MSc Cybersecurity Research Project Presentations 2024
The first cohort of our new MSc Cybersecurity programme are now completing their studies and are due to graduate in December. Some of them chose to undertake a Research project as part of their Master’s. On 2 August 2024 they presented their research to their classmates and a panel of academics from UCD.
Paul Lee: On the effectiveness of Cyber Security Frameworks in the Irish Public and Private Sector with a specific focus on the implementation of the NIS2 Directive
The project aims to understand the current cybersecurity landscape and the cybersecurity frameworks used in Ireland and other countries. It also aims to understand how the absence of a cybersecurity framework that aligns with NIS2 poses problems to organisations within the scope of the NIS2 directive.
“I chose the project because it was an area of interest for me and I could not find any comparable study in Ireland on the research topic. The (alternative) modules did not cover my specific areas of interest on cyber security legislation. There is so much information available and it was important to be able to filter out all the noise which I found to be difficult as the subject is very mainstream/topical or there are a lot of views/material on the matter. I found that I had to question my assumptions regularly during my research work. My knowledge and perspective on the research were enhanced during the project and reflected in a high-quality final research project. I loved attending the lectures in UCD and it was great to be able to make friends with a great group of students.”
Jenni Parry: Unified Knowledge Models and Tools for NIS2 Compliance Current approaches to cybersecurity risk modelling, assessment, compliance checking and reporting use diverse tools and data formats
Higher compliance reporting will be standardised through NIS2, but most tools have no common vocabulary to use for machine-readable reports that could be automatically processed by regulators. The project extends the W3C Community Group Data Protection Vocabulary (DPV) for NIS2 compliance reporting use cases focused on cyber risk assessment. It develops a proof of concept compliance tool, report or visualization that leverages the extended DPV. Finally, a case study was conducted to assess NIS2 compliance reporting using the extended DPV in an industrial setting.
Talking about her Research Project Jenni says “For me it was a simple choice to do the Research Project as the (alternative modules) were very technical. One of the best things about this master’s program is the mix of technical and non-technical modules, such as Cyber Law (Regulation) and the Risks and Standards module. I work in Governance, Risk and Compliance (GRC) so the non-technical modules have really helped with my career – for example learning about NIST and ISO frameworks and the implications of the new NIS2 Directive. Time management is crucial – make a plan with realistic timeframes and try stick with it. Regular meetings with your project supervisor are essential and great for keeping you on track. Be aware that it will take over a couple of months of your life – however it is completely worth it.”
Fausto Teghillo: Unique characteristics of the CISO role and their impact on Stress and Burnout
This research project aims to explore the psychological stress experienced by Chief Information Security Officers (CISOs) and to identify the unique characteristics of the role that contribute to stress and burnout. The study seeks to understand if the nature of stress in cybersecurity, particularly the responsibility for preventing and responding to cybersecurity incidents, uniquely impacts the mental well-being of CISOs.
Fausto’s experience of his Research Project? “I discovered the universe of enlightening research and interesting, forward-looking ideas out there. I also discovered that I enjoy writing. It is tough but gratifying; you just need to find the right pace and the discipline to do it one step at a time.”
Michael O'Callaghan: UnderServed Project
This project investigates the development and implementation of the UnderServed platform, a tailored and simplified cybersecurity solution designed to enhance threat detection and response capabilities in resource-constrained non-governmental organisations (NGOs). The primary aim is to bridge the
significant cybersecurity gap NGOs face due to their limited resources and technical expertise.
“The reason I chose a project was twofold: Firstly, in some countries, an MSc is not recognised unless it includes a thesis component. Secondly, on a personal level, I believed that completing a thesis would provide valuable experience, such as practising and improving my academic writing skills. (It’s) a personal choice. There are pros and cons to both approaches. I previously completed an MSc and opted for taught modules, which I found highly beneficial. However, I can understand why some might prefer the thesis route for the hands-on experience in research and writing. Both options offer valuable learning experiences, depending on one's goals and preferences. Discerning which research papers are pertinent to your project and identifying those of high quality can be challenging, but it's an essential skill. My writing skills improved significantly during the process, especially through using LaTeX, which is a valuable tool for structuring documents. Additionally, conducting a research project boosted my confidence, as it requires self-reliance—unlike taught modules, there's no direct lecturer support or study groups to rely on, which enhances your independence and problem-solving abilities.”
Alice O'Malley: Evaluating the NIS2 Directive
This project aims to assess the direct and indirect impacts of the NIS2 Directive on the digital infrastructure sector, with a particular focus on supply chain management. The project evaluated the compatibility and potential overlaps between NIS2 and other EU legislative frameworks, namely DORA, CER (non-cyber risks), and GDPR. It identified best practices and strategic approaches for digital infrastructure entities to comply with NIS2 while aligning with the requirements of DORA, CER, and GDPR. The final outcome of the project is a framework for enhancing cybersecurity resilience within the digital infrastructure sector through effective supply chain management and legislative synergy.
“My goal was to address a significant compliance challenge that GRC officers must embrace, but typically do not have capacity. By investigating the impact of the NIS2 Directive and its compatibility with other EU frameworks, I was able to leverage the knowledge gained from previous modules. My aim was to uncover actionable insights that would empower emerging sectors to effectively navigate this evolving regulatory landscape.”
Mohammed Hasanain. CeRN - Certificate-enabled Routed Networks
This projects proposes a Cryptography-enabled Routed Network architecture aimed to achieve trust through the use of certificates and True Random Numbers Generators to influence routing decisions and provide an ultra-low latency for real-time applications of the modern age. Suggested CeRN’s non-exhaustive foundational design principles are: natural cryptography-binding design, L3-L7 Convergence, ultra-low latency, flexible modes of deployment and operation, and backward compatibility with existing global routing infrastructure.
Why did he choose to do a research project? “This reminds me of Robert Frost's "Two roads diverged in a wood, and I - I took the one less traveled by, and that has made all the difference". I just couldn't afford to miss the chance of “standing on the shoulders of giants” as Sir Isaac Newton once wrote to Robert Hooke in 1675, to become of scientific lineage to the likes of Muhammad ibn Musa al-Khwarizmi, Ḥasan Ibn al-Haytham and John Stewart Bell; and to ponder the wonders of our universe.”
Anthony Martin. Advanced Malicious Traffic Detection with Graph Neural Networks Using Open Datasets
Current methods for identifying and mitigating malicious network traffic often face challenges in accurately detecting complex and evolving threats. By leveraging open datasets, this project aims to develop an advanced detection model, based on graph neural networks, capable of effectively identifying malicious traffic over three diverse network types.
Any advice for someone considering a research project? “I would encourage a future student to examine the career path that they intend to take and base the decision on that. As broad as the course program is, it prepares students for all careers in Cybersecurity, but the final 6 months is the fine-tuning that guides the student down a more focussed path. The research project is a good way to show prospective employers that you can work autonomously, that there's a world of information out there, and there's a lot to be gained from finding that information through research, finding whats relevant and discarding whats not, without that information being curated for the student.”
About the UCD MSc Cybersecurity
Our MSc in Cybersecurity is a two year part-time programme designed to prepare IT professionals for a variety of cyber security roles, including some modules for professionals seeking a managerial role in security. It will help companies, government and state institutions, defence forces and others to upskill their staff to fill new roles in cyber security so that they can protect their organisations, their customers and the public. It is designed to facilitate professional learners through flexible blended study options. Lectures are online and are complemented by occasional full-day workshops on campus. The MSc also offers the option of undertaking a significant piece of research. MSc students take eight core modules and then take one of two paths to completion:
either
three more taught modules and a 15 credit Cybersecurity Case Study;
or
a 30-credit Project, either a Cybersecurity Professional Project or a Cybersecurity Research Project
Graduate Diploma (60 credits) and Graduate Certificate (30 credits) awards are also available. It is also possible to take single modules.
Modules include:
Cyber Risk Assessment and Standards
Cybersecurity Law and Regulation
Cybersecurity Professional Project
Cybersecurity Research Project
Taught modules are available as Microcredentials. Completing a UCD Microcredential course gives you University credit in the form of ECTS (European Credit Transfer System), which means it is recognised across Ireland, Europe and the rest of the world. Full details at www.ucd.ie/microcredentials/
The Government has introduced a Learner Fee Subsidy of 80% to enable more learners to address critical skills gaps and engage with lifelong learning through micro-credentials. This is for a limited time and on a first come basis. More information at https://www.ucd.ie/microcredentials/news/learner-fee-subsidy/
Entry requirements for the Master’s
Minimum of a 2.1 honours bachelor’s degree in Computer Science (or a cognate discipline) or
2:2 honours bachelor’s degree in Computer Science (or a cognate discipline) and equivalent (>5 years) industrial experience in software development or software/system security.
The Graduate Certificate in Cybersecurity is for graduates who wish to pursue a career in management and leadership in cybersecurity and comprises the first 4 modules of the MSc programme. Applicants to the Graduate Certificate who do not meet the above MSc entry criteria may still apply and we will assess each application on its own merits.
You can find more information about the MSc at https://hub.ucd.ie/usis/!W_HU_MENU.P_PUBLISH?p_tag=PROG&MAJR=T380
Our next Master’s intake will be in September 2025. You can now apply for single modules that run in the Spring 2025 term: Leadership in Security and Cybersecurity Law and Regulation. https://www.ucd.ie/microcredentials/explorecourses/cyber-security/
Published 23 September 2024