The world’s online security depends on you. Step up to the plate with this fascinating Master’s course, taught by experts at one of the world’s leading cyber security hubs.
ABOUT YOU
You’ll be analytical, technical and a modern-day codebreaker. Cyber security is a challenge that will not go away, affecting companies, individuals and even governments. You could be:
A recent graduate – possibly a maths or engineering graduate with good programming skills, or you might be a good developer but have little knowledge of cyber security.
Already working in industry – experienced in technical software development, and looking to upskill and enhance your professional development.
An international student looking to study a UK master’s degree, to meet the global need for cyber security skills.
ABOUT THE COURSE
This course is certified by the National Cyber Security Centre (NCSC), the UK’s leading cyber security organisation. This certification provides a benchmark for the course by assuring the quality of both the content and its delivery.
This innovative programme is at the forefront of technical advances in cutting-edge cyber security topics such as cryptography, computer forensics, network security, secure software-development and penetration testing, as well as investigating the increasingly important legal and ethical issues in cyber security.
This is an applied course, which mixes theoretical skills with practical work in the lab to give you hands-on experience.
PLEASE NOTE:
Applications for this course received after 30th June 2024 may not be accepted. In addition, a deposit will be required to secure a place.
The demand for certified cyber security professionals is currently growing at over 12 times the rate of the overall job market.
Applied Cyber Security highlights
World Class Facilities
The syllabus, teaching materials and labs are informed by the world-class research being undertaken at the Centre for Secure Information Technologies (CSIT) at Queen's University Belfast. In addition to GCHQ/NCSC Master’s certification, CSIT itself is also certified as an Academic Centre of Excellence in Cyber Security Research by GCHQ/NCSC. https://www.qub.ac.uk/ecit/CSIT/
The course is taught in block-mode with modules normally running in four-week blocks. Teaching normally happens during the first three-weeks with an intensive mix of taught classes and practical lessons scheduled from 9 am – 5 pm on Thursdays and Fridays each week. The fourth week of each module’s block is usually reserved for assessment."
Course Details
The course, comprising seven taught modules and a research project, provides a broad foundation in cyber security.
The MSc in Applied Cyber Security is available in a full-time or a part-time option.
Full-time (1-year): Consists of seven taught modules (120 CATS points) and a 3-4 month practical project of a research nature (60 CATS). Students study seven taught modules (120 CATS). They will also commence an individual research project (60 CATS).
Part-time (2+ years): Part-time students are normally enrolled for two years. The first year will normally compromise four taught modules (60 CATS).
The individual Research Project focuses on applying taught skills to a leading-edge issue in cyber security research. A dissertation is required for the project. Following tutor approval, the project may be undertaken as a summer placement at a company.
Modules are regularly updated to reflect new developments in the dynamic field of cyber security. Modules offered may be subject to change.
Full-Time/Part-Time
The MSc in Applied Cyber Security is available in a full-time or a part-time option:
Full-time (1-year): Consists of six taught modules (120 CATS) and a 3-4 month practical project of a research nature/work placement (60 CATS).
Students study all taught modules (120 CATS points) up to the end of the Semester 2 exam period. They will also commence an individual research project (60 CATS points) and continue this through to month 12.
As an integral part of the ELE8095 Individual Research Project, students may undertake summer work placements/internships lasting 3-4 months with local, national and international employers, under the regular supervision of an academic staff member and a staff member of the host organisation.
Part-time (2+ years): Part-time students are normally enrolled for two years. The first year will normally compromise the following modules: Fundamentals of Cyber Security, Network Security & Monitoring and Software Assurance. The second year normally comprises Computer Forensics, Pen-testing, Applied Cryptography, Data Privacy and the Law and an individual research project. The part-time MSc consists of Seven taught modules (120 CATS) which are delivered alongside full-time students over a two-year period (normally), and a practical research project (60 CATS) which may be on a work-based research project following tutor approval.
Students normally take three taught modules (50 CATS points) during Year 1, and four taught modules (70 CATS points) during Year 2. During Year 2 students will undertake the individual research project (60 CATS points).
EEECS Email: askeps@qub.ac.uk or
pgt-admin-eeecs@qub.ac.uk
Learning and Teaching
The course mixes lectures with practical, hands-on learning sessions. You will learn in a sandbox environment where you can experiment and make mistakes, enabling you to put your new skills into practice in hands-on cyber challenges. You’ll meet our researchers and learn how they apply the cutting-edge research being developed here to cyber security technologies.
For full time students, in person attendance is required. For part-time and Post Graduate Certificate students in person attendance is strongly encouraged. For all students, attendance in person will normally be required for assessments and practical lessons.
-
-
Assessment
Assessments associated with the course are outlined below:
Research project dissertation
Assessment criteria are linked to the learning outcomes for each module. A range of assessment instruments are used including laboratory-based assignments, individual projects and practical exams.
What our academics say
Our MSc is informed by the world-class research being undertaken at the Centre for Secure Information Technologies (CSIT).
In 2015 Queen Elizabeth II awarded CSIT a Queen’s Anniversary Prize for Higher and Further Education for its work in strengthening global cyber security and protecting the online activity of billions of internet users around the world.
Belfast is rapidly developing a reputation as a global hub for cyber security, and we hope students will be inspired to thrive in this dynamic and exciting environment.
The information below is intended as an example only, featuring module details for the current year of study (2024/25). Modules are reviewed on an annual basis and may be subject to future changes – revised details will be published through Programme Specifications ahead of each academic year.
This course will present an in-depth exploration of AI/ML for cyber-security. The course will be research-led, incorporating recent work in Cyber-AI from CSIT. We assume students have a foundational knowledge of AI/ML from their UG studies.
We will first introduce malware detection as a case study to ground the discussion of topics throughout the module. We then proceed to advanced AI/ML topics, specific to the cyber domain, that are not covered by general machine learning courses, e.g. concept drift and explainable AI.
The second part of the course will focus on the security of AI/ML models. We will explore attack types and defences using malware detection model as a concrete example to guide discussions.
Cybersecurity Applications
• Malware Detection model (CNN opcodes / feature-based model)
• Cyber-security specific AI concepts – Implementation pitfalls, concept-drift, bias, explainability, dataset imbalance, model evaluation
Security of AI Models
• Introduction to AI Security – CIA, Threat Models, Attacker Knowledge, Attacker Objectives, Training VS Inference, Types of Attacks
• Attacks - Evasion, poisoning, backdoor-attacks, model inversion, model stealing, membership inference
• Defences - Adversarial Training, Out-of-Distribution Detection
Learning Outcomes
Successful students will be able to:
1. Understand and apply concepts and algorithms of machine learning to solve cybersecurity specific problems.
2. Implement, evaluate and compare machine learning algorithms on cyber security problems involving real datasets.
3. Understand and apply concepts related to the security of AI Models, including attacks and defence methods.
Skills
Ability to understand and apply machine learning techniques to problems in the cybersecurity domain. Ability to understand and identify security problems with machine learning models. Ability to understand and apply techniques for securing machine learning models in cybersecurity applications.
Software is ubiquitous and underpins much of our services and technologies that are essential for business, government, e-commerce and society. Traditional Software Development Lifecycle (SDLC) do not include key security initiatives. The lack of these security initiatives can lead to poorly designed and implemented software that can result in security vulnerabilities that go undiscovered and maliciously exploited. Effective cybersecurity requires a layered and a continuous approach to security. Software Assurance is a crucial part of achieving secure software through risk-based thinking by understanding the critical risks and thereby prioritising security controls/effort to deliver business outcomes.
Software Assurance introduces the concepts of terminology, methodologies, and approaches needed to minimise these vulnerabilities in various stages of the SDLC and improves the security, reliability, and integrity of the final software solution. The core body of knowledge focuses on important software assurance activities across the lifecycle and includes topics such as risk assessment/threat modelling, architectural design method with emphasis that this should evolve with the life-cycle informing design, secure coding principles and risk-based testing. Software Assurance explores the concept of weaving security initiatives in the Software Development Lifecycle to form the "Secure Software Development Lifecycle" (SSDLC) and includes the architectural design principles of Saltzer and Schroeder.
This module will provide a basic understanding of managing a secure development environment, together with secure programming principles, examination of common software errors (exploits) and testing.
Topics included are:
• Introduction to the threat landscape
• Software assurance initiatives and standards
• Secure software development lifecycle (SSDLC);
• Security analysis and threat modelling;
• Security issues risks and risk management;
• Secure architecture and design
• Secure architecture design principles
• Risk management
• Secure coding, principles and practice
• Security analysis and testing (Penetration Testing).
• Development and code analysis tools
Learning Outcomes
Upon successful completion of this module, a student will have achieved the following learning outcomes:
• Understand and analyse the cyber security threat landscape;
• Apply software assurance best practice;
• Manage and implement software assurance processes;
• Critically assess security requirements;
• Identify risks and vulnerabilities in software components;
• Implement secure coding standards;
• Software verification using pen-testing and code analysis tools.
Skills
Successful participation in this module will enable students to develop skills in the following areas:
• Good cyber security practice in the specification, design, implementation, evaluation and maintenance of security solutions.
• Ability to critically evaluate a given system design, and identify significant vulnerabilities, risks, and points at which specific cyber security methods and technologies should be employed.
• Effective use of tools for development and testing of cyber secure systems.
• Articulate and effectively communicate the design and technological rationale for a given cyber security component or design through appropriate technical reports and presentations.
This module seeks to develop a student’s skills in penetration testing, in line with recommendations in Cybok. Students will develop a methodical approach to evaluating the security profile of companies and applications by using best practices in Pen-testing and Ethical Hacking. The student will develop an understanding of test infrastructures for vulnerabilities and malicious attack and includes the following learning outcomes:
• Model penetration test engagement: Initial engagement, scoping, testing, reporting and follow up (Engagement Lifecycle).
• Severity rating for any issues found.
• Penetration test development.
• Plan of action
• Compliance or legislative requirements
• Specific reporting, understanding, explaining and managing risk.
Learning Outcomes
Upon successful completion of the module a student will be able to:
• Understand test infrastructures for vulnerabilities
• Understand malicious attacks and
• Be able to model penetration test engagement: Initial engagement, scoping, testing, reporting and follow up (Engagement Lifecycle).
• Be able to rate the severity of issues found.
• Be able to carry out penetration test development and create a plan of action
• Understand compliance or legislative requirements
The project will take the form of an extensive research investigation. A research problem will be investigated that is relevant to the topic of cyber security. This may include developing a piece of software, embedded hardware, or theoretical experiments that can be used to generate research results. The results from the investigation will be analysed and appropriate conclusions drawn.
Learning Outcomes
Learning Outcomes
On completion of this module, the successful student will have achieved the following learning outcomes, commensurate with module classification:
• Deep knowledge and understanding of a given research problem
• Critically evaluate a research problem
• Conduct a detailed analysis of the literature
• Act autonomously and creatively in planning and implementing tasks
• Develop complex supporting software, hardware or experimental setup
• Critically analyse results
• Communicate conclusions clearly
Skills
Successful participation in this module will enable students to develop skills in the following areas:
• Good cyber security practice in the specification, design, implementation, evaluation and maintenance of security solutions.
• Retrieve information independently, from a variety of sources and by a variety of techniques.
• Manage one’s own learning and development including time management and organisational skills.
• Ability to critically evaluate a given system design, and identify significant vulnerabilities, risks, and points at which specific cyber security methods and technologies should be employed.
• Effectively use of tools for development and testing of cyber secure systems.
• Articulate and effectively communicate the design and technological rationale for a given cyber security component or design through appropriate technical reports and presentations.
• Work independently to create novel solutions to technically challenging cyber-security problems in a research context.
The focus of this module will be on the interplay of data, privacy and the law. The module will focus on issues such as GDPR; the E-Privacy Directive
Learning Outcomes
At the end of the learning process each student should have acquired:
• an in-depth knowledge and understanding of the challenges that certain aspects of new technology present, and an appreciation of the legal challenges faced
• a critical awareness of the national and international regulatory and legal frameworks within which technology develops
• an ability to critically assess claims about the social importance and value of new technological advances
• an ability to conduct independent research, articulate coherent legal arguments and present these orally.
Skills
At the end of the module each student will be able to:
• Demonstrate knowledge and understanding of some new technological advances and the role of law in regulating them
• Engage in critical analysis and evaluation of the interaction between law, regulation and technology
• Develop theoretical understandings of both the implications of technology in terms of democratic values and the strategies for controlling technology
• Synthesise relevant and directed readings with independent research, and present findings both orally and in written format.
• Engage in independent study and research and to develop skills around self-directed learning and to exercise initiative in the learning process.
• Show an ability to construct coherent legal and policy arguments and present these orally and in writing
This module will introduce the basics of cryptography and how to achieve practical crypto implementations. This will include a study of classical cryptographic algorithms. It will also cover block ciphers, public key cryptographic algorithms, digital signatures, hash functions and Message Authentication Codes (MACs) in addition to key generation and management. The module will provide a basic understanding of possible practical and theoretical attacks that can be performed on encryption algorithms and their implementations to uncover the secret key. The design of secure and efficient implementations of cryptographic algorithms will also be addressed. Topics covered will include:
• Classical Cryptographic Algorithms
• Symmetric Key Algorithms: DES, AES, Modes of Operation
• Stream Ciphers: LFSRs
• Public Key Algorithms: RSA, El Gamal, Diffie-Hellman, ECC, Digital Signatures
• Hash Functions and MACs: SHA-1,2,3, MD4,5
• Key Management and Generation
• Vulnerabilities of Cryptographic Algorithms and Implementations: Linear Cryptanalysis, Differential Cryptanalysis, Side Channel Attacks
• Cryptographic Applications: PKI, SSL, TLS, Smartcard, payment systems, distributed cryptography
Learning Outcomes
On completion of this module, a student will have achieved the following learning outcomes, commensurate with module classification:
• Comprehensive understanding number theory employed in cryptography
• Analyse different cryptographic primitives used in security architectures
• Critically evaluate when and why it is suitable to use different cryptographic primitives
• Critical awareness of cryptanalytic techniques
• Practical techniques in side-channel cryptanalysis to break encryption algorithm implementations
• Critically reflect on how to implement secure and efficient cryptographic algorithms
Skills
Successful participation in this module will enable students to develop skills in the following areas:
• Good cyber security practice in the specification, design, implementation, evaluation and maintenance of security solutions.
• Retrieve information independently, from a variety of sources and by a variety of techniques.
• Manage one’s own learning and development including time management and organisational skills.
• Ability to critically evaluate a given system design, and identify significant vulnerabilities, risks, and points at which specific cyber security methods and technologies should be employed.
• Effectively use of tools for development and testing of cyber secure systems.
• Articulate and effectively communicate the design and technological rationale for a given cyber security component or design through appropriate technical reports and presentations.
• Network fundamentals, OSI model, TCP/IP, network protocols
• Network threats and vulnerabilities
• Anatomy of an attack from a network perspective
• Secure network principles, design and architectures
• Network security monitoring theory and practice
• Packet and flow analysis
• Access control, firewalls and DMZs
• Intrusion detection, prevention and response
• Tools for network monitoring and pen-testing
• Emerging topics in network security.
Learning Outcomes
• Comprehensive understanding of key problems in network security and
the threat landscape
• Critical awareness of how network traffic can be manipulated and the
network misused to enable attacks, the consequent risks, and an ability to
select mitigation measures
• Ability to devise, analyse and make judgements on the effectiveness of
prevention, monitoring and detection tools and methodologies
• Ability to design and assess a network architecture based on secure
design principles
• Practical skills to monitor and analyse networks using appropriate
software tools
Skills
Successful participation in this module will enable students to develop skills in the following areas:
• Good cyber security practice in the specification, design, implementation, evaluation and maintenance of security solutions.
• Retrieve information independently, from a variety of sources and by a variety of techniques.
• Manage one’s own learning and development including time management and organisational skills.
• Ability to critically evaluate a given system design, and identify significant vulnerabilities, risks, and points at which specific cyber security methods and technologies should be employed.
• Effectively use of tools for development and testing of cyber secure systems.
• Articulate and effectively communicate the design and technological rationale for a given cyber security component or design through appropriate technical reports and presentations.
This module targets both Law and EEECS students who are seeking to develop a base-level understanding of the main issues within the field of Cybersecurity and the building blocks of a defence system. The module will be used as a soft start introduction for any students going on to a more in-depth technical exploration of Cybersecurity, and to discuss foundational knowledge to law students on cybersecurity concepts. Topics covered will include: introduction to cyber security fundamental concepts, cyber risk management, threats and mitigations and the context of cyber security within society.
Learning Outcomes
Upon successful completion of this module, a student will have achieved the following learning outcomes:
o Increased understanding of the cyber security landscape
o Have an awareness of fundamental cyber security concepts
o Be able to identify cyber security risks and threats
o Critically reflect on the impact and context of cyber security in society
Skills
Cyber security awareness, communication skills, independent learning, time management.
Normally a 2.1 Honours degree or equivalent qualification acceptable to the University in Computer Science, Software Engineering, Electrical and/or Electronic Engineering, Mathematics with Computer Science, Physics with Computer Science or a related discipline. Applicants must normally have achieved 2:1 standard or above in relevant modules.
Applicants who hold a 2.2 Honours degree and a Master’s degree (or equivalent qualifications acceptable to the University) in one of the above disciplines will be considered on a case-by-case basis.
All applicants will be expected to have mathematical ability and significant programming experience as evidenced either through the content of their primary degree or through another appropriate formal qualification. It would be beneficial if applicants have experience programming in C and working in a Linux environment.
Applications may be considered from those who do not meet the above requirements but can provide evidence of significant recent relevant technical experience in industry, for example, in programming. Significant experience will be indicated by five or more years hands on technical experience in industry. Management type roles will not be considered as relevant experience.
The University's Recognition of Prior Learning Policy provides guidance on the assessment of experiential learning (RPEL). Please visit http://go.qub.ac.uk/RPLpolicy for more information.
Applicants are advised to apply as early as possible and ideally no later than 30th June 2024 for courses which commence in late September. In the event that any programme receives a high number of applications, the University reserves the right to close the application portal. Notifications to this effect will appear on the Direct Application Portal against the programme application page.
Please note: For International / EU Other / ROI / GB applicants a deposit will be required to secure a place on this course.
AICC funding: A limited number of fully funded places (provided by the Department for the Economy) are available for this programme for eligible applicants resident in Northern Ireland. Where there are more eligible applicants than places available the academic selectors will make offers in rank order based on academic merit and potential as evidenced in the totality of the information provided within each application. We will operate a waiting list as required to allow us to fill all available places. You will be notified as soon as possible after the deadline whether your application has been selected for a funded place. If you have not been selected for a funded place, we will accept self-funded or employer-funded applicants, if spaces are available. More details can be found at the link below. Application deadline for AICC funding is Friday 14th June at 12 noon. https://www.qub.ac.uk/about/Leadership-and-structure/Faculties-and-Schools/Engineering-and-Physical-Sciences/AICC/
International Students
Our country/region pages include information on entry requirements, tuition fees, scholarships, student profiles, upcoming events and contacts for your country/region. Use the dropdown list below for specific information for your country/region.
English Language Requirements
Evidence of an IELTS* score of 6.0, with not less than 5.5 in any component, or an equivalent qualification acceptable to the University is required (*taken within the last 2 years).
International students wishing to apply to Queen's University Belfast (and for whom English is not their first language), must be able to demonstrate their proficiency in English in order to benefit fully from their course of study or research. Non-EEA nationals must also satisfy UK Visas and Immigration (UKVI) immigration requirements for English language for visa purposes.
If you need to improve your English language skills before you enter this degree programme, INTO Queen's University Belfast offers a range of English language courses. These intensive and flexible courses are designed to improve your English ability for admission to this degree.
Academic English: an intensive English language and study skills course for successful university study at degree level
Pre-sessional English: a short intensive academic English course for students starting a degree programme at Queen's University Belfast and who need to improve their English.
In keeping with the aims of GCHQ/NCSC certified Master’s courses, this programme is intended to provide:
• a deeper understanding of cyber security concepts, principles, technologies and practices.
• a bridge between undergraduate degrees and careers in cyber security.
• a platform for further research at Doctoral level.
• an effective way for people in mid-career to enhance their knowledge of the subject or to move into cyber security as a change of career path.
Queen's postgraduates reap exceptional benefits. Unique initiatives, such as Degree Plus and Researcher Plus bolster our commitment to employability, while innovative leadership and executive programmes alongside sterling integration with business experts helps our students gain key leadership positions both nationally and internationally. http://www.qub.ac.uk/directorates/sgc/careers/
Graduate Plus/Future Ready Award for extra-curricular skills
In addition to your degree programme, at Queen's you can have the opportunity to gain wider life, academic and employability skills. For example, placements, voluntary work, clubs, societies, sports and lots more. So not only do you graduate with a degree recognised from a world leading university, you'll have practical national and international experience plus a wider exposure to life overall. We call this Graduate Plus/Future Ready Award. It's what makes studying at Queen's University Belfast special.
1EU citizens in the EU Settlement Scheme, with settled status, will be charged the NI or GB tuition fee based on where they are ordinarily resident. Students who are ROI nationals resident in GB will be charged the GB fee.
2 EU students who are ROI nationals resident in ROI are eligible for NI tuition fees.
3 EU Other students (excludes Republic of Ireland nationals living in GB, NI or ROI) are charged tuition fees in line with international fees.
All tuition fees quoted relate to a single year of study unless stated otherwise. Tuition fees will be subject to an annual inflationary increase, unless explicitly stated otherwise.
Students undertaking a 3 month summer placement or a one year professional internship are responsible for funding travel, accommodation and subsistence costs. These costs vary significantly depending on the location and duration of the placement. Students may receive payment from their placement provider.
Where students are undertaking a professional internship they are required to pay a placement charge to the University. When the placement charge for the academic year is published, it will be available on page 10 of the Tuition Fee Schedule at https://www.qub.ac.uk/Study/Feesandfinance/FileStore/Filetoupload,1527396,en.pdf.
All Students
Depending on the programme of study, there may be extra costs which are not covered by tuition fees, which students will need to consider when planning their studies.
Students can borrow books and access online learning resources from any Queen's library. If students wish to purchase recommended texts, rather than borrow them from the University Library, prices per text can range from £30 to £100. Students should also budget between £30 to £75 per year for photocopying, memory sticks and printing charges.
Students undertaking a period of work placement or study abroad, as either a compulsory or optional part of their programme, should be aware that they will have to fund additional travel and living costs.
If a programme includes a major project or dissertation, there may be costs associated with transport, accommodation and/or materials. The amount will depend on the project chosen. There may also be additional costs for printing and binding.
Students may wish to consider purchasing an electronic device; costs will vary depending on the specification of the model chosen.
There are also additional charges for graduation ceremonies, examination resits and library fines.
How do I fund my study?
The Department for the Economy will provide a tuition fee loan of up to £6,500 per NI / EU student for postgraduate study. Tuition fee loan information.
A postgraduate loans system in the UK offers government-backed student loans of up to £11,836 for taught and research Masters courses in all subject areas (excluding Initial Teacher Education/PGCE, where undergraduate student finance is available). Criteria, eligibility, repayment and application information are available on the UK government website.