The MSc in Cybersecurity Programme is being offered by the School of Science & Technology of the University Center of International Programmes of Studies of the International Hellenic University.
The programme aims to provide education at postgraduate level in the field of cybersecurity as well as focus on technologies and practices needed to detect and prevent threats against information systems on the Internet. All modern organizations face security risks that threaten their valuable assets; this program aims to provide high quality training and formal education in cybercrime analysis while gain advanced knowledge to protect organizations against cyber security risks. It is also designed to deliver cutting-edge, up-to-date cybercrime investigation techniques, strategies and tactics that allow students to understand and tackle emerging trends in cybercrime.
This program enhances knowledge and develop practical skills in cybercrime while offers in-depth study, develop critical, analytical and technical skills involving the principles, practices and techniques of Cybercrime Investigation. The courses include lectures and laboratories exercises with the later technologies by leading academics from Greece and abroad, along with projects and dissertation work, which ensures that graduate students equipped with state-of-the-art scientific knowledge and modern practical skills, on their way to become highly competitive at international level. The main subject areas included in the taught modules:
Digital Forensics
Intrusion detection and Network Security
Security Audit & Compliance
This program is designed for University graduates of Informatics/Computer Science, Electrical Engineering but also of Natural Sciences, Economic and Business Departments, with a background in ICT and a strong motivation to pursue a career in Cyber Security. The courses of the programme are taught exclusively in English.
The academic staff comes from Universities in Greece and abroad. In addition, it is possible to attend the programme combining distance learning with traditional face-to-face teaching
Application deadline extension:30 September 2023 or until places are filled
Campus: Thermi, Thessaloniki
Duration/Mode: 18 months (full-time) or 30 months (part-time)/(available also in distance learning mode)/weekdays evenings
Taught language: English
Entry requirements: An undergraduate degree from an accredited University
Language requirements: English language knowledge documented with a relevant certificate, corresponding at least to the State Certificate of Language Learning Level B2 or other certificate proving good knowledge of English. Holders of an undergraduate or postgraduate degree at a Foreign University in English are exempt from this obligation.
Fees: 2,900€ (total)
How to apply: Programme announcement- 2nd Phase of Admission of Graduate Students (en+gr)
To be considered for the programme, candidates are required to have:
an undergraduate degree from a recognized University
English language knowledge documented with a relevant certificate, corresponding at least to the State Certificate of Language Learning Level B2 or other certificate proving good knowledge of English. Holders of an undergraduate or postgraduate degree at a Foreign University in English are exempt from this obligation.
Upon arrival at the IHU all students attend foundation courses in Java and SQL, that aims to bring all incoming students to the same level with respect to some of the programming knowledge that is required. During the first term, all students are required to follow five (5) mandatory core courses. During the second term, all students follow a further three (3) required courses combined with two (2) elective courses. Finally, during the third term, work is dedicated exclusively to the Master’s dissertation. The core courses
Aims: Computer forensics is emerging as an important tool in the fight against crime and malicious activity. The course provides knowledge and hands on experience of tools, technologies and scientific methods used, for conducting forensic analysis of electronic devices as well as managing the forensic analysis process.
This course will examine computer networks within the context of the Internet. We will study the fundamental principles, elements, and protocols of computer networks. We will investigate how the different protocols work, why they work that way, and their performance trade-offs. Using this knowledge, we will try to examine the way applications are deployed on the Internet and their performance trade-offs. In particular, we will try to examine some strategies that are commonly used to accelerate application level performance in the context of the operation of the Internet.
Learning Outcomes
On completing the course students will be able to:
Explain the operation of a range of computer networking applications such as email, web, and peer-to-peer file-sharing
Relate the architecture of the Internet to the underlying design principles
Illustrate the operation of common routing protocols, queuing mechanisms, and congestion control mechanisms
Develop elements of a network such as gateways and routers that conform to IETF standards with acceptable levels of simplification
Explain the performance of a given set of routing protocols, queuing mechanisms, and congestion control mechanisms on an example network.
Content
Introduction to Computer Networks
Sockets Programming
Protocol Stacks and Layering: Application Layer, Physical Layer, Link Layer Basics.
This course provides an introduction to the foundational aspects of cybersecurity and computer security. Most modern organisations face security and privacy risks that threaten their valuable assets. It is imperative to design secure and privacy-aware information systems that protect against these threats. This course provides a wide range of skills and knowledge of existing technologies, security and privacy principles to develop the professional skills and experience needed for information systems security.
Learning Outcomes
On completing the course students will be able to:
Develop the knowledge, understanding and skills to work as a computing security professional
Learn the concepts, principles, techniques and methodologies you need to design and assess complex networks, systems and applications
Develop the practical experience you need to plan, perform and direct security audits of information systems to the level required by standard security frameworks
Develop the appropriate legal and ethical skills you need to be a security professional.
Content
Information security –Security Policy
Identification -Authentication
Authorization –Access Control –Auditing -Accountability
Malicious Attacks-Malware
Hash Functions -Digital Signatures Public Key Infrastructure (PKI) -Digital Certificates
Information security management entails a multitude of legal and ethical issues. Whether for individuals or organisations, information is often sensitive and valuable, therefore information access and usage of such an asset should follow a set of rules and regulations that protect the privacy and safety of their owners. This course also discusses the impact of ICT on the substantive law of Europe and the United States, and analyses the socio-legal effects of regulatory structures on the development of the Internet community. It eventually aims to explain basic legal and ethical issues and principles, according to European and US law and regulations.
Learning Outcomes
On completing the course students will be able to:
Identify potential legal and ethical issues regarding privacy and security
Understand several issues concerning digital property and intellectual property rights
Gain essential skills in electronic contracts and patents for modern ICT infrastructure development
Content
Introduction to Computers, Cyberspace and Internet Technology: How they developed and what role they play in modern society
Digital Property – Regulating the Digital Environment
Cyberharms: Viruses, Denial of Service Attacks and Hacking; Terrorist Websites; Obscene and offensive content; Libellous materials and Spam
Privacy & Surveillance: Online Privacy, surveillance, commercial data gathering and Encryption; Data Protection and Data Security; Technologies to track and trace individuals offline
Intellectual Property Rights: Copyright in computer software; Patenting software applications; Trade Marks and Domain Names, internet keyword searches and trade marks
The New Intellectual Property: Peer-to-Peer Systems
Electronic Contracts; Digital Signatures. International Aspects: IPL and choice of law; Internet Regulation ICANN, WIPO and the registrars
Aims: The primary goal of incident response is to effectively remove a threat from the organization’s computing environment, while minimizing damages and restoring normal operations as quickly as possible. Common questions during an incident:
What exactly happened? What is the damage and how did the attackers get in?
Is the incident ongoing?
What information was stolen or accessed or modified?
What resources were affected by the incident?
What are the notification and disclosure responsibilities?
What steps should be performed to remediate the situation?
What actions can be taken to secure the organization from similar incidents?
Learning Outcomes
Develop the students’ knowledge of the issues related to cyber crime
Understand the particular challenges that cybercrime places on various domains of application
Develop the students’ knowledge of the issues related to incident response
Define and describe the main phases of incident response
Evaluate incident data and indicators of compromise (IOC) to determine the correct responses to an incident
Identify different kinds of attacks methods to counter their effects
Describe the different phases of incident response – preparation, identification, containment, eradication, recovery, follow-up
Explain the principles of evidence collection and the chain of custody
Cryptography has been an invaluable tool for information protection for centuries. Until the 1970s, cryptography was almost exclusively found in diplomatic, military and government applications. During the 1980s, the financial and telecommunications industries deployed hardware cryptographic devices. The first mass-market cryptographic application was the digital mobile phone system of the late 1980s. Today, everyone uses cryptography daily. This course introduces theoretical and practical modern cryptography and data protection principles in computer security. Threat and vulnerability assessment, encryption techniques (symmetric and asymmetric keys, public and secret key encryption, digital signatures etc.) are some of the topics that will be covered. Finally, more exotic (for the time being) but promising approaches, like chaotic and quantum cryptography, are introduced.
Aims
This course aims in providing solid knowledge in of cryptology, a domain where computer science, mathematics and electronic engineering are intersecting. Comprehensive knowledge on the theoretical foundations of the area (fundamental principles, elements, and protocols) is offered. Besides this and considering the extremely fast developments (old algorithms are broken and withdrawn and new algorithms and protocols emerge), the addition of new developments and advanced protocols provide with more fancy material. Topics that are relevant to cryptography practitioners today are introduced and explored by the most practical approach (step by step introduction to the basic concepts and judiciously chosen algorithms and protocols). Finally, the course prompts to further reading, for those who want to expand and deepen their knowledge.
Learning Outcomes
On completing the course students will be able to:
Understand the essential mathematics behind contemporary cryptographic schemes.
Implement basic cryptographic protocols (by hand as a proof of concept and utilizing the coding).
Understand and estimate the limits/performance of the cryptographic power of various protocols.
Understand the limits of breaking code approaches.
Come in touch with new, “out of the box” cryptographic approaches.
Have the background needed, to understand the upcoming methods and approaches in the area.
Content
Introduction to Cryptography and Data Security
Symmetric Cryptography
Stream Ciphers
The Data Encryption Standard (DES) and Alternatives
The Advanced Encryption Standard (AES)
About Block Ciphers
Asymmetric Cryptography
Introduction to Public-Key Cryptography
The RSA Cryptosystem
Public-Key Cryptosystems Based on the Discrete Logarithm Problem
Aims: This course provides a detailed examination both theoretical and hands on labs on Intrusion Detection systems. Intrusion detection is the process of monitoring the events occurring in a computer system or network and analyzing them for signs of possible incidents, which are violations or imminent threats of violation of computer security policies and acceptable use policies, or standard security practices. The main goal of Intrusion Detection System is to recognize potential incidents.
Content
IDS Presentation, SO installation
Planning Collection of Network data
Network Data Types
Network Detection – IOC – Signatures – Snort
Anomaly Based Detection – Bro
NOSQL DB – Elasticstack
Host Based Intrusion Detection
Honey Pots – Packet Analysis
The elective courses During the second term students tailor their programme further by choosing elective courses. The choice of elective courses must sum up to 12 ECTS (2 courses). Some of the elective courses may not be offered in a particular year, depending entirely on student demand.
The ever growing penetration of computers in everyday life has led to the need to develop a vast number of software programs, which in turn resulted to the emergence of a large number of programming languages, frameworks, SDKs, paradigms and techniques. Being able to write functional and maintainable code entails good knowledge of the most important programming concepts, methodologies and techniques. This is even more necessary now because of the extended fragmentation of the programming market. This course aims to teach students popular principles, techniques, tools and methods used to develop software efficiently. Requirement analysis, UML, Object-oriented analysis, design and programming, usage of Application Programming Interfaces (APIs), software maintenance, project and version management are some of the topics covered through theory and practice.
Learning Outcomes
On completing the course students will be able to:
Appreciate principles, concepts, and techniques used to develop software efficiently
Demonstrate how to effectively apply software engineering methods, tools and techniques
Plan, manage and collaborate on a Software Development group project
Obtain the knowledge and skills required for effective management of the software maintenance process
Have developed effective software engineering, management and communication skills
Content
Software development principles, techniques, methods and tools
This course examines basic concepts of Knowledge and Knowledge Management, placing emphasis on knowledge encountered in the Web. At first, it briefly deals with the notion of knowledge and its sources, the architecture and life cycle of knowledge management systems, how knowledge is captured, and how knowledge is formally represented using various formalisms. The core theme of the course covers extensively information and knowledge representation and interchange technologies in the Web, such as information representation using XML, information processing using XPath/XSLT, metadata representation using RDF, vocabulary descriptions using RDF Schema, and finally, knowledge representation in the web, using ontologies (OWL), and rules (SWRL, OWL2 RL, RIF). During the course various knowledge management web systems and tools are demonstrated and practised.
Learning Outcomes
On completing the course, students will be able to:
acquire essentials skills on Knowledge Management Systems
comprehend web Knowledge Management languages and technologies, including XML, XPath, XSLT, RDF, RDFS, OWL
use Knowledge Management systems through selected assignments.
Content
Basic concepts of Knowledge and Knowledge Management.
Knowledge modeling: Ontologies and Linked Data.
Representation languages (XML, RDF, RDF Schema, OWL, SPARQL).
Web services (SOAP, JSON, OWL-S).
Demonstration and practice of various web Knowledge Management systems (e.g., Protégé, Google Knowledge Graph).
The Consulting Project will require students to apply knowledge gained in classroom into practice. Students will tackle real-life problems and challenges facing companies or organisations in order to provide actual business solutions. Following a procedure of specifications/requirements, design and implementation, students will prepare and present their concrete and practical solutions in a final deliverable report.
Learning Outcomes
On completing the course, students will be able to:
Understand real-world problem faced by companies/firms and propose functional solutions.
Develop critical thinking and ability to integrate data and information towards the optimal solution.
Understand the structure, operational mode and challenges of real-world companies.
Content
Understanding and recording a company’s needs and challenges.
Project requirements.
Data analysis, implementation and company feedback.
Producing a deliverable.
Part-timers attend the following courses during the two (2) years of studies: 1stYearTerm 1: Computer Networks, Information Systems Security, Data Protection and Cryptography | Term 2: Computer Forensics, Intrusion Detection and Event Management2ndYearTerm 1: Cybercrime and Incident Response, Legal and Ethical Foundations of Privacy and Security | Term 2: Penetration Testing, Two (2) electives | Term 3: Dissertation
The Dissertation
During the third term, students work on their Masters Dissertation project, the thematic area of which is relevant to their programme of studies and their interests. The dissertation provides a good opportunity to apply theory and concepts learned in different courses to a real-world Cybersecurity problem or challenge. Students are supervised throughout their projects by a member of the academic faculty and the academic assistants. After submission of the dissertation, students present their projects to classmates and faculty at a special event.
The duration of the full-time study programme in order to obtain the MA degree is three (3) academic semesters. For students who so wish, there is also the possibility, upon request, of attending the programme on a part–time basis. In this case, the duration of the MA will be five (5) academic semesters. Lectures mainly take place on weekday evenings. The programme is also available through distance learning. Distance Learning teaching methods involve: (a) Face-to-face or classroom based learning: Students will be required to be physically present at the University for a weekend at the beginning of each semester (b) Synchronous learning: Student will have to attend remotely the classes which will be held regularly during each semester, weekday afternoons (about 2-4 times per week depending on the mode, always after 17:00) and possible Saturday morning (c) Asynchronous learning: Students will use online learning resources and will be assessed through a variety of diagnostic tools and formative assessment techniques (d) Summative assessment: Students will be typicallyrequired to be physically present at the University for the final exams at the end of each semester.
The programme fees for the MSc in Cybersecurity is 2900€. The amount is payable in two instalments for the full time mode or in four instalments for the part time mode at the beginning of each semester. The fees are also eligible for financing through LAEK 0,45% – OAED programme.
Deposits
If you have been accepted to a postgraduate programme, you will need to make a payment of the deposit of 500 Euros to secure your place. This amount will count towards the first instalment of your tuition fees. The deposit is non-refundable once you have commenced your studies at the IHU. Prior to that, a refund can be made but a 20% administrative fee will be retained. The deposit can be paid by bank transfer or bank draft. Credit card payments can be made through electronic banking (contact your Bank as handling fees may apply).
Scholarships
The School of Science & Technology offers a number of scholarships for the programmes it offers, covering a significant proportion of the fees. These scholarships are competitive. Award criteria include the quality of the first degree, the undergraduate grades of the candidate, his/her command of the English language and overall profile. Candidates for scholarships should include a separate letter with their application documents in which they request to be considered for a scholarship, stating the reasons why they think they qualify.
Next MSc in Cybersecurity class starts in October 2023. The application deadline for the MSc programme has been extended. Interested parties are invited to submit their applicationfrom July 1st, 2023 to September 30th, 2023 or until places are filled, by following instructions at the application page.
Throughout history, communications security, data protection and information assurance have always been issues of outmost importance to every company, organization and government. The internet revolution boosted the role of information (and its protection) to an unparalleled level of significance, as virtually every individual or organization is storing or transmitting increasing volumes of sensitive data electronically. Even though communications and security specialists were always sought after, the rapid evolution of relevant technologies and the penetration of their applications to every aspect of human life have increased the level of complexity of the required solutions. In the US alone, the Bureau of Labor Statistics projects 36.5% employment growth for this profession by 2022. What is also important, for a prospective security specialist to know, is that security specialists are working in close collaboration with the management of their organization, which gives their job a burden of responsibility but also provides great opportunities for longevity and promotion to the higher levels of the hierarchy. Today, the role of a company’s CIO (Chief Information Officer) has been recognized as a strategic position that creates an interface between the management and the ICT. Graduates from the MSc in Cybersecurity programme can play a pivotal role in the unremitting operation of virtually any company or organization, by safeguarding their most valuable asset, their information. Therefore, a multitude of employment opportunities are envisaged for graduates of this programme. Indicatively they include:
ICT companies
Government organisations and institutions
Multinational Corporations and Small and Medium Enterprises (SMEs)
e-business companies
Mobile network providers and broadband Internet providers
Sensor networks and telematics companies
Consulting and auditing companies
Research institutes
Education, training and certification
Defense industry
In addition to technical skills gained through study, our students benefit from the University’s excellent Careers Office, in order to attain essential soft skills (e.g. communication skills, interview preparation, CV writing etc.) to better prepare for the job market.
The MSc in Cybersecurity takes place in the facilities of the School of Science & Technology of the University Center of International Programmes of Studies of the International Hellenic University in Thermi-Thessaloniki.
Postal address: School of Science & Technology Department of School of Science & Technology University Center of International Programmes of Studies 14th km Thessaloniki – Nea Moudania 570 01 Thermi, Thessaloniki, Greece Tel: +30 2310 807 529 Email: : infotech@ihu.edu.gr
CompTIA Cybersecurity Certifications – Please contact Dr. Baltatzis for further information/details.
Certified Ethical Hacker (CEH) Certification – Please contact Dr. Baltatzis for further information/details.
Penetration Testing Labs – Please contact Dr. Baltatzis for further information/details.