Master of Science in Information Security - MIS
Short description
Information technology permeates all aspects of society and has become critical to industry, government, and individual well-being. Securing these vital services and structures and the availability of trustworthy information whenever and wherever it is required has become both an area of intensive research and also of burgeoning commercial activity. The study program is research based and focuses on most aspects in the area of information security. Course topics range from technical and practical (like System Security, Cryptology and Computational Forensics) to human and management aspects (for example Security Management Metrics and Security Risk Management). The study is setup such that all students will have a common broad basis within all important aspects of Information Security, while they specialize in the remainder of the studies. The study program has three different tracks such that students can specialize in a specific area within Information Security. The three tracks are Cyber and Information Security Technology , Information Security Management , and Digital Forensics . The first of these three tracks focuses on the technological aspects in general within Information Security, while the second focuses on the management aspects. The third track is a more specialized track to educate future digital forensic experts.
Duration
This is a two-year master program (120 ECTS credits). For the part time students, a 50% pensum over 4 years is recommended. The degree awarded upon completion is “Master of Science in Information Security”.
The program has three tracks: Cyber and Information Security Technology , Digital forensics , and Information Security Management . After the first semester, which is common to all the tracks (see the course structure below), the students have to choose which track they are going to pursue.
The program qualifies the students to proceed to Ph.D. studies.
Expected learning outcomes
Knowledge
- The candidate possesses advanced knowledge in the field of information security in general and the following particular topics: computer and network security, security management, incident response, security of critical information infrastructure and legal aspects of information security. The candidate possesses special insight and expertise in information security technology, digital forensics or security management, depending on the chosen program track.
- The candidate possesses thorough knowledge of academic theory and methods in the field of information security.
- The candidate is capable of applying knowledge in new areas within the field of information security.
- The candidate is familiar with current state-of-the-art in the field of information security.
- The candidate possesses thorough knowledge of scientific methodology, needed to plan and carry out research and development projects in the field of information security.
Skills
- The candidate is capable of analyzing existing theories, methods and interpretations of theories within the field of information security as well as solving theoretical and practical problems independently.
- The candidate is capable of using independently relevant methods in research and development in the field of information security. These methods include literature study, logical reasoning and performing scientific experiments together with interpreting their results.
- The candidate is capable of performing critical analysis of different information sources and applying the results of that analysis in academic reasoning and structuring and formulating scientific problems.
- The candidate is capable of completing an independent research and development project of moderate size under supervision (example: the master thesis), adhering to the current code of ethics in scientific research.
- The candidate is capable of carrying out a plan of a research project under supervision.
General competence
- The candidate is capable of analyzing academic, professional and research problems.
- The candidate is capable of using knowledge and skills to carry out advanced tasks and projects.
- The candidate is capable of imparting comprehensive independent work in the field of information security. The candidate also mastered the terminology in the field of information security.
- The candidate is capable of communicating academic issues, analysis and conclusions both with experts in the field of information security and with the general audience.
- The candidate is capable of contributing to innovation and innovation processes.
Internationalization
The students are allowed to travel abroad to do their master theses. The information security group has strong links to many of the leading international academic groups within the field, and the students are encouraged to contact their instructors in the course «Research project planning» to ask for relevant travel opportunities.
Target Group
There are three focus groups for this study program:
- Undergraduate students entering the program as a continuation of their bachelor degree without any prior work experience.
- Industry students (or students in the private/public sector in general) looking for a full-time or part-time master program, which is flexible and can be adapted to their employers' needs and their own individual needs.
- International students: exchange students (arriving for a single semester only) and full-time students.
Students can follow the program both on-campus and off-campus (distance students) and can take the program both as full time (2 years) or part time (4 years).
Admission Criteria
To qualify for admission, prospective students should have a bachelor degree in computer science, software engineering, information systems, information technology, computer engineering or similar. Their education must include at least 80 ECTS university level courses in computing where the following topics should be covered:
- Mathematics and statistics
- Programming
- Algorithms
- Databases
- Operating Systems
- Communication Technology / Distributed Systems
- Software Engineering
A grade point average (GPA) of at least C on the bachelor studies is required.
Professional and occupational prospects
Students who have completed the MIS program qualify for positions in the following areas:
- Secure systems engineering
- Security modelling and analysis
- Digital and computational forensic investigations
- Implementation and management of risk
- Information security management
- Secure operations of computer systems
- Development of secure communications
- Research and development
- Ph.D, e.g., in Information Security at NISlab
Course Structure
The MIS program will focus for the main part on Information Security related courses, with some courses building up necessary background knowledge. The majority of the courses will be 7.5 ECTS, hence there will be four courses per semester for the full-time students. The main properties of the program are:
- The MIS program has three tracks: Information Security Management (M), Digital Forensics (DF), and Cyber and Information Security Technology (T). The first semester is a mixture of courses within these three tracks. The reason for this is to give all students (independent of the track they choose) the needed minimal background information from the other two tracks. Also it will give the students a better understanding of the content of each of the tracks such that they can make an informed decision on which track to choose.
- The 2nd and 3rd semester are track specific, with some overlap between tracks. For example is the System Security course common between the T and DF track, but within this course there are, towards the end of the course, different foci, depending on the tracks that the students have selected.
- A possibility for specialization is the course Research Project Planning in the 3rd semester and the Master Thesis project in the 4th semester.
- The Master Thesis project needs to be related to the chosen track.
Study environment
The Department of Information Security and Communication Technology at NTNU in Gjøvik is located in a newly remodeled building with modern lecture halls and computer labs.The department offers excellent conditions for students, with modern lecture halls, study rooms, and computer labs. You will meet a highly international and multi-cultural environment.
Technical Prerequisites
We base our activities on the fact that each student has their own computer with access to a broadband Internet connection. Software that is needed is mostly freely available on the Internet. In some courses, commercial products such as MatLab, are required. Such software is provided via NTNU in Gjøvik.
As for the practical computer skills, it is expected that the students are capable of using any contemporary operating system (Microsoft Windows, GNU/Linux, MacOS, etc.) both with a graphical user interface and a command line interface.
Teaching activities
Students will experience a broad range of teaching and working methods to give them the best possible preparation for the job after their studies. These methods include:
- Regular class teaching (including distance teaching)
- Independent study
- Exercise sessions (including practical lab exercises)
- Individual and group project works
- Essay/Article writing
- Individual and group supervision
In addition to the classical study methods requiring presence by the students, the Master program in information security makes extensive use of flexible distance study methods. Every course contains the whole study material in digital form available online, via a special system available to the students once enrolled in the program. Audio recordings of the lectures are available online in most subjects contained in the program and the number of subjects that use video recording of the lectures is increasing very fast as technical possibilities make this form of presentations possible. Video streaming of the lectures is also used, whenever technical possibilities allow this.
Off-campus students
Off-campus students are required to attend at least one mandatory seminar on campus during the startup of a semester. Off-campus students also need to take the written exams on campus. The exam schedule is made available during the beginning of the semester to allow off-campus students to plan their visits to Gjøvik. Some courses also require or highly recommend the students to do mandatory work on campus, or that the students participate in excursions or seminars, more information is to be found in each course descriptions. Course material will be made available in a Learning Management System. Students are advised to meet at the first class of each course to receive relevant information on practical issues related to that course. In case in-person meeting is not possible, then students should check the Learning Management System or contact the course responsible for this information.
Table of subjects
Master of Science in Information Security - Cyber and Information Security Technology full-time track
| Coursecode | Course name | C/E *) | ECTS each. semester | |||
|---|---|---|---|---|---|---|
| S1(A) | S2(S) | S3(A) | S4(S) | |||
| IMT4113 | Introduction to Cyber and Information Security Technology | C | 7,5 | |||
| IMT4114 | Introduction Digital Forensics | C | 7,5 | |||
| IMT4115 | Introduction to Information Security Management | C | 7,5 | |||
| IMT4110 | Scientific Methodology and Communication | C | 7,5 | |||
| IMT4123 | System Security | C | 7,5 | |||
| IMT4124 | Cryptology | C | 7,5 | |||
| IMT4125 | Network Security | C | 7,5 | |||
| IMT4126 | Biometrics | C | 7,5 | |||
| IMT4203 | Critical Infrastructure Security | C | 7,5 | |||
| IMT4204 | Intrusion Detection in Physical and Virtual Networks | C | 7,5 | |||
| IMT4205 | Research Project Planning | C | 7,5 | |||
| Elective, 7.5 ECTS | E | 7,5 | ||||
| IMT4904 | Master's Thesis | C | 30 | |||
| Sum: | 30 | 30 | 30 | 30 | ||
Master of Science in Information Security - Information Security Management full-time track
| Coursecode | Course name | C/E *) | ECTS each. semester | |||
|---|---|---|---|---|---|---|
| S1(A) | S2(S) | S3(A) | S4(S) | |||
| IMT4110 | Scientific Methodology and Communication | C | 7,5 | |||
| IMT4113 | Introduction to Cyber and Information Security Technology | C | 7,5 | |||
| IMT4114 | Introduction Digital Forensics | C | 7,5 | |||
| IMT4115 | Introduction to Information Security Management | C | 7,5 | |||
| IMT4127 | Security Management Metrics | C | 7,5 | |||
| IMT4128 | Socio-technical Systems Enabled Crime | C | 7,5 | |||
| IMT4129 | Risk Management for Information Security | C | 7,5 | |||
| Elective, 7.5 ECTS | E | 7,5 | ||||
| IMT4206 | Theory and Practise of Legal, Privacy, and Organizational Requirements | C | 7,5 | |||
| IMT4207 | Security Privacy and Risk Management Case Study | C | 7,5 | |||
| IMT4205 | Research Project Planning | C | 7,5 | |||
| Elective, 7.5 ECTS | E | 7,5 | ||||
| IMT4904 | Master's Thesis | C | 30 | |||
| Sum: | 30 | 30 | 30 | 30 | ||
Master of Science in Information Security - Digital Forensics full-time track
| Coursecode | Course name | C/E *) | ECTS each. semester | |||
|---|---|---|---|---|---|---|
| S1(A) | S2(S) | S3(A) | S4(S) | |||
| IMT4110 | Scientific Methodology and Communication | C | 7,5 | |||
| IMT4115 | Introduction to Information Security Management | C | 7,5 | |||
| IMT4114 | Introduction Digital Forensics | C | 7,5 | |||
| IMT4113 | Introduction to Cyber and Information Security Technology | C | 7,5 | |||
| IMT4130 | Cybercrime Investigation | C | 7,5 | |||
| IMT4133 | Data Science for Security and Forensics | C | 7,5 | |||
| IMT4123 | System Security | C | 7,5 | |||
| IMT4125 | Network Security | C | 7,5 | |||
| IMT4204 | Intrusion Detection in Physical and Virtual Networks | C | 7,5 | |||
| IMT4210 | Computational Forensics | C | 7,5 | |||
| IMT4205 | Research Project Planning | C | 7,5 | |||
| Elective, 7.5 ECTS | E | 7,5 | ||||
| IMT4904 | Master's Thesis | C | 30 | |||
| Sum: | 30 | 30 | 30 | 30 | ||
Master of Science in Information Security - Cyber and Information Security Technology part-time track
| Coursecode | Course name | C/E *) | ECTS each. semester | |||||||
|---|---|---|---|---|---|---|---|---|---|---|
| S1(A) | S2(S) | S3(A) | S4(S) | S5(A) | S6(S) | S7(A) | S8(S) | |||
| IMT4113 | Introduction to Cyber and Information Security Technology | C | 7,5 | |||||||
| IMT4115 | Introduction to Information Security Management | C | 7,5 | |||||||
| IMT4124 | Cryptology | C | 7,5 | |||||||
| IMT4123 | System Security | C | 7,5 | |||||||
| IMT4114 | Introduction Digital Forensics | C | 7,5 | |||||||
| IMT4110 | Scientific Methodology and Communication | C | 7,5 | |||||||
| IMT4125 | Network Security | C | 7,5 | |||||||
| IMT4126 | Biometrics | C | 7,5 | |||||||
| IMT4203 | Critical Infrastructure Security | C | 7,5 | |||||||
| IMT4204 | Intrusion Detection in Physical and Virtual Networks | C | 7,5 | |||||||
| IMT4205 | Research Project Planning | C | 7,5 | |||||||
| Elective, 7.5 ECTS | E | 7,5 | ||||||||
| IMT4904 | Master's Thesis | C | 15 | 15 | ||||||
| Sum: | 15 | 15 | 15 | 15 | 22,5 | 7,5 | 15 | 15 | ||
Master of Science in Information Security - Information Security Management part-time track
| Coursecode | Course name | C/E *) | ECTS each. semester | |||||||
|---|---|---|---|---|---|---|---|---|---|---|
| S1(A) | S2(S) | S3(A) | S4(S) | S5(A) | S6(S) | S7(A) | S8(S) | |||
| IMT4113 | Introduction to Cyber and Information Security Technology | C | 7,5 | |||||||
| IMT4115 | Introduction to Information Security Management | C | 7,5 | |||||||
| IMT4127 | Security Management Metrics | C | 7,5 | |||||||
| IMT4129 | Risk Management for Information Security | C | 7,5 | |||||||
| IMT4114 | Introduction Digital Forensics | C | 7,5 | |||||||
| IMT4110 | Scientific Methodology and Communication | C | 7,5 | |||||||
| IMT4128 | Socio-technical Systems Enabled Crime | C | 7,5 | |||||||
| Elective, 7.5 ECTS | E | 7,5 | ||||||||
| IMT4207 | Security Privacy and Risk Management Case Study | C | 7,5 | |||||||
| IMT4206 | Theory and Practise of Legal, Privacy, and Organizational Requirements | C | 7,5 | |||||||
| IMT4205 | Research Project Planning | C | 7,5 | |||||||
| Elective, 7.5 ECTS | E | 7,5 | ||||||||
| IMT4904 | Master's Thesis | C | 15 | 15 | ||||||
| Sum: | 15 | 15 | 15 | 15 | 22,5 | 7,5 | 15 | 15 | ||
Master of Science in Information Security - Digital Forensics part-time track
| Coursecode | Course name | C/E *) | ECTS each. semester | |||||||
|---|---|---|---|---|---|---|---|---|---|---|
| S1(A) | S2(S) | S3(A) | S4(S) | S5(A) | S6(S) | S7(A) | S8(S) | |||
| IMT4113 | Introduction to Cyber and Information Security Technology | C | 7,5 | |||||||
| IMT4114 | Introduction Digital Forensics | C | 7,5 | |||||||
| IMT4130 | Cybercrime Investigation | C | 7,5 | |||||||
| IMT4123 | System Security | C | 7,5 | |||||||
| IMT4115 | Introduction to Information Security Management | C | 7,5 | |||||||
| IMT4110 | Scientific Methodology and Communication | C | 7,5 | |||||||
| IMT4133 | Data Science for Security and Forensics | C | 7,5 | |||||||
| IMT4125 | Network Security | C | 7,5 | |||||||
| IMT4210 | Computational Forensics | C | 7,5 | |||||||
| IMT4204 | Intrusion Detection in Physical and Virtual Networks | C | 7,5 | |||||||
| IMT4205 | Research Project Planning | C | 7,5 | |||||||
| Elective, 7.5 ECTS | E | 7,5 | ||||||||
| IMT4904 | Master's Thesis | C | 15 | 15 | ||||||
| Sum: | 15 | 15 | 15 | 15 | 22,5 | 7,5 | 15 | 15 | ||
Electives
| Coursecode | Course name | C/E *) | ECTS each. semester | ||
|---|---|---|---|---|---|
| S1(A) | S2(S) | ||||
| IMT4894 | Advanced Project Work | E | 7,5 | 7,5 | |
| IMT4116 | Reverse Engineering and Malware Analysis | E | 7,5 | ||
| Sum: | 0 | 0 | |||