Sign In

 M.S. In Security & Information Assurance - Course List

​​Program Features Course and Admission Requirements Program Objectives and Student Outcomes Degree Plan ​Course List
ICS 555: Crytography and Data Security Syllabus (3-0-3) 

Mathematical principles of cryptography and data security. A detailed study of conventional and modern cryptosystems. Zero knowledge protocols. Information theory, Number theory, complexity theory concepts and their applications to cryptography.
Note: Prerequisite is Consent of Instructor.

SEC 511: Principles of Information Assurance and Security Syllabus (3-0-3)

Introduction to security and information assurance. Information confidentiality, availability, protection, and integrity. Security systems lifecycle. Risks, attacks, and the need for security. Legal, ethical, and professional issues in information security. Risk management including identification and assessment. Security technologies and tools. Security laws, audit and control. Cryptography foundations, algorithms and applications. Physical security, security and personnel, security implementation and management. Securing critical infrastructure. Trust and security in collaborative environments.
Eligibility Requirements:: Graduate Standing

SEC 521: Network Security Syllabus  (3-0-3)

Network infrastructure security issues, including perimeter security defences, firewalls, virtual private networks, intrusion detection systems, wireless security, and network security auditing tools. Secure network applications. Network security protocols such as SSL, SSL/TLS, SSH, Kerberos, IPSec, IKE. Network threats and countermeasures. Network auditing and scanning. VoIP Security. Remote exploitation and penetration techniques. Network support for securing critical infrastructure. Design and development of software-based network security modules and tools based on hands-on experiences and state-of-the-art technologies.
Note: SEC 521 cannot be taken for credit with CSE 551.

SEC 524: Computer and Network Forensics Syllabus  (3-0-3)

Methodical approaches for collecting and preserving evidence of computer crimes, laws/regulation, and industry standards. Hands-on experience on identifying, analyzing, recreating, and addressing cyber based crimes. Ethical issues associated with information systems security. Foundational concepts such as file system structures, MAC times, and network protocols. Use of tools for evidence recovery. Use of established forensic methods in the handling of electronic evidence. Rigorous audit/logging and date archival practices. Prevention, detection, apprehension, and prosecution of security violators and cyber criminals, and general legal issues.

SEC 528: Security in Wireless Networks Syllabus  (3-0-3)

Security of wireless networks such as cellular networks, wireless LANs, mobile ad hoc networks, wireless mesh networks, and sensor networks. Overview of wireless networks. Study of threats and types of attacks, including attacks on MAC protocols. Selfish and malicious behavior in wireless routing protocols. Countermeasures/solutions and their limitations. Encryption and authentication. Secure hand-off techniques. Energy-aware security mechanisms. Secure multicasting. Key pre-distribution and management in wireless networks.

SEC 531: Secure Software Syllabus  (3-0-3)

Software security development lifecycle including security requirements analysis, design, coding, review, and testing. Construction of secure and safe C/Unix programs. Vulnerabilities in C source code. Stack and heap buffer overflows. Overview of secure web application development with consideration for SQL injection, cookies, and forceful browsing. Techniques for software protection, such as code obfuscation, tamper-proofing, and water-marking. Analysis of software based attacks and defenses, timing attacks and leakage of information. Type safety and capability systems. Numerous hands-on exercises and projects on writing secure code and unbreakable code and other related topics.
Note: Equivalent to SWE 531.
Eligibility Requirements:: Graduate Standing

SEC 534: Database Security Syllabus  (3-0-3)

Study of database security and auditing issues, challenges and protection methods. A review of relational and object database concepts. Database security and auditing issues. Authentication methods. Authorization based on privileges, roles, profiles, and resource limitations, and role-based authorization constraints. A study of access control mechanisms for current DBMSs, content-based and fine-grained access control, access control systems for object-based design and XML. Data confidentiality and privacy for databases. Secure statistical databases. Integrating databases and applications security. Database security protection via inference detection. Security implementation and administration, with applications to ecommerce, and emerging research in database security.

SEC 536: Web Application Security Syllabus  (3-0-3)

Web applications security requirements, threats and countermeasures. Contemporary web application vulnerabilities and exploitation techniques, based on the Open Web Application Security Project (OWASP). Web defacement and server penetration techniques. Content-based attacks and effective countermeasures. Intellectual property protection and watermarking. Auditing and scanning Web applications and infrastructure for security weaknesses. Analysis of Web applications for key vulnerabilities and attacks. Security mechanisms and protocols and their roles in securing Web applications. Secure Web programming mechanisms in ASP.NET, Java, PHP, XML and SQL. Secure Web applications for e-commerce, e-banking and e-government transactions. Numerous hands-on exercises and projects on using tools and writing secure Web applications.

SEC 538: Trusted Computing Syllabus  (3-0-3)

A comprehensive overview of trusted computing technology and its applications, TPM chips, secure boot, attestation, DRM, sealed storage, nature of trust, methods for characterizing, establishing, and attesting trust of a system. Trusted Virtualization. Operating system and hardware support for TC. Key management. Code signing. Identity management. Implications of certification. Trusted Mobile Platforms. Trust negotiation, transitive trust, trust evaluation and reputation systems. Trust computing architectures and modeling. Trust computing in P2P and cloud computing paradigms. Design and development of software applications and components to utilize trust computing for protecting information providers and end users.

SEC 544: Biometric Systems Syllabus  (3-0-3)

Theory of signal processing, especially image and sound processing, for purposes of biometric system design. An introduction to basic methods and techniques for the study of authentication based on static biometric features such as fingerprints, hand geometry, facial features, thermograms, iris and retina, voice, and handwriting. Study of recognition based on dynamic features including lip movements, typing, and gait, study of standards and applications of biometry.​
Eligibility Requirements:: Graduate Standing

SEC 546: Embedded Systems Security Syllabus (3-0-3)

Study of various security models and techniques for embedded systems both from a hardware as well as a software perspective. Smart card security. RFID attack models (including power analysis, side channel, and timing attacks), and security techniques. Security in wireless sensor networks (key management techniques, attack models, detection and prevention techniques). eHealth (embedded medical systems) security. Cryptographic hardware. Industrial control systems (SCADA). Physical hardware. Security for System-on-chip, and Internet-devices such as Internet thermostats and automated doors.
Eligibility Requirements:: Graduate Standing

SEC 548: Watermarking and Steganography Syllabus  (3-0-3)

Study of enabling technologies for digital watermarking and steganography including the history of information hiding, basic principles and techniques such as still images, video, and 3-D video objects, and their applicability to owner authentication, content authentication, information embedding and communication with side information. Evaluation and benchmarking of watermarking and steganography mechanisms. Study of malicious attacks inclusive of bit rate limitation, counterfeiting marks and removal attacks. Overview of attempts to formalize watermarking. Steganography vs. watermarking. Applications of steganography. software for steganography, and steganalysis techniques.
Eligibility Requirements:: Graduate Standing

SEC 595: Special Topics in Information Assurance and Security Syllabus (3-0-3)

Advanced topics selected from current journals of Information Assurance & Security and that deal with theoretical development or applications in the field.
Eligibility Requirements:: Graduate Standing

SEC 611: Cryptographics Computations Syllabus  (3-0-3)

Review of number theory, set algebra and finite fields. Computations in finite fields using standard and non-standard bases. High performance algorithms and architectures for cryptographic applications. Side channel analysis attack resistant computations.

SEC 621: Advanced Network Security Syllabus  (3-0-3)

Intrusion detection and prevention systems. Security engineering processes. Advanced firewall considerations. Honeynets. Network forensics. Distributed denial of service attacks (Botnet, Rootkits, Zero-Day Exploits). Cyber crime and cyber war. Enterprise security policy development. Complex enterprise security infrastructure design and integration. Web and email security. P2P network security, and trust management.

SEC 631: Security in Operating Systems and Cloud Computing Syllabus  (3-0-3)

Advanced security research topics in operating systems and emerging computing paradigm such as grid and cloud computing. Secure operating system requirements, fundamentals and definitions. Security in traditional and popular operating systems such as Unix, Linux, OpenBS,D and Windows. Security kernels. Verifiable security goals, trusted processes, and information flow integrity. Secure capability systems. Security in virtualization and secure virtual machine systems. Security issues and countermeasures in cloud computing. Data security and storage in the Cloud. Security management in the cloud services: PaaS, SaaS, and IaaS. Case Studies of secure systems, design, and evaluation: SELinux and Solaris.

SEC 599: Graduate Seminar Syllabus (1-0-0)

Graduate students are required to attend seminars given by faculty members, visiting scholars, and fellow graduate students. Additionally, each student must deliver at least one presentation on a contemporary research topic. Among other things, this course is designed to give the student an overview of how to conduct research, research methodology, journal specifications and submission requirements, and on professional societies. The course grade is a Pass or Fail.
Eligibility Requirements:: Graduate Standing

SEC 606: Independent Research (Pass/Fail) Syllabus  (3-0-3)

This course is intended to allow the student to conduct research on advanced topics in his area of research for his Master degree. The faculty offering the course should submit a research plan to be approved by the graduate program committee of the ICS Department. The student is expected to deliver a public seminar and a report on his research outcomes at the end of the course.
Eligibility Requirements:: Graduate Standing

SEC 610: Master Thesis  Syllabus (0-0-6)

The student has to undertake research at an in-depth level under the supervision of a faculty member for a specific problem in the area of Security & Information Assurance.