CYPR 7153 Foundations of Cyber Security
Introduction to cyber security concepts and topics. The security of socio-technical systems will be studied by examining a range of threats, vulnerabilities and countermeasures. Topics include software security, malware, keylogging, data loss and privacy. In addition to technical approaches, human factors, economic, legal and ethical issues will be considered. Students will participate in discussions and hands-on projects.
CYPR 7173 Defensive Cyber Security Technologies
Explores essential defensive cyber security concepts and technologies used by modern organizations. Using security frameworks and documented best practices, we will examine information security risks, threats, and vulnerabilities faced by modern organizations and use actual security tools during the class to help introduce different security threat mitigations, and their limitations.
CYPR 7223 Network Security Concepts and Applications
The course covers principles of computer networks and network security design and operation. Principles of computer networks: requirements, connectivity levels, layered architectures and applications. Direct link networks, packet switched networks, IP and internetworking. Core perimeter security fundamentals and network security components. Layered security and defense in depth. Packet filtering, routers as security devices, intrusion detection systems, IPSec and VPNs. Incident response, design fundamentals and security assessments to maintain security posture.
CYPR 7373 System Security and Cryptography
Technical aspects of computer, network and information system security. Concepts, principles, models and techniques of access control, authentication, secure communication and audit. Security system design, engineering and operation. Fundamentals and applications of cryptography.
IMMERSIVE ELECTIVE COURSES
Vehicular / Cyber-Physical Systems Security
This course provides knowledge of vehicle communication systems primarily focused on controller area networks (CAN). The structure of CAN messages, concepts of arbitration, and limitations of CAN are explored with hands-on exercises using open source hardware and software. The immersive experience will enable students to access vehicles and vehicle networks as they perform experiments related to the security of vehicle systems.
ONLINE ELECTIVE COURSES
Organizational Cyber Security
This course covers the process, policies, and strategies for developing and maintaining a strong cybersecurity posture within an organization. Effective organizational cyber security requires defining each member’s cyber security role and aligning leadership, staffing, training, and performance management to achieve these roles. Students in this course will critically examine their own organization’s current system as part of this course.
This course presents a survey of the security vulnerabilities in hardware and cover mitigation techniques. Hardware systems investigated include digital systems, embedded systems, wireless systems, RFID, and programmable digital systems (e.g., FPGAs). Approaches to design and apply security practices and techniques to hardware are covered.
CYPR 7493 Secure Systems Administration
Accepted best practices and guidelines to secure information systems and networks. Detection of abnormal events, intrusion detection, incident handling, response and recovery. Security policies, system configuration, integration, and maintenance.
CYPR 7083 Security Auditing and Penetration Testing
Students learn to apply risk metrics to threats from vulnerabilities and exploits. They identify, understand, and apply defensive practices against the major classes of vulnerabilities. They gain knowledge of standard penetration testing methodology and outcomes. Students understand auditing and testing methodologies for common IT elements and perform basic penetration testing.
Internet of Things / Cloud Security
ON-CAMPUS CYBER SECURITY ELECTIVES
While not required, students may also elect to take on-campus courses. Here is a listing of relevant cyber security courses offered at TU.
CS 6013 Secure Electronic Commerce
Technologies to facilitate secure online communications, such as SSL and digital certificates, are presented. Canonical threats to web security, such as input validation, XSS and CSRF attacks, are demonstrated using hands-on experiments. Engineered defenses against these attacks are then reviewed. Mechanisms for secure payments, such as EMV, tokenization and mobile payments protocols, are discussed along with case studies of attacks on deployed systems. The technical architecture of cryptocurrencies, notably Bitcoin, are presented. Throughout the course, economic considerations, notably the incentives of system designers and attackers, are discussed.
CS 7143 Security Economics
Introduces economics as a tool for understanding and managing information security. Reviews key information security challenges and technologies in order to reason about the topics economically. Introduction to techniques of analytic and empirical modeling. Models and metrics of security investment with cost-benefit analysis techniques. Empirical investigation and measurement of cybercrime. Security games designed to capture the strategic interaction between defenders, and between attacker and defenders. Implications for public policy are discussed.
CS 7183 Information System Security Engineering
Engineering methods for the development of safety and security critical information systems. Secure software design and implementation. Information infrastructure maintenance and reliability. Specification, design, and analysis of mission-critical system properties. Certification, accreditation, and validation processes.
CS 7443 Information System Assurance
Design and analysis methods for high assurance information systems. Safety, reliability, and security. Specification of mission critical system properties. Software validation, verification, and certification.
CS 7463 Enterprise Security Management
Managerial aspects of computer security and risk management for enterprises. Accreditation, procurement, extension and operation principles for secure computing systems. Prerequisite: CS 7443.