Infosec Graduate Program

[topcap]

Request More Info

Apply Now

Infosec Course Listing

A comprehensive listing of infosec-related courses offered at Purdue. more info »

Scholarships For Service

The National Science Foundation has awarded Purdue ten fellowships in their Scholarships For Service for each year of the program beginning in 2001. If you are interested in pursuing an advanced degree in information security and meet the requirements then contact us as soon as possible.

[bottomcap]

Getting Your Degree

There are currently 4 different approaches to graduate study in InfoSec here:

  1. The interdisciplinary graduate specialization, both Masters’ and Ph. D
  2. A standard MS in one of the involved departments, with a focus on infosec topics
  3. A PhD course of study in one of the involved departments, with a dissertation topic in infosec
  4. C&IT AOS in Cyber Forensics

Interdisciplinary Masters’ Program in Information Security

We are currently offering an interdisciplinary Master’s specialization in InfoSec. While admission to the program is handled administratively by the Graduate Committee of the Program, based at CERIAS, the graduation is handled by a participating department of your choice. The program is multidisciplinary and requires (and recommends) courses in Computer Sciences as well as other fields. The specialization on your transcript will, however, read “Information Security,” independently of what department handles the graduation (the department will be listed under the field of study on the transcript). Currently, the Philosophy and the Communication departments as well as the School of Technology are ready to graduate students from the program, and other departments and school are at various stages of deliberations on getting on board. The graduating programs authorize the InfoSec students to follow the requirements of the Interdisciplinary Program rather than those of the graduating department. Note that these requirements differ somewhat from one graduating department to another in terms of restricting the available choices. You should review these requirements but you do not have to declare your choice of a graduating department at application time.

Admission to the Interdisciplinary Masters’ Program

You can apply for the Program electronically for future sessions. Please select “Information Security” (Code #U97) as your graduate program. Your default contact professor in the next field of the application can be either Eugene H. Spafford or Victor Raskin, Executive Director and Associate Director, respectively, of both CERIAS and of the Program. Feel free to mention in that field any other professor in information security that you would like to work with if you have established such a contact already. You need to take the general GRE test and to submit a writing sample, typically an A-graded paper from a course. You will eventually be contacted by the graduate school about your admission status. In the meantime, feel free to contact Professor Raskin, the Faculty Advisor for the Program, at vraskin@purdue.edu or Marlene Walls, the Graduate Administrative Assistant for the Program, at walls@cerias.purdue.edu, with any questions concerning the admission process that are not covered on the website.

Interdisciplinary Ph. D. Program in Information Security

The new Ph. D. Program is an extension of the existing Interdisciplinary Masters’ Program in Information Security. While the latter Program was approved by the Graduate Council at the intermediate, Field of Study (FOS) level, the Ph.D. extension started out in the Fall of 2006, appropriately, at the initial Area of Specialization (AOS) level, just as the Masters’ Program had back in 2000, and just like that Program, the new AOS will be applying for the FOS status at an appropriate time.

It was both the needs and interests of the graduates and the United States Government’s (USG) new incentives for preparing Ph.D.-level researchers in the field that have made this development timely and necessary. The preparation in the existing FOS Program is already strongly research-based, and the required Masters’ theses have demonstrated the research potential of the graduates.

Before the inauguration of this AOS Program, Masters’ graduates at Purdue University interested in purely computational and/or technological research in information security were referred to the Doctor of Philosophy programs in the Department of Computer Science, School of Electrical and Computer Engineering, and College of Technology, and this practice continues. The new AOS Program prepares students who are interested in enriching their technical and scientific background in information security and combining it with preparation in a number of other disciplines. Each participating department or program has the option of specifying its own requirements by shaping and/or narrowing down the general requirements and options available to the Program’s students.

The AOS Ph.D. Program is currently sponsored by the Department of Communication, College of Technology, and Program in Linguistics, each of which has established an AOS in Information Security at the Masters’ level and has now extended it to the Ph.D. level. Other graduate programs are considering sponsorship at this time.

The Masters’ program has been the first program in this field in the State of Indiana and the region and the first truly multidisciplinary residential program in the nation that several other universities have been trying to emulate. So is the AOS Ph.D. Program intended to be. It will also contribute greatly to the designation of CERIAS as one of the first Research Centers of Academic Excellence (RCAE) in Information Security, a new and highly selective category being planned by the NSA.

Admission to the Interdisciplinary Ph. D. Program

Admissions are vetted by the AOS Program’s Admissions Committee appointed by the Executive Director from among the participating faculty and submitted to the Admissions Committee of the appropriate sponsoring Department or Program for ratification. The Graduate Record Examination (GRE) is required. Recognizing that interest as well as practical experience in information security may emerge from a wide variety of undergraduate and graduate backgrounds, the program has a reasonably flexible policy concerning preparation required for admission. Namely, it is desirable but not mandatory for candidates to have completed the equivalent of an undergraduate major in one of the areas represented by participating departments. A strong computational background is helpful.

You can apply for the Program electronically for future sessions. Please select one of the 3 currently sponsoring programs (Communication J78, Technology T37 or Linguistics J63) as your graduate program. That department or program will refer your application to the Interdisciplinary Ph.D. Program’s Graduate/Admissions Committee and will generally follow its recommendation. Your default contact professor in the next field of the application can be either Eugene H. Spafford or Victor Raskin, Executive Director and Associate Director, respectively, of both CERIAS and of the Program. Feel free to mention in that field any other professor in information security that you would like to work with if you have established such a contact already. Under Area of Interest or Certification Program, enter Interdisciplinary Information Security. You need to take the general GRE test, if you have not done it recently for your Masters’ application or if you are unsatisfied with the previous results. Please submit a writing sample, typically an A-graded paper from a graduate course. You will eventually be contacted by the graduate school about your admission status. In the meantime, feel free to contact Professor Raskin, the Faculty Advisor for the Program, at vraskin@purdue.edu or Marlene Walls, the Graduate Administrative Assistant for the Program, at walls@cerias.purdue.edu, with any questions concerning the admission process that are not covered on the website.

Standard Grad Programs

Students can also receive graduate degrees in existing programs with a specialization in infosec areas. To do this, the students enroll in a traditional major, take a core of common courses, and then are able to take electives related to their interests. Masters students may choose to research and write a Master’s thesis that involves further study in a particular area of interest, or they may simply take 30 or more credit hours of coursework. PhD students must choose a specialized topic for their dissertation research. The most common major for students interested in information security is Computer Sciences, but degrees are also associated with Electrical & Computer Engineering, Management, Philosophy, Political Science, and many other departments associated with CERIAS.

Note that specific requirements for individual department degrees are given in the course catalogs and on some departmental WWW pages. What follows is a summary of the requirements for a CS graduate degree, serving as an example of what is expected. You need to consult one of the definitive references to get the whole picture. (CS graduate degree requirements are available on the WWW; information on other graduate programs can be found by starting at the grad school www page.)

MS in CS Program

MS students are required to take a course in operating systems or networks (CS 503 or CS 536), one in programming language design or compilers (CS 565 or CS 502), and algorithm analysis (CS 580), plus another 7 courses of electives, or 5 courses and the thesis option. Normally, for infosec study, MS (and PhD) students would take CS 502 and CS 503, plus the courses in computer security (CS 526) and cryptography (CS 555) as electives, and consider taking the advanced security (CS 626) and cryptanalysis courses (CS 655), too.

There are many electives available to graduate students, including graphics, databases, numerical methods and distributed systems. Each year, several faculty also offer special topic courses in their areas of interest. Opportunities for directed reading or research courses are also available. In the last few years, we will have had seminars in Intrusion Detection and Incident Response, Penetration Analysis, Firewalls, Electronic Commerce, Network Security, and Security Tools. Additionally, we have had seminar courses in Wireless Networks, Advanced Operating Systems, and Internetworking.

PhD in CS Program

Normally, a PhD program starts with 2 years of graduate study and passing a series of general exams in the area of study (the “qualifier exams”). The candidate then decides on an area of study, chooses an advisor, and takes an in-depth exam in the area of specialization (the “preliminary exam”). Next, the candidate performs in-depth research under the guidance of the advisor for a period of time ranging from 6 months to as many as 5 years. Finally, the candidate writes a detailed scientific account of his or her research (the dissertation) and defends it in a public exam before a committee of faculty, visitors, and members of the community. The average time to complete a PhD in CS at Purdue (assuming the student already has a good undergraduate background in CS) is 5 years.

Required courses for PhD students in CS include courses in operating systems, algorithm analysis, compilers and programming languages, numerical analysis, and theory of computation; this is a superset of the courses required for the MS degree, and almost all PhD candidates obtain their MS degree during their candidacy for the PhD.

MS & PhD Research

Currently, there is a large range of projects being conducted in information security at Purdue. We have almost 40 projects involving over 30 faculty in a dozen different academic departments. You can get a more complete picture of the faculty and research projects via the CERIAS WWW pages. These projects are normally open to graduate students and can be used to satisfy research requirements towards MS and PhD thesis work. Not all infosec projects are offered through CERIAS, either, and there is no requirement that students work on a CERIAS project to get an infosec-related degree.

Special Notes for CS

Students coming in to the graduate program are expected to be ready to pursue the degree upon arrival. There are limits as to how many semesters may be spent in residence before completing each of the steps towards the degree.

In particular, students are expected to:

  • have strong, basic skills in mathematics, including working knowledge of statistics, calculus and linear algebra
  • know how to write programs in some advanced computer language (C/C++/Java are languages of choice; Perl is also encouraged)
  • have mastery of spoken English sufficient to understand lectures and presentations, and to discuss assignments with faculty and TAs
  • have mastery of written English sufficient to document programs and write grammatically correct research papers. This is especially critical for MS and PhD students who need to write a thesis and research papers.

Students without adequate preparation, or who fall behind in assignments, may be tempted to take “shortcuts” on assignments to keep up. Cheating, plagiarism, and falsifying work are severe violations of both the student code of conduct and academic honesty, and discovered incidents are dealt with particularly harshly by faculty in the infosec arena. Graduate students in violation of these rules are routinely recommended to the dean of students for expulsion from the university; foreign students in this situation will lose their visas. Thus, it is strongly recommended that applicants be sure they have mastery of these basic skills prior to applying to graduate school at Purdue.

Admission

For admission to the standard departmental programs, see the appropriate departments’ websites.

Financial Aid

Financial aid for graduate students is based on both scholarship and need. Some fellowships are available to exceptional incoming students. Others are supported by the departments or by research projects. It is unusual that a new student will get support from a faculty member’s research funding; indeed, most faculty do not support students prior to their completing some of the qualifying exams. Some incoming students do, however, qualify for selection as teaching assistants. Other information about financial aid is in the graduate student information documents.

For financial aid, contact the admitting department and not individual faculty members.

Note about CERIAS

CERIAS is a research center, and not an academic department, and therefore does not offer degrees. However, the programs described above allow you to get your degree and to be associated with CERIAS.

Disclaimer

The above is not an official document of Purdue University, but Professors Spafford’s and Raskin’s interpretation of Purdue policy. Interested parties should consult official University documents, available through the graduate school.