Master Specialisation in Cyber security Lejla Batina Digital
Master Specialisation in Cyber security Lejla Batina Digital Security Group Institute for Computing and Information Sciences (ICIS)
Why study computer security/cyber security? • Interesting and hot topic, with excellent job opportunities • Real impact in everyday life & society • Opportunities for multidisciplinary research And why study it here in Nijmegen? • Leading research group in computer security in the Netherlands (and broader) • Broad range of research, from theoretical to practical
Organisation & Practicalities • The Master is taught together with TU Eindhoven Previously also with UTwente, as • Courses in Nijmegen and Eindhoven You have to at least take 3 mandatory courses in Eindhoven • To reduce travel hassle - Courses scheduled on the same day and not in the first 2 hours - Most of the lectures are recorded • Practically, your traveling over 2 years: 1 quarter going to Eindhoven twice a week (for 2 mandatory courses, both on same day); the 3 rd mandatory course is tele-lectures (and recorded).
Topics that you study • Security protocols • Cryptography • Software security • Network security • Organisational aspects of computer security • Privacy • Hardware security – esp. smartcards and RFID • Legal aspects of computer security
Programme • • • 6 mandatory courses (30 EC) Seminar: Privacy Seminar at RU (or IST Seminar at TUE) Electives - choice from 6 optional security courses Free choice Computer Science & Society (3 EC) plus • Research internship (15 EC) • Master thesis (30 EC)
Specialisation-specific courses Mandatory Optional At RU • Software Security • Security in Organisations • Advanced Network Security • Privacy Seminar • Law in Cyberspace • Hardware Security • Cryptographic Engineering At TUE • Cryptography • Principles of Data Protection • Verification of Security Protocols • Physical Aspects of Computer Security • Applied Cryptography • Hacker’s Hut
Some of the researchers Lejla Batina side-channel analysis lightweight crypto Bart Jacobs identity management quantum logics Erik Poll software security smartcards payment systems Joeri de Ruiter security protocols protocol analysis Jaap Henk Hoepman privacy Internet of Things identity management Peter Schwabe high-speed crypto post-quantum crypto Mireille Hildebrandt legal aspects of security, privacy and profiling
Industry connections Joan Daemen symmetric cryptography Eric Verheul e-id solutions organizational aspects of security Also works at ST Microelectronics Also works at keycontrols
Master thesis project outside the university?
Possible options (also abroad) • general consultancy companies • security evaluation labs and other companies specialising in IT security • any IT company - hardware manufacturers - software companies - network providers • any organisation that relies on ICT - banks - branches of government - NCSC, Police Team High Tech Crime, . . . - critical infrastructures: electricity, water, railways, . . .
Side-channel analysis & cryptographic engineering • Side-channel analysis and countermeasures, engineering resilient implementations • post-quantum cryptography • Rauf Mahmudlu: LDA-Based Clustering as a Side-Channel Distinguisher. Presented at RFIDSec 2016, Hong Kong • Joost Rijneveld Implementing SPHINCS with restricted memory. Presented at PKC 2015, Taiwan
Identity management • Hans Harmannij, Polymorphic Pseudonymization in Educational Identity Federations • Did his MSc thesis at SURFNet • Won the € 2000 Joop Bautz award for best MSc thesis in Information Security
Security testing of protocols and software • Patrick Verleg, Inferring SSH state machines using protocol state fuzzing Joined Deloitte • Arturo Cedillo Torres & Brinio Hond. Fuzzing the GSM protocol Presented at Essos 2014. They both joined KPMG
Applied security analysis • Tim Cooijmans. Cryptographic Key Storage and TEE on Android At SNS bank. • Safet Acifovic, Security analysis of Payleven mobile point-of-sale platform At university. Joined Ernst & Young • Kevin Valk, Comprehensive security analysis of a toys-to-life game Completed his thesis project at a company in the US
Thesis topics: legal aspects & privacy • Jorrit de Boer. An Analysis of the security & privacy qualities of a proposal for the Dutch e. ID scheme.
More info? TRU/e Master: info at http: //true-security. nl Peter Schwabe is the contact person for the Master specialisation in security Pre-master programme? If you have done HBO or other bachelor than computer science: contact study advisors Perry Groot
- Slides: 16