Tag Archives: Pavel Laptev

Cybersecurity related bachelor’s and master’s theses in University of Tartu 2017/2018

Cyber Security Msc thesis:

Cost-Benefit Analysis of a Hybrid Terrorist Attack on a Power Plant
Student: Avramenko Valeriia
Supervisor: Hayretdin Bahşi, Raimundas Matulevičius

HoneyProxy Implementation in Cloud Environment with Docker HoneyFarm
Student: Ahmed Elazazy
Supervisor: Anton Vedeshin, Truls Tuxen Ringkjob, Raimundas Matulevicius

Testing the Security Awareness Using Open-Source Tools – Spear Phishing
Student: Karina Filipczak
Supervisor: Sten Mäses, Raimundas Matulevičius

Assessing Generational Differences in Susceptibility to Social Engineering Attacks. A Comparison Between Millennial and Baby Boomer Generations
Student: Lejla Islami
Supervisor: Olaf Manuel Maennel, PhD Raimundas Matulevicius, PhD

How to Conduct Email Phishing Experiments
Student: Kaspar Jüristo
Supervisor: Sten Mäses, Olaf M. Maennel, Raimundas Matulevičius

Evaluation of Efficiency of Cybersecurity
Student: Mikko Luomala
Supervisor: Yannick Le Moullec, Jyri Paasonen, Meelis Roos

Fingerprinting a Organization Using Metadata of Public Documents
Student: Karl Mendelman
Supervisor: Olaf Manuel Maennel, Raimundas Matulevicius

Detecting Social Spamming on Facebook Platform
Student: Ghada Zakaria Mohamed
Supervisor: Innar Liiv , Raimundas Matulevičius

Forensic Data Properties of Digital Signature BDOC and ASiC-E Files on Classic Disk Drives
Student: Raul Nugis
Supervisor: Pavel Laptev, Raimundas Matulevičius

Online Cyber Security Exercise to Evaluate and Improve Individual Technical Specialists’ Cyber Incident Reporting Skills
Student: Andres Oras
Supervisor: Sten Mäses, Margus Ernits, Raimundas Matulevicius

Ensuring the Integrity of Electronic Health Records
Student: Alvar Ristikivi
Supervisor: MSc Jaan Priisalu, PhD Raimundas Matulevičius

Related thesis from other curricula:

A Tool for Supporting Multi-Perspective System Development Through Security Risk Management
Student: Madis Kaasik
Supervisor: Raimundas Matulevičius
Master – Software Engineering

Post-Quantum Secure Time-Stamping
Student: Raul-Martin Rebane
Supervisor: Dominique Peer Ghislain Unruh
Master – Computer Science

Prediction Model for Tendencies in Cybersecurity
Student: Erik Räni
Supervisor: Justinas Janulevičius, Raimundas Matulevičius
Master – Software Engineering

Quantum-Secure Coin Toss Protocol Using Collapse-Binding Commitments
Student: Kristiine Saarmann
Supervisor: Dominique Unruh
Bachelor – Computer Science

Tool Support for Privacy-Enhanced Business Process Model and Notation
Student: Aivo Toots
Supervisor: Pille Pullonen, Luciano García-Bañuelos
Bachelor – Computer Science

Dangers of Phishing Based on a Tech-Company
Student: Lauri Välja
Supervisor: Kristjan Krips
Bachelor – Computer Science

Finding Java Security Vulnerabilities Using Static Analysis: Whence the Problem?
Student: Harald Astok
Supervisor: Vesal Vojdani
Bachelor – Computer Science


Cybersecurity related bachelor’s and master’s theses in University of Tartu 2016/2017

Managing Security Risks Using Attack-Defense Trees
Abstract: The In this thesis, we have addressed risk management using Attack Tree. The contribution to resolve the problem in this thesis includes three steps. Obtaining an alignment from Attack-Defense trees to ISSRM. Measurement of the metrics of the nodes of tree using historical data.
Student: Salman Lashkarara
Curriculum: Software Engineering (MSc)
Supervisor: Raimundas Matulevicius
Reviewer: Meelis Roos
Defense: 01.06.2017, Tartu, J.Liivi 2-404

On Secure Bulletin Boards for E-Voting
Abstract: In this thesis, we propose a formal model for analysis of security and functionality of a bulletin board system motivated by the security requirements Culnane and Schneider introduced in Computer Security Foundations Symposium 2014.
Student: Annabell Kuldmaa
Curriculum: Computer Science (MSc)
Supervisor: Helger Lipmaa
Reviewer: Ahto Buldas
Defense: 01.06.2017, Tartu, J.Liivi 2-404

Research and Proof of Concept of Selected ISKE Highest Level Integrity Requirements
Abstract: This work takes integrity domain under detail research to meet ISKE requirements and security objectives demanded for data with highest integrity needs.
Student: Deivis Treier
Curriculum: Cyber Security (MSc)
Supervisor: Raimundas Matulevičius
Reviewer: Andrey Sergeev
Defense: 02.06.2017, Tartu, J.Liivi 2-404

Method for Effective PDF Files Manipulation Detection
Abstract: The aim of this thesis is to ease the process of detecting manipulations in PDF files by addressing its source code, before having to use other methods such as image processing or text-line examination.  The result is the construction of a solid and effective method for PDF file investigation and analysis to determine its integrity.
Student: Gema Fernández Bascuñana
Curriculum: Cyber Security (MSc)
Supervisor: Pavel Laptev, Inna Ivask, Raimundas Matulevičius
Reviewer: Hayretdin Bahsi
Defense: 02.06.2017, Tartu, J.Liivi 2-404

Establishing, Implementing and Auditing Linux Operating System Hardening Standard for Security Compliance
Abstract: This paper provides a proof-of-concept solution for being compliant with operating system hardening requirements of the company by establishing, implementing and auditing Linux (Debian) operating system hardening standard.
Student: Martin Jõgi
Curriculum: Cyber Security (MSc)
Supervisor: Truls Tuxen Ringkjob, Raimundas Matulevičius
Reviewer: Marko Kääramees
Defense: 02.06.2017, Tartu, J.Liivi 2-404

A Prototype For Learning Privacy-Preserving Data Publising
Abstract:  This master thesis will discuss different threats to privacy, discuss and compare different privacy-preserving methods to mitigate these threats. The thesis will give an overview of different possible implementations for these privacy-preserving methods. The other output of this thesis is educational purpose software that allows students to learn and practice privacy-preserving methods.
Student: Rain Oksvort
Curriculum: Software Engineering (MSc)
Supervisor: Raimundas Matulevičius
Reviewer: Benson Muite
Defense: 05.06.2017, Tartu, J.Liivi 2-404

Filesystem Fuzz Testing Framework
Abstract: In the present thesis a fuzz testing framework was built, which can be used for finding time-of-check-to-time-of-use type bugs in Linux filesystems.
Student: Vladislav Alenitsev
Curriculum: Computer Science (BSc)
Supervisor: Meelis Roos, Kristjan Krips
Reviewer: Karl Tarbe
Defense: 07.06.2017, Tartu, J.Liivi 2-404

Performance Testing Bulletin Board Implementations for Online Voting
Abstract: This work takes a look at two software solutions that can be used for such purpose and analyses their performance in testing environment imitating real election workload.
Student: Marek Pagel
Curriculum: Computer Science (BSc)
Supervisor: Sven Heiberg, Janno Siim
Reviewer: Ivo Kubjas
Defense: 07.06.2017, Tartu, J.Liivi 2-404

Cybersecurity theses defence on June 9, 2017 in Tartu J. Liivi 2-403 at 10.00 AM.
Defence Committee: Raimundas Matulevičius (chairman), Olaf Manuel Maennel, Vitaly Skachek, Meelis Roos, Hayretdin Bahsi.
Grades received (random order): A, B, C, C, D.

Improving and Measuring Learning at Cyber Defence Exercises
Abstract:  This thesis takes a fresh look at learning in Cyber Defence Exercises (CDXs) and focuses on measuring learning outcomes. As such exercises come in a variety of formats, this thesis focuses on technical CDXs with Red and Blue teaming elements.
Student: Kaie Maennel
Curriculum: Cyber Security (MSc)
Supervisor: Rain Ottis, Liina Randmann, Raimundas Matulevičius
Reviewer: Sten Mäses
Defense: 09.06.2017, Tartu, J.Liivi 2-403

Federation of Cyber Ranges
Abstract: This study compares two cyber ranges and looks into possibilities of pooling and sharing of national facilities and to the establishment of a logical federation of interconnected cyber ranges. The thesis gives recommendations on information flow, proof of concept, guide-lines and prerequisites to achieve an initial interconnection with pooling and sharing capabilities.
Student: Allar Vallaots
Curriculum: Cyber Security (MSc)
Supervisor: Jaan Priisalu, Uko Valtenberg, Raimundas Matulevičius
Reviewer: Rain Ottis
Defense: 09.06.2017, Tartu, J.Liivi 2-403

A New Heuristic Based Phishing Detection Approach Utilizing Selenium Webdriver
Abstract: In this paper, we focus on detecting login phishing pages, pages that contain forms with email and password fields to allow for authorization to personal/restricted content. We present the design, implementation, and evaluation of our phishing detection tool “SeleniumPhishGuard”, a novel heuristic-based approach to detect phishing login pages.
Student: Ahmed Nafies Okasha Mohamed
Curriculum: Cyber Security (MSc)
Supervisor: Olaf Manuel Maennel, Raimundas Matulevicius
Reviewer: Hayretdin Bahsi
Defense: 09.06.2017, Tartu, J.Liivi 2-403

Analysis of Exploit-kit Incidents and Campaigns Through a Graph Database Framework
Abstract: A great deal of automation can be achieved here by using public APIs such as VirusTotal, whois databases, IP blacklists, etc during the analysis and a first part of our work is dedicated to that. We will then show that this approach reveals patterns and clusters from which decisions can be made from a defensive perspective.
Student: Guillaume Brodar
Curriculum: Cyber Security (MSc)
Supervisor: Toomas Lepik, Raimundas Matulevicius
Reviewer: Arnis Paršovs
Defense: 09.06.2017, Tartu, J.Liivi 2-403

Investigation of JTAG and ISP Techniques for Forensic Procedures
Abstract: This thesis is focusing on JTAG and ISP physical acquisitions techniques. The aim is to give an overview of these techniques from a forensic point of view and in addition to some other tests will try to prove that are forensically equivalent to any other method.
Student: Stefanos Pappas
Curriculum: Cyber Security (MSc)
Supervisor: Pavel Laptev, Raimundas Matulevičius
Reviewer: Emin Caliskan
Defense: 09.06.2017, Tartu, J.Liivi 2-403


Cyber Security Summer School 2016: “Digital Forensics — technology and law”


July 3-8, 2016, Estonian Information Technology College, Tallinn

Cyber Security Summer School 2016 is organised by Information Technology Foundation for Education in collaboration with Tallinn University of Technology, University of Tartu and The University of Adelaide.

• Hein Dries-Ziekenheiner
• Jeffrey Moulton (LSU)
• Merike Kaeo (Double Shot Security)
• Pavel Gladyshev (University College Dublin)
• Stephen Mason (www.stephenmason.eu)

Applications open until May 9, 2016
Confirmation of admission by May 23, 2016

Monday, July 4
09:00 – 10:00 Opening of the Summer School
Welcoming words by Erki Urva, Chairman of the Board of HITSA
Introduction of the speakers and mentors by organizers Olaf Maennel and Helen Eenmaa-Dimitrieva
11:15 – 13:00 “Introduction to Electronic Evidence”, “Evidential Foundations and Authenticity” Stephen Mason and Hein Dries-Ziekenheiner
14:00 – 16:00 “Forensic Tools” Pavel Laptev

Tuesday, July 5
09:30 – 11:00 “Case assessment and Interpretation in digital forensic casework” Didier Meuwly
11:15 – 13:00 “Social media, big data, internet forensics” Hein Dries-Ziekenheiner
14:00 – 16:00 Exercise “State of Connecticut v Julie Amero” Stephen Mason and Hein Dries-Ziekenheiner

Wednesday, July 6
09:00 – 09:30 “Application to court” Stephen Mason
09:30 – 11:00 “Network Forensics As Evidence: What Can You Trust and What Is Admissible in a Court of Law” Merike Kaeo
16:15 – 17:30 “IT Forensics: Why post-mortem is dead. Whay over preserving evidence is bad.” Tobias Eggendorfer

Thursday, July 7
14:15 – 16:00 “This is Personal”, “Risk Management Framework” Jeffrey Moulton
16:15 – 18:00 “Frameworks for International Cyber Security” Eneken Tikk-Ringas

Friday, July 8
09:15 – 11:00 First Round of Moot Court
14:00 – 16:00 Best groups in a Public Moot
16:00 – 16:30 Summary and closing of the Summer School


Tallinn International CyberCrime Conference 2014


Location: Tallinn, Estonia – Radisson Blu Hotel Olympia
On 12 and 13 november 2014 the Tallinn University of Technology organizes the International Cybercrime Conference of 2014. The main agenda of the conference is to announce the official opening of TUT Centre of Digital Forensics and Cyber Security and to discuss current cyber security research.

Conference CyberCrime 2014, day 1, 12.11.2014 (most of the day in estonia – english simultaneous translation, with the exception of 2 presentations in english)

Moderator Aare Tammemäe, FinanceEstonia, Chairman of the Board
09.00 – 10.00 Registration and welcome coffee
10.00 – 10.15 Conference Opening Address: Prof Erkki Truve, Vice rector of Tallinn University of Technology
10.15 – 10.25 Mr Hanno Pevkur, Minister of the Interior, Republic of Estonia
10.25 – 11.10 Plenary Session 1
Key note speaker: Mrs Heli Tiirmaa-Klaar, Cyber Security Policy Advisor, European External Action Service.
EU Cyber Security Strategy and Capacity Building to Fight Cybercrime.
11.10 – 11.20 Mr Üllar Lanno, Estonian Forensics Science Institute.
The beginning of IT forensics in Estonia or how the 2CENTRE Estonia started
11.20 – 11.50 Coffe-break
11.50 – 12.20 Plenary Session 2
Mr Gert Jervan, Dean of Faculty of Information Technology, Tallinn University of Technology; Mrs Anu Baum, 2CENTRE Estonia; Rain Ottis, TUT Centre of Digital Forensics and Cyber Security. TUT Cyber centre – past, present and future
12.20 – 12.25 The importance of the establishment of 2CENTRE Estonia. Welcoming word by Minister of the Justice of the Republic of Estonia, Andres Anvelt
12.25 – 12.50 Signing the memorandum of association of TUT Centre of Digital Forensics and Cyber Security
12.50 – 13.30 Panel Discussion – Erkki Truve, Heli Tiirmaa-Klaar, Andres Anvelt, Priit Pärkna, moderated by Gert Jervan, Dean of IT faculty of TUT
13.30 – 14.30 Lunch
14.30 – 14.50 Ms Ann Mennens – B-CCentre (Belgium). The B-CCENTRE, establishing exchange and cooperation between academia, public and private sector in Belgium: a major challenge
14.50 – 15.10 Ms Cheryl Baker – University College Dublin (Ireland)
Success story of the university (UCD), IT-forensics in Ireland, Irish experience and challenges in the global forensics market
15.10 – 15.40 Coffe-break
15.40 – 16.00 Mr Tanel Tammet, Mr Rain Ottis, Mr Jüri Vain. Introduction of the Four Projects (e-Crime, ECESM, SEREIN, IT-Akadeemia)
16.00 – 16.30 Mr Andres Kütt – Advisor at Estonian Information System’s Authority. E-state, e-governance & e-citizen or why we need experts in digital forensics.
16.30 – 17.00 Conclusions of the Day 1
19.00 – 22.00 Reception hosted by prof Erkki Truve, Vice rector of Tallinn. University of Technology (admittance based on earlier registration). House of Brotherhood of the Blackheads
Pikk str 26, 10133 Tallinn
Phone: +372 631 3199

Conference CyberCrime 2014, day 2 (all day in English), 13.11.2014

Moderator Olaf Maennel
08.45 – 09.15 Registration
09.15 – 10.00 Gorazd Božič, Slovenia
Incident Response and CERT Cooperation in the Modern Age
10.00 – 10.15 Coffee break
10.15 – 11.00 Varis Teivāns, Deputy Manager of CERT.LV
“Role of Digital Forensics in Fight Against Cybercrime in Baltic States”
11.00 – 11.15 Coffee break
11.15 – 12.00 Matthew Sorell, Australia
Beyond metadata: non-cooperative provenance tracing of digital photography
12.15 – 13.15 Lunch
13.30 – 14.15 Nickolas Falkner, University of Adelaide, Australia.
Security and Automated Configuration: Where Standards and Policy Fail, Complexity Will Not be Enough to Save Us.
14.15 – 15.00 Pavel Laptev, Estonia
Cyber Forensics view from the Estonian Forensic Science Institute
15.00 – 15.15 Coffee break
15.15 – 16.00 Gergely Toth, Deloitte Cyber Security Team
An Industry perspective on cyber security challenges
16.00 – 16.40 Olaf Maennel, Professor, Tallinn University of Technology.
Summarizing the 2’nd day of the conference