Basic information about the program
- Program duration: 1 year
- ECTS number: 60 ECTS
- Academic Title: Master of Computer Science
- Field of Study: Natural Sciences and Mathematics
- Domain: Computer Science
- Forms of Studying: Online, via Internet (eLearning system)
This program focuses on studying of some of the most relevant aspects of Information Security. It deals with security aspects from a network layer up to an application layer, whereby giving the comprehensive understanding of the Security term and implications of computer networks, databases, web service infrastructure and software design. Special research areas include (but are not limited to) the best practice in the computer networks security and operating system security, database security and security in software engineering, compromised computer systems, detection and defense methods, cryptography and crypto-technologies, web application security and computer forensics.
Study program of Master Academic Studies in Information Security educates students to work on the security development and implications of computer networks, databases, web service infrastructure and software design, all from an aspect of information security and systems with detection and defense methods, cryptography and crypto-technologies, web application security and computer forensics.
This study program provides an acquisition of competencies which are socially justified, useful and in line with the tasks and objectives of the University at which the study program is being carried out. The purpose of this study program is to provide the students with solid theoretical foundation which is highly needed for essential understanding of the problem of information security and information systems security, as well as to enable them for rational and professional performance of various practical activities and tasks which are associated with their profession. The outcome of these activities and tasks is the determination of needs and demands, and its fulfillment provides the full functionality of information security and defining of all modules and components with the projection of complex information security systems.
THE OUTCOMES OF STUDYING AT THE STUDY PROGRAM
The acquired knowledge will enable the student to obtain the following professions:
- A digital forensic expert,
- A computer architecture expert in secure systems and networks
- A controller and expert in testing and revision of the security components of the system
- An analyst of the systems or network security
- A consultant for computer security in corporate and state organizations
- A technical director of security in different types of organizations
- A leading computer scientist in information security area
- An expert participating in the development of software or information systems from the standpoint of information security (security software engineering)
- An instructor in training of personnel at organizations dealing with security practice in use with information systems and in the application of computer security solutions.
|Sem.||Nm||MAS –INFORMATION SECURITY – 60 ECTS||ECTS||L||IR|
|1||1||CS470 Cryptography and Crypto Technology||8||2||3|
|1||2||CS520 Analysis of Advanced Algorhitms||8||2||3|
|1||3||CS471 Security of Information Systems||8||2||3|
|1||4||CS472 Security of Computer Networks||8||2||3|
|2||5||CS571 Computer Forensics||8||2||3|
|2||6||Elective Course 1||8||2||0|
|2||7||CS595 Graduating Paper||12||0||0|
|Elective Course 1||ECTS||L||IR|
|2||6||CS574 Data Bases Security||8||2||3|
|2||6||SE510 Safe Software Engineering||8||2||3|
A SHORT SUMMARY OF ALL COURSES
Students get acquainted with the case study of cryptography. They get familiar with the different classes of cryptographic systems and basic levels of cryptanalytic attacks. The course provides the basics related to modular arithmetic and number theory and an overview of algorithms for factoring large numbers, thus the student acquires the necessary mathematical skills that are used in cryptography. Students learn about the basic characteristics of block cryptographic system with and without the key and techniques for forming a digital signature and key exchange.
The aim of the course is preparing of the students for further study in the field of security of application software, computer systems and networks, as well as for qualifications for professional work on problems of electronic attack defense and information protection. The course studies the following topics: basics of computer hardware, elementary hardware operations during program execution, program behavior during execution, the image of computer processes in memory and flow of instructions, the cooperation of the program with the operating system and other programs, operating systems of zero protection, system programs in protected mode, memory protection and multitasking, virtual operating systems, system hardware security, system hardware administration, system initialization, system hardening, the administration of user accounts, controlling of file access, standard solutions, flexible control of file access, monitoring of system activities, users activities and application programs activities, system servicing and mending of defects, authority of certificates and public infrastructure of crypto key or PKI, the operating system on a computer network, Kerberos system for security of the operating system on the network, procedures and controls of catastrophic situations, etc.
The course deals with various aspects of the security of computer networks. Understanding and ability to apply the knowledge acquired upon successful completion of the course is a necessary prerequisite for other courses in the program. The aim of this course is to familiarize students with the basic concepts and components that are necessary for the computer networks security such as firewalls, routers, switches, systems for detection and protection against unauthorized access to computer networks (intrusion detection and protection systems) and structures for the registration of events (logging infrastructure). During the semester, students will implement a project that will deal with the analysis and the use of critical components of network protection. This will better prepare students for further training in the area of security of computer networks.
The aim of the course is to provide an overview of the key theoretical topics that each master or doctoral student in computer science should know. The course deals with an advanced theory and is intended for students who have a common background knowledge in Mathematics at the level of undergraduate studies. Topics covered on the course: a fast Fourier transform, recursion – parsing, matroids and the greedy algorithms, finding the union in the amortized analysis, CPG parsing in dynamic programming, network flows, coincidence algorithms, NP-completeness, approximation algorithm, linear programming, distributed systems, competitiveness theory, cryptography, cryptographic algorithms, complex structures, data structures, algorithms quantum.
The aim of the course is to prepare students for research in the field of systematic control of a computer system and its contents in order to collect evidence of a criminal act or other misuse for which the computer is used. After successful passing of the exam, the students will understand the role of computer forensics in criminal investigations and they will be able to apply the process of forensic analysis (detection and identification of digital evidence, digital evidence preservation, analysis, presentation of results of the analysis). Course content: Analysis of system files, NFTS concept and structure of the data, UFS and BSDFS concept and analysis, Forensics of the storage device Linux, Mobile phone Forensics, PDA device forensics, Persistence of deleted information, Forensic tools, Incident response, Evidence management and the Internet Crime Law
Databases are an integral part of every information system and they often contain sensitive information. Database security can be compromised by illegal access to sensitive data, by changing of the data, or by disabling access to databases. The course deals with the basic concepts and principles of the database security. It includes an analysis of the basic principles of security architecture, the basics of operating system security , the administration of the user. Topics also include discretionary and mandatory control to the access of the systems for database management, construction methods for secure databases with security of data integrity, threats and weaknesses of a database, secure transaction processing and audit methods.
Preparing of the students for further studies within the field of application software security, computer systems security and networks security, as well as in qualifications for highly qualified personnel for the problems of design and audits of system and application software security. Student will be able to analyze the vulnerability of the system and application software to hacker attack, as well as to design their defense mechanisms. Students will also be able to audit the dangerous structural and installation defects of large software systems, and then produce a document of investment recommendations for the redesign and upgrading of application modules.
Course content: Historical overview of programming technology and software engineering. Review of existing technologies and tools. Modern object-oriented and object-based methods of analysis, design and programming. The dismissal of engineering conflict between the productivity of software development, execution efficiency and security requirements. UMLsec and security lifecycle of a software. Programmatic internal and system external solutions for software security problems. Java and .NET technologies, virtual machines for software execution and management of trust. Software certificate. Secure software distribution. Safety audits. Practical teaching includes a demonstration of software defects, weak points in software systems, as well as various mechanisms of cracking of the software. Shell programs, illegal entry into the application in the front and back doors, etc.