Master of Cybersecurity

About the Program

 The field of cybersecurity is significantly evolving with a major gap for talents and required skills, both nationally and internationally. The Department of Information and Computer Science is glad to start a new Master of Cybersecurity program to cope with the increasing concerns and needs for competent professionals to address this fast-paced field of cybersecurity. The program is designed to offer a rich complementary curriculum of cybersecurity techniques, tools and technologies to provide graduates with skills needed to proficiently assess threats, analyze vulnerabilities, prevent cyberattacks, protect computer-based assets, ensure privacy, and manage and maintain secure infrastructure systems. Graduates will have attractive opportunities with competitive salaries in numerous jobs including application and system security analysts, consultants, policy makers, and managers.

The high demand of cybersecurity professionals on the job market is significant and growing. Cybersecurity professionals are expected to be very high, as these professionals will create innovative solutions to prevent hackers from stealing or causing problems to computer networks. The U.S. government’s Bureau of Labor and Statistics states (BLS) that the employment of Cybersecurity professionals is projected to grow 32% from 2018 to 2028, much faster than the average for all occupations. In addition, BLS also states that the average pay for Cybersecurity professionals is one of the highest pays among all occupations. An added value to Cybersecurity professionals is job satisfaction. Cybersecurity professionals make a significant contribution to the well-being of their workplace. These professionals are knowledgeable and skilled and understand the importance of securing data and technological systems in the workplace.

 

Program Educational Objectives 


The educational objectives of the master of cybersecurity program are to produce graduates who, a few years after graduation, will have: 
  • PEO 1: Established themselves as professionals who can both lead cybersecurity teams as well as be an active member of cybersecurity teams 
  • PEO 2: Demonstrated an ability to pursue a successful cybersecurity professional and career growth 
  • PEO 3: Be responsible, ethically driven, and productive members of the cybersecurity professional society 

 

Why Should You Apply?

  • The program is designed in line with the best practices of prominent universities offering similar programs.
  • The program is designed to offer a rich complementary curriculum consisting of courses from different disciplines that cover cybersecurity techniques, tools and technologies.
  • The program aims to produce graduates who will establish themselves as professionals leading cybersecurity teams as well as be an active member of cybersecurity teams.
  • The program aims to produce productive and ethically driven graduates to pursue a successful professional and career growth in Cybersecurity.

 

Program Requirement:

  • Applicants must have a bachelor's degree in computer science, software engineering, computer engineering, information technology, information systems, or a related discipline.
  • Applicants with bachelor's degrees outside the specified areas must demonstrate significant competence in computer programming, algorithms, computer systems, networking, and operating systems (through academic courses, professional certificates, or taking deficiency courses before joining the program).

Duration: 2 years

Delivery Mode: In-Person

 

Degree Plan

MX CYBER APPROVED

 

 

 

Courses description

 
SEC 511: Principles of Information Assurance and Security     (3-0-3)
Introduction to security and information assurance. Information confidentiality, availability, protection, and integrity. Security systems lifecycle. Risks, attacks, and the need for security. Legal, ethical, and professional issues in information security. Risk management including identification and assessment. Security technologies and tools. Security laws, audit and control. Cryptography foundations, algorithms and applications. Physical security, security and personnel, security implementation and management. Securing critical infrastructure. Trust and security in collaborative environments.
 

SEC 521: Network Security     (3-0-3)
Network infrastructure security issues, including perimeter security defences, firewalls, virtual private networks, intrusion detection systems, wireless security, and network security auditing tools. Secure network applications. Network security protocols such as SSL, SSL/TLS, SSH, Kerberos, IPSec, IKE. Network threats and countermeasures. Network auditing and scanning. VoIP Security. Remote exploitation and penetration techniques. Network support for securing critical infrastructure. Design and development of software-based network security modules and tools based on hands-on experiences and state-of-the-art technologies.
 

SEC 524: Computer and Network Forensics    (3-0-3)
Methodical approaches for collecting and preserving evidence of computer crimes, laws/regulation, and industry standards. Hands-on experience on identifying, analyzing, recreating, and addressing cyber based crimes. Ethical issues associated with information systems security. Foundational concepts such as file system structures, MAC times, and network protocols. Use of tools for evidence recovery. Use of established forensic methods in the handling of electronic evidence. Rigorous audit/logging and date archival practices. Prevention, detection, apprehension, and prosecution of security violators and cyber criminals, and general legal issues.
 

SEC 528: Security in Wireless Networks   (3-0-3)
Security of wireless networks such as cellular networks, wireless LANs, mobile ad hoc networks, wireless mesh networks, and sensor networks. Overview of wireless networks. Study of threats and types of attacks, including attacks on MAC protocols. Selfish and malicious behavior in wireless routing protocols. Countermeasures/solutions and their limitations. Encryption and authentication. Secure hand-off techniques. Energy-aware security mechanisms. Secure multicasting. Key pre-distribution and management in wireless networks.
 

SEC 540: Cryptography and Blockchain Applications    (3-0-3) 
Secret key encryption; Block and stream ciphers, Encryption standards;  Number theory: Divisibility, Modular arithmetic, Group theory and Finite fields; Public key encryption:  RSA, ElGamal and Rabin cryptosystems; Diffie-Hellman key exchange; Cryptographically secure hashing; Authentication and digital signatures; Digital signature standard (DSS), Randomized encryption; Cryptocurrency, Blockchain models and applications. Security issues and their solutions in Blockchain models and applications. Blockchain payment networks.
Note: Cannot be taken for credit with ICS 440
 

SEC 542: Penetration Testing and Ethical Hacking     (3-0-3)
Introduction to penetration testing and ethical hacking, requirements and legal issues, setting up virtual lab; Exploring Kali Linux and Metasploit framework, hacking and penetration testing phases; Information gathering through passive and active reconnaissance, footprinting, social engineering, port scanning; Advanced fuzzing techniques; Exploitation, password attacks and gaining access to remote services; Web penetration testing and web-based exploitation; Maintaining access with backdoors and rootkits; Bypassing defense applications; Wireless and mobile device hacking techniques; Writing penetration testing report; Tools and programming available for penetration testers in both Windows and Linux platforms such as Kali Linux, OpenVAS, Burp, NMAP, Netcat, Python, etc.
Note: Cannot be taken for credit with ICS 442
 

COE 526: Data Privacy     (3-0-3) 
Data privacy: definition and terminologies. Difference between data security and privacy. Data privacy attacks. Data privacy laws and regulations. Privacy risk and impact assessment. Privacy engineering, management, and evaluation. Data anonymization. Statistical privacy. Differential privacy. Cryptographic privacy. Homomorphic encryption. Secure multi-party computation. Secure data outsourcing. Data hiding and steganography. Anonymous networks. Trusted execution environment. Applications of privacy preserving technologies in computer systems and applications.
Note: Cannot be taken for credit with COE 426
 

SWE 545: Secure Software Development     (3-0-3)
Security in requirements engineering; Secure designs; Risk analysis; The SQUARE Process Model; Threat modeling; Defensive coding; Software protection; Fuzzing; Static analysis and security assessment; Memory leaks, buffer and heap overflow attacks, injection attacks.
Note: Cannot be taken for credit with SWE 445
 

SEC 619 Project       (0-0-6)
A graduate student will arrange with a faculty member to conduct an industrial research project related to the cybersecurity as the field of the study. Subsequently the students shall acquire skills and gain experiences in developing and running actual industry-based project. This project culminates in the writing of a technical report, and an oral technical presentation in front of a board of professors and industry experts.