Computers are central to all aspects of our daily lives; as industries ranging from communications to banking have come to rely on them, the need for improved computer security has never been greater. This course focusses on two aspects of Cyber Security: analysis and assessment of risk plus how to minimise it, and, how to extract and use digital information from a wide range of systems and devices. The course is structured so that all students cover the same introductory material, but then choose to specialise in either Cyber Security or Digital Forensics.
Students taking the course will gain an understanding of the nature of the security threats that face computer systems and the type of information that is stored on digital devices (and how it can be extracted from them). They will benefit from a broad and varied array of state-of-the-art technologies, including:
- EnCase, FTK and open-source forensic tools, and a dedicated forensics computer laboratory
- Specialist input from guest lecturers
- Over 20 university computing laboratories providing access to Unix, Novell and NT servers, all supported by high-bandwidth networks
- Specialist technicians to ensure you can get the most out of these technologies.
All students will take the core modules which are designed to give a comprehensive introduction to this specialist field. They will cover basic digital forensics and network security, and also cover computer system tools and the UNIX operating system. Dealing with digital evidence in a professional manner (that includes adhering to appropriate legal guidelines) is also covered. You will then follow either the Cyber Security or Digital Forensics pathway within the course (though each lead to the same named degree: the pathways are simply opportunities to specialise within the field). In addition, all students will take a Research Methods module and complete a project module.
The course offers the opportunity to examine a variety of tools available on the open market, and the use of forensic tools to retrieve data from electronic sources. It will also consider the analysis of professional and ethical issues relating to computer security and forensics, and the development of professional competencies, such as report writing and presenting evidence in court.
Teaching methods include lab-based sessions, student-led tutorials and lectures by internal staff and guest speakers from industry. Our courses are offered by friendly, highly experienced staff, and benefit from the diverse specialist knowledge and skills within the departments of the Faculty. Assessments will be carried out mostly through practical or research-based course work.
COMPUTER FORENSICS FUNDAMENTALS
This module gives you an introduction to some of the general concepts of computer forensics, as well as helping you to develop the skills that will be needed on other modules. You will cover in detail the layout of volumes on storage devices, and file systems within volumes, with particular emphasis on the FAT file system. You will learn to look at raw devices using low-level tools like hex editors, and consider how security considerations should affect software design and implementation.
COMPUTER SYSTEM TOOLS
This module commences by giving you a hands-on introduction to the UNIX operating system. You will look at a range of tools that might be used by a forensic examiner: this will include high-level tools like EnCase, FTK and Autopsy, although your main focus will be on low-level tools such as dd and the Sleuthkit tools, as these help to develop your understanding of what (and how) the higher level tools are actually doing. You will also learn to use basic system tools such as grep. In addition you will learn a scripting language so that you can develop your own forensic tools.
EVIDENCE AND PROCEDURE
You will examine the legal obligations of computer forensics, gaining an understanding of the relevant statutes and industry guidelines, and of proving the authenticity of evidence via a chain of custody from collecting evidence through to presenting findings in a professional manner. The module also aims to provide you with a broad understanding of the professional factors that influence the work of professional practitioners, particularly in the context of the 'Expert Witness'.
The module will cover the basics of how networks work, what the specific threats to networks are, and how they might be ameliorated.
POSTGRADUATE PROJECT MODULE
This module is the culmination of the course. It is an opportunity for you to put into practise many of the skills learned elsewhere on the course. It is a major piece of work on a topic chosen by you (normally, this topic will be chosen as part of the Research Methods module). You will undertake this work individually, and will be assigned a project supervisor to assist with and guide the development of the project.
This module is shared with other MSc courses run by the Department. Its main focus is on introducing you to research, and developing the skills you need to read and evaluate original research literature. This in turn leads into the Project, and a major outcome of the module should be a Project Proposal. In addition, the module addresses certain aspects of Personal Development Planning (PDP).
Course-specific entry requirements
You are usually expected to have a good degree (generally an upper second class honours) in a computing-related discipline from a UK university or overseas equivalent. If your first degree does not have a strong computing element then your work experience and other qualifications may also be taken in to account. You should submit a statement of purpose with your application in which you present your key interests and career aspirations and how you believe the course can help you to achieve these, as well as the relevant qualities and experience you will bring to the course. You may invited by the admissions tutor an informal interview. If your first language is not English you will need an IELTS score of at least 6.5 (or equivalent).
Depending on their chosen pathway graduates of the course are expected to find employment as information security/senior security officers and related cyber security roles or more technical roles investigating threats and safeguarding digital assets their life-cycle. Such roles will range from supporting industry, the public sector in general and the police and law enforcement agencies specifically, while some may focus more on researching new security threats and countermeasures. Additional also arrive for a supportive alumni community, including graduates with work experience who use their new skills and qualification to progress their career to more senior posts.
This school offers programs in:
Last updated June 23, 2016