Security Graduate Courses

In this course we will study the fundamental and design applications of various biometric systems based on fingerprints, voice, face, hand geometry, palm print, iris, retina, and other modalities. Multimodal biometric systems that use two or more of the above characteristics will be discussed. Biometric system performance and issues related to the security and privacy aspects of these systems will also be addressed. 4 credits.  [ 4 cr. ]

The course provides a strong foundation in database security and auditing. This course utilizes Oracle scenarios and step-by-step examples. The following topics are covered: security, profiles, password policies, privileges and roles, Virtual Private Databases, and auditing. The course also covers advanced topics such as SQL injection, database management security issues such as securing the DBMS, enforcing access controls, and related issues.  [ 4 cr. ]

This course enables IT professional leaders to identify emerging security risks and implement highly secure networks to support organizational goals. Discussion of methodologies for identifying, quantifying, mitigating and controlling risks. Students implement a comprehensive IT risk management plans (RMP) that identify alternate sites for processing mission-critical applications, and techniques to recover infrastructure, systems, networks, data and user access. The course also discusses related topics such as: disaster recovery, handling information security; protection of property, personnel and facilities; protection of sensitive and classified information, privacy issues, and criminal terrorist and hostile activities.  [ 4 cr. ]

This course will cover advanced network security issues and solutions. The main focus on the first part of the course will be on Security basics, i.e. security services, access controls, vulnerabilities, threats and risk, network architectures and attacks. In the second part of the course, particular focus and emphasis will be given to network security capabilities and mechanisms (Access Control on wire-line and wireless networks), IPsec, Firewalls, Deep Packet Inspection and Transport security. The final portion of the course will address Network Application security (Email, Ad-hoc, XML/SAML and Services Oriented Architecture security. As part of our course review we will explore a number of Network Use Cases. 4 credits.  [ 4 cr. ]

Provides a comprehensive understanding of digital forensics and investigation tools and techniques. Laboratory and hands-on assignments either in solo or in teams. 4 credits.  [ 4 cr. ]

The course provides an in-depth presentation of security issues in computer systems, networks, and applications. Formal security models are presented and illustrated on operating system security aspects, more specifically memory protection, access control and authentication, file system security, backup and recovery management, intrusion and virus protection mechanisms. Application level security focuses on language level security and various security policies; conventional and public keys encryption, authentication, message digest and digital signatures. Internet and intranet topics include security in IP, routers, proxy servers, and firewalls, application-level gateways, Web servers, file and mail servers. Discussion of remote access issues, such as dial-up servers, modems, VPN gateways and clients.  [ 4 cr. ]

This course provides a comprehensive understanding of network forensic analysis principles. Within the context of forensics security, network infrastructures, topologies, and protocols are introduced. 4 credits.  [ 4 cr. ]

This course provides an introduction to the advanced digital forensic topic relating to malicious software (malware), which represents an increasing information security threat to computer systems and networks. Students will review software engineering design fundamentals and reverse engineering techniques utilized to conduct static and dynamic forensic analysis on computer systems and networks. Students will learn about the importance of forensic principles, legal considerations, digital evidence controls, and documentation of forensic procedures. This course will incorporate demonstrations and laboratory exercises to reinforce practical applications of course instruction and will require an independent research paper related to the course topic.  [ 4 cr. ]

The course covers the main concepts and principles of cryptography with the main emphasis put on public key cryptography. 4 credits.  [ 4 cr. ]

This course builds on the material covered in CS 789 Cryptography. It begins with the coverage of commutative rings, finite fields, rings of polynomials, and finding of the greatest common divisor in the ring of polynomials. Irreducible polynomials are discussed. Field extensions and fields Fᴩ [x]/P are thoroughly covered. The main emphasis is put on elliptic curves over Fᴩ and F₂ and the ElGamal cipher on elliptic curves is presented. Block ciphers DES and double and triple DES are introduced. AES and WHIRLPOOL block ciphers and modes of operation are covered. The course continues with the introduction of message integrity and message authentication. In the last part of the course cryptographic hash functions SHA-512 and WHIRLPOOL as well as various digital signatures are introduced. Finally, entity authentication and key management issues are discussed.  [ 4 cr. ]