Bachelor of Science

Information Security

Defend the digital future!

Learn to actively look for weak points, understand them and close them. There are weak points in hardware, software, protocols or even in the design of systems or in the flow of processes.

Learn to secure systems, for example with modern attack detection or cryptography. For example, digital attacks can be quickly detected and stopped with the help of artificial intelligence.

Take the human factor into account and learn how to maintain security in a company. There are many IT security tasks that need to be coordinated and checked on a regular basis.

Program

With increasing digitalization, the dependence of companies and people on information technology increases. A reliable and securely functioning IT infrastructure forms the backbone of our society. The bachelor's program in information security uses application-oriented teaching on a scientific basis to turn students into holistic experts in information security. The course teaches both technical and management-related skills.

Graduates can work in a company in operational professions (e.g. penetration tester, cyber security analyst, ...) or in management positions in information security (e.g. information security officer, security auditor, ... ). Students will be able to recognize security-relevant problems, analyze them in a business context and mitigate them with the help of suitable technical, physical, organizational or personnel measures. The content of the course is based on the increasing complexity of a networked IT infrastructure in companies and particularly includes the “human factor” as part of the security strategy. Furthermore, the latest topics such as artificial intelligence, blockchain technologies or threat intelligence are also included.

If you choose a career in information security, you will have both good job prospects and a likely high salary compared to other IT industries. There are also many additional, exciting offers in the area of research.

The application deadline for the winter semester 2024/2025 runs from May 1st, 2024 to June 15th, 2024. There are no admission restrictions.

Overview

Studying information security at THWS combines solid basic knowledge of practical, technical and theoretical computer science with practical training. The content and structure of the course enable students to quickly familiarize themselves with numerous existing and future areas of computer science. The first four semesters serve to teach the basics in the areas of computer science and information security. The obligatory practical phase then follows in the fifth semester. In the sixth and seventh semesters, more specific modules in the area of IT security are offered. Furthermore, three elective modules (FWPM) must be chosen from the faculty’s offerings.

Semester 1-4

In the first four semesters you will learn the necessary basics and dive deep into the topic of information security.

Basics of algorithms and data structures

Level:

1. Semester

Language:

German

Stylistics and aesthetics of programming
Techniques for algorithmic problem solving
Techniques for controlling complex systems
Recursion and abstraction
Processing algorithmic questions

Programming 1

Level:

1. Semester

Language:

German

Procedural programming in the Java language
Elementary constructs and essential instructions
Methods, recursion, arrays, complex data types
Object orientation, classes, methods, visibility
Multidimensional arrays, reference types, garbage collector

Databases

Level:

1. Semester

Language:

German

Basic concepts (e.g. relational data model)
Data modeling and SQL
Design and implement database solutions
Data storage in software architectures
Database technologies and scalability

Algebra

$mathematical module$

Level:

1. Semester

Language:

German

Linear systems of equations, vectors, dot product
Matrices, inverse matrices, linear independence
Linear mapping, eigenvalues, eigenvectors
Modulo calculus, extended Euclidean algorithm
Euler-Fermat theorem, RSA encryption method

Foundations of Information Security

Level:

1. Semester

Language:

German

General questions from information security
Raising awareness of security issues
Examples from companies and known incidents
Development of necessary IT basics (operating systems, networks, ...)
Introduction to scripting languages

Social Engineering and Security Awareness

Level:

1. Semester

Language:

English

Role of the human factor in information security
Psychological tricks from social engineers
Targeted sensitization of employees
Design and impact of awareness measures
Personnel measures and security-compliance

Internet Communication

Level:

2. Semester

Language:

German

ISO-OSI basic reference model, Internet model
Basics of transmission technology (principles of channel coding)
Networks (Ethernet, WLAN), protocols (TCP/IP)
Connection-oriented vs. connectionless
Basics of IT security (VPN, security protocols)

Programming 2

Level:

2. Semester

Language:

German

Concepts of object-oriented programming
Object-oriented Java programs, partial solutions
Software system testing
Polymorphism and types
Class libraries and patterns

Allgemeinwissenschaftliches Wahlpflichtmodul (AWPM)

Level:

2. Semester

Language:

German/English

Non-subject-specific knowledge and skills that can be important for the desired career goal
e.g. B. special knowledge of foreign languages, in natural sciences or in social science areas

Foundations of Cryptography

$mathematical module$

Level:

2. Semester

Language:

German

Number theory basics and modular arithmetic
Primality tests and discrete logarithm calculations
Mathematical foundations of sym. and asym. cryptosystems
Complexity and methods of cryptanalysis

Penetration Testing

Level:

2. Semester

Language:

German/English

Penetration testing process including job profile
Understanding and applying popular vulnerabilities
Post-exploitation and lateral movement
Legal basis and framework conditions
Assessment of vulnerabilities with reporting

ISM-Standards and Processes

Level:

2. Semester

Language:

English

Structure of information security management standards, maturity models
Creation of information security concepts
Organizational security measures, metrics
Incident response and business continuity
Audits of security concepts

Mobile Systems and Applications

Level:

3. Semester

Language:

German

Basics of mobile platforms and techniques
Mobile techniques: Cross-platform and web development vs. native development, development frameworks
Mobile applications: business and application scenarios, e-commerce, economic analysis
Outlook for new technologies

Backend Systems

Level:

3. Semester

Language:

English

Architecture of client/server and P2P systems
Client/server systems, HTTP (REST and RPC)
Programming a 3-layer architecture
Quality assurance through automated tests
Scalability of distributed systems
Authentication and authorization protocols

Business and IT law

Level:

3. Semester

Language:

German

General contract law
Special contract law with regard to IT
Basic principles of copyright law
Overview of relevant areas of intellectual property protection
Internet law and data protection law

IT project management

Level:

3. Semester

Language:

German

Introduction to project and project management, project organization
Project management methods, processes and tools
Project calculation, control, monitoring and completion
Agile project management with Scrum

Security Engineering

Level:

3. Semester

Language:

German/English

Applied cryptography (hashing, sym. and asym. encryption)
Secure design of systems and protocols
Protocols (TLS, TOR, Kerberos, VPN…)
Challenge-response protocols and zero-knowledge proofs
Authentication and authorization

Governance, Risk, Compliance and Ethics

Level:

3. Semester

Language:

English

Responsibilities of information security in companies
Organization, CISO, ISB and Co.
Risk orientation and risk management, threat analysis
Safety culture and ethical issues
Relevant laws and legal framework

Innovation management and founding

Level:

4. Semester

Language:

German

Regional and intra-company ecosystems
Teams, team processes and team-building methods
Intra- and entrepreneurship, basic business plan
Tax, legal and economic components
Design thinking and value proposition

Frontend Systems

Level:

4. Semester

Language:

English

Programming of web applications
Introduction to current frameworks, e.g. E.g. Vue.js, Angular
Communication to the backend
UX/UI and principles for interface design
Secure implementation and testing

Programming project

Level:

4. Semester

Language:

German

Independent development of an application in groups three or more people
Documentation, overall overview, use cases
Activity and sequence diagrams
Presentation of results

Computer architecture

Level:

4. Semester

Language:

German

Structure and operation of computing systems
How different computer architectures work
Performance evaluation
Machine commands
Embedded systems

Security Operations

Level:

4. Semester

Language:

German/English

Technical implementation of IT security concepts in companies
Firewalls, intrusion detection systems, proxies
Security monitoring and protection mechanisms
Tasks of the Security Operations Center (SOC)
Secure programming

Expertise and Communication

Level:

4. Semester

Language:

English

Effects and methods of communication tailored to the target group
Collaboration and internal corporate communication
Didactics, learning methods, awareness-raising
Information security topics

Semester 5-7

In the higher semesters you get to know a company, specialize in certain topics and finally write your Bachelor thesis.

Practical module

Level:

5. Semester

Language:

German

Independent work in a company
Project phases of a larger IT project
Duration at least 12 weeks)
Insight into different departments and areas

Fachwissenschaftliche Wahlpflichtmodule

Level:

6./7. Semester

Language:

German/English

Building in-depth skills
Various changing offers from the faculty
e.g. online marketing, big data and analytics
e.g. autonomous cars, socioinformatics
e.g. augmented and virtual reality (...)

Threat Intelligence

Level:

6. Semester

Language:

German

Threat detection and assessment
Cybercrime scenarios
Motivation of attackers
Technical analysis of malware
Threat intelligence platforms

Digital Forensics

Level:

5. Semester

Language:

German

Incident response with playbooks
Digital forensics on various media
Preparation of results and reporting
Compromise assessments

Project

Level:

6. Semester

Language:

German/English

Teamwork (at least three students)
Larger software development project
Optionally also other tasks

Blockchain Technologies

Level:

7. Semester

Language:

German

Basics of Blockchain and Smart Contracts
Solidity programming language
DApps for Ethereum
Secure blockchain applications

AI and Security

Level:

7. Semester

Language:

German/English

AI to improve information security (detection)
AI to improve security testing (e.g. scanning)
Security-relevant problems of AI technologies and attacks on AI systems (e.g. data poisoning, backdoors, adversarial samples…)

Bachelor thesis

Level:

7. Semester

Language:

German/English

Own studies and research into the state of the art and science in the respective subject area
Basic principles of scientific work
presentation of results