Information Security Graduate Certificate

This course introduces fundamental concepts, principles of cybersecurity and their use in the development of security mechanisms and policies. Topics include basic risk assessment and management; basic legal and ethics issues, various cyber attacks, defense methods and tools; security principles, models and components; different crypto protocols, techniques and tools, including symmetric and asymmetric encryption algorithms, hashing, public key infrastructure, and how they can be used; security threats and defense to hardware, operating systems, networks and applications in modern computing environments. Hands-on labs using current tools are provided and required. Prerequisite: METCS535 or METCS625 or instructor's consent.  [ 4 cr. ]

In this course we will study the fundamental and design applications of various biometric systems based on fingerprints, voice, face, hand geometry, palm print, iris, retina, and other modalities. Multimodal biometric systems that use two or more of the above characteristics will be discussed. Biometric system performance and issues related to the security and privacy aspects of these systems will also be addressed.   [ 4 cr. ]

The course provides a strong foundation in database security and auditing by utilizing Oracle scenarios and step-by-step examples. The following topics are covered: security, profiles, password policies, privileges, roles, Virtual Private Databases, and auditing. The course also covers advanced topics such as SQL injection, database management, and security issues, such as securing the DBMS, enforcing access controls, and related issues.  [ 4 cr. ]

This course covers important topics that students need to understand in order to effectively manage a successful cybersecurity and privacy program, including governance, risk management, asset classification and incidence response. Students are first introduced to cybersecurity & privacy policy frameworks, governance, standards, and strategy. Risk tolerance is critical when building a cybersecurity and privacy program that supports business goals and strategies. Risk management fundamentals and assessment processes will be reviewed in depth including the methodology for identifying, quantifying, mitigating and controlling risks. Asset classification and the importance of protecting Intellectual Property (IP) will prepare students to understand and identify protection mechanisms needed to defend against malicious actors, including industry competitors and nation states. Incident Response programs will cover preparation and responses necessary to triage incidents and respond quickly to limit damage from malicious actors.   [ 4 cr. ]

Prerequisites: (MET CS 535 or MET CS 625) and (MET CS 595 or MET CY 100) or consent of instructor. This course is designed to provide students with a comprehensive understanding of the fundamental concepts, principles, technologies, and best practices to secure both computer networks and clouds. Topics include an overview of network threats, SSL/TLS, Kerberos, PKI, IPsec, DNSsec, SSH, Firewall, IDS, VPD, electronic mail security, wireless network security, Blockchain, TOR, Cloud architecture, an overview of cloud threats, architecture protection, and data protection in Cloud, IAM, security best practices, etc. Upon the completion of the course, students are expected to know the threats and vulnerabilities that networks and cloud systems face, along with the strategies and tools used to mitigate those risks. Hands-on labs based on existing tools are provided and required.  [ 4 cr. ]

Provides a comprehensive understanding of digital forensics and investigation tools and techniques. Learn what computer forensics and investigation is as a profession and gain an understanding of the overall investigative process. Operating system architectures and disk structures are discussed. Studies how to set up an investigator's office and laboratory, as well as what computer forensic hardware and software tools are available. Other topics covered include importance of digital evidence controls and how to process crime and incident scenes, details of data acquisition, computer forensic analysis, e-mail investigations, image file recovery, investigative report writing, and expert witness requirements. Provides a range of laboratory and hands-on assignments either in solo or in teams. With rapid growth of computer systems and digital data this area has grown in importance. Prereq: Working knowledge of windows computers, including installing and removing software. Access to a PC meeting the minimum system requirements defined in the course syllabus.  [ 4 cr. ]

Overview of mobile forensics investigation techniques and tools. Topics include mobile forensics procedures and principles, related legal issues, mobile platform internals, bypassing passcode, rooting or jailbreaking process, logical and physical acquisition, data recovery and analysis, and reporting. Provides in-depth coverage of both iOS and Android platforms. Laboratory and hands-on exercises using current tools are provided and required.  [ 4 cr. ]

Prerequisites: MET CS 248 or consent of instructor - Overview of techniques and tools to develop secure software. Focus on the application of security. Topics include secure software development processes, threat modeling, secure requirements and architectures, vulnerability and malware analysis using static code analysis and dynamic analysis tools, vulnerabilities in C/C and Java programs, Crypto and secure APIs, vulnerabilities in web applications and mobile applications, and security testing. Hands-on lab and programming exercises using current tools are provided and required.  [ 4 cr. ]

Prerequisites: MET CS 577 or consent of instructor. This course provides an in-depth exploration of the critical intersection between Artificial Intelligence (AI) and cybersecurity, focusing on two interconnected themes: protecting AI systems from vulnerabilities and harnessing the power of AI to tackle cybersecurity challenges. As AI becomes a cornerstone of modern technology, ensuring the security of AI-powered systems against adversarial attacks, backdoor attacks, and model theft is essential. Simultaneously, AI offers transformative capabilities for malware detection, intrusion prevention, and malware analysis. Through a combination of theoretical foundations, hands-on exercises, and real-world case studies, students will delve into topics such as adversarial machine learning, backdoor injection and defense, IP protection, and privacy-preserving AI. They will also learn how to design and implement AI-driven tools for identifying and mitigating cyber threats in dynamic environments. The course emphasizes practical applications, encouraging students to build resilient AI systems and utilize advanced AI techniques to enhance system security and detect emerging threats. Hands-on labs based on existing tools are provided and required.  [ 4 cr. ]

Prerequisites: (MET CS 248 & MET CS 566) or consent of instructor - The course covers the main concepts and principles of cryptography, with the main emphasis on public key cryptography. It begins with the review of integers and a thorough coverage of the fundamentals of finite group theory, followed by the RSA and ElGamal ciphers. Primitive roots in cyclic groups and the discrete log problem are discussed. Baby-step Giant-step and the Index Calculus probabilistic algorithms to compute discrete logs in cyclic groups are presented. Naor -- Reingold and Blum -- Blum -- Shub Random Number Generators as well as Fermat, Euler and Miller-Rabin primality tests are thoroughly covered. Pollard's Rho, Pollard's and Quadratic Sieve factorization algorithms are presented. The course ends with the coverage of some oblivious transfer protocols and zero-knowledge proofs. There are numerous programming assignments in the course.  [ 4 cr. ]