Cyber Security Hub

MSc thesis

MSc thesis on Cyber Security related topics defended at the University of Tartu:


  • Dissanayake. P.G., "A Comparison of Security Risk Analysis in the In-house IT Infrastructure and Cloud Infrastructure for the Payment Gateway System"
  • Mammadzada. K., "Blockchain Oracles"
  • Matsalu. M., "The Development of Digital Forensics Workforce Competency on the Example of Estonian Defence League"
  • Padur. K., "Information Security Risk Assessment in the Context of Outsourcing in a Financial Institution"
  • Puniani. R., "Conceptualization of a Blockchain Based Voting Ecosystem in Estonia"
  • Pure. I., "An Automated Methodology for Validating Web Related Cyber Threat Intelligence by Implementing a Honeyclient"
  • Produit. B.D., "Optimization of the ROCA (CVE-2017-15361) Attack"
  • Sarapuu. D., "Penetration Testing of Glia’s Web Application"
  • Seeba. M., "A Specification of Layer-Based Information Security Management System for the Issue Tracking System"
  • Simisker. M., "Security of Health Information Databases"
  • Tõnisson. R., "Tighter Post-quantum Secure Encryption Schemes Using Semi-classical Oracles"
  • Yerokhin. M., "Multi-level Policy-aware Privacy Analysis"

See more at the thesis database.


  • Abbasi A., GDPR Implementation in an Airline’s Contact Center
  • Akande A., Disruptive Power of Blockchain on the Insurance Industry
  • Avramenko V., Cost-Benefit Analysis of a Hybrid Terrorist Attack on a Power Plant

  • Affia A-A. O., Security Risk Management of E-commerce Systems
  • Çelebi I., 
Privacy Enhanced Secure Tropos:
 A Privacy Modeling Language for GDPR Compliance
  • Cherednychenko O., Designing Visually Effective and Intuitive Modelling Notations for Security Risk Management
  • Elazazy A. A. A. A., HoneyProxy Implementation in Cloud Environment with Docker Container HoneyFarm
  • Filipczak K. M., Testing the Security Awareness using Open-Source Tools: Spear Phishing
  • Islami L., Assessing Generational Differences in Susceptibility to Social Engineering Attacks. A Comparison Between Millennial and Baby Boomer Generations
  • Jüristo K., How to Conduct Email Phishing Experiments
  • Kaasik M., A Tool for Supporting Multi-perspective System Development Through Security Risk Management
  • Kopylash V., An Ethereum-Based Real Estate Application with Tampering-Resilient Document Storage
  • Luomala M., Evaluation of Efficiency of Cybersecurity
  • Mendelman K., Fingerprint Organization Using Metadata of Public Documents
  • Mitt S., Blockchain Application - Case Study on Hyperledger Fabric
  • Mohamed G. Z. A. R., Detecting Social Spamming on Facebook Platform
  • Nugis R., Forensic Data Properties of Digital Signature BDOC and ASiC-E Files on Classic Disk Drives
  • Orange A., Blockchain-based Provenance Solution for Handcrafted Jewellery
  • Oras A., Online Cyber Security Exercise to Evaluate and Improve Individual Technical Specialists’ Cyber Incident Reporting Skills
  • Rebane R.-M., Post-Quantum Secure Time-Stamping
  • Ristikivi A., Ensuring the Integrity of Electronic Health Records
  • Räni E., Prediction Model for tendencies in Cybercesurity
  • Sing E., A Meta-Model Driven Method for Establishing Business Process Compliance to GDPR
  • Shapaval R., Security Risk Management for the IoT systems
  • Soonberg M., The Employee-Based Information Security Risks on the Example of the Estonian Literary Museum
  • Sõgel K., Distributed Ledger Technology and External Mandatory Reporting in Banking Industry
  • Velázquez J. A. S., ''Securing openHAB Smart Home Through User Authentication and Authorization'
  • Värva I., Autonomy and Efficiency Trade-offs on an Ethereum-Based Real Estate Application
  • Zaitsev A., Comparison of STS and ArchiMate Risk and Security Overlay

See more at the thesis database.


  • AbuSeada W. M. F. A., Alternative Approach to Automate Detection of DOM-XSS Vulnerabilities
  • Bascuñana G. F., Method for Effective PDF Files Manipulation Detection
  • Brodar G., Analysis of Exploit-kit Incidents and Campaigns Through a Graph Database Framework
  • Djagilev V., Android Chat Application Forensic Process Improvement & XRY Support
  • Ellervee A., A Reference Model for Blockchain-Based Distributed Ledger Technology
  • Jõgi M., Establishing, Implementing and Auditing Linux Operating System Hardening Standard for Security Compliance
  • Kinger M., Enterprise Cloud Security Guidance and Strategies for Enterprises
  • Kuldmaa A., On Secure Bulletin Boards for E-Voting
  • Lahesoo P., The Electronic Evidence Examination Reporting System by the Example of West Prefecture
  • Lashkarara S., Managing Security Risks Using Attack-Defense Trees
  • Maennel K., Improving and Measuring Learning Effectiveness at Cyber Defence Exercises
  • Nafies A., A New Heuristic Based Phishing Detection Approach Utilizing Selenium Web-driver
  • Sivalingapandi D., Comparison and Alignment of Access Control Models
  • Oksvort R., A Prototype for Learning Privacy-Preserving Data Publishing
  • Pappas S., Investigation of JTAG and ISP Techniques for Forensic Procedures
  • Proskurin A., Adapting a Stress Testing Framework to a Multi-module Security-oriented Spring Application
  • Treier D., Research and Proof of Concept of Selected ISKE Highest Level Integrity Requirements
  • Tschida C., The Way to the Specialist and Management Level of Cyber Hygiene Initiative
  • Tsintsabadze L., A Prototype to Analyze Role- and Attribute-Based Access Control Models
  • Vallaots A., Federation of Cyber Ranges
  • Vunk M., A Framework for Assessing Organisational IT Governance Risk and Compliance

See more at the thesis database.


  • Allyson I. H., Designing Digital Forensics Challenges for Multinational Cyber Defense Exercises
  • Duran S. A. U., Organizational Interaction Mechanisms Affecting Strategic Decision-Making During Cybercrime Investigations
  • Herrera V. L. C., A Comprehensive Instrument for Identifying Critical Information Infrastructure Services
  • Martínez F. C. A., Tabletop Exercise For Cybersecurity Educational Training; Theoretical Grounding and Development
  • Pantoja V. C. A., Analysis of the Cyber Attacks against ADS-B Perspective of Aviation Experts
  • Pinto R. Y. A., Development of National Cyber Security Strategies (NCSSs), and an Application of Perspective to the Colombian Case
  • Rozario V. I. D. J., Model-based Role Based Access Control for RESTful Spring applications
  • Samarütel S., Revision of Security Risk-oriented Patterns for Distributed Systems
  • Sarmiento B. S. A., Detection Solution Analysis for Simplistic Spoofing Attacks in Commercial Mini and Micro UAVs
  • Sergeev A., Role Based Access Control as SecureUML Model in Web Applications Development with Spring Security
  • Siim J., Secure and Efficient Mix-Nets
  • Siim S., A Comprehensive Protocol Suite for Secure Two-Party Computation
  • Sokk V., An Improved Type System for a Privacy-aware Programming Language and its Practical Applications
  • Suarez M. D. D., Assessment of Web-based Information Security Awareness Courses
  • Velasquez H. L. A., Colombia and the Intelligence Cycle in the 21st Century, the Digital Age

See more at the thesis database.


  • Guler S., Secure Bitcoin Wallet
  • Kiiver J., NFC Security Solution for Web Applications
  • Kolk K., An Empirical Comparison of Approaches for Security Requirements Elicitation
  • Rao S. P. Analysis and Mitigation of Recent Attacks on Mobile Communication Backend
  • Rrenja A., Pattern Based Security Requirements Derivation with Security Risk-aware Secure Tropos
  • Tursunova S., Comparing Security Risk-oriented Modelling Languages to Manage Social Engineering Risks
  • Vaht M., The Analysis and Design of a Privacy-Preserving Survey System

See more at the thesis database.


  • AbuLamddi M., Safety and Security Dependability Analysis
  • Helbig C., An Experience Report of Eliciting Security Requirements from Business Processes
  • Khilji W. A., Evaluation Framework for Software Security Requirements Engineering Tools
  • Kurt S., Interplay of Misuse Case and Fault Tree Analysis for Security and Safety Analysis
  • Okugbeni J., Security Implementation of Mission Control System for ESTCube-1 Satellite
  • Pikma T., Auditing of Secure Multiparty Computations
  • Preobrazenskaja A., Development of Security Risk Measurement Model within Misuse Cases and BPMN
  • Teder T. Extracting Bole-based Access Control Models from Business Process Event Logs
  • Tovstukha I., Management of Security Risks in the Enterprise Architecture using ArchiMate and Mal-activities
  • Turban T., A Secure Multi-Party Computation Protocol Suite Inspired by Shamir’s Secret Sharing Scheme


  • Altuhhova O., Developing System Security through Business Process Modelling
  • Onchukova A., Transformation rules between MUC and MAD
  • Pankova A., Insecurity of Transformation-Based Privacy-Preserving Linear Programming
  • Pullonen P., Actively Secure Two-Party Computation: Efficient Beaver Triple Generation
  • Rebane R., A Feasibility Analysis of Secure Multiparty Computation Deployments
  • Tark K., Role Based Access Model in XML based Documents


  • Cakabey O., Role-based Access Control Using Knowledge Acquisition in Automated Specification
  • Khan N. H., A Pattern-based Development of Secure Business Processes
  • Lakk H., Model-driven Role-based Access Control for Databases
  • Soomro I. U., Alignment of Misuse Cases to ISSRM
  • Turan Y., Extension and Application of Event-driven Process Chain for Information System Security Risk Management


  • Chowdhury M. J. M., Modeling Security Risks at the System Design Stage: Alignment of Mal Activity Diagrams and SecureUML to the ISSRM Domain Model
  • Seeba I., Adding a transformation language to the Cryptoanalyser
  • Talviste R., Deploying secure multiparty computation for joint data analysis - a case study

See more at the thesis database.