Course Description

Credits: 3 (3-0-0) Prerequisites: None

This is a broad introductory course to CyberSecurity that covers a wide range of topics including security principles, authentication, cryptography, operating systems security, security models, software security, network security, …etc. The students will be asked to conduct some research and execute.

Credits: 3 (3-0-0) Prerequisites: None

A deep introduction to cryptography and cryptographic algorithms and applications to computer and network security. Topics covered include Symmetric key cryptography, Public Key Cryptography, hashing algorithms, pseudo randomness, perfect secrecy, computationally secure algorithms.

Credits: 3 (3-0-0) Prerequisites: None

This course concentrates on privacy issues in the context of global connectivity. It starts by discussing the relation between privacy and security and describes the reality in today’s world where almost everybody is connected to some sort of network. It then develops a framework to reason about privacy, followed by measures to protect privacy at all levels.

Credits: 3 (3-0-0) Prerequisites: CYS502

This course covers in depth the types of threats, vulnerabilities and the types of attacks that may arise through exploits. It describes approaches to discover vulnerabilities and protect systems against threats and attacks. It also covers penetration testing, exploits, secure coding techniques, cryptographic attacks, infrastructure threats and countermeasures for all types of attacks.

Credits: 3 (3-0-0) Prerequisites: CYS501

This course introduces cybersecurity architecture concepts and practices using organizationwide enterprise architecture as context. The purpose of a cybersecurity architecture is to ensure that proper levels of information confidentiality, integrity, and availability are provided for an organization›s information, data, and related assets. The course will show how implementation of a cybersecurity architecture can be based on a Security Architecture Framework that addresses eight key cybersecurity areas to address enterprise and system-level information sharing and safeguarding requirements: information security governance, operations security, personnel security, information and data security, systems security, application development security, infrastructure security, and physical security.

Credits: 3 (3-0-0) Prerequisites: CYS504

This course gives an overview of security challenges in all types of databases and covers some of the major topics like access control, database integrity, digital watermarking, security of distributed database systems.

Credits: 3 (3-0-0) Prerequisites: CYS505

The course represents an advanced course of security in mobile and wireless networks. This course will address various issues (attacks and defense strategies) in wireless and mobile security, including WEP and WPA, wireless jamming attacks, and mobile privacy. It is intended for Master students who are interested in the current development of wireless and mobile security. The goal of this course is to familiarize students with the issues and technologies involved in designing a wireless and mobile system that is robust against various attacks. Students will gain an understanding of the various ways in which wireless networks can be attacked and tradeoffs in protecting networks. At the end of this course, student will have a broad knowledge of the state-of-the-art and open problems in wireless and mobile security, thus enhancing their potential to do research or pursue a career in this rapidly developing area.

Credits: 3 (3-0-0) Prerequisites: CYS503

Provides a general introduction to Cybersecurity Forensics explaining how data and evidence may be collected and analyzed. It describes techniques for evidence acquisition, traffic analysis, event log analysis. The course also touches on intrusion detection, malware forensics analysis and web proxies.

Credits: 3 (3-0-0) Prerequisites: None

This course allows students applying their academic work to develop a significant cybersecurity[1]based solution for a real-world problem. Students are expected to work individually. The course would be taken in two parts (final 2 semesters) of the program. The problem description, theoretical foundations of possible solutions would be documented in the first semester. In the second semester, the students are required to complete the designed solution and demonstrate their work.

Credits: 3 (3-0-0) Prerequisites: None

Students enrolled in this course would apply their cybersecurity and research-based knowledge and skills acquired during earlier course work to develop a significant cybersecurity-based solution for a real-world problem. Students are expected to work individually under the supervision of one or two faculty members specialist in cybersecurity field. The course would be taken in two parts (final 2 semesters) of the program. The first semester consists of submitting the thesis proposal that includes problem description, research objectives/questions, and theoretical foundations of possible solutions. The second semester requires the completion of the research work and the submission of the thesis document accompanied with a defense. The defense is done against at least two examiners specialist in cybersecurity. Many topics could be investigated including threats/risk analysis, cybersecurity governance, network security, cryptography, forensics, etc.

Credits: 3 (3-0-0) Prerequisites: None

It is often advantageous to adopt a holistic systems approach when dealing with organizational security. One of the main advantages is considering the behavior of individual components, the interactions between these components and the resulting behavior of the systems as a whole. This course takes a holistic system approach to introduce and present all topics related to information systems security. The course starts by introducing the basic security concepts and principles, then moves to provide a general overview for system security governance and management through security policies and strategies. The course then introduces the important security-by-design principles and explains how security requirements can be integrated in the systems at design time. After that the course provides a general overview of risks, threats, attacks and vulnerabilities. Once the basic principles and concepts are in place, the course moves to describe how the security of individual IT systems components can be handled using some examples. This covers all types of components from processors, memory up to large distributed systems. Next, the course introduces symmetric and public key cryptography. In the process, the PKI system is introduced using simple examples and applications. Now course on information security without covering authentication and access control. Both topics are covered in some detail.

Credits: 3 (3-0-0) Prerequisites: None

The course prepares the students to have a thorough guidelines to principle of cybersecurity defense, starting from strategy, policies, procedures and down to technical controls such as firewalls, and IDS/IPS. It covers advanced topics such as threat landscape, intelligence, hunting, and modeling. Defense in depth/layered security is also highlighted. New defensive trends and techniques are discussed to stay on the cutting edge and ahead of potential cybersecurity attacks.

Credits: 3 (3-0-0) Prerequisites: None

This course explores the cybersecurity laws and controls that are established and implemented in order to develop safe practices in organizations today. Based on cybersecurity roles and responsibilities, students will research and develop business and governmental policies. Students will also learn how to create compliance reports. The course will also address cyberspace related legal issues, such as privacy, intellectual property, cybercrime, emerging technology, national security, and global cybersecurity.

Credits: 3 (3-0-0) Prerequisites: None

This course covers the concepts of software assurance and the fundamentals of the secure software lifecycle as it relates to software development. The course will discuss the secure software development lifecycle phase by phase establishing and discussing best practices in these phases. Students will experience the secure software lifecycle process by developing concrete artifacts and practicing in a lab environment.

Credits: 3 (3-0-0) Prerequisites: None

This course explores the standards, principles, techniques, and best practices essential for developing web applications and websites securely. Students will gain a deep understanding of web security concepts and guidelines, including authentication, encryption, access control, and threat modeling. They will learn the standards of security web applications such as OWASP. They will also learn to identify, understand, and mitigate common web vulnerabilities such as Cross-Site Scripting (XSS), SQL injection, and Cross-Site Request Forgery (CSRF).

Credits: 3 (3-0-0) Prerequisites: None

This course aims to provide students with knowledge and understanding of mobile technologies and its structure for different platforms such as IOS and Android. The course highlights the significance of protecting mobile devices and its environment from the potential security attacks that target mobile environment on the device and application levels. The course will provide students with the security countermeasures such as encryption, access control, secure boot processes, and network security.

Credits: 3 (3-0-0) Prerequisites: None

The course describes the specific procedures or techniques used to identify, select, process, and analyze information about a topic. The different phases of research are presented and discussed: Problem Statement, Research Questions / Hypotheses, Theoretical framework, Review of Literature, Data collection, Data Analysis, Findings and Discussion, Summary, Recommendations, Conclusions and References. The course introduces the differences between the various research designs including Quantitative, Qualitative and Mixed Methods. The students will be able to evaluate and justify their methodological choices. The course offers students tips for writing a strong methodology as well as a research paper. Through this course, the student will be able to critically evaluate a study's overall validity and reliability. The course will combine theory and practice throughout the term and students will be given an opportunity to write a research proposal. The course does not require exams. The students will be evaluated through research work presented against an examination committee.