The intertwinement of telecommunications, mobile communications and data networks is turning IT security into an explosive topic and a key risk factor in today's businesses. Services such as e-commerce, e-government or digital media and their copyright protection severely stress data, network and transmission security. In the Master's degree program you will be specializing in aspects of technical security and the "human risk factor"
Until further notice, the admissions appointments will take place at regular intervals via telephone or video conference. Applicants will be informed of details by e-mail.
Katharina WagnerFavoritenstraße 226, B.3.251100 ViennaT: +43 1 606 68 77-2460F: +43 1 606 68 firstname.lastname@example.org
Map main campus Favoriten (Google Maps)
Office hours during the semester:
Ihre E-Mail wurde versendet
Application period for academic year 2021/22
1st October 2020 to 30th June 2021
2tuition fee / semester:
+ ÖH premium + contribution2
1 Tuition fees for students from third countries € 727,- per semester
2 for additional study expenses (currently up to € 83,- depending on degree program and year)
Data protection and system security are your top priority. You have the ability to identify potentially weak points in systems and networks. This motivates you to find suitable measures to prevent manipulation and to block unauthorized access. New technologies arouse your interest - yet always with guaranteed security standards in mind. Your are familiar with encryption methods and you would like, in your Master's degree program, to delve deeper into cryptography as a field for research and application.
IT security is a highly agile field. Attacks on servers and networks are getting increasingly sophisticated. Our state-of-the-art network laboratory where you may refine your strategies for preventing unauthorized access and develop measures and scenarios for protection is at your disposal. You will have the opportunity of participating in research and development (R&D) projects, engaging in active exchange between science and practice at the university. The degree program also includes an own "IT security competence team", working in close cooperation with companies. The research focuses on the transmission of data, safe from manipulation or eavesdropping.
The number of mobile end devices will continue to increase and thereby also the demands made on data security for these tiny devices with their weak computing power. Sensor nodes which, albeit very versatile, are also small and have limited computing capacity and very little storage space are another example. Contrasting with these, we have the Cloud with its seemingly infinite computing and storage resources. The IT Security Master's degree program addresses both these developments in its research program.The course experts implement, evaluate and compare a diversity of cryptographic algorithms in the affiliated Competence Center for IT Security.The goal is to establish easily realizable secure data encryption options in practice. Findings are directly incorporated into the degree program to assuring you, the Master's student, of a decisive advantage of knowledge. The specialist know-how of our lecturers is also in high demand internationally. Experts of the IT Security Competence Center are often asked to participate as speakers at international conferences on data security and data protection. Papers published by the IT experts often receive awards such as the FH Best Paper Award, repeatedly awarded to FH Campus Wien.
Lector: Univ.-Prof. (FH) Dr. Dr. Gerald Quirchmayr
This course aims at giving an overview of the task and role of information management in the context of cyber security. Course participants shall become acquainted with the principles of information management and will get an overview of Management Information Systems (MIS), data sources and their use in the field of cyber security. Selected examples will be introduced to give an idea of how information management can be applied (SIEM - Security Information and Event Management, Situational Awareness, SOCs - Security Operations Centres).
The exam will be conducted in the form of an “open book exam” at the end of the course. The knowledge acquired during the course needs to be applied to a specific case. Depending on the situation at the date of the exam, it will be held in the form of a presence or in the form of an online exam.
Lectures and discussion of selected examples.
Lector: Dipl.-Ing. Manuel Koschuch, Bakk.techn., Silvia Schmidt, BSc MSc
Practical application of the topics covered in the lecture by implementing a specific project. Code review of an unknown program.
Grading of the projects, presentation of the results.
Lector: DI (FH) Peter Krebs
* Dependability and Fault Tolerance * Distributed Agreement * Group Communication and Membership * Consistency and Replication
Lecture: written exam, Distance Learning: Students' project in small groups
Lecture Practical work in small groups
Lector: FH-Prof. Dipl.-Inform. Dipl.-Wirt.Inform. Matthias Peter Hudler, Dipl.-Ing. Manuel Koschuch, Bakk.techn., Prof. Dr. Peter Lory
In this lecture basic principles of cryptography such as symmetric and asymmetric encryption as well as data security will be discussed. The main topics are for example the process of encryption and decryption of data, digital signatures, general cryptographic protocols and the practical field of operation of these mechanisms. Current approaches like elliptic curves are also dealt with. In addition to the related key management aspects like the comprehensive security infrastructure will be addressed. Tangible examples of use are shown for illustration and for getting familiar with the functionality.
Final written exam
Presentation with slides and video projector, additional explanations on the whiteboard
Lector: FH-Prof. Dipl.-Inform. Dipl.-Wirt.Inform. Matthias Peter Hudler, Dipl.-Ing. Manuel Koschuch, Bakk.techn.
In this lecture basic principles of cryptography such as symmetric and asymmetric encryption as well as data security will be discussed. The main topics are for example the process of encryption and decryption of data, digital signatures, general cryptographic protocols and the practical field of operation of these mechanisms. Current approaches like elliptic curves are also dealt with. In addition to the related key management aspects like the comprehensive security infrastructure will be addressed. Tangible examples of use are shown for illustration and for getting familiar with the functionality. In the tutorial the students have the possibility to practise the formerly presented approaches, getting more familiar with them. Approaches of possible cryptanalysis will also be discussed.
Presentation, discussion and solving problems
Lector: Dipl.Ing. Franz Gober, MBA
Basic assumptions of comunication - main focus body language, presentation technics; social skills: ability of encountering, effective communication strategy, feedback, using feedback, impact of feedback. Rhetorical basics: Use of different discussion technics and questioning technics and feedback strategies, facilityting and inhibiting behaviour in communication. Conflict management, understanding conflicts, working on conflicts and methods.Selective perception and constructivism.
Physical presence Active cooperation Seminar paper Review-Journal
Individual work, work in smaller and larger groups, teacher-centred information phases, review-journal
Lector: Dipl.-Ing. Manuel Koschuch, Bakk.techn.
The course gives a broad view across the possibilites of cryptographic methods in a typical workday, especially those of a SysAdmin. For alll topics, the theoretic background is presented alongside the practical usage implications. The covered topics are: * Hard disk encryption * Passwords * SSH & Network tunneling * E-mail security * Public Key Infrastructure
Exercices and a final exam
Theoretical lectures and individual tasks for all subjects
Lector: Dipl.-Ing. Manuel Koschuch, Bakk.techn., Nenad Milanovic, MSc
- Overview of Threats - Firewalls (stateless/stateful) - Intrusion Detection and Prevention - IPsec-based VPNs - Overview over SSL and TLS and other VPN-Technologien (L2TP, PPTP, MPLS) - Advanced Persistent Thretas - Expert Talks
Written final Exam
Lecture with slides, whiteboard and external expert speeches Lab Exercises
Lector: DI Thomas Konrad, Dipl.-Ing. Manuel Koschuch, Bakk.techn., Silvia Schmidt, BSc MSc
* Versioncontrol * Test Driven Development * Web Application Security * Security errors * Tool for software analysis
* Final exam * Grading of the presentations
* Lessons * Presentations by student groups
Lector: Tobias Buchberger, BSc MSc, DI (FH) Peter Krebs
- Basics of wireless network communication - Security aspects of wireless networks - Concrete wireless technologies and their security mechanisms - WLAN (IEEE 802.11) - Bluetooth - IEEE 802.15.4/6LoWPAN/ZigBee - Near Field Communication - Cellular Networks
Written final exam
This lecture gives an overview of many different cryptographic protocols, possible usage scenarios and their peculiarities. The students implement selected protocols from a given domain, compare them to each other and present the results. The main topics are - Public-Key Schemes - Key-Agreement/Key-Establishment - Challenge Response Schemes/Authentication - Signature Schemes
Every presentation is a partial examination, there is no written final exam
Implementations and presentations by the students
Lector: Tobias Buchberger, BSc MSc, Dipl.-Ing. Manuel Koschuch, Bakk.techn.
Practical Project Cloud Paradigms (IAAS, PAAS, SAAS) Security in the Cloud (Searchable/Homomorphic Encryption) Basics of Identity Management Single-Sign-On Systems, Shibboleth, Kerberos OAuth, OpenID Connect, SAML; FIDO, U2F
Lecture Distance Education Practical work in small groups
Lector: Mag. Georg Conrad-Billroth, MSc (CS)
Business and ethics consists of: Introduction and basic principles legal structure of companies and business organization The enterprise and its environment Ethics in business Human resources management Marketing & sales & ethics Procurement and logistics Production Accounting and finance
continuous assessment, assessment of presentations and teamwork, final exam
Lecture with PowerPoint slides and exercises. The ppt slides and handouts will be provided
Lector: Silvia Schmidt, BSc MSc, DI Mathias Tausig
The course teaches security aspect with the runtime of applications as well as DevSecOps subjects: * Virtualisation * Container technologies * Security automation (Ansible) * Docker * CI/CD * OWASP SAMM
Lector: Dr. Ulrich Bayer, Ing. Reinhard Kugler, MSc
In this lectures, we shade light on the attacker's perspective on computer security. By learning how to attackers work and experience them first hand in our lab exercises, we create a deeper understanding of the methods and procedures of attackers. Thus, laying the foundation for better operational security and security design practices. This lecture is part 1 of our two-semester lecture series at FH Campus Wien.
5 practical challenges (of which you need to solve 3) and a written exam.
Lectures with practical examples and demonstrations. Additionally, we offer an online platform, where students have to solve challenges. Those challenges range from attacking a Windows or Linux platform, performing a buffer overflow, and the analysis and manipulation of a mobile App.
- Practical application of IT-Security knowledge - Selected topics supplementing related courses - Protection of IT-Systems using Firewalls and Intrusion Prevention Systems - Design and Integration of a SIEM solution
Continuous examination and documentation
- Independent implementation of a project - Support is given at any time on request - Continuous progress reviews
This course covers the differences between the „textbook” and the “real-world” implementations of cryptographic algorithms. Symmetric techniques like DES and especially AES with its most important variations are dealt with in detail, as well as padding techniques and selected parts from the PKCS. These topics are supplemented with a basic introduction to the efficient implementation of long integer arithmetic.
Written elaboration of selected lecture contents Presentation Written examination
Presentation with slides and video projector
Lector: Dipl.-Ing. Dr. Martin Schmiedecker, Dip.-Inf. (FH) Karsten Theiner
- Forensic Methods o File System Forensics o Network Forensics o Operating System Forensics o Examination of Application Data o Time Line Analysis o Keyword Search
Lessons are held, using at least some of following didactics: - Ex-cathedra teaching - Independent working in groups - Interactive Media Support - Computer room lessons
Lector: FH-Prof. DI Gerhard Engelmann, Silvia Schmidt, BSc MSc, DI Mathias Tausig
ASN.1 Smartcards Constrained Networking Mobile Authentication RIOT-OS Secure Firmware Update Internet-of-Things (IoT-Security) Overview Embedded C
Intermediate tests, distance/remote learning, final exam.
Lectures and remote/distance learning English slides
Lector: DI Mathias Tausig
The exercises are teaching the useage of and development for smartcards. Students will need to complete the following exercices (alone and in groups): * Usage of PKCS#11 tokens in application software * Access to a smartcard using PC/SC and APDUs * Integrating a PKCS#11 token or a JavaCard into an authentication software
The grade will be calculated based on the projects
Programming in groups
- values and needs especially in working environment - typologies of behaviour and inward urge - change management processes and impact - Reasons for conflicts, behaviour during conflicts, and escalation - behaviour pattern and situational behaviour in economic crime - forms of economic crime - examples of ecomonic crime and working it up - future trends and development in economic crime
Presentation Work on cases in small groups Subject specific discussions in the class Seminar paper Review-journal
An important part of a comprehensive academic education is to aquire the qualification to treat problem statements from a scientific point of view. Therefore, an introduction to scientific work, writing, and well established methodologies will be taught in this course.
The evaluation is based on the submitted material (disposition, paper, reviews) as well as on the presentations.
During this course a scientific conference will be simulated. After a brief introduction to scientific writing, the attendees of this course shall treat a problem statement of a given field of research for which they shall prepare disposition that briefly describes the chosen topic. Based on it, a draft version of the scientific article will be written (draft paper). Afterwards, these draft versions of the papers will be critically reviewed by other colleagues (peer reviewing). Based on their reviews, a revised version of the scientific paper shall be created (camera-ready paper). At the end of this course, the scientific papers will be presented by the authors.
As a follow-up to Cyber Security, we deepen the understanding of the attacker's perspective. This semester focuses on attacks on IoT devices, exploitation with malware and memory corruption, as well as identity theft. By getting hands-on experience on the techniques and mindset needed to break security systems, the student gains insight useful for post-incident analysis of attacks as well as proactive analysis of attack vectors.
Five practical challenges (of which you need to solve at least three) and a written exam.
Lectures with practical examples and demonstrations. Additionally, we offer an online platform, where students have to solve challenges. Those challenges range from reverse engineering of a firmware sample, an ELF virus or performing a memory corruption attack via Return Oriented Programming.
Practical assignments in the scope of the lecture.
Graded point of the reports
Lector: Dipl.-Ing. Manuel Koschuch, Bakk.techn., Julia Teissl, BSc MSc
Summary of the essential aspects of project- and process-management, as well as system safety, and their practical meaning in concrete examples. Clarification of the differences between safety and security, and of the interfaces between these two areas. Diskussion and reflection of the insights from practical application of the above concepts.
Assessment of the submitted implementation and the presentations.
Implementing and presenting a practical example in small groups.
Lector: Dipl-HTL-Ing. Andreas Schaupp, MSc, MSc, MAS
- IT-Security Management and Risk Assessment - IT-Security Controls, Plans, and Procedures - Physical and Human Resources Security & Security Audit - Access Control Management - Overview of the ISO 27000-family, COBIT, ITIL and BSI Grundschutz
1/3: Case study 1/3: Group assignment 1/3: Classroom Quizzes
Lecture, case study, group assignment
Lector: FH-Prof. Dipl.-Inform. Dipl.-Wirt.Inform. Matthias Peter Hudler
Autonomous authoring of a special, science-based theme under guidance by a supervisor, elaboration of the master's thesis
Approbation of the master's thesis
Diploma thesis: Autonomous scientific work under guidance by a supervisor
The students present the current state of their Master's Thesis at regular intervals and discuss their work with the audience.
Presentations by the students
Lector: Dr. Sandford Bessler
The lecture will give an overview on the technologies and the application areas of e-privacy protection: - Definitions, Future scenarios of privacy - Legal privacy environment Technologies: - Identity management - Anonymous communication - Privacy policies - Database privacy Application areas: - Vehicular privacy, Location privacy - Search engine privacy, - Social network privacy, - Privacy and the Smart grid
Home work exercises and student presentation (40%) - Students will form small teams - Topics for the student presentation will be given (research papers) and presentation dates will be fixed Final written exam (60% of the grade)
Frontal teaching using slide presentations and online sources. 2-3 home works to support learning Discussions about certain privacy topics are welcome.
Lector: MMag. Dr. André Gazsó
Lector: DI Wolfgang Aigner, Mag.iur. Philip Raffling
Number of teaching weeks18 per semester
Times5.30 p.m.-7.00 p.m. and 7.15 p.m.-8.45 p.m.
Graduates are active in both the core information technology and telecommunications industries as well as in sector spanning positions. Your task will be to design and implement comprehensive security solutions. You will specify, plan, integrate, test and operate voice and data networks, taking into account the necessary security standards. You will work in the following areas:
Equivalence is determined by international agreements, validation or in individual cases a decision by the head of the academic section.
To apply you will require the following documents:
It is not possible to save incomplete online applications. You must complete your application in one session. Your application will be valid as soon as you upload all of the required documents and certificates. In the event that some documents (e.g. references) are not available at the time you apply, you may submit these later via e-mail, mail or in person by no later than the start of the admission process.
The admission procedure examines the technical aptitude of the applicants for the Master's degree program. It consists of a written test and an interview. The secretary's office will notify you of the date for the admission procedure.
Experience shows that many questions arise during the application phase and the start of the degree program. We therefore propose that interested persons and applicants should network with higher semester students in the same degree program as yours. Personal and individual contact with your buddy should facilitate your entry into the degree program.
To the Buddy network
Head of Degree Program IT-Security, Head of Competence Center for IT-Security T: +43 1 606 68 email@example.com
Research Staff, Competence Center for IT-Security
Competence Centre for IT-Security, Academic Staff
We work closely with renowned companies in commerce and industry, with universities, institutions and schools. This guarantees you contacts for employment or participation in research and development. In the course of exciting school cooperations, students may contribute to firing up pupils on topics such as our Bionics Project with the Festo company. You can find information about our cooperation activities and much more at Campusnetzwerk. It's well worth visiting the site as it may direct you to a new job or interesting event held by our cooperation partners!