List of supervisors and schedule
List of supervisors and their emails
List of projects
Supervised by Ivo Kubjas
- Black-box attacks against neural networks
Neural networks are a go-to tool for classifying input data into different sets. In honest setting, a well-trained neural network does a very good job, but in dishonest setting (where the attacker providing the input to the neural-network wants the output to be classified in a particular way) it is known how to perform manipulations on the data so that it would classify as wanted. This is relatively easy when the attacker has a white-box (i.e. full description of the network) access but a lot harder when only black-box access is provided. As in the industry (e.g. autonomous driving, financial markets etc.) the trained neural networks are considered intellectual property, then we can only assume black-box access.
The outcome of the report should preferably be a comparison of different black-box attack methods against neural networks. The student should know what are neural networks, how to define and train it. This topic is suitable for MSc and PhD level students.
[0] Adi Shamir, Itay Safran, Eyal Ronen, Orr Dunkelman: A Simple Explanation for the Existence of Adversarial Examples with Small Hamming Distance. https://arxiv.org/abs/1901.10861
[1] Nicolas Papernot, Patrick McDaniel, Ian Goodfellow, Somesh Jha, Z. Berkay Celik, Ananthram Swami: Practical Black-Box Attacks against Machine Learning. https://arxiv.org/abs/1602.02697
[2] Xiaolei Liu, Yuheng Luo, Xiaosong Zhang, Qingxin Zhu: A Black-box Attack on Neural Networks Based on Swarm Evolutionary Algorithm. https://arxiv.org/abs/1901.09892
[3] Arjun Nitin Bhagoji, Warren He Bo Li, and Dawn Song: Practical Black-box Attacks on Deep Neural Networks using Efficient Query Mechanisms. http://openaccess.thecvf.com/content_ECCV_2018/papers/Arjun_Nitin_Bhagoji_Practical_Black-box_Attacks_ECCV_2018_paper.pdf
Supervised by Sven Laur
- Formal verification of attack simplification lemmas
Secure multiparty protocols are complex and researchers like to prove security in simplified models. One possible approach is to reduce the set of attacks that we need to consider. This is achieved by showing that any potential attack can be rewritten as a simpler attack without changing it outcome. This leads to series of simple constructions that clearly feasible but the complete description is equivalent to up to 100 lines of code. Thus, complete hand-written proof is not reasonable option. Moreover, it is really hard to check the correctness of the code without formal methods, as there are so many minute details that need to be considered. Hence, we propose to formalise and prove some of these key lemmas in Isabelle (https://isabelle.in.tum.de).
Assigned to Eric Cornelissen
- Goodness measures for data pseudonymisation
Medical data contains confidential information and thus should be pseudonymised before making semi-public micro data releases. The aim of this research topic is to write a review of state of the art privacy metrics for micro data releases and an corresponding methods for achieving desired privacy goals. The results are intended to be used in real life -- we need to reliably pseudonymise medical data records so that they still remain useful in epidemiological studies.
Supervised by Danielle Morgan
- Assessing the unlock mechanism of Tartu Bike Share
On 8 June 2019, Tartu unveiled its bike share system, comprising of 750 bikes in 69 bike share stations across the city. In order to rent a bike, the user must create a bike share account, either on-line (ratas.tartu.ee) or via the mobile app (Tartu Smart Bike). The user must then have a valid Tartu bus season ticket or they must purchase a bike share membership. The user can then use a bus card or the mobile app to unlock the bicycle. The task of this work is to determine what information is read from the bus card to unlock the bike and if it is possible to make a clone of a bus card that can successfully unlock the bike.
https://www.tartu.ee/en/bikeshare
Assigned to Abasi-Amefon Affia
- Security of WiFi networks
Modern Wi-Fi networks generally use WPA2 to protect transmitted data. However, because WPA2 is more than 14 years old, the Wi-Fi Alliance recently announced the new and more secure WPA3 protocol. WPA3 promises to solve the issues with WPA2 but several problems have already been found with WPA3. The task is to outline the strengths and weakness of WPA3 and explain how it solves (or doesn’t solve) the issues with previous wifi security (WEP, WPA, WPA2)
https://wpa3.mathyvanhoef.com/
Assigned to Mattias Lass
Supervised by Arnis Parsovs
- Accessing the functionality of Trusted Platform Module
Trusted Platform Module (TPM, also known as ISO/IEC 11889) is an international standard for a secure cryptoprocessor, a dedicated microcontroller designed to secure hardware through integrated cryptographic keys. From 2006, most of the new laptops have been sold with a built-in TPM chip. The task of this work is to study tools and means to access the functionality provided by built-in TPM chips.
- Threat model of Smart Tachograph
Smart tachographs are the new generation of on-board mandatory digital recorders to enforce the EU legislation on professional drivers driving and resting times (social regulation). The task for the student is to study the available documentation and in the report describe the risks the smart tachograph aims to prevent and the threat model under which the smart tachograph is secure.
Links: https://dtc.jrc.ec.europa.eu/dtc_smart_tachograph.php
Supervised by Raul-Martin Rebane
- Classical Hardness of LWE
Lattice-based cryptography is currently one of the most attractive options for post-quantum security as schemes based on the Learning With Errors problem (and its variants) are very well-represented in the NIST competition. However its hardness has not been as established due to its relative newness.
Introduced in 2005, the LWE problem was shown to be hard based on the worst-case hardness of GapSVP (a decision version of the problem of finding the shortest vector of a lattice). However this reduction was purely quantum, meaning that any efficient algorithm for solving LWE would only imply the existence of an efficient quantum algorithm for GapSVP. Currently, this is not such a strong claim as we can't yet speak about the non-existence of quantum algorithms as confidently as we do about classical ones.
And so an efficient classical reduction for LWE remained an open problem until this 2013 paper, which showed that an efficient algorithm for solving LWE implies an equally efficient algorithm for GapSVP with only a quadratic loss in the dimension. The task of the student is to understand this reduction, and to present the main ideas of the proof.
https://arxiv.org/pdf/1306.0281.pdf
MSc or PhD level
Supervised by Vitaly Skachek
- Detection of Bots in the Social Media
Bot is a software that automaically imitates legitimate users in social networks and other online platforms. In the recent years bots were massively used by private entities, political groups and governments in order to influence public opinion in the desired direction. Bots possess certain properties that often allow to distinguish them from the human users.
In this project, the student will study the distinguishing properties of the automatic bots, and develop a software that will identify possible bots in social networks.
[1] Digital Forensic Research Lab, "#BotSpot: Twelve Ways to Spot a Bot", https://medium.com/dfrlab/botspot-twelve-ways-to-spot-a-bot-aedc7d9c110c
[2] Arzum Karataş, Serap Şahin, "A Review on Social Bot Detection Techniques and Research Directions"
BSc or MSc level
- Security of authentication protocols in 5G
For the next-generation of mobile communications (5G), the 3GPP workgroup has standardized the 5G AKA protocol. In this project, the student will study a protocol 5G AKA, and will discuss its strengthes and weaknesses in her/his report.
[1] D. Basin, J. Dreier, L. Hirschi, S. Radomirović, R. Sasse, and V. Stettler, "A Formal Analysis of 5G Authentication," https://arxiv.org/abs/1806.10360
[2] M. Dehnel-Wild and C. Cremers, "Security vulnerability in 5G-AKA draft," https://www.cs.ox.ac.uk/5G-analysis/5G-AKA-draft-vulnerability.pdf
BSc or MSc level
Assigned to Shiting Long
- A Secure Fountain Architecture for Slashing Storage Costs in Blockchains
Full nodes, which synchronize the full blockchain history and independently validate all the blocks, form the backbone of any blockchain network by playing a vital role in ensuring security properties. On the other hand, a user running a full node needs to pay a heavy price in terms of storage costs.
An architecture for blockchain is proposed in the referred paper, which is based on fountain codes, a class of erasure codes, that enables any full node to encode validated blocks into a small number of coded blocks, thereby reducing its storage costs by orders of magnitude. In particular, the proposed Secure Fountain (SeF) architecture can achieve a near optimal trade-off between the storage savings per node and the bootstrap cost in terms of the number of (honest) storage-constrained nodes a new node needs to contact to recover the entire blockchain. A key technical innovation in SeF codes is to make fountain codes secure against adversarial nodes that can provide maliciously formed coded blocks. The main idea is to use the header-chain as a side-information to check whether a coded block is maliciously formed while it is getting decoded. Further, the rateless property of fountain codes helps in achieving high decentralization and scalability.
https://arxiv.org/pdf/1906.12140.pdf
MSc or PhD level
- NIST quantum competition - second round
A number of proposals have passed into the second round of the NIST competition for post-quantum secure cryptosystems. This competition aims at selecting future standards for cryptosystems that are resistable to quantum attacks. The list of proposals that take part in the second round appear here: https://csrc.nist.gov/projects/post-quantum-cryptography/round-2-submissions . The full submission documents are available on the webpage of the first round: https://csrc.nist.gov/projects/post-quantum-cryptography/round-1-submissions .
In this project, the student will pick one of the proposals that passed into the second round, and will present the main ideas of the proposed system in the seminar. Specifically, we are interested in proposals BIKE, HQC, LEDAcrypt, NewHope, NTRUPrime, RQC and SIKE, but a student can also choose another proposal.
This project can be taken by several students, each student will be reviewing a different crypto system.
MSc or PhD level
ThreeBears cryptosystem is studied by Valeh Farzaliyev
Supervised by Ahto Truu
- Unlinkable Attribute-Based Credentials
Attribute-based credentials allow a person to present different subsets of his/her attributes to different parties for verification. For example, only the age is needed for entering a nightclub, and just the student status might be sufficient for getting a discount at university cafe. There are techniques which provide advanced features such as unlinkability: when a prover presents different attributes, the verifier will not learn whether they come from the same set. One of such schemes is IRMA: https://summerschool-croatia.cs.ru.nl/2015/IRMA.pdf. The task is to review IRMA and compare it to other major schemes, such as IBM's Idemix and Microsoft's U-Prove.
Suitable for MSc and BSc students
Assigned to Kristiina Konno
- Survey of Homomorphic Properties of Secret Sharing Schemes
A secret sharing scheme enables a secret input to be split among several recipients in such a way that a sufficient subset of them collectively can recover the secret, but any smaller subset will learn nothing. For example, an integer A could be split additively as A=a1+a2+a3. Often it is desirable to be able to compute on the secret inputs without reconstructing them. For example, given additive shares of X=x1+x2+x3 and Y=y1+y2+y3, it is easy to compute z1=x1+y1, z2=x2+y2, z3=x3+y3 to obtain shares of Z=X+Y. It is more difficult to obtain a sharing of the product W=X*Y from such additive shares. The task is to survey existing secret sharing schemes and their ability to support efficiently computing at least the sums and products of the secret inputs in shared form.
Suitable for MSc and BSc students
Assigned to Risto Pärnapuu
Supervised by Jan Willemson
- Explainable security
Neural networks have proven to be an efficient mechanism to solve a variety of problems from automated facial recognition to playing complex games. On the other hand, neural-network-made decisions are notorious for being hard to explain to a human. A similar effect can also be observed in safety and security domains. We follow many rules in our everyday lives without fully understanding their rationale. Being forced to obey rules that we do not understand can in turn cause confusion and even protest. Why can’t I take more than 100ml liquid containers on board of an aircraft? Why can’t I fly a drone wherever I want? Why does my password need to have as least three kinds of characters?
It has been recently hypothesised that it is easier to enforce regulations that are easier to explain. A big open question is whether a potential trade-off with the actual security level or system performance will be worth it.
The task of the student is to make a literature review of the recent papers on this topic and develop his/her own view on the matter.
http://www.cs.cornell.edu/bigreddata/publications/lucja_archives/sigmod2014-explainable.pdf
http://ceur-ws.org/Vol-2327/IUI19WS-ExSS2019-10.pdf
https://arxiv.org/pdf/1807.04178.pdf
https://link.springer.com/article/10.1007/s10676-010-9253-3
The topic is suitable for a MSc student, possibly coming from other backgrounds than pure IT (e.g. some social sciences interest/experience might be helpful, but not strictly necessary).
Slides