This course provides a coverage of mobile commerce (m-commerce) including frameworks, applications, requirements, location-based services, group-oriented services, transaction management, content and pricing, business model and emerging m-commerce services. The proposed course brings together challenges and solutions in mobile commerce including multi-layer frameworks, current and emerging mobile commerce services such as mobile financial services and mobile entertainment services. Management of mobile commerce services, business models and revenue management are also included. As m-commerce is going through many advances, many near and long-term issues such as the role of emerging wireless LANs and 3G/4G wireless networks, personalized content management, implementation challenges in m-commerce and futuristic m-commerce services will also be discussed.
IT is broadly encompassing the information that business creates and uses, as well as a wide spectrum of increasingly convergent and interlinked technologies that process information. Topics include: Information Systems in organizations; organizing data and information; enterprises and their organization; overview of Electronic Commerce; transaction processing and Enterprise-Wide Systems; information and Decision Support Systems; systems analysis, design, implementation and maintenance; Database Management Systems, Current trends in the development of information systems, and Creating and sustaining competitive advantage with IT.
Due to advances in IT, the amount of modern data comprises huge files of diverse types, resulting in data rich but information poor organizations. To facilitate discovery of information patterns and trends, new approaches are required. Data mining techniques can help companies discover information and acquire business intelligence from these massive datasets. This course covers data mining for business intelligence. Data mining refers to extracting or “mining” knowledge from large amounts of data and consists of techniques that aim at discovering patterns that can bring value or “business intelligence” to organizations, for example consumer behavior. The course covers salient data mining techniques including classification, clustering, association rule mining, visualization and prediction.
Digital firms are distinguished from traditional firms because of their near total reliance on a set of information technologies to organize and manage their operations. This course focuses on starting-up a such a new Information Technology (IT) venture; Identifying IT venture opportunities; Drafting an agenda for a successful IT venture; Risks and returns management; Business planning; Operational planning; Organizational development and management; Financing entrepreneurial ventures.
Enterprise computing involves the use of computers in networks, such as LANs and WANs, or a series of interconnected networks that encompass a variety of different operating systems, protocols, network architectures, and enterprise applications. This course introduces the concept of enterprise computing and covers various enterprise technologies including architectural frameworks (.Net, CORBA, EJB), business process modeling tools, integration frameworks (EAI, SOA and web services), and applications such as ERP and CRM. In this course, students carry out a research project on future directions and challenges of enterprise applications and technologies.
Knowledge Management (KM) is a discipline that promotes an integrated approach to identifying, capturing, sharing and evaluating an enterprise's information and knowledge assets. This course reviews and discusses existing technologies in KM and new, emerging KM technologies and practices. The course evaluates the computer representation, access, and utilization of knowledge versus information within a human context. It provides an essential preparation for managerial roles in today's modern knowledge-based economy.
This course provides a broad spectrum and analysis of the legal issues confronted in today’s information technology (IT). It describes the foundation of intellectual property concepts upon which IT activities and transactions are based. The course also explains the licensing issues of software or information resources, the outsourcing or hosting of services or information, the allocation of software or websites development rights. It also addresses existing legislations and regulations impacting the use of IT systems in the UAE, including electronic privacy and security, and commercial laws related to IT
This course introduces Internet technologies that are affecting people’s interactions with government. The course shows the means by which governments use and manage these technologies to provide better information and services to the public. The course content is divided into three categories: Overview and assessment of development techniques, key policy issues relevant to e-government implementation programs and the broader use of information technology in modern societies. Case studies, which explore the skills and concepts needed to manage e-government projects and programs effectively, are also discussed in this course.
This course will introduce the students to the main concepts and tools of computation for data science. There are two main components to this course, namely, conceptual component and practical component. The conceptual part will start with an overview of data, information, and computational techniques that data analysts and data scientists work with. It will follow a description of different types of data analytics, including data extraction, cleaning, statistical inference from data, regression models, and an overview of machine learning. The second part will be a hands on experience with the state-of-the art computational tools for data science, including R, python and java based libraries and tools. This part will also include real case studies. The course will be concluded with relevant contemporary challenges and research problems related to data science.
This course provides the basic fundamental theoretical concepts of network traffic and services filtering. In addition, this course provides concepts of stateless and stateful firewalls. Topics include: TCP/IP protocols, network packet filtering, common Internet services (HTTP, FTP, SMTP, POP3, DNS, etc.) filtering, stateless and stateful firewalls, firewall filtering rules consistency and efficiency verification, VPNs, secure network architectures, network attacks on firewalls.
The students in this course will be introduced to various encryption techniques and their applications. The main encryption techniques the students will learn and apply in this course are Symmetric encryption, Public-key encryption, and hash functions. These techniques will be used for digital signatures, certificate generation and verification. The performance of the various encryption techniques used will be analyzed based on certain criteria and design needs.
This course covers basic fundamental theoretical concepts, mechanisms and techniques for network intrusion detection and prevention both in wired and wireless networks. In addition, the course provides students with hands-on skills on configuring intrusion prevention systems (IPS) as well as on generating common network attacks. Topics covered include: overview on network attack types, attack signatures generation, denial of services (DoS) attacks, distributed DoS attacks, buffer overflow attack, Man-in-the-Middle attacks, ARP cache poisoning attacks, common mobile and wireless network attacks, IP spoofing based attacks, sniffing attacks, covert channels, steganography, operating systems fingerprinting, system and network vulnerability assessment.
This course provides the students with the necessary knowledge in the design, analysis, and evaluation of various security protocols and mechanisms, including but not limited to: basic symmetric and asymmetric cryptography protocols, SSL/TLS, WEP/WPA, IPSec, S/MIME, PGP, SSH, X.509 and Kerberos. A security protocol may fail in three ways: the protocol design may be flawed, the cryptography may be inadequate, or the implementation may be buggy. This course focuses on discussing the pros and cons of various security trade-offs involved in the design of internet protocols, identifies and describes vulnerabilities associated with such protocols, and describes the mitigations for these vulnerabilities.
This course takes a close look at software as a mechanism for attack, as a tool for protecting resources, and as a resource to be defended. The course covers how poor software design and engineering can be the root causes of most security vulnerabilities in deployed systems, web technologies and digital rights management. Topics covered include: secure software design and development process, common software and web vulnerabilities such as buffer overflows and cross site scripting, program and code auditing and analysis using static, dynamic, and hybrid analysis, software watermarking and code obfuscation, and software testing for vulnerability.
This laboratory course provides hands-on experience that covers the concepts of symmetric and asymmetric cryptographic algorithms, hash functions, and its real-world security applications. Main topics include: classical cryptography, encryption algorithms including DES, RC4, AES and RSA, Diffie-Hellman key exchange, hash functions, cryptographic-based security protocols including SSL, SSH, PGP, and IPSec.
This course prepares students to recognize, analyze, and manage privacy challenges. Students learn concepts and methods for creating technologies and related policies with provable guarantees of privacy protection. Students will draw on work from data mining, information retrieval, web technology, computer security, cryptography, relational databases, statistics and political philosophy. Students are not expected to have these backgrounds; relevant material is introduced as needed. Main topics include: Privacy concepts and challenges, policies, and regulations; identity, anonymity and confidentiality; private data analysis and database sanitization; privacy-preserving data mining techniques including k-anonymity and secure function evaluation, and finally, some case studies from different domains are presented.
This course is designed to equip students with the skills needed to safely locate and secure computer evidence at the search site as well as to conduct subsequent off-site analysis. The course aims to equip future Forensics Investigators and Lawful Enforcement Offices with sufficient knowledge on conducting investigation on Internet based or Cyber based crime. It provides knowledge on implementing the right solution for collecting, analyzing, correlating the Internet data and report them as valid and legal evidence in the court. Topics include evidence handling and disk imaging (restore evidence drive, system backup imaging), DOS/Windows forensics utilities (DOS analysis tools, Access Data’s forensics tool kit, Xway’s WinHex Disk Editor), hidden data and encryption, steganography, covert channel, erased file recovery, Internet investigations, Hacker profile analysis, and Email header analysis.
This course is intended to provide students with an understanding of the OM-AM framework, security architectures and mechanisms, system security infrastructures, access control multilevel security models, and biometric authentication and authorization architecture models. Also, the course provides analysis and evaluation of the security related functions of various systems including: monitoring systems, telecommunication systems, smart grid systems, and physical tamper resistant and proof systems.
This laboratory course provides hands-on experience that covers a broad spectrum of state-of-the-art network security practical solutions, their implementation details, verification steps, and testing procedures. Main topics include: security features of network devices such as routers and switches; authentication, authorization, and auditing models; best practices of access control security policies; stateful and application firewalls; intrusion detection, prevention, and response systems; network threats and attacks.
This course will cover a variety of topics to develop students’ skills in information security management. The course examines the fundamental principles of computer security management as applied to information technology. Course topics include: Security Management Practices: Business Continuity Planning (BCP), Disaster Recovery Planning (DRP), Law, Investigations, and Ethics. Business Needs: Commercial and legal implications. Introduction to ISMS standards: History, development, current situation. Certification: process and maintenance. Accreditation: Current developments, options, designing and implementing a management system. Policy and risk assessment: Statement of applicability, risk management, critical success factors, auditing.
This course is concerned with the study of principles and practices of implementing computer database security. The course discusses the following security features of the database: database security principles, database auditing, security implementation and database reliability, database enumeration (authenticated and unauthenticated), identifying database vulnerabilities, exploiting flaws to gain control, developing an assessment methodology, database assessment flag challenge, and virtual private database. The course provides also suggested architectures for common security problems. Students will learn how to secure their database and how to use the database features that enhance security. The student will be provided with the tools, techniques and industry accepted methodologies so that upon completion of the course the student will be able to describe key concepts of database security and how to apply those concepts to securing database management systems within their organizations.
This course provides students with an introduction to the field of information security risk assessment. Students will learn how to design systems that are secure, how to measure risk, and how to ensure that proper levels of security are maintained for individual technology users, businesses, government, and other organizations. This course will cover different approaches for risk assessment and risk mitigation. Students will learn how to apply NIST standards in conducting risk assessments. The course will incorporate cases in risk analysis derived from actual state and law enforcement agencies or private firms. Students will learn how to use a risk analysis matrix for performing both quantitative and qualitative risk analysis. As a part of the course, students learn the different threats that they need to incorporate in their risk analysis matrices. Course topics include: Threat Vulnerability Analysis (TVA), Risk Management Identification and Assessment, Strategies (Avoidance, Transference, Mitigation, Acceptance), Counter-Measures, Cyber Warfare (Technical and People), Vulnerability Testing and Penetration Testing, Contingency Planning (Business Impact Analysis, Disaster Recover, Business Continuity), SETA: Security, Education, Training and Awareness Initiatives, Cost Benefit Analysis of Info Security investments
This course provides students with an introduction to information security policies and standards, as per the ISO/IEC 27001-2013 guidelines. In this course, students will be introduced to sociological and legal issues in policy implementation in general (such as Sarbanes Oxley, HIPAA, Gramm, Leach, Bliley Act, etc.) and will be provided with a focused dialogue on information security specific policies. The course also discusses the entire lifecycle of policy creation and enactment and presents students with issues specific policies in different domains of security. The structure of policy is also discussed to assist the students in the design and modification of policies. Moreover, Students will learn how to allocate the appropriate security techniques needed to satisfy a specific security policy. Several examples from different domains are incorporated in the curriculum to assist students to learn in context of real life situations
This laboratory course provides practical training and hands-on experience on the basic Computer Systems Security concepts as it pertains to the logical and physical security. It will expose the students to various security principles of trusted computing bases. Main topics include Operating System Security, Access Control Models, Password Cracking, Computer Viruses, Windows Registry Hacks, Computer Viruses, Web Security, Biometrics Solutions, and Digital Forensics.
This course will investigate recent technology developments for the design and evaluation of secure and trustworthy hardware. It also teaches the concepts of tamper-proof, tamper-resistance, and trusted platform modules. Topics covered mainly include: Smart cards, RFIDs, cryptographic processor and processing overhead analysis, physical and invasive attacks, side-channel attacks, physically unclonable functions, hardware-based true random number generators, watermarking of Intellectual Property (IP) blocks, FPGA security, passive and active metering for prevention of piracy, access control, hardware Trojan detection and isolation
The course focuses on selected topics pertained to current information security solutions and methodologies. The course represents an in-depth approach to specific areas in information security which are of interest to undergraduate students in the program. It covers topics in computer, network, and systems security and privacy which are not covered as part of required courses. Students will learn to apply existing security techniques and methodologies to emerging systems and networks, derive and enumerate best practices for the selected topics and evaluate chosen security schemes.
The goal of this course is to introduce students to the computational technologies for ensuring systems and data security. The main topics include security architecture, operating systems security, security issues in database systems, privacy preserving data mining, secure computations on distributed data, and secure data outsourcing. The foundations are drawn from a number of sub-disciplines of Computer Science including: database systems, data mining, algorithms, cryptography, and computer security.
This course provides concepts, tools and models built along the IT project management life cycle. It covers detailed topics of IT project management, including project planning, project governance, project procurement management, project time management, project cost management, project risk management, project quality management, leadership and ethics, project closure and evaluation. Application of IT project management skills for an IT project is an important part of this course.
This course provides an overview of information security. It is designed to help students understand this important priority in society today. The content of the course gives a broad overview of essential concepts and methods for providing and evaluating security in information processing systems (e.g. operating systems and applications, networks, protocols). The course will be organized around a few themes: foundations (security mindset, essential concepts: e.g. policy, CIA), authentication and access control, software security (e.g. vulnerabilities and protections, malware, program analysis), practical cryptography (e.g. encryption, authentication, hashing, symmetric and asymmetric crypto), networks (e.g. wired and wireless networks, protocols, attacks and countermeasures).
The objective of this lab is to provide a hands-on approach to the creation of a Web based application while ensuring the participants are involved in the different stages of a software project lifecycle. The lab formally introduces the fundamentals of using SQL to create a database back-end and tie it to a Web front-end using HTML, JSP and Servlets. The lab also includes a project where students use the acquired Web development knowledge to design and implement a functional Web application. Students work in teams to collaborate in developing the assigned software project
This course introduces the concepts, practices, and technologies to design, develop, and manage web and mobile applications. It covers different technologies related to the Web such as HTML5, Cascade Style Sheets (CSS), and Java Script Pages (JSP). The course establishes mobile development foundation, which includes mobile layouts, handlers, and views. It also covers Mobile Development and relevant Internet development approaches and architectures such as Model-View-Controller (MVC), relational databases and restful services. Students develop web/mobile-enabled databases in project-based assignments
This course will provide students with the knowledge and tools needed to plan, manage and administer network systems hardware and software resources of an enterprise. Topics include, approaches to system integration, performance monitoring and backup strategy, active directories, control users’ access and privileges, troubleshooting for errors and misuse, network services and management, server management, Virtual Machines, user/client administration and services, heterogeneous operating system environment (Linux, Windows ...ect.).
This course introduces the concepts, practices and technologies to develop, deploy and manage Cloud computing applications, allows the students to learn and practice the web as the portal to Cloud, including a detailed overview of Web protocols, to learn and practice virtualization and its use and benefits for cloud computing, scheduling of cloud computing loads where issues related to execution time versus bandwidth and load balancing will be examined, distributed data center file systems and technologies, as well as security and privacy issues.
A coverage of ethical issues and solutions in IT; code of ethics; ethical decision making; computer crimes and security; freedom of expression; electronic privacy protection; intellectual property protection; computing in the workplace and its implications on workers and organizations; online communities, the digital divide, and their social and economic implications; professional communication and team work; examples of laws and regulations; case studies.
The course covers the significance of Internet of Things (IoT) in society, the common components IoT devices and the future trends. Design considerations for IoT devices and systems and the constraints are also discussed. The interfacing among the IoT devices and the physical world are covered. The course also covers operating systems for IoT. Additionally, the course goes over the major components of networking from the IoT perspective, i.e., Internet-connectivity, mobile adhoc networks, etc. Other topics as they related to IoT are: big data and analytics, edge and cloud computing, and security and privacy. Practical implementation of core IoT concepts is included in the course.
This course discusses starting-up a new Information Technology (IT) venture; Identifying IT venture opportunities; Drafting an agenda for a successful IT venture; Risks and returns management; Business planning; Operational planning; Organizational development and management; Financing entrepreneurial ventures.
This course will introduce the students to the main tools and ideas of data analytics. The course will give an overview of the data, questions, and tools that data analysts and data scientists work with. There are two components to this course. The first is a conceptual introduction to the ideas behind turning data into actionable knowledge, which includes exploratory data analysis, statistical inference, regression models, and overview of machine learning. The second is a practical introduction to the tools that will be used in the program like R, and RStudio
This course will enrich knowledge of data science by understanding the challenges of Big Data in Analytics. It will introduce the core concepts behind big data problems, applications, and systems. It will provide an introduction to one of the most common frameworks, Hadoop. This course will give an overview architectural components and programming models used for scalable big data analysis. It will also introduce concepts of big data management systems and machine learning with big data.
Mobile computing devices have become omnipresent in our daily activities. This course will introduce students to mobile computing and mobile application development. Mobile computing will be discussed from three perspectives: mobile technology, application development, and user interaction. The course will first overview various mobile computing applications, technologies and wireless communication. Next, students will be introduced to and use mobile application frameworks and development environments. User interface and user experience will be discussed and application development guidelines from various vendors will be discussed and analyzed. Students will be expected to learn at least one mobile application development framework and use it to implement their assignments and course project.
Supervised students in small groups undertake full end-to-end development of a substantial project plan, taking it from initial concept through the final delivery. Topics range from applied IT development to assignment on applied research. Students are expected to: complete literature survey; develop a project plan; analyze requirements and acquire the necessary material and steps for their intended project.
Students work in teams under the supervision of a faculty member on the implementation, testing and analysis of the results of a project based on the design and schedule completed by the same group of students during the ITBP 480 course
Students are required to spend one full semester as interns in an approved internship program. The internship provides students with practical experience, which allows them to integrate theory with “real world” situations. During the internship students work under the supervision of a qualified professional in industry or government fulfill various assignments to acquire first-hand knowledge of a working environment. In addition to this professional supervision, each student is assigned an academic advisor to ensure that an appropriate level of support from and contact with the university is given to the student during the training period. Students are required to write a final formal report, that documents and details the technical aspects of the work undertaken during their internship, and give a final presentation at the end of the internship period.
The course enables future IT leaders and researchers to look ahead on both existing and emerging technologies and consider how these could be applied within their enterprise environments. Topics include: Cloud computing, Big data analytics, Mobility to increase the pace of information absorption and decision making, Social networking, Green computing, Internet of Things, Smart cities, Privacy, Security and ICT Ethics.
This course provides students with essential strategic skills and knowledge required to lead the assessment and management of Information Technology (IT) projects in organizations. Topics include: strategic IT integration, organizational and managerial issues that impact IT projects, the business case and feasibility studies, project planning and control and risk assessment, leadership and management practices and change management.
This course provides students with in-depth knowledge of object oriented systems analysis and design procedures. The course covers system development life cycle models, with emphasis on Risk Management methodologies. Emphasis is on the specification of system’s logical and physical analysis and design from a management perspective. Software project management techniques are introduced. The course also addresses team organization and communication.
Techniques and conventions in research methods, evaluation approaches, Ethics, and presentation of results, how to choose a research topic, how to write a thesis proposal or a research proposal, common research methods in IT, research outcomes presentation, research evaluation, research papers review.
This course gives students the opportunity to develop in-depth competency in one or more advanced IT disciplines as well as soft skills that are needed in major IT projects. Students are expected to undertake a structured problem identification and formulation, devise solutions, generate and analyze results, and effectively communicate their results.
The content of this course is customized on every offering depending on current trends and interests.
This individual research exploration work allows each student to perform real investigation work in the state-of-the-art in a particular domain. Methodology includes theoretical research methods, theoretical analysis methods, origination of an idea, literature review, experiment design, data collection and analysis, and report writing. The course involves a substantive piece of experimental work conducted by the student under supervision of a faculty member, and presented in the form of a thesis.
The course starts by reviewing asymptotic notations and growth of Functions (?, O, ? notations), recursion and recurrences. Study of various algorithm design paradigms (divide & conquer, greedy, and dynamic programming); Advanced data structures (B-Trees; Binomial Heaps; Fibonacci Heaps; Data Structures for Disjoint Sets). Complexity Analysis (Polynomial Time; Polynomial Time Verification; NP-Completeness and Reducibility; NP-Completeness Proofs; NP-Complete Problems); Study of some advanced algorithms (selected from the following: Sorting Networks; Algorithms for Parallel Computers; Matrix Operations; Polynomials and FFT; Number-Theoretic Algorithms; String Matching; Computational Geometry; Approximation Algorithms).
This course covers advanced topics of computational science and informatics such as modeling processes, system dynamics problems, system dynamics models with interactions, simulation techniques, empirical models, cellular automaton random walk simulations, cellular automaton diffusion simulations, high-performance computing. Students will investigate the foundations of computational science models. They will analyze the effectiveness and impact of these models in different domains. State of the art implementations will be used to assess the quality of these systems. Students are required to collaborate on a team project to develop computational model prototypes.
Computer simulation concepts and modeling theory, probability distributions and queuing theory, random number generation, probability distribution generation, data collection and input analysis, discrete modeling and simulation concepts, Monte Carlo" Simulation
Data modeling and database design, univariate and multivariate analysis, linear and logistic regression, distributed and object-oriented databases, web clickstream analysis, uncertainty measures and inference, linear models, evaluation of data mining models, XML data models, cluster analysis, classification, association, multilayer perceptron models, OLAP.
This course intends to provide the students with a thorough understanding of numerical optimization methods. This course will cover topics related to unconstrained and constrained optimization, convex optimization and non-convex optimization. The course will also cover derivative-free optimization algorithms and discrete optimization algorithms. Heuristic strategies for optimization will also be covered. Topics include line-search method, trust-region method, conjugate gradient methods, linear programming, the simplex method, duality, interior point methods, quadratic programming, active set methods, gradient projection methods, non-convex stochastic gradient descent, random stochastic gradient descent, discrete optimization algorithms, global search methods and local search methods for derivative-free optimization.
This course covers special topics on various advanced or specialized topics in Informatics and Computing. Its content is customized on every offering depending on current trends and expression of mutual interest by students and faculty
The content of this course is customized on every offering depending on current trends and interests.
Every PhD student must pass a Comprehensive Examination designed to evaluate the breadth and depth of the student’s knowledge of his or her discipline, as well as the student’s scholarly potential. The comprehensive exam consists of an oral part and will be prepared, administered, and evaluated by an examination committee from the student’s concerned department. Students taking the comprehensive exam must be in good academic standing after completion of the required coursework.
Upon passing the comprehensive examination, a PhD student is required to prepare a concise and complete Research Proposal that clearly defines the research problem and objectives, and outlines the research methodology that the student plans to follow. The proposal’s content and format must follow the PhD Research Proposal Preparation Guidelines issued by the College of Graduate Studies. The proposal should be completed under the direction of the student’s supervisor and must be approved by the Advisory Committee. Research Proposals are examined by a committee composed of the student’s advisor, and two other Internal examiners in the field of the student research.
The dissertation research is intended to assist doctoral students in the preparation of a dissertation and facilitate the transition from course work to dissertation. It has a set of definite milestones that students have to meet as they progress through the dissertation process. These include building the research plan, reviewing the existing literature, developing the proposal component, with particular emphasis on research design and development, and finally conducting substantive piece of experimental work. Student will be working under the supervision of thesis advisors, and committee members, he/she will report all in the form of thesis and defend it through a presentation.
Student defends his/her research dissertation in the form of an oral presentation in a public session, followed by a closed session, before a Dissertation Examination Committee, which includes internal and external examiners. The outcome of the overall evaluation of the dissertation is based on two main parts: (1) the Committee’s evaluation of the dissertation document and (2) the Committee’s evaluation of the dissertation defense. The final result shall be one of the following: (1) Approve dissertation as presented, (2) Approved with minor revisions, (3) Re-examine after making major revisions, or (4) Rejection of dissertation and dismissal.
This course covers the main information security concepts. It provides students with an in-depth-knowledge of the main security issues, and solutions, that face IT Systems today. The course will cover topics that include but not limited to: cryptography and cryptographic protocols, public key infrastructure, operating systems security, authentication and access control technologies and models. Network security and internet security protocols, database security, wireless network vulnerabilities and countermeasures, firewalls, VPN, and intrusion detection/prevention systems.
This course provides an understanding of advanced network security theoretical concepts, mechanisms, and solutions with emphasis on wired and wireless network architectures, using firewalls, intrusion prevention systems, virtual private networks (VPN), access control lists and protocols. Topics include also anomalies, analysis of network filtering rules, advanced attack signature generation, common attacks mechanisms, covert channels and steganography concepts, operating system fingerprinting, viruses, and malicious codes
The students in this course will be introduced to various encryption techniques, their applications and weaknesses. The main encryption techniques the students will learn and apply in this course are Symmetric encryption, Public-key encryption, and hash functions. These techniques will be used for digital signatures, certificate generation and verification. In addition, the required mathematical concepts for information security will be discussed. The performance of the various encryption techniques used will be analyzed based on certain criteria and design needs.
This course provides deep understanding of security vulnerabilities of software, operating systems, and web applications. Common cases of vulnerability exploitations followed by mitigation techniques of these exploitations are discussed. Topics include common security vulnerabilities in software (e.g. buffer overflow, format string bug) and web application (e.g. SQL injection, cross-site scripting), vulnerability databases, malicious code analysis (virus, worm, rootkit), social engineering attacks, and vulnerability detection in software and web applications (security testing, static analysis, penetration testing, web scanner). Additional topics discussed include fundamental security concepts present in operating systems (access control, process, memory), examples of security breach mitigation techniques in operating systems (system log analysis, memory randomization, malicious code monitor).
This course investigates theoretical security problems related to protocols and applications of the Internet and electronic commerce and provides contemporary solutions to these problems. The focus of this course is on architectures and the implementations of security protocols that are used on the Internet today. Topics include: cryptography techniques; Authentication applications; Public-key Infrastructure and Digital Certificates; Email Security: PGP, S/MIME; Web security: SSL/TLS, SET; IPSec; Digital Cash. The course also includes case studies in application of security technology in electronic commerce.
This course provides students with the information needed for the creation, selection and implementation of cyber security policies, and audit and control functions to ensure compliance and efficacy. In this course, students will be exposed to the national and international policy and legal considerations related to cybersecurity such as privacy, intellectual property, cybercrime., homeland security and cyberwarfare. Broader technology issues such as system evolution standards (ISO & Common Criteria) also are discussed to ensure compliance and to demonstrate the interdisciplinary influences and concerns that must be addressed in developing or implementing effective national cybersecurity laws and policies.
This course is designed to equip students with the theoretical knowledge and practical skills needed to safely locate and secure computer evidence at the search site as well as to conduct subsequent off-site analysis. The course aims to equip future Forensics Investigators and Lawful Enforcement Officers with sufficient theoretical and practical knowledge on conducting investigation on Internet based or Cyber based crime. It provides knowledge on implementing the right solution for collecting, analyzing, correlating the Internet data and report them as valid and legal evidence in the court. Topics include evidence handling and disk imaging (restore evidence drive, system backup imaging), Windows forensics utilities, Access Data’s forensics tool kit, hidden data and encryption, steganography, covert channel, erased file recovery, Internet investigations, Hacker profile analysis, and Email header analysis.
This course starts by reviewing the major concepts related to assurance, assurance versus trust, and functionality versus assurance. Evaluating IT Systems Security: goal of formal evaluation and historical perspective of evaluation methodologies, knowledge of the formal evaluation methodologies used for evaluating IT systems. Trusted Computer System Evaluation Criteria (TCSEC). This course then covers Common Criteria: understanding the major processes, steps, activities, concepts, terminologies, and how the methodology is used throughout the life of the system, Functionality requirements, Assurance requirement, etc. Finally, this course utilizes the above mentioned evaluation methodologies to evaluate the different authentication and access control models and IT systems.
This course provides in-depth study of computer and network systems attack techniques and methods to defend against them. Topics include tracing the source of attacks; traffic analysis; wired and wireless network security architectures; authentication/key management in wireless networks; trust establishment and secure routing in MANET; dealing with rogue wireless devices; key distribution in mobile wireless networks; secure data aggregation in wireless networks.
Topics in this course cover privacy concerns raised by tracking techniques and data mining in new emerging IT based paradigms such as social media, e-health systems, cloud computing; risks caused by privacy violations; privacy enhancing technologies and anonymous protocols methods of protecting data; secure database design, secure transaction processing, privacy protection mechanisms in distributed databases such as statistical disclosure limitation, private query release, and inference controls; privacy mechanisms for location privacy and web privacy; algorithmic foundations of data privacy; privacy policies and their enforcement.
This course focuses on critical cyber physical information infrastructure security and resilience, including policies, industry standards and cyber security risk management. Topics include cyber security analysis of control systems for power and water grid (SCADA), nuclear, financial, transportation and oil distribution systems; security of advance metering infrastructure in Smart grid, security metrics, attack and defense strategies, scalable key exchange and encryption protocols; risk assessment and mitigation of coordinated cyber-attacks.
This course provides in depth analysis of software as a mechanism for attack and as a tool for protecting resources. Topics include common software vulnerabilities; vulnerabilities in source code; secure software design processes and components; security by construction; code mobility, auditing software platforms; software and data watermarking; code obfuscation; virtual system and cloud computing security.
The content of this course is customized on every offering depending on current trends and interests.
لايوجد محتوى عربي لهذه الصفحة
يوجد مشكلة في الصفحة التي تحاول الوصول إليها