The Master of Science specialization in cyber security is a graduate program within the Computer Science department, in which students are trained to work in this increasingly important field, which encompasses cryptographic methods, data and information security, fault-tolerant computing, network security, privacy and anonymity, software safety, and system security.  Students in the program will work closely with the BU Center for Reliable Information Systems and Cyber Security (RISCS).  Students have the opportunity to study cyber security from a broader perspective than CS security courses, which focus on issues related to safe software, languages and architectures.  In particular, students can engage in courses from other RISCS-affiliated programs at BU, including  Metropolitan College (MET), the ECE department in the College of Engineering, and the School of Management (SMG).  These courses focus on lower-level issues such as secure hardware design, and higher-level  issues such as  digital forensics and managing security. The combination of these aspects, drawing from multiple disciplines, provides a well-rounded degree.

Program Requirements

This MS specialization in cyber security has the same course requirements (8 graduate courses, 32 credits) and core breadth course requirements as the MS in Computer Science. In particular, master’s candidates are required to complete at least five courses from the list of designated breadth (core) courses shown in the department graduate bulletin. Among the grades received for the five core courses, the number of grades of B– must not be greater than the number of grades of B+ or higher. The three remaining non-core (elective) courses are determined in consultation with, and approved by, the student’s faculty advisor. No grade lower than B– may be used for graduate credit.

The breadth courses in the Masters curriculum are divided into four areas: Theory, Systems, Software, and Applications. At least one course must be taken in each subject area. Here is the current list of breadth courses:

  • Theory. Algorithms (CAS  CS 530), Complexity Theory (CAS  CS 535), Probability in Computing (CAS  CS 537).
  • Software. Object-Oriented Software Principles (CAS  CS 511), Formal Methods (CAS  CS 512), Programming Languages (CAS  CS 520), Compilers (CAS  CS 525).
  • Systems. Architecture (CAS  CS 550), Operating Systems (CAS  CS 552), Adv. Operating Systems (CAS  CS 553), Adv. Computer Networks (CAS  CS 556), Computer Networks (GRS  CS 655), Performance Analysis of Computer Systems (GRS CS 670).
  • Applications. Cryptography (CAS  CS 538), Machine Learning (CAS  CS 542), Adv. Cryptography (CAS  CS 548), Network Security (CAS  CS 558), Algorithmic Aspects of Computer Networks (CAS  CS 559), Adv. Databases (CAS  CS 562), Data Mining (CAS  CS 565), Adv. Computer Graphics (CAS  CS 580), Image and Video Computing (CAS  CS 585), Artificial Intelligence (GRS CS 640), Databases (GRS CS 660), Intro. to Comp. Graphics (GRS CS 680).

Students in the MS cyber security specialization are further required to take:

i. at least two courses from list A below of core CS security courses;

ii. at least three courses from list B below of CS security-related courses;

iii. up to tw o courses from list C of elective non-CAS/CS security-related graduate courses, taught in a RISCS affiliated program and approved by the faculty advisor; and

iv. a masters project or thesis in an area related to cyber security as approved by the faculty advisor. A master’s thesis requires two faculty readers.

List A consists of Cryptography (CAS CS 538), Adv. Cryptography (CAS CS 548) and Network Security (CAS CS 558).

List B consists of list-A courses plus Formal Methods (CAS CS 512), Operating Systems (CAS CS 552), and Data Mining (CAS CS 565).

List C is updated each semester and comprises courses from other RISCS affiliated programs:

  • MET CS 693: Digital Forensics and Investigations
  • MET CS 703: Network Forensics
  • MET CS 713: Advanced Digital Forensics (Malware Forensic Analysis)
  • MET CS 895: Developing Secure Systems
  • ENG EC500: Cybersecurity
  • ENG EC 727: Advanced Coding Theory
  • ENG EC 761: Information Theory and Coding
  • SMG IS 828: Managing Information Security

Note: A CS course can be used toward satisfying multiple requirements. For example, CAS CS 552 can be used to satisfy both the Systems breadth requirement and cyber security requirement (ii), or CAS CS 538 can be used to satisfy both the Applications breadth requirement and cyber security requirements (i) and (ii). A sample student program is provided below.

Language Requirement: The department does not have a foreign language requirement.

Sample Student Program

A sample program might consist of the following eight courses:

  • CAS CS 530 (Algorithms): satisfies the Theory breadth requirement.
  • CAS CS 511 (Software Engineering): satisfies the Software breadth requirement.
  • CAS CS 552 (Operating Systems): satisfies both the Systems breadth requirement, and cyber security requirement (ii) as a list-B course.
  • CAS CS 538 (Cryptography) and CAS CS 558 (Network Security): satisfy both the Applications breadth requirement, as well as cyber security requirements (i) and (ii) as they are designated on both lists A and B.

The above five courses meet the CS core breadth requirement of five breadth courses, with at least one course in each subject area (Theory, Software, Systems, and Applications). Cyber security requirements (i) of at least two courses from list A, as well as (ii) of at least three list-B courses, are also satisfied.

The three remaining courses can include two list-C (elective) courses, and one directed study course to complete the master’s project:

  • MET CS 693: Digital Forensics and Investigations
  • SMG IS 828: Managing Information Security
  • GRS CS 9xx: Directed Study in Cryptography or Security

Core Faculty for the Cyber Security Specialization

Professors Ran Canetti, Sharon Goldberg, Assaf Kfoury, and Leo Reyzin.