etc during the analysis and a first part of our work is dedicated to that. We will then show that this approach reveals patterns and clusters from which decisions can be made from a defensive perspective.
Student: Guillaume Brodar
Curriculum: Cyber Security (MSc)
Supervisor: Toomas Lepik, Raimundas Matulevicius
Reviewer: Arnis Paršovs
Defense: 09.06.2017, Tartu, J.Liivi 2-403

Investigation of JTAG and ISP Techniques for Forensic Procedures
Abstract: This thesis is focusing on JTAG and ISP physical acquisitions techniques. The aim is to give an overview of these techniques from a forensic point of view and in addition to some other tests will try to prove that are forensically equivalent to any other method.
Student: Stefanos Pappas
Curriculum: Cyber Security (MSc)
Supervisor: Pavel Laptev, Raimundas Matulevičius
Reviewer: Emin Caliskan
Defense: 09.06.2017, Tartu, J.Liivi 2-403

Links:
https://www.cs.ut.ee/sites/default/files/cs/kaitsmiste_ajakava_1_2_5_06.pdf
https://www.cs.ut.ee/sites/default/files/cs/kaitsmiste_ajakava_6_7_8_9_06_.pdf

Cyber Security master’s theses defense in Tallinn University of Technology (May 2017)


Monday, May 29, 2017, Akadeemia Tee 15a, Room ICT-315.

Grades received (random order): 5, 4, 4, 3, 3, 3, 2, 2.

Time: 10:00
Student: Kristjan Oja
Title: Cyber Security Awareness For IT Students Through Practical Assignments
Supervisor: Sten Mäses
Reviewer: Tiia Sõmer

Time: 10:40
Student: Sander Arnus
Title: Providing guaranteed log delivery and proof value of logs
Supervisor: Risto Vaarandi
Reviewer: Tiit Hallas

Time: 11:20
Student: Bolaji Ayoola Ladokun
Title: An Analytical Approach to Characterization of Targeted and Untargeted Attack in Critical Infrastructure Honeypot
Supervisor: Hayretdin Bahsi
Reviewer: Risto Vaarandi

Time: 12:00-13:00 – Lunch

Time: 13:00
Student: Iryna Bondar
Title: LUDROID: Evaluation of Android Malware Detection Tools and Techniques and Development of a First Line of Defense For the User
Supervisor: Emin Caliskan
Reviewer: Toomas Lepik

Time: 13:40
Student:  Seifollah Akbari
Title: A New Method for the SYNful Knock Attack Implementation
Supervisor: Truls Ringkjob
Reviewer: Bernhards Blumbergs

Time: 14:20
Student: Safak Tarazan
Title: GPS Spoofing/Jamming Resilient Mini UAV Implementation Strategy
Supervisor: Truls Ringkjob
Reviewer: Juhan Ernits

Time: 15:20
Student: Danielle Morgan
Title: Security of Loyalty Cards Used in Estonia
Supervisor: Rain Ottis, Arnis Paršovs
Reviewer: Aleksandr Lenin

Time: 16:00
Student: Katrin Kukk
Title: Ensuring the digital continuity of e-Estonia in different crisis scenarios
Supervisor: Rain Ottis
Reviewer: Jaan Priisalu

Tuesday, May 30, 2017, Akadeemia Tee 15a, Room ICT-315.

Grades received (random order): 4, 4, 3, 3, 2, 1.

Time: 10:00
Student: Christopher David Raastad
Title: Euro 2.0 – Securing an Ethereum Crypto Fiat Currency System
Supervisor: Alex Norta
Reviewer: Raimundas Matulevicius

Time: 10:40
Student: Mobolarinwa Taofeek Balogun
Title: Comparative Analysis of Industrial IoT and HealthCare System IoT for Cyberterrorism
Supervisor: Hayretdin Bahsi
Reviewer: Ahto Buldas

Time: 11:20
Student: Chengxiang Wang
Title: Classification of Black-Box Security Reductions and Oracle Separation Techniques
Supervisor: Ahto Buldas
Reviewer: Peeter Laud

Time: 12:00-13:00 – Lunch

Time: 13:00
Student: Celik Neslisah
Title: Anomaly Detection Using Locked Shields Logs
Supervisor: Olaf Maennel
Reviewer: Mauno Pihelgas

Time: 13:30
Student: Sophio Sakhokia
Title: Developing a Cyber Security Master Programme for Georgia
Supervisor: Tiia Sõmer
Reviewer: Olaf Maennel

Time: 14:20
Student: Zaghum Awan
Title: Analytical Comprehensive Approach to Cyber Laundering and its Solutions
Supervisor: Tiia Sõmer
Reviewer: Andro Kull

Ten years since cyber attacks following 2007 Bronze Night riots

Opinion by Jaan Priisalu, at that time the head of SIRT at Swedbank:

Jaan Priisalu, senior researcher at Tallinn’s NATO Cooperative Cyber Defence Centre of Excellence (CCDCOE), told ERR in an interview last week that through Estonia’s initiative and the public debate that followed the attacks, a topic was now getting attention that before was talked about only behind closed doors, and that some even looked at as an embarrassment.

Estonia’s 2008-2013 cyber strategy shows that after the attacks, development in the field went in several different directions. As Priisalu puts it, the strategy was a collection of the lessons learned, and based on them, a system to respond to this sort of incident was put in place.

People involved in cyber security were brought together and asked what could have been done differently, and what else should have been done. Instructions were written up, lines of communication laid out, and a cyber security curriculum put together at the Tallinn University of Technology (TUT). With it, systematic education in the field of cyber security began in Estonia.

Opinion by Klaid Mägi, the current head of CERT-EE:

Estonia’s capability to manage cyber crises has substantially improved over the past ten years, CERT Estonia chief Klaid Mägi said at a conference dedicated to the 10th anniversary of the April 2007 cyber attacks.

According to Mägi, compared to ten years ago, Estonia is substantially more capable of managing cyber crimes. “We have created systems that identify attacks and protect [us] from them, have practiced cooperation with public and private institutions, have substantially contributed to improving the knowledge of end users and are taking part in substantial international cooperation in order to manage crisis situations better,” he highlighted.

Links:
http://news.err.ee/592075/estonia-s-reaction-to-cyber-attacks-influenced-global-security-policy
http://news.err.ee/592250/cert-chief-estonia-s-cyber-crisis-management-capability-improved-in-decade

Conference “The Present and Future of Cybersecurity”

Conference “The Present and Future of Cybersecurity”
April 26, 2017, National Library of Estonia

13.00-13.30 – Registration and welcome coffee
13.30-13.40 – Opening words – Urve Palo (Minister of Entrepreneurship and Information Technology)
13.40-14.00 – Keynote – Jaak Aaviksoo (Rector of TUT)
14.00-15.00 – Discussion “Evolution of cyber attacks – what has changed in ten years?” Klaid Mägi (RIA, head of CERT-EE) leader. Debating: Hillar Aarelaid (Police and Border Guard Board), Jaan Priisalu (TUT), Merike Käo (Farsight Security CTO)
15.00-15.30 – Cofee break
15.30-17.00 – Discussion “Discurses, paradigms and form of cyber policy in practice” Taimar Peterkop (Director General of RIA) leader. Debating: Sven Sakkov (Director of NATO CCD CoE), Heli Tiirmaa-Klaar (European Union, Head of Cyber Policy Coordination at European External Action Service), Lauri Lugna (Secretary General at the Ministry of Interior), Lauri Almann (Co-Founder of BHC Laboratory)
17.00-17.30 – Closing words – Toomas Vaks (RIA, Head of Cyber Security Branch)
17.30-19.30 – After conference reception. Appearance of RIA band VaRIA.

Work language of the conference is Estonian.

Links:
http://kyberkonverents.publicon.ee/registreerimine/