Prerequisites: Graduate Standing

Introduction to data security and cryptography, Mathematical principles of cryptography, Conventional and modern block and stream symmetric-key cryptosystems, Public-key cryptosystems, Message integrity and cryptographic hash functions, Digital signatures, Authentication, and Key exchange protocols. Several exercises and assignments on using cryptosystem and cryptanalysis tools.  
Prerequisites: Consent of Instructor. 

Network infrastructure security issues, including perimeter security defences, firewalls, virtual private networks, intrusion detection systems, wireless security, and network security auditing tools. Secure network applications. Network security protocols such as SSL, SSL/TLS, SSH, Kerberos, IPSec, IKE. Network threats and countermeasures. Network auditing and scanning. VoIP Security. Remote exploitation and penetration techniques. Network support for securing critical infrastructure. Design and development of software-based network security modules and tools based on hands-on experiences and state-of-the-art technologies. 

Note: SEC 521 cannot be taken for credit with CSE 551
Prerequisites: ICS 555   

Methodical approaches for collecting and preserving evidence of computer crimes, laws/regulation, and industry standards.  Hands-on experience on identifying, analyzing, recreating, and addressing cyber based crimes. Ethical issues associated with information systems security.  Foundational concepts such as file system structures, MAC times, and network protocols.  Use of tools for evidence recovery.  Use of established forensic methods in the handling of electronic evidence. Rigorous audit/logging and date archival practices. Prevention, detection, apprehension, and prosecution of security violators and cyber criminals, and general legal issues.   
Prerequisites: SEC 521 

Security of wireless networks such as cellular networks, wireless LANs, mobile ad hoc networks, wireless mesh networks, and sensor networks. Overview of wireless networks. Study of threats and types of attacks, including attacks on MAC protocols. Selfish and malicious behavior in wireless routing protocols. Countermeasures/solutions and their limitations. Encryption and authentication. Secure hand-off techniques. Energy-aware security mechanisms. Secure multicasting. Key pre-distribution and management in wireless networks.
Prerequisites: SEC 521   

Study of database security and auditing issues, challenges and protection methods. A review of relational and object database concepts. Database security and auditing issues. Authentication methods. Authorization based on privileges, roles, profiles, and resource limitations, and rolebased authorization constraints. A study of access control mechanisms for current DBMSs, content-based and fine-grained access control, access control systems for object-based design and XML. Data confidentiality and privacy for databases. Secure statistical databases. Integrating databases and applications security. Database security protection via inference detection. Security implementation and administration, with applications to ecommerce, and emerging research in database security.  
Prerequisites: SEC 511  

Web applications security requirements, threats and countermeasures. Contemporary web application vulnerabilities and exploitation techniques, based on the Open Web Application Security Project (OWASP). Web defacement and server penetration techniques. Content-based attacks and effective countermeasures. Intellectual property protection and watermarking. Auditing and scanning Web applications and infrastructure for security weaknesses. Analysis of Web applications for key vulnerabilities and attacks. Security mechanisms and protocols and their roles in securing Web applications. Secure Web programming mechanisms in ASP.NET, Java, PHP, XML and SQL. Secure Web applications for e-commerce, e-banking and e-government transactions. Numerous hands-on exercises and projects on using tools and writing secure Web applications.
Prerequisites: SEC 511  

A comprehensive overview of trusted computing technology and its applications, TPM chips, secure boot, attestation, DRM, sealed storage, nature of trust, methods for characterizing, establishing, and attesting trust of a system.  Trusted Virtualization. Operating system and hardware support for TC. Key management. Code signing. Identity management. Implications of certification. Trusted Mobile Platforms.  Trust negotiation, transitive trust, trust evaluation and reputation systems. Trust computing architectures and modeling. Trust computing in P2P and cloud computing paradigms. Design and development of software applications and components to utilize trust computing for protecting information providers and end users. 
Prerequisites: SEC 511 and ICS 555 

Theory of signal processing, especially image and sound processing, for purposes of biometric system design. An introduction to basic methods and techniques for the study of authentication based on static biometric features such as fingerprints, hand geometry, facial features, thermograms, iris and retina, voice, and handwriting. Study of recognition based on dynamic features including lip movements, typing, and gait, study of standards and applications of biometry.  
Prerequisites: Graduate Standing

Study of various security models and techniques for embedded systems both from a hardware as well as a software perspective. Smart card security. RFID attack models (including power analysis, side channel, and timing attacks), and security techniques. Security in wireless sensor networks (key management techniques, attack models, detection and prevention techniques). eHealth (embedded medical systems) security. Cryptographic hardware. Industrial control systems (SCADA). Physical hardware. Security for System-on-chip, and Internet-devices such as Internet thermostats and automated doors. 
Prerequisites: Graduate Standing

Study of enabling technologies for digital watermarking and steganography including the history of information hiding, basic principles and techniques such as still images, video, and 3-D video objects, and their applicability to owner authentication, content authentication, information embedding and communication with side information. Evaluation and benchmarking of watermarking and steganography mechanisms. Study of malicious attacks inclusive of bit rate limitation, counterfeiting marks and removal attacks. Overview of attempts to formalize watermarking. Steganography vs. watermarking. Applications of steganography. software for steganography, and steganalysis techniques. 
Prerequisites: Graduate Standing

Advanced topics selected from current journals of Information Assurance and Security and that deal with theoretical development or applications in the field.   
Prerequisites: Graduate Standing

Graduate students are required to attend seminars given by faculty members, visiting scholars, and fellow graduate students.  Additionally, each student must deliver at least one presentation on a contemporary research topic. Among other things, this course is designed to give the student an overview of how to conduct research, research methodology, journal specifications and submission requirements, and on professional societies. The course grade is a Pass or Fail.    
Prerequisites: Graduate Standing

This course is intended to allow the student to conduct research on advanced topics in his area of research for his Master degree. The faculty offering the course should submit a research plan to be approved by the graduate program committee of the ICS Department. The student is expected to deliver a public seminar and a report on his research outcomes at the end of the course.   
Prerequisites: Graduate Standing

The student has to undertake research at an in-depth level under the supervision of a faculty member for a specific problem in the area of Information Assurance and Security.    
Prerequisites: SEC 599

Review of number theory, set algebra and finite fields. Computations in finite fields using standard and non-standard bases. High performance algorithms and architectures for cryptographic applications. Side channel analysis attack resistant computations.

Prerequisites: ICS 555 

Intrusion detection and prevention systems. Security engineering processes. Advanced firewall considerations. Honeynets. Network forensics. Distributed denial of service attacks (Botnet, Rootkits, Zero-Day Exploits). Cyber crime and cyber war. Enterprise security policy development. Complex enterprise security infrastructure design and integration. Web and email security. P2P network security, and trust management.
Prerequisites: SEC 521