COURSE CONTENTS: MASTER OF SCIENCE IN CYBERSECURITY

LUE 500 Engineering Mathematics

LUE 501 Scientific Research Techniques and Ethics (common course)

LUE 502 Academic Writing, Reading and Presentation Techniques

MSCS 501 Algorithms and Complexity Analysis

This is a follow-on course to data structures and one of the three core Cybersecurity courses at ABU (the other two are; MSCS 502 Information Assurance and MSCS 503 Cryptology). It provides a survey of computer algorithms, examines fundamental techniques in algorithm design and analysis, and develops crucial problem-solving skills required in the field of Cybersecurity (as is required in many fields of science). The topics to be studied include advanced data structures (red-black and 2-3-4 trees, union-find), recursion and mathematical induction, algorithm analysis and computational complexity (recurrence relations, big-O notation, NP-completeness), sorting and searching, design paradigms (divide and conquer, greedy heuristic, dynamic programming, amortized analysis), and graph algorithms (depth- first and breadth-first search, connectivity, minimum spanning trees, network flow). Advanced topics are selected from among the following: randomized algorithms, information retrieval, string and pattern matching, and computational geometry.

MSCS 502 Information Assurance

This multidisciplinary core course, which provides an overview of information assurance in an enterprise context, enables students to develop a solid foundation for understanding the Cybersecurity field in general and in essence. The course surveys the nature of enterprise security requirements, and identifies threats to information technology systems, access control and open systems. The security topics to be discussed include network security, cryptography, IT technology issues, database security, risk management and policy considerations represented by government/state guidance and regulations to support information confidentiality, integrity and availability. The course also addresses the social and legal problems of individual privacy in an information processing environment. In addition, several data encryption algorithms are examined. This course is taken before any other courses in the Master degree program (except MSCS 501 Algorithms and Complexity Analysis, which can be taken before or after).

MSCS 503 Cryptology

This course introduces the principles and practice of contemporary Cryptology. It begins with a brief survey of classical cryptographic techniques that influenced the modern development of Cryptology. The topics include symmetric block ciphers and the Advanced Encryption Standard (AES), public key cryptosystems, digital signatures, authentication protocols, cryptographic hash functions, and cryptographic protocols and their applications. Some of the relevant ideas from complexity theory and computational number theory that provide the foundation of modern Cryptology are discussed as needed throughout the course.

MSCS 595 Seminar

Students are expected to conduct research by themselves on selected areas, and write reports and do in-class presentations. The scope of the seminar will be determined by the instructor or mentor/advisor.

NETT 501 Computer Network Architectures and Protocols

This course includes the definition of computer networks, Network standards, OSI Reference Model, Physical layer, Data link layer, Network layer, Inter-networking, Routing, Transport layer, Session layer, Presentation layer, ASN.1 and BER, Application layer, Interoperability techniques.

NETT 502 Protocol Design

This course introduces Network fundamental, Protocol structure, Design tools, Validation models, Correctness requirements, Finite state machine, Protocol design examples (the latest wired and wireless networks, such as the IEEE 802.X family, as well as protocols in VoIP, Web 2.0, and network security), Simulation tools (SPIN, OPNET, NS3), Protocol anatomy.

NETT 503 Network Programming

This course provides TCP Sockets, UDP Sockets, Socket Options, I/O Multiplexing, Name and Address Conversions, IPv6, IPv6 and IPv4 Interoperability, Daemon Processes, Advanced I/O Functions, Broadcast and Multicast, X/Open Transport Interface API, Raw Sockets and Datalink Access.

NETT 504 Network Security

This course introduces Public Key Infrastructure, Cryptography (Brief Overview of Commercial Issues), Wireless Local Area Networks Security, Cisco WLAN Security Countermeasures, Virtual Private Networks (VPN), Internet Protocol Security (Ipsec) and Internet Key Exchange version 2 (IKEv2), IPv4 to IPv6 Transition Security Issues, Next Generation Networks Security Architecture and IPv6 Issues, VPN: Selected MPLS (Multiprotocol Label Switching) Security Issues, IMS (IP Multimedia Subsystem) and MPLS in UMTS (Universal Mobile Telecommunications System) and IPv6, SIP (Session Initiation Protocol) Security, IETF NEA (Network Endpoint Assessment): Cisco NAC (Network Access Control), Mobile Web Services Security (WSS), Disaster prevention and recovery, Network Usage Policies.

NETT 505 Web Security 

Web Security course TLS, RSA, Digital Certificates, Client-side Security (Javascript, JSON, and HTML), Server- side Security (PHP, Python (Flask API's), & MySQL), Cloud Computing, Application Security Tools, Application Container Security (Docker), Mobile Applications, Big Data, Machine Learning, Blockchains & Bitcoin, Privacy & Anonymity using TOR.

NETT 506 Modern Cryptography

Modern Cryptography includes seemingly paradoxical notions such as communicating privately without a shared secret, proving things without leaking knowledge, and computing on encrypted data. The course starts from the basics of private and public key cryptography and go all the way up to advanced notions such as zero-knowledge proofs, functional encryption and program obfuscation. The class will focus on rigorous proofs and require mathematical maturity.

SYST 501 Algorithms and Complexity Analysis

This course is the same as MSCS 501.

SYST 502 Information Assurance

This course is the same as MSCS 502.

SYST 503 Software Security

This course explores the foundations of software security. It identifies typical software security vulnerabilities and attacks that exploit them, such as buffer overflows, SQL injection, and session hijacking, by reviewing the source code and penetration testing. We discuss defenses that prevent or mitigate these attacks, including advanced testing and program analysis techniques. We will also consider practices and standards at each phase of the development cycle that can be used to strengthen the security of software systems (such as software touchpoints, common criteria, BASIMM, and OpenSAMM). We will discuss key authentication and authorization concepts and methods; different authentication methods, multilevel and multilateral security control, and role-based access control.

SYST 504 Cryptography and Coding

A first course in the mathematical theory of secure and reliable electronic communication. Cryptology is the study of secure communication: How can we ensure the privacy of messages? Coding theory studies how to make communication reliable: How can messages be sent over noisy lines? Topics include finite field arithmetic, error-detecting and error-correcting codes, data compression, ciphers, one-time pads, the Enigma machine, one-way functions, discrete logarithm, primality testing, secret key exchange, public key cryptosystems, digital signatures, and key escrow. Students should have computing experience.

SYST 505 Operating Systems Security

Introduction to Operating System Security, Operating System and basic features of widely used operating systems (Unix, Linux, Windows, Android, iOS), Security facilities provided by Unix / Linux operating system, Security facilities provided by Windows operating system, Vulnerabilities arising from the operating system, Process security, access security, Identification of users, authorization, Monitoring and control of the Authority, Keeping records of Use Security models. Advanced kernel debugging techniques will be applied to understand the underlying protection mechanisms and analyze the malicious software. Students will learn both hardware and software mechanisms designed to protect the OS (e.g., NX, ASLR, SMEP, SMAP).

SYST 506 Authentication Technologies

The importance of the Authentication and Authentication Technologies, Authentication in Cyber Security, Non-repudiation in Cyber Security, Authorization Mechanisms, Multi-component Bio-metric Authentication Techniques, Human factors in safety, Authentication in Cloud Computing, Authentication in portable devices, Single entry Public Key Cryptography, United authentication, Password cracking, Safety overcome technical and ethical compromises, Authentication tokens, Key logging, phishing, the man-in-the-middle attacks, the man-in-the-browser attacks, Authentication attacks and countermeasures, wireless authentication.

SYST 511 Java Security

This course examines security topics in the context of the Java language with emphasis on security services such as confidentiality, integrity, authentication, access control, and non-repudiation. Specific topics include mobile code, mechanisms for building “sandboxes” (e.g., class loaders, namespaces, bytecode verification, access controllers, protection domains, policy files), symmetric and asymmetric data encryption, hashing, digital certificates, signature and MAC generation/verification, code signing, key management, SSL, and object-level protection. Various supporting APIs are also considered, including the Java Cryptography Architecture (JCA) and Java Cryptography Extension (JCE). Security APIs for XML and web services, such as XML Signature and XML Encryption, Security Assertions Markup Language (SAML), and Extensible Access Control Markup Language (XACML), are also surveyed. The course includes multiple programming assignments and a project.

SYST 512 PHP Security

This course is similar to SYST 511, except for PHP language, and concentrates more on tackling various injection attacks, script injections, attacks against session handling of PHP, insecure direct object references, issues with file upload, cookie protection, and many others.

SYST 521 Database Security

Database security should provide controlled and protected access to the members and also should preserve integrity of the data. The threat to database depends on various factors like network security, physical security, encryption, authentication, etc. The three main points that should be considered when securing a database are: Protecting data from unauthorized access, preventing unauthorized disclosure, Recovering from hardware or software errors. Topics discussed include: Authentication, Access Control (Discretionary access control, DAC, Content-based access control, Fine-grained access control, Mandatory access control, MAC), Threats (Excessive and unused privileges, Privilege abuse, SQL injection, Malware, Poor auditing records, Denial of service attacks, DoS, DDoS, Buffer overflow exploitation), Auditing (access and authentication auditing, user and administrator auditing, Security activity monitoring, Vulnerability and threat auditing, Change in auditing), Data Encryption, Monitoring and Blocking, Attacks on backups, Physical security, Controls and Policies, Human error (accidents, weak passwords, password sharing, etc).

SYST 522 Security Engineering

Complex challenges of Cybersecurity engineering, Assessing Value and Harm in Cyberspace, Cybersecurity modeling of defense and attack, Creating attack trees and commensurate security controls, Cryptography and fundamentals of authentication, Authorization systems, Intrusion detection: foundations, systems and strategies, Deterrence and risk assessment methods, Risk mitigation and engineering fundamentals, Architecting and assuring Cybersecurity, Cybersecurity situation understanding and command and control, Strategic policy, investment, and the future of Cybersecurity.

SYST 523 Embedded Computer Systems: Vulnerabilities, Intrusions and Protection Mechanisms

This course examines the potential for computer crime and the protection mechanisms employed in conjunction with the embedded computers that can be found within non-networked products (e.g., vending machines, automotive onboard computers, etc.). It provides a basic understanding of embedded computer systems: differences with respect to network-based computers, programmability, exploitation methods, and current intrusion protection techniques, along with material relating to computer hacking and vulnerability assessment.

SYST 531 Cyber Physical

This course will investigate key concepts behind Cyber physical systems (CPS) including control systems, protocol analysis, behavioral modeling, and intrusion detection system (IDS) development. Topics include Cyber Physical Systems Overview, Continuous Time Control Systems, State Space Description of Control Systems, Simple Estimation Theory, Cyber Physical Systems Transportation Sector – unmanned aerial vehicles (UAVs), Cyber Physical Systems Industrial and Manufacturing Sector, Behavioral Analysis, Modeling Resilient Systems, Defense in Depth Architectures.

SYST 551 Assured Autonomy

This course focuses on the complexities inherent in autonomous systems and the multifaceted and multilayered approaches necessary to assure their secure and safe operation. As these systems become more pervasive, guaranteeing their safe operation even during unforeseen and unpredictable events becomes imperative. There are currently no real solutions to provide these run-time guarantees necessitating cutting edge research to provide state awareness, intelligence, control, safety, security, effective human-machine interaction, robust communication, and reliable computation and operation to these systems. Topics include Introduction to Assured Autonomy, AI Safety, Trust, Security, and Privacy, Anomaly and Fault Detection, Data Set Shift, Formal Verification and Validation, Test, Evaluation, and Certification, Interpretable Machine Learning, Human-Autonomy Integration, Policy and Governance, Adversarial AI, Run-time Monitoring and Assurance, Software, Sensor, and Actuator Assurance.

SYST 552 Autonomic Computing: Intro to Autonomic and Self-aware Computing Systems

This course is an introduction to autonomic and self-aware computing systems. It surveys the field of autonomic computing from its first introductory vision to the current time. The course describes autonomic computing and how it provides self-managing systems with their ability to adapt to unpredictable changes in an environment. It concentrates on the self-wareness properties of autonomic systems, the architecture, the monitoring systems that provide the self-awareness, and the adaptation and decision making needed to adapt to changing environments. The course covers the vision of autonomic computing and how autonomic computing differs from automated and autonomous systems.

SYST 553 Intelligent Vehicles: Cybersecurity for Autonomous Vehicles

This course helps students understand the significance of assured autonomy safety and functional correctness of intelligent vehicles throughout the technology’s life-cycle.

ANAT 501 Cryptology

This course is the same as MSCS 503.

ANAT 502 Advanced Topics in Cryptography

Basics of cryptography, Bezouts equality, Euclidean algorithm, extended Euclidean algorithm, inverse  modular arithmetic, finite fields, prime fields, extended fields, Union fields, AES (Advanced Encryption Standard), AES block cipher modes of operation, Self algorithms, conflicts, birthday paradox, Euler function, Euler's theorem, Fermat's theorem, the element degree, primitive roots, primality test, RSA public key algorithm, signing with RSA, fast modular exponentiation CRT, Discrete logarithms, Diffie-Hellman key exchange method, ElGamal public key cryptosystems, Elliptic curve cryptosystems, elliptic curve crypto systems applications, DSA signing with elliptic curves, certificates, SSL, Key exchange, Quantum Cryptography.

ANAT 503 Ethical Hacking

The primary goal is to give students an understanding of how vulnerable systems can be attacked as a means to motivate how they might be better defended. Topics include; Social Engineering, Reconnaissance, Scanning tools, Simple IP firewalls, routers and LAN segments Metasploit, and exploitation framework, Web exploitation, WiFi exploitation, Mobile device exploitation, Constructing a root kit, Executing shell code via stack overflows, Return Oriented Programming. Students skills may be tested by having teams of students develop and participate in instructor lead capture-the-flag (CTF) competitions.

ANAT 504 Intrusion Detection and Prevention

Types of attacks against information systems, The methods and techniques developed against attacks, Measures against specific types of attacks, intuitive measures, History of intrusion detection, Abnormalities and abuse methods, Anomaly and misuse based intrusion detection, Network and server-based intrusion detection, The use of error percentages and ROC (receiver operating characteristic) curves, Base rate fallacy problem, Measures against potential intrusions, Firewall rules and STS, Analysis of intrusion attributes with Honey pot method, Practical issues. TCPDump and Snort will be used in student assignments to collect and analyze potential attacks.

ANAT 505 Computer Forensics

Legal and regulatory issues, investigation techniques, data analysis approaches, and incident response procedures for Windows and UNIX systems. Homework in this course will relate to laboratory assignments and research exercises. Students should also expect that a group project will be integrated into this course.

ANAT 506 Digital Forensics Technologies and Techniques

Digital Forensics taxonomy, goals/requirements, Examination Platform (Forensic Tools and supporting environment), Data Acquisition, Disk and File system analysis, Operating System Artifacts (Windows and Linux Systems), Data Transformation and Analysis techniques, Data Mining and Machine Learning, Network and Internet Forensics Technologies and Tools, File Analysis, Steganography/ Watermarking technology, Multimedia Forensics/ Steganalysis, Malware Analysis, Pot-Pourri (Automating Analysis and Extending capabilities), Other Forensic Apps, Next Generation Forensics.

ANAT 507 Reverse Engineering and Vulnerability Analysis

This course covers both the art and science of discovering software vulnerabilities. Beginning with the foundational techniques used to analyze both source and binary code, the course will examine current threats and discuss the actions needed to prevent attackers from taking advantage of both known and unknown vulnerabilities. The course will cover passive and active reverse engineering techniques in order to discover and categorize software vulnerabilities, create patches and workarounds to better secure the system, and describe security solutions that provide protection from an adversary attempting to exploit the vulnerabilities. Techniques covered include the use of static analysis, dynamic reverse engineering tools, and fault injection via fuzzing to better understand and improve the security of software.

ANAT 508 Information Assurance Analysis

This course provides students with an overview of analysis as it applies to information assurance. In order to perform effective analysis, the focus of the course is on the analysis process and approach rather than on specific tools. Topics include the collection, use, and presentation of data from a variety of sources (e.g., raw network traffic data, traffic summary records, and log data collected from servers and firewalls). These data are used by a variety of analytical techniques, such as collection approach evaluation, population estimation, hypothesis testing, experiment construction and evaluation, and constructing evidence chains for forensic analysis.

ANAT 509 Formal Methods: Formal Verification of Programs

Formal verification of a program is the mathematical proof that the program does what is expected of it. This course is an introduction to a vast world of formal methods. The concern will be the formal verification of the widest possible variety of programming language features and techniques. Each student will carry out an investigation of one or another of the existing formal verification systems, applying it to a program of their choice. This course is an advanced form of SYST 503 Software (and Web) security course.

ANAT 510 Theory of Coding

Symmetrical channels, error correction, error detection, maximum likelihood solution, erasure solution, hamming codes, coding limits (Singleton, Hamming), maximum distance codes, Linear codes, code generating matrices, parity check matrices, Finite fields mathematics, Cyclic codes, BCH codes, Reed-Solomon codes, BCH and Reed Solomon decoding, Convolutional Codes, The Viterbi Algorithm, Berlekamp-Massey algorithm, the articulated codes, Turbo codes, Low-density parity check codes.

 ANAT 511 Introduction to Data Privacy

This course provides current privacy issues and some related privacy laws, formal privacy definitions: k-anonymity and l-diversity, t-closeness and m-invariance, privacy in databases, privacy-preserving computations, secure multiparty computation, revocable privacy, privacy friendly search, searching in encrypted databases, differential privacy and privacy-preserving Machine Learning.

MSCS 599 Master’s Thesis

Students will do research on a topic determined together by them and their supervisor, and write a thesis on that topic. They will defend their thesis in accordance with the ABU’s rules and regulations on graduate studies at the end of completion of their thesis. Students will fill a thesis report form to register in this class and will remain registered until they submit their thesis to ABU and be successful in their defense. Students are expected to do at least one scientific publication (journal or conference paper) during, and/or at the completion of, their research.