Infosec Graduate Program

Page Content

Current Interdisciplinary Students

CyberCorps

Scholarship for Service

More info….

Getting Your Degree

There are currently 4 different approaches to graduate study in InfoSec here:

  1. The interdisciplinary graduate specialization, both Masters’ and Ph. D
  2. A standard MS in one of the involved departments, with a focus on infosec topics
  3. A PhD course of study in one of the involved departments, with a dissertation topic in infosec
  4. CNIT AOS in Cyber Forensics
image

Interdisciplinary Masters’ Program in Information Security

We are currently offering an interdisciplinary Master’s major in InfoSec. While admission to the program is handled administratively by the Graduate Committee of the Program, based at CERIAS, the graduation is handled by a participating department of your choice.* The program is multidisciplinary and requires (and recommends) courses in Computer Sciences as well as other fields. The major designation on your transcript will read “Information Security,” independently of what department handles the graduation but it does not appear on the diploma.

  • Currently, the Departments of Philosophy and Communication, the Linguistics Program and the College of Technology graduate students from our program. The graduating programs have coordinated their plans of study such that InfoSec students can meet the degree requirements of the Interdisciplinary Program along with those of the graduating department. Note that these requirements differ somewhat from one graduating department to another in terms of restricting the available choices. You should review these requirements but you do not have to declare your choice of a graduating department at application time.

Admission to the Interdisciplinary Masters’ Program

Please select “Interdisciplinary Program in Information Security” as your graduate program. Your default contact professor in the next field of the application can be either Eugene H. Spafford or Victor Raskin, Executive Director and Associate Director, respectively, of both CERIAS and of the Program. Feel free to mention in that field any other professor in information security that you would like to work with if you have established such a contact already.

Supporting documents must include:

  • Transcripts
  • GRE Test (Purdue grad school code is 1631, no department code necessary)
  • TOEFL Test - for degree-seeking whose native language is not English
  • Recommendation letters
  • Statement of Purpose - MUST include text addressing why you are applying to the interdisciplinary program instead of one of the departmental programs, e.g., CS or CNIT.
  • Writing sample - typically an A-graded paper from a course

You will eventually be contacted by the graduate school about your admission status. In the meantime, feel free to contact Professor Raskin, Faculty Advisor for the Program, at vraskin@purdue.edu or Marlene Walls, Graduate Registration Advisor and Plan of Study Co-ordinator for the Program, at walls@cerias.purdue.edu, with any questions concerning the admission process not covered on the website.

Interdisciplinary Ph. D. Program in Information Security

The new Ph. D. Program is an extension of the existing Interdisciplinary Masters’ Program in Information Security. It was both the needs and interests of the graduates and the United States Government’s (USG) new incentives for preparing Ph.D.-level researchers in the field that have made this development timely and necessary.

Before the inauguration of this Interdisciplinary Infosec PhD Program, Masters’ graduates at Purdue University interested in purely computational and/or technological research in information security were referred to the Doctor of Philosophy programs in the Department of Computer Science, School of Electrical and Computer Engineering, and College of Technology, and this practice continues. The new Interdisciplinary major prepares students who are interested in enriching their technical and scientific background in information security and combining it with preparation in a number of other disciplines. Each participating department or program has the option of specifying its own requirements by shaping and/or narrowing down the general requirements and options available to the Program’s students.

The Interdisciplinary Ph.D. Program is currently sponsored by the Departments of Communication and Philosophy, the College of Technology, and the Program in Linguistics, each of which has established a major in Information Security at the Masters’ level and has now extended it to the Ph.D. level. Other graduate programs are considering sponsorship at this time.

The Interdisciplinary Information Security Masters and Ph.D. majors are the first programs in this field in the State of Indiana and the region, and are the first truly multidisciplinary residential programs in the nation.

Admission to the Interdisciplinary Ph. D. Program

Admissions are vetted by the Program’s Admissions Committee appointed by the Executive Director from among the participating faculty. The Graduate Record Examination (GRE) is required unless the applicant has obtained a masters degree from a U.S. university in which case it is waived. Recognizing that interest as well as practical experience in information security may emerge from a wide variety of undergraduate and graduate backgrounds, the program has a reasonably flexible policy concerning preparation required for admission. Namely, it is desirable but not mandatory for candidates to have completed the equivalent of an undergraduate major in one of the areas represented by participating departments. A strong computational background is helpful.

Please select “Interdisciplinary Program in Information Security” as your graduate program. Your default contact professor in the next field of the application can be either Eugene H. Spafford or Victor Raskin, Executive Director and Associate Director, respectively, of both CERIAS and of the Program. Feel free to mention in that field any other professor in information security that you would like to work with if you have established such a contact already.

Supporting documents must include:

  • Transcripts
  • GRE Test (Purdue grad school code is 1631, no dept code necessary)
  • TOEFL Test - for degree-seeking whose native language is not English
  • Recommendation letters
  • Statement of Purpose - MUST include text addressing why you are applying to the interdisciplinary program instead of one of the departmental programs, e.g., CS or CNIT.
  • Writing sample - typically an A-graded paper from a course

You will eventually be contacted by the graduate school about your admission status. There are no TAs associated with the Interdisciplinary program, and very limited fellowship opportunities.

In the meantime, feel free to contact Professor Raskin, Faculty Advisor for the Program, at vraskin@purdue.edu or Marlene Walls, Graduate Registration Advisor and Plan of Study Co-ordinator for the Program, at walls@cerias.purdue.edu, with any questions concerning the admission process not covered on the website.

You need to take the general GRE test, if you have not done it recently for your Masters’ application or if you are unsatisfied with the previous results.

Standard Grad Programs

Students can also receive graduate degrees in existing programs with a specialization in infosec areas. To do this, the students enroll in a traditional major, take a core of common courses, and then are able to take electives related to their interests. Masters students may choose to research and write a Master’s thesis that involves further study in a particular area of interest, or they may simply take 30 or more credit hours of coursework. PhD students must choose a specialized topic for their dissertation research. The most common major for students interested in information security is Computer Sciences, but degrees are also associated with Electrical & Computer Engineering, Management, Philosophy, Political Science, and many other departments associated with CERIAS.

Note that specific requirements for individual department degrees are given on departmental WWW pages. What follows is a summary of the requirements for a CS graduate degree, serving as an example of what is expected. You need to consult one of the definitive references to get the whole picture. (CS graduate degree requirements are available on the WWW; information on other graduate programs can be found by starting at the grad school www page.)

MS in CS Program

MS students are required to take a course in operating systems or networks (CS 50300 or CS 53600), one in programming language design or compilers (CS 56500 or CS 50200), and algorithm analysis (CS 58000), plus another 7 courses of electives, or 5 courses and the thesis option. Normally, for infosec study, MS (and PhD) students would take CS 50200 and CS 50300, plus the courses in computer security (CS 52600) and cryptography (CS 55500) as electives, and consider taking the advanced security (CS 62600) and cryptanalysis courses (CS 65500), too.

There are many electives available to graduate students, including graphics, databases, numerical methods and distributed systems. Each year, several faculty also offer special topic courses in their areas of interest. Opportunities for directed reading or research courses are also available. In the last few years, we will have had seminars in Intrusion Detection and Incident Response, Penetration Analysis, Firewalls, Electronic Commerce, Network Security, and Security Tools. Additionally, we have had seminar courses in Wireless Networks, Advanced Operating Systems, and Internetworking.

PhD in CS Program

Normally, a PhD program starts with 2 years of graduate study and passing a series of general exams in the area of study (the “qualifier exams”). The candidate then decides on an area of study, chooses an advisor, and takes an in-depth exam in the area of specialization (the “preliminary exam”). Next, the candidate performs in-depth research under the guidance of the advisor for a period of time ranging from 6 months to as many as 5 years. Finally, the candidate writes a detailed scientific account of his or her research (the dissertation) and defends it in a public exam before a committee of faculty, visitors, and members of the community. The average time to complete a PhD in CS at Purdue (assuming the student already has a good undergraduate background in CS) is 5 years.

Required courses for PhD students in CS include courses in operating systems, algorithm analysis, compilers and programming languages, numerical analysis, and theory of computation; this is a superset of the courses required for the MS degree, and almost all PhD candidates obtain their MS degree during their candidacy for the PhD.

MS & PhD Research

Currently, there is a large range of projects being conducted in information security at Purdue. We have almost 40 projects involving over 30 faculty in a dozen different academic departments. You can get a more complete picture of the faculty and research projects via the CERIAS WWW pages. These projects are normally open to graduate students and can be used to satisfy research requirements towards MS and PhD thesis work. Not all infosec projects are offered through CERIAS, either, and there is no requirement that students work on a CERIAS project to get an infosec-related degree.

Special Notes for CS

Students coming in to the graduate program are expected to be ready to pursue the degree upon arrival. There are limits as to how many semesters may be spent in residence before completing each of the steps towards the degree. In particular, students are expected to:

  • have strong, basic skills in mathematics, including working knowledge of statistics, calculus and linear algebra
  • know how to write programs in some advanced computer language (C/C++/Java are languages of choice; Perl is also encouraged)
  • have mastery of spoken English sufficient to understand lectures and presentations, and to discuss assignments with faculty and TAs
  • have mastery of written English sufficient to document programs and write grammatically correct research papers. This is especially critical for MS and PhD students who need to write a thesis and research papers.

Students without adequate preparation, or who fall behind in assignments, may be tempted to take “shortcuts” on assignments to keep up. Cheating, plagiarism, and falsifying work are severe violations of both the student code of conduct and academic honesty, and discovered incidents are dealt with particularly harshly by faculty in the infosec arena. Graduate students in violation of these rules are routinely recommended to the dean of students for expulsion from the university; foreign students in this situation will lose their visas. Thus, it is strongly recommended that applicants be sure they have mastery of these basic skills prior to applying to graduate school at Purdue.

Admission

For admission to the standard departmental programs, see the appropriate departments’ websites.

Financial Aid

Financial aid for graduate students is based on both scholarship and need. Some fellowships are available to exceptional incoming students. Others are supported by the departments or by research projects. It is unusual that a new student will get support from a faculty member’s research funding; indeed, most faculty do not support students prior to their completing some of the qualifying exams. Some incoming students do, however, qualify for selection as teaching assistants. Other information about financial aid is in the graduate student information documents.

For financial aid, contact the admitting department and not individual faculty members.

Note about CERIAS

CERIAS is a research center, and not an academic department, and therefore does not offer degrees. However, the programs described above allow you to get your degree and to be associated with CERIAS.

Disclaimer

The above is not an official document of Purdue University, but Professors Spafford’s and Raskin’s interpretation of Purdue policy. Interested parties should consult official University documents, available through the graduate school.