Cybersecurity and Threat Intelligence

The Master of Cybersecurity and Threat Intelligence (MCTI) is offered by the School of Computer Science.

This professionally oriented master's is unique in its core focus on threat intelligence, Security Incident and Event Management (SIEM), intrusion prevention, malware analysis, penetration testing, and computer forensics, and in its integration of experiential lab-based learning. It covers the most challenging and technical aspects of the cybersecurity field and ensures that graduates are equipped with the professional capabilities to respond ethically and with a global social awareness of the implications of their work. Students gain hands-on experience with real and simulated security attacks such that graduates are primed to help organizations create security frameworks, protect sensitive data from threats, and analyse violations to help prevent future breaches.

Administrative Staff

Director
Ali Dehghantanha (150 Research Lane Suite 120C)
graddir@socs.uoguelph.ca
In-program Graduate Program Specialist
cyberadmin@uoguelph.ca
Graduate Admissions Specialist
cyberapps@uoguelph.ca

Graduate Faculty

This list may include Regular Graduate Faculty, Associated Graduate Faculty and/or Graduate Faculty from other universities.

Luiza Antonie
B.Sc. Politehnica Bucharest (Romania), M.Sc., PhD Alberta - Associate Professor
Graduate Faculty

Neil Bruce
B.Sc. Guelph, M.A.Sc., Waterloo, PhD York - Associate Professor
Graduate Faculty

Ritu Chaturvedi
PhD Windsor - Associate Professor
Graduate Faculty

Rozita Dara
B.Sc. Shahid Teheshti, M.Sc. Guelph, PhD Waterloo - Associate Professor
Graduate Faculty

Ali Dehghantanha
BSE Azad, M.Sc., PhD Putra Malaysia - Professor
Graduate Faculty

David Flata
B.Sc., M.Sc., PhD Saskatchewan - Associate Professor
Graduate Faculty

Dan Gillis
B.Sc., M.Sc., PhD Guelph - Professor
Graduate Faculty

Minglun Gong
B.Eng. Harbin Engineering, M.Sc. Tsinghua, PhD Alberta - Professor and Director
Graduate Faculty

Gary Gréwal
B.Sc. Brock, M.Sc., PhD Guelph - Associate Professor
Graduate Faculty

Andrew Hamilton-Wright
B.Sc., M.Sc. Guelph, PhD Waterloo - Associate Professor
Graduate Faculty

Hassan Khan
B.Sc. NUST, M.Sc. Southern California, PhD Waterloo - Associate Professor
Graduate Faculty

Stefan C. Kremer
B.Sc. Guelph, PhD Alberta - Professor
Graduate Faculty

Xiaodong Lin
B.A.Sc. Nanjing, M.Sc. East China Normal, PhD Beijing, PhD Waterloo - Professor
Graduate Faculty

Pascal Matsakis
B.Sc., M.Sc., PhD Paul Sabatier (France) - Professor
Graduate Faculty

Judi R. McCuaig
B.Ed., B.Sc., MS, PhD Saskatchewan - Associate Professor
Graduate Faculty

Denis Nikitenko
B.Sc. Ryerson, M.Sc., PhD Guelph - Assistant Professor
Graduate Faculty

Charlie F. Obimbo
M.Sc. Kiev, PhD New Brunswick - Professor
Graduate Faculty

Joseph Sawada
B.Sc., PhD Victoria (British Columbia) - Professor
Graduate Faculty

Stacey Scott
B.Sc. Dalhousie, PhD Calgary - Professor
Graduate Faculty

Fei Song
B.Sc. Jilin (China), M.Sc. Academia Sinica (China), PhD Waterloo - Associate Professor
Graduate Faculty

Guatam Srivastava
B.Sc. Briar Cliff, M.Sc., PhD Victoria - Associate Professor, Brandon University
Associated Graduate Faculty

Mark Wineberg
B.Sc. Toronto, M.Sc., PhD Carleton - Associate Professor
Graduate Faculty

Michael A. Wirth
B.Sc. New England (Australia), M.Sc. Manitoba, PhD RMIT Melbourne - Associate Professor
Graduate Faculty

Yan Yan
B.Sc. Northwestern Polytech, PhD Saskatchewan - Assistant Professor
Graduate Faculty

MCTI Program

Admission Requirements

Admission to the Master of Cybersecurity and Threat Intelligence program may be granted on the School of Computer Science’s recommendation to:

Applicants who have successfully completed an undergraduate degree/baccalaureate in an honours program or the equivalent (having achieved a grade average of at least 75%, B, in the last four semesters of study) in computer science, computer engineering, or a related subject area (or hold a minor in one of these areas) from a recognized university; and
Applicants who have relevant experience or background knowledge of Data Communication and Networking (such as a course equivalent to CIS*3210 Computer Networks) and Computer Programming (such as a course equivalent to CIS*2500 Intermediate Programming).

Successful applicants must also meet the University of Guelph’s English Proficiency requirements for admission. If an applicant’s first language is not English, an English Language Proficiency test will be required during the application phase.

All applications will be reviewed by the cybersecurity admissions committee. Students are admitted for a September start date. The School of Computer Science office should be consulted for admission deadlines.

Learning Outcomes

Upon successful completion of the Master of Cybersecurity and Threat Intelligence at the University of Guelph, graduates will have the capacity to practice the following.

Security Analysis and Design
1. Analyse various threats that an organization is facing and demonstrate vulnerabilities in existing systems and processes; and
2. Define and implement security policies for organizations of different sizes using well-established security controls.
Security Architecture
1. Evaluate existing network architectures and identify attack surfaces and vulnerabilities;
2. Implement methods to build a defensible architecture; and
3. Build mechanisms to continuously monitor the activities in the secured enterprise network architecture.
Threat Intelligence
1. Follow best practices and ethical issues revolving around collection, labelling, storage, and sharing of data from sources of interest;
2. Analyse and correlate data from various sources to draw meaningful conclusions about potential malicious activity; and
3. Use artificial intelligence to design smart data driven systems to respond to Advanced Persistent Threats.
Digital Forensics
1. Identify, collect, analyse, and preserve evidences from a variety of traditional and modern computing platforms; and
2. Solve and document compromised cases through incident handling and forensics investigation methodologies to develop investigation plans.
Penetration Testing
1. Conduct structured discovery of security vulnerabilities in systems, networks, and web services; and
2. Propose concrete methods to fix discovered security vulnerabilities.
Professional Capacity
1. Demonstrate ethical behaviour consistent with academic integrity and the professional code of ethics as required in cybersecurity and threat intelligence;
2. Collaborate and conduct in-depth research about different cyber threats and prepare relevant technical and non-technical reports; and
3. Demonstrate entrustable professional skills including initiative, responsibility, accountability, and decision making in complex situations.

Program Requirements

The Master of Cybersecurity and Threat Intelligence is a coursework master's degree focused on training individuals to become technically skilled and ethically-minded cybersecurity professionals. Students develop mastery in security analysis and design, security architecture, threat intelligence, digital forensics, and penetration testing. Hands-on training in the cybersecurity teaching lab, the Security Operations Centre, enables students to work with real and simulated security attacks independently and collaboratively. Students may choose to complete their program through an independent project wherein students partner with an industry or academic partner to produce an evidence-based solution to a complex cybersecurity problem.

All students in the Master of Cybersecurity and Threat Intelligence program are required to complete a minimum of 4.00 graduate credits, including CIS*6590 Professional Seminar in Cybersecurity. The remaining 3.50 credits must be completed from the following list of courses:

Course List
Code	Title	Credits
CIS*6510	Cybersecurity and Defense in Depth	0.50
CIS*6520	Advanced Digital Forensics and Incident Response	0.50
CIS*6530	Cyber Threat Intelligence and Adversarial Risk Analysis	0.50
CIS*6540	Advanced Penetration Testing and Exploit Development	0.50
CIS*6550	Privacy, Compliance, and Human Aspects of Cybersecurity	0.50
CIS*6560	Cybersecurity and Threat Intelligence Project	1.00
CIS*6570	Advanced Cryptography and Cryptanalysis	0.50
CIS*6580	Security Monitoring and Cyber Threat Hunting	0.50
CIS*6670	Special Topics in Cybersecurity	0.50

Courses

CIS*6020 Artificial Intelligence Unspecified [0.50]

An examination of Artificial Intelligence principles and techniques such as: logic and rule based systems; forward and backward chaining; frames, scripts, semantic nets and the object-oriented approach; the evaluation of intelligent systems and knowledge acquisition. A sizeable project is required and applications in other areas are encouraged.

Department(s): School of Computer Science

Location(s): Guelph

CIS*6030 Information Systems Unspecified [0.50]

Relational and other database systems, web information concurrency protocols, data integrity, transaction management, distributed databases, remote access, data warehousing, data mining.

Offering(s): Odd-numbered years

Department(s): School of Computer Science

Location(s): Guelph

CIS*6050 Neural Networks Unspecified [0.50]

Artificial neural networks, dynamical recurrent networks, dynamic input/output sequences, communications signal identification, syntactic pattern recognition.

Offering(s): Odd-numbered years

Department(s): School of Computer Science

Location(s): Guelph

CIS*6060 Bioinformatics Unspecified [0.50]

Data mining and bioinformatics, molecular biology databases, taxonomic groupings, sequences, feature extraction, Bayesian inference, cluster analysis, information theory, machine learning, feature selection.

Offering(s): Odd-numbered years

Department(s): School of Computer Science

Location(s): Guelph

CIS*6070 Discrete Optimization Unspecified [0.50]

This course will discuss problems where optimization is required and describes the most common techniques for discrete optimization such as the use of linear programming, constraint satisfaction methods, and genetic algorithms.

Offering(s): Odd-numbered years

Department(s): School of Computer Science

Location(s): Guelph

CIS*6080 Genetic Algorithms Unspecified [0.50]

This course introduces the student to basic genetic algorithms, which are based on the process of natural evolution. It is explored in terms of its mathematical foundation and applications to optimization in various domains.

Offering(s): Odd-numbered years

Department(s): School of Computer Science

Location(s): Guelph

CIS*6120 Uncertainty Reasoning in Knowledge Representation Unspecified [0.50]

Representation of uncertainty, Dempster-Schafer theory, fuzzy logic, Bayesian belief networks, decision networks, dynamic networks, probabilistic models, utility theory.

Offering(s): Odd-numbered years

Department(s): School of Computer Science

Location(s): Guelph

CIS*6130 Object-Oriented Modeling, Design and Programming Unspecified [0.50]

Objects, modeling, program design, object-oriented methodology, UML, CORBA, database.

Offering(s): Odd-numbered years

Department(s): School of Computer Science

Location(s): Guelph

CIS*6160 Multiagent Systems Unspecified [0.50]

Intelligent systems consisting of multiple autonomous and interacting subsystems with emphasis on distributed reasoning and decision making. Deductive reasoning agents, practical reasoning agents, probabilistic reasoning agents, reactive and hybrid agents, negotiation and agreement, cooperation and coordination, multiagent search, distributed MDP, game theory, and modal logics.

Offering(s): Odd-numbered years

Department(s): School of Computer Science

Location(s): Guelph

CIS*6170 Human-Computer Interaction Unspecified [0.50]

This course concentrates on the theoretical and practical issues related to the design and study of interactive technologies for human use. Topics include: general principles of design, qualitative and quantitative research methods, prototyping techniques, theoretical issues underlying designing to individuals and groups, and ethical issues related to conducting research involving humans.

Offering(s): Odd-numbered years

Department(s): School of Computer Science

Location(s): Guelph

CIS*6180 Analysis of Big Data Unspecified [0.50]

This course introduces software tools and data science techniques for analyzing big data. It covers big data principles, state-of-the-art methodologies for large data management and analysis, and their applications to real-world problems. Modern and traditional machine learning techniques and data mining methods are discussed and ethical implications of big data analysis are examined. May be offered in conjunction with DATA*6300.

Offering(s): Odd-numbered years

Restriction(s): Credit may be obtained for only one of CIS*6180 or DATA*6300

Department(s): School of Computer Science

Location(s): Guelph

CIS*6190 Machine Learning for Sequential Data Processing Unspecified [0.50]

This course emphasizes machine learning for sequential data processing. It covers common challenges and pre-processing techniques for sequential data such as text, biological sequences, and time series data. Students are exposed to machine learning techniques, including classical methods and more recent deep learning models, so that they obtain the background and skills needed to confront real-world applications of sequential data processing. May be offered in conjunction with DATA*6400.

Offering(s): Odd- numbered years

Restriction(s): Credit may be obtained for only one of CIS*6190 or DATA*6400

Department(s): School of Computer Science

Location(s): Guelph

CIS*6320 Image Processing Algorithms and Applications Unspecified [0.50]

Brightness transformation, image smoothing, image enhancement, thresholding, segmentation, morphology, texture analysis, shape analysis, applications in medicine and biology.

Offering(s): Odd-numbered years

Department(s): School of Computer Science

Location(s): Guelph

CIS*6420 Soft Computing Unspecified [0.50]

Neural networks, artificial intelligence, connectionist model, back propagation, resonance theory, sequence processing, software engineering concepts.

Offering(s): Odd-numbered years

Department(s): School of Computer Science

Location(s): Guelph

CIS*6510 Cybersecurity and Defense in Depth Fall Only [0.50]

This course provides an overview of concepts and technical measures that are employed to enforce security policies and protect networks and systems from malicious activities. Students will learn how to engineer a secure system and how to secure networks in an ethical manner.

Restriction(s): Restricted to Master of Cybersecurity and Threat Intelligence students.

Department(s): School of Computer Science

Location(s): Guelph

CIS*6520 Advanced Digital Forensics and Incident Response Fall Only [0.50]

This course provides an in-depth understanding of theoretical concepts and practical issues in the field of digital forensics and incident response. Students will develop necessary skills, methodologies, and processes to detect cyber incidents and conduct in-depth computer and network investigation.

Restriction(s): Restricted to Master of Cybersecurity and Threat Intelligence students.

Department(s): School of Computer Science

Location(s): Guelph

CIS*6530 Cyber Threat Intelligence and Adversarial Risk Analysis Winter Only [0.50]

This course provides an in-depth understanding of techniques for detecting, responding to, and defeating Advanced Persistent Threats (APT) and malware campaigns using artificial intelligence and data mining techniques. Students will identify, extract, and leverage intelligence from different types of cyber threat actors.

Restriction(s): Restricted to Master of Cybersecurity and Threat Intelligence students.

Department(s): School of Computer Science

Location(s): Guelph

CIS*6540 Advanced Penetration Testing and Exploit Development Winter Only [0.50]

Restriction(s): Restricted to Master of Cybersecurity and Threat Intelligence students.

Department(s): School of Computer Science

Location(s): Guelph

CIS*6550 Privacy, Compliance, and Human Aspects of Cybersecurity Unspecified [0.50]

This course provides an in-depth view of the privacy, regulatory, and ethical issues surrounding cybersecurity. It covers methods of mitigating/treating privacy risks associated with emerging technologies that collect, manage, and analyse data. This course also examines data protection regulations and compliance strategies.

Department(s): School of Computer Science

Location(s): Guelph

CIS*6560 Cybersecurity and Threat Intelligence Project Summer Only [1.00]

Students plan, develop, and write an industry- or faculty-led report and produce required tools, services, and software. Projects should advance knowledge or practice, and address an emerging challenge in cybersecurity, cyber threat intelligence, digital forensics and incident response, cyber threat hunting, or a closely related field.

Restriction(s): Restricted to Master of Cybersecurity and Threat Intelligence students.

Department(s): School of Computer Science

Location(s): Guelph

CIS*6570 Advanced Cryptography and Cryptanalysis Unspecified [0.50]

This course provides an in-depth understanding of modern cryptography, with emphasis on practical applications. Topics covered include classical systems, information theory, symmetrical cryptosystems, block ciphers, stream ciphers, DES, AES, asymmetric cryptosystems, ECC, provable security, keyexchange and management, and authentication and digital signatures, among others.

Department(s): School of Computer Science

Location(s): Guelph

CIS*6580 Security Monitoring and Cyber Threat Hunting Unspecified [0.50]

This course provides a comprehensive review of tools, techniques, and procedures for monitoring network events and assets to build a secure network architecture. It trains students in methods for hunting attackers that could bypass designed network defense mechanisms in an enterprise.

Restriction(s): Restricted to Master of Cybersecurity and Threat Intelligence students.

Department(s): School of Computer Science

Location(s): Guelph

CIS*6590 Professional Seminar in Cybersecurity Fall and Winter Reg Required [0.50]

This two-semester course offers a multidisciplinary forum for discussion of topics related to cybersecurity. The seminar fosters professional skills development (academic and industry), promotes collaboration between industry experts and graduate students, facilitates mentoring and project development, and contributes to the transfer of knowledge between industry and academia.

Department(s): School of Computer Science

Location(s): Guelph

CIS*6650 Topics in Computer Science I Unspecified [0.50]

This special topics course examines selected, advanced topics in computer science that are not covered by existing courses. The topic(s) will vary depending on the need and the instructor.

Offering(s): Odd-numbered years

Department(s): School of Computer Science

Location(s): Guelph

CIS*6660 Topics in Computer Science II Unspecified [0.50]

This is a reading course. Its aim is to provide background knowledge to students who need to get a head-start in their thesis research fields early during their program while no suitable regular graduate courses are offered. Admission is under the discretion of the instructor.

Restriction(s): Instructor consent required.

Department(s): School of Computer Science

Location(s): Guelph

CIS*6670 Special Topics in Cybersecurity Unspecified [0.50]

This course provides an in-depth view of a variety of advanced topics within cybersecurity. Subject areas discussed in any particular semester will depend upon the interests of both the students and the instructor. Students should check with the School of Computer Science to determine what topics will be offered during specific semesters.

Department(s): School of Computer Science

Location(s): Guelph

CIS*6710 Principles and Practices of Information Security Fall Only [0.50]

This course teaches the foundations of cybersecurity and its applications in cyber risk assessment, identification of cyberattacks and threats, and controls for defenses and recovery. Fundamentals of cybersecurity are covered in sufficient breadth and depth so that the students can analyze systems for weaknesses, design a security policy, and identify controls that will help enforce security policies. Where applicable, real life case studies will be discussed to learn why security systems fail. [Department(s):School of Computer Science]

Offering(s): Not offered through Distance Education

Location(s): Guelph

CIS*6720 Cybersecurity Management and Governance Summer Only [0.50]

This course offers an overview of privacy legislation and ethical theories/principles and their applications. The course also examines strategy standards and best practices for privacy and ethical risk assessment, mitigation, compliance, and governance. Moreover, the course introduces state of the art security architecture, incident detection, containment and eradication and strategies to integrate different security technologies to achieve organization objectives. In addition, it provides a comprehensive review of information security governance framework and supporting processes to manage information risk to an acceptable level. It then looks at methods to build and maintain an information security program that identifies, manages and protects the organization's assets. [Offering(s):Not offered through Distance Education][Department(s):School of Computer Science]

Location(s): Guelph

CIS*6730 Cybersecurity Management and Governance Project Unspecified [1.00]

Students plan, develop, and write an industry-led research paper and produce required programs and implement controls in the industry environment. Alternatively, students may choose to work on developing a start-up business and produce a market assessment report for their products. All projects should contribute to advancing knowledge or practice and address an emerging challenge in cybersecurity, security management, security governance and incident response or a closely related field.[Offering(s):Not offered through Distance Education.][Department(s):School of Computer Science]

Location(s): Guelph

CIS*6790 Executive Seminar in Cybersecurity Fall and Winter [0.25]

This course offers a platform for exploring diverse aspects of Cybersecurity leadership, including security audit and assessment, cybersecurity entrepreneurship, and other high-level executive topics within the cybersecurity domain. The executive seminar is designed to engage participants in addressing academic and industry challenges specific to cybersecurity at an advanced level. The primary goal of this course is to enhance both academic and industry-related professional skills, fostering collaboration between seasoned industry professionals and graduate students. It aims to facilitate mentorship, project development, and the exchange of knowledge between the industry and the university setting. [Offering(s):Not offered through Distance Education.][Department(s):School of Computer Science][Restriction(s):Restricted to Master of Cybersecurity Leadership and Cyberpreneurship students.]

Location(s): Guelph

CIS*6890 Technical Communication and Research Methodology Unspecified [0.50]

This course aims to develop students' ability in technical communication and general research methodology. Each student is expected to present a short talk, give a mini lecture, review a conference paper, write a literature survey and critique fellow students' talks and lectures.

Department(s): School of Computer Science

Location(s): Guelph

2025-2026 Academic Calendar

Cybersecurity and Threat Intelligence

Administrative Staff

Graduate Faculty

MCTI Program

Admission Requirements

Learning Outcomes

Program Requirements

Courses

Print Options