Erinevus lehekülje "ITX8062" redaktsioonide vahel

Allikas: Kursused
Mine navigeerimisribale Mine otsikasti
164. rida: 164. rida:
  
 
<b>
 
<b>
  - Note that there are limited exam slots available for each date, so register (via e-mail) as soon as possible.
+
  - Note that there are limited exam slots available for each date, so register (via e-mail to dr Ottis) as soon as possible.
 
  - Send in your paper at least one week before the exam date.
 
  - Send in your paper at least one week before the exam date.
 
  - Be present at the beginning of the exam.
 
  - Be present at the beginning of the exam.

Redaktsioon: 28. november 2013, kell 13:20

Information Systems Mass Attacks and Defence (fall 2013)

Weeks 1-8 of the Fall Semester

Tuesdays 17:45-21:00

Room ICT-A1 (new IT building at Akadeemia 15a, second floor)

Instructors

Rain Ottis, PhD, Associate Professor at TUT

Jaan Priisalu, Director General, Estonian Information System's Authority

Practice led by Tiit Hallas


Contact: rain dot ottis at ttu dot ee


Schedule

NB! Check the schedule for updates before each lesson.


Lesson 1

03.09.2013

Introduction (Priisalu, Hallas) [Slides]

Research paper topic assignment (Priisalu, Hallas)


Lesson 2

10.09.2013

Review of research paper requirements (Ottis) [Slides]

Lecture: cyber conflict and espionage (Ottis) [Slides]

Topics covered: Estonia 2007 and Georgia 2008 cyber conflicts, StuxNet, PRISM, discussion.

Practice (Hallas)

Topics covered: overview of exercises, introduction of tabletop exercises in the context of this course, explaining the need for processes based on the real life examples.


Lesson 3

17.09.2013

Lecture: cyber crime and terrorism (Ottis, Priisalu) [Slides]

Topics covered: criminal attacks, experiences from the banking sector, attack methods, motives, cooperation.

Practice (Hallas)

Topics covered: Creating teams, assigning team roles, introducing scenarios and injects, playing the first game.


Lesson 4

24.09.2013

Lecture: politically motivated attacks (Ottis) [Slides]

Topics covered: hactivism, private hacking for political reasons, state sponsored cyber attacks, cyber espionage, methods, motives, countermeasures.

Practice (Hallas)

Topics covered: Analysing the last game, playing by scenarios and with injects


Lesson 5

01.10.2013

Lecture: cyber security planning (Priisalu)

Topics covered: cyber security planning.

Practice (Hallas)

Topics covered: Explaining “the final game”, discussing self-written scenarios.


Lesson 6

08.10.2013

Lecture: incident handling and CIIP (Priisalu)

Topics covered: CIIP overall, CIIP in Estonia, crisis management, CERT perspective, law enforcement perspective, incident handling process in Estonia.


Lesson 7

15.10.2013

Practice (Hallas, Ottis, Priisalu)

Tabletop exercise


Lesson 8

22.09.2013

Course summary and feedback (Ottis, Priisalu, Hallas)

Grade assignment

30% - Performance at the tabletop exercises

30% - Written assignment (research paper, 2000-4000 words)

40% - Oral exam


Tabletop Exercise (practice component)

It's game time! In this part of the course we will learn about war games. We will discuss their importance and practical applications in the real world and see how those games are organized. We will not only talk about them, but we will try them out as well.

The goal of this is to analyse the importance of communication processes and to understand the need to test those processes using tabletop exercises. We will create different teams with different tasks that will fall into two main categories: Red teams and Blue teams.

To the blue teams we will show that you might not have the full understanding of the situation, not enough information and resources.

To the red teams we will show that even though you might have a perfect plan, things will not go as you would want them to go.

Agenda

Lesson 2

Introduction

Processes and testing

Examples of different exercises and games from real life

Lesson 3

Creating teams, assigning roles

Introducing scenarios and injects

Playing the first game to understand what we are doing

Lesson 4

Playing the first game with scenarios and injects

Analysing the game and reports

Lesson 5

Discussing self-written scenarios and injects

Explaining the "final game" and the methods

Lesson 7

Final game

Lesson 8

Feedback

General information

Red teams will get to do less during the class exercises. However - their performance during the last exercise will be watched and graded with more detail. It requires much more independent work from the team to prepare.

If you have questions, comments or ideas about the topic then you can contact me via e-mail hallas at ut dot ee.


EXAM

Exam times

- Note that there are limited exam slots available for each date, so register (via e-mail to dr Ottis) as soon as possible.
- Send in your paper at least one week before the exam date.
- Be present at the beginning of the exam.
- 18.12.2013 1800 at ICT411 (11 slots open)
- 07.01.2014 1800 at ICT411 (12 slots open)
- 09.01.2014 1800 at ICT411 (12 slots open)
- 20.01.2014 1800 at ICT411 (12 slots open)

Admin notes

- This is an oral exam.
- You are allowed to use your computer/notes during the preparation.
- At the beginning of the exam, each student will get two questions (may contain sub-questions). 
- At least one of the questions will be related to the individual paper topic or the paper itself.
- Students will have time to prepare their answers.