Computing Security Minor

Course
Prerequisites
Students must complete one of the following two-course programming sequences:
   CPET-121
   Computational Problem Solving I
This is the first course in a two-course sequence in computational problem solving of engineering and scientific problems. The problems solved will stress the application of sequence, selection, repetitive, invocation operations, and arrays. The development of proper testing procedures to ensure computational accuracy will be stressed. Students, upon successful completion of this course, will be able to analyze introductory engineering and scientific problems, design, code, test, and document procedural software solutions. Lec/Lab 4 (Fall, Spring).
   CPET-321
   Computational Problem Solving II
This is the second course in a two-course sequence in computational problem solving of engineering and scientific problems. The problems solved will stress the application of data structures and object oriented classes. Data encapsulation, data management, and design robustness will be stressed. Students, upon successful completion of this course, will be able to analyze complex engineering and scientific problems, design, code, test, and document objected-oriented software solutions. (Prerequisites: CPET-121 or equivalent course.) Lec/Lab 4 (Fall).
   or
 
   CSCI-141
   Computer Science I
This course serves as an introduction to computational thinking using a problem-centered approach. Specific topics covered include: expression of algorithms in pseudo code and a programming language; functional and imperative programming techniques; control structures; problem solving using recursion; basic searching and sorting; elementary data structures such as lists, trees, and graphs; and correctness, testing and debugging. Assignments (both in class and for homework) requiring a pseudo code solution and an implementation are an integral part of the course. An end-of-term project is also required. Lec/Lab 6 (Fall, Spring).
   CSCI-142
   Computer Science II
This course delves further into problem solving by continuing the discussion of data structure use and design, but now from an object-oriented perspective. Key topics include more information on tree and graph structures, nested data structures, objects, classes, inheritance, interfaces, object-oriented collection class libraries for abstract data types (e.g. stacks, queues, maps, and trees), and static vs. dynamic data types. Concepts of object-oriented design are a large part of the course. Software qualities related to object orientation, namely cohesion, minimal coupling, modifiability, and extensibility, are all introduced in this course, as well as a few elementary object-oriented design patterns. Input and output streams, graphical user interfaces, and exception handling are covered. Students will also be introduced to a modern integrated software development environment (IDE). Programming projects will be required. (Prerequisites: CSCI-141 with a grade of C- or better or equivalent course.) Lec/Lab 6 (Fall, Spring, Summer).
   or
 
   CSEC-123
   Software Development and Problem Solving I
A first course introducing students to the fundamentals of computational problem solving. Students will learn a systematic approach to problem solving, including how to frame a problem in computational terms, how to decompose larger problems into smaller components, how to implement innovative software solutions using a contemporary programming language, how to critically debug their solutions, and how to assess the adequacy of the software solution. Additional topics include an introduction to object-oriented programming and data structures such as arrays and stacks. Students will complete both in-class and out-of-class assignments. Lab 6 (Fall, Spring).
   CSEC-124
   Software Development and Problem Solving II
A second course that delves further into computational problem solving, now with a focus on an object-oriented perspective. There is a continued emphasis on basic software design, testing & verification, and incremental development. Key topics include theoretical abstractions such as classes, objects, encapsulation, inheritance, interfaces, polymorphism, software design comprising multiple classes with UML, data structures (e.g. lists, trees, sets, maps, and graphs), exception/error handling, I/O including files and networking, concurrency, and graphical user interfaces. Additional topics include basic software design principles (coupling, cohesion, information expert, open-closed principle, etc.), test driven development, design patterns, data integrity, and data security. (Prerequisite: C- or better in SWEN-123 or CSEC-123 or GCIS-123 or equivalent course.) Lab 6 (Fall, Spring, Summer).
   or
 
   GCIS-123
   Software Development and Problem Solving I
A first course introducing students to the fundamentals of computational problem solving. Students will learn a systematic approach to problem solving, including how to frame a problem in computational terms, how to decompose larger problems into smaller components, how to implement innovative software solutions using a contemporary programming language, how to critically debug their solutions, and how to assess the adequacy of the software solution. Additional topics include an introduction to object-oriented programming and data structures such as arrays and stacks. Students will complete both in-class and out-of-class assignments. Lab 6 (Fall, Spring).
   GSCI124
   Software Development and Problem Solving II
   or
 
   IGME-105
   Game Development and Algorithmic Problem Solving I
This course introduces students within the domain of game design and development to the fundamentals of computing through problem solving, abstraction, and algorithmic design. Students will learn the basic elements of game software development, including problem decomposition, the design and implementation of game applications, and the testing/debugging of their designs. (This course is restricted to GAMEDES-BS Major students.) Lec/Lab 6 (Fall, Spring).
   IGME-106
   Game Development and Algorithmic Problem Solving II
This course furthers the exploration of problem solving, abstraction, and algorithmic design. Students apply the object-oriented paradigm of software development, with emphasis upon fundamental concepts of encapsulation, inheritance, and polymorphism. In addition, object structures and class relationships comprise a key portion of the analytical process including the exploration of problem structure and refactoring. Intermediate concepts in software design including GUIs, threads, events, networking, and advanced APIs are also explored. Students are also introduced to data structures, algorithms, exception handling and design patterns that are relevant to the construction of game systems. (Prerequisites: C- or better in IGME-105 or equivalent course and student standing in the GAMEDES-BS program.) Lec/Lab 6 (Fall, Spring).
   or
 
   ISTE-120
   Computational Problem Solving in the Information Domain I
A first course in using the object-oriented approach to solve problems in the information domain. Students will learn to design software solutions using the object-oriented approach, to visually model systems using UML, to implement software solutions using a contemporary programming language, and to test these software solutions. Additional topics include thinking in object-oriented terms, and problem definition. Programming projects will be required. Lec/Lab 6 (Fall, Spring).
   ISTE-121
   Computational Problem Solving in the Information Domain II
A second course in using the object-oriented approach to solving problems in the information domain. Students will learn: basic design principles and guidelines for developing graphical user interfaces, and use of the Event Model to implement graphical interfaces; algorithms for processing data structures; multithreading concepts and use of the Multithreading Model to design and implement advanced processing methods. Additional topics include the relational model of information organization, and the Client-Server model. Individual implementation projects are required. A team implementation exercise is used to provide students an opportunity to apply basic software development and project management practices in the context of a medium-scale project. (Prerequisites: ISTE-120 or NACA-161 or equivalent course.) Lec/Lab 6 (Fall, Spring).
   or
 
   ISTE-123
   Software Development and Problem Solving I
   ISTE-124
   Software Development and Problem Solving II
   or
 
   SWEN-123
   Software Development and Problem Solving I
A first course introducing students to the fundamentals of computational problem solving. Students will learn a systematic approach to problem solving, including how to frame a problem in computational terms, how to decompose larger problems into smaller components, how to implement innovative software solutions using a contemporary programming language, how to critically debug their solutions, and how to assess the adequacy of the software solution. Additional topics include an introduction to object-oriented programming and data structures such as arrays and stacks. Students will complete both in-class and out-of-class assignments. Lab 6 (Fall, Spring).
   SWEN-124
   Software Development and Problem Solving II
A second course that delves further into computational problem solving, now with a focus on an object-oriented perspective. There is a continued emphasis on basic software design, testing & verification, and incremental development. Key topics include theoretical abstractions such as classes, objects, encapsulation, inheritance, interfaces, polymorphism, software design comprising multiple classes with UML, data structures (e.g. lists, trees, sets, maps, and graphs), exception/error handling, I/O including files and networking, concurrency, and graphical user interfaces. Additional topics include basic software design principles (coupling, cohesion, information expert, open-closed principle, etc.), test driven development, design patterns, data integrity, and data security. (Prerequisite: C- or better in SWEN-123 or CSEC-123 or GCIS-123 or equivalent course.) Lab 6 (Fall, Spring, Summer).
Students must complete a two-course calculus sequence†:
   MATH-181
   Project-Based Calculus I
This is the first in a two-course sequence intended for students majoring in mathematics, science, or engineering. It emphasizes the understanding of concepts, and using them to solve physical problems. The course covers functions, limits, continuity, the derivative, rules of differentiation, applications of the derivative, Riemann sums, definite integrals, and indefinite integrals. (Prerequisite: A- or better in MATH-111 or A- or better in ((NMTH-260 or NMTH-272 or NMTH-275) and NMTH-220) or a math placement exam score greater than or equal to 70 or department permission to enroll in this class.) Lecture 6 (Fall, Spring, Summer).
   MATH-182
   Project-Based Calculus II
This is the second in a two-course sequence intended for students majoring in mathematics, science, or engineering. It emphasizes the understanding of concepts, and using them to solve physical problems. The course covers techniques of integration including integration by parts, partial fractions, improper integrals, applications of integration, representing functions by infinite series, convergence and divergence of series, parametric curves, and polar coordinates. (Prerequisites: C- or better in (MATH-181 or MATH-173 or 1016-282) or (MATH-171 and MATH-180) or equivalent course(s).) Lecture 6 (Fall, Spring, Summer).
Student must complete one of the following courses in discrete mathematics:‡
   MATH-131
   Discrete Mathematics
This course is an introduction to the topics of discrete mathematics, including number systems, sets and logic, relations, combinatorial methods, graph theory, regular sets, vectors, and matrices. (Prerequisites: MATH-101, MATH-111, NMTH-260, NMTH-272 or NMTH-275 or a Math Placement Exam score of at least 35.) Lecture 4 (Fall, Spring).
   MATH-190
   Discrete Mathematics for Computing
This course introduces students to ideas and techniques from discrete mathematics that are widely used in Computer Science. Students will learn about the fundamentals of propositional and predicate calculus, set theory, relations, recursive structures and counting. This course will help increase students’ mathematical sophistication and their ability to handle abstract problems. (Co-requisites: MATH-182 or MATH-182A or MATH-172 or equivalent courses.) Lecture 3 (Fall, Spring).
   MATH-200
   Discrete Mathematics and Introduction to Proofs
This course prepares students for professions that use mathematics in daily practice, and for mathematics courses beyond the introductory level where it is essential to communicate effectively in the language of mathematics. It covers various methods of mathematical proof, starting with basic techniques in propositional and predicate calculus and set theory, and then moving to applications in advanced mathematics. (Prerequisite: MATH-173 or MATH-182 or MATH-182A or equivalent course.) Lecture 3, Recitation 4 (Fall).
Required Courses
Choose one of the following:
   CSEC-102
   Information Assurance and Security
Computer-based information processing is a foundation of contemporary society. As such, the protection of digital information, and the protection of systems that process this information has become a strategic priority for both the public and private sectors. This course provides an overview of information assurance and security concepts, practices, and trends. Topics include computing and networking infrastructures, risk, threats and vulnerabilities, legal and industry requirements for protecting information, access control models, encryption, critical national infrastructure, industrial espionage, enterprise backup, recovery, and business continuity, personal system security, and current trends and futures. Lecture 3 (Fall, Spring).
   CSEC-140
   Introduction to Cybersecurity
This course will introduce many fundamental cybersecurity concepts. The course will teach students to think about information systems using an adversarial mindset, evaluate risk to information systems, and introduce controls that can be implemented to reduce risk. Topics will include authentication systems, data security and encryption, risk management and security regulatory frameworks, networking and system security, application security, organizational and human security considerations, and societal implications of cybersecurity issues. These topics will be discussed at an introductory level with a focus on applied learning through hands-on virtual lab exercises. Lecture 3 (Fall, Spring).
Choose one of the following:
   CSEC-362
Cryptography and Authentication
As more users access remote systems, the job of identifying and authenticating those users at distance becomes increasingly difficult. The growing impact of attackers on identification and authentication systems puts additional strain on our ability to ensure that only authorized users obtain access to controlled or critical resources. This course introduces encryption techniques and their application to contemporary authentication methods. (Prerequisites: (CSEC-101 or CSEC-102 or CSEC-140) and (MATH-131 or MATH-190) or equivalent courses.) Lecture 3 (Fall, Spring).
   CSCI-462
Introduction to Cryptography
This course provides an introduction to cryptography, its mathematical foundations, and its relation to security. It covers classical cryptosystems, private-key cryptosystems (including DES and AES), hashing and public-key cryptosystems (including RSA). The course also provides an introduction to data integrity and authentication. (Prerequisites: (CSCI-243 or 4003-334 or SWEN-262 or CSEC-202) and (MATH-190 or 1016-366 or MATH-200) or equivalent courses.) Lecture 3 (Fall, Spring, Summer).
Electives
Choose three of the following:
   CSEC-201
   Programming for Information Security
This course builds upon basic programming skills to give students the programming knowledge necessary to study computing security. Students will be introduced to network programming, memory management, and operating system calls along with associated security concepts. Specific focus will placed on understanding the compilation process and on the relation between high-level programming concepts and low-level programming concepts, culminating in identifying and exploiting memory corruption vulnerabilities. (Prerequisites: (CSEC-101 or CSEC-102 or CSEC-140) and (CSEC-124 or SWEN-124 or GCIS-124 or CSCI-142 or CSCI-140 or CSCI-242) or equivalent courses.) Lecture 3 (Fall, Spring).
   CSEC-380
   Principles of Web Application Security
This course is designed to give students a foundation in the theories and practice relating to web application security. The course will introduce students to the concepts associated with deploying and securing a typical HTTP environment as well as defensive techniques they may employ. (Prerequisites: (CSEC-101 or CSEC-102 or CSEC-140) and NSSA-245 or equivalent courses.) Lecture 3 (Spring).
   CSEC-461
   Computer System Security
This course will discuss the areas of liability, exposure, opportunity, ability and function of various weaknesses in computer security. The course will cover forms of attack and the methods to detect and defend against them. The issues and facilities available to both the intruder and administrator will be examined and evaluated with appropriate out-of-class laboratory exercises to illustrate their effect. (Prerequisites: (CSEC-101 or CSEC-102 or CSEC-140) and NSSA-221 and NSSA-245 or equivalent courses.) Lab 2, Lecture 2 (Spring).
   CSEC-462
   Network Security and Forensics
This course investigates the many facets of network security and forensics. Students will examine the areas of intrusion detection, evidence collection, network auditing, network security policy design and implementation as well as preparation for and defense against attacks. The issues and facilities available to both the intruder and data network administrator will be examined and evaluated with appropriate laboratory exercises to illustrate their effect. (Prerequisites: (CSEC-101 or CSEC-102 or CSEC-140) and NSSA-245 or equivalent courses.) Lab 4, Lecture 3 (Spring).
   CSEC-464
   Computer System Forensics
This course focuses on the fundamental incident response and computer forensics procedures for computer systems. Students will follow the forensics procedures and use forensically-sound tools to uncover the activities of computer users (deleted and hidden files, cryptographic steganography, illegal software, etc.). Students will also technologies to gather and preserve this evidence to ensure admissibility in court. (Prerequisites: (CSEC-101 or CSEC-102 or CSEC-140) and NSSA-221 or equivalent courses.) Studio 3 (Fall, Spring).
   CSEC-465
   Network and System Security Audit
This course will provide students with an introduction to the processes and procedures for performing a technical security audit of systems and networks. Students will explore state-of-the-art auditing techniques and apply appropriate tools to audit systems and network infrastructure components. In addition, students will write and present their audit reports on vulnerabilities as well as recommendations to fix any problems discovered. (Prerequisites: NSSA-221 and NSSA-245 or equivalent courses.) Lecture 3 (Fall, Spring).
   CSEC-467
   Mobile Device Security and Forensics
This course will be an in-depth study of security, incident response, and forensics as applied to the hardening and protection of mobile devices. Students will learn issues specific to the security of and vulnerabilities of mobile devices as well as forensics tools and incident response techniques used to reveal activities and information related to mobile devices. (Prerequisites: (CSEC-101 or CSEC-102 or CSEC-140) and (CSEC-124 or SWEN-124 or GCIS-124 or CSCI-142 or CSCI-140 or CSCI-242) or equivalent courses.) Lec/Lab 3 (Fall).
   CSEC-468
   Risk Management for Information Security
The three key elements of risk management will be introduced and explored. These are risk analysis, risk assessment, and vulnerability assessment. Both quantitative and qualitative methodologies will be discussed as well as how security metrics can be modeled, monitored, and controlled. Several case studies will be used to demonstrate the risk management principles featured throughout the course. Students will work in teams to conduct risk assessments on the selected case study scenarios. They will develop mitigation plans and present the results of their analysis both in written reports and oral presentations. (Prerequisites: CSEC-101 or CSEC-102 or CSEC-140 or equivalent course and at least 3rd year standing.) Lecture 3 (Fall).
   CSEC-469
   Wireless Security
The goal of this course is to provide the students with an understanding of the principles and concepts of wireless communications and networks, as well as their security vulnerabilities and security protocols. In addition, the students will gain practical experience via a series of attack/defense lab activities, and a software radio project to explore mechanisms for analyzing and/or securing modern wireless networks. The course begins with a primer on wireless security concepts from a physical-layer perspective. It then covers various generations of security protocols for IEEE 802.11 (Wi-Fi) systems, security of cellular networks, security of Internet-of-Things (IoT) communication protocols, security standards for connected vehicles communications, and other selected trending topics. (Prerequisites: (CSCI-462 or CSEC-362) and NSSA-241 or equivalent courses.) Lab 2, Lecture 2 (Fall).
   CSEC-470
   Covert Communications
Covert communications have been employed in the past in traditional information warfare. Today with huge amounts of digital information exchanged in our cyber space and covert communication will become a potential tool for information warfare inside the space. Students will be introduced to the history, theory, methodology and implementation of various kinds of covert communications. Students will explore future techniques and uses of covert communications. More specifically students will explore possible uses of covert communications in the management of botnets. Students will conduct research in this topic area and will write a research paper on their research. Students will be required to submit their paper for publication in a peer-reviewed venue. (This course is restricted to INFOSEC-BS students with 4th year standing.) Lecture 3 (Fall).
   CSEC-471
   Penetration Testing Frameworks & Methodologies
The process and methodologies employed in negotiating a contract, performing a penetration test, and presenting the results will be examined and exercised. Students will be exposed to tools and techniques employed in penetration testing. Assignments will explore the difficulties and challenges in planning for and conducting an assessment exposing potential vulnerabilities. Students will develop a metric used to evaluate the security posture of a given network and will develop a coherent and comprehensive report of their findings to present to their client. Particular attention will be paid to the ramifications of the findings toward the security of the targets. (Prerequisites: This course is restricted to students in GCCIS with at least 3rd year student standing.) Lec/Lab 3 (Spring).
   CSEC-472
   Authentication and Security Models
Access control and authentication systems are some of the most critical components of cybersecurity ecosystems. This course covers the theory, design, and implementation of systems used in identification, authentication, authorization, and accountability processes with a focus on trust at each layer. Students will examine formal models of access control systems and approaches to system accreditation, the application of cryptography to authentication systems, and the implementation of IAAA principles in modern operating systems. A special focus will be placed on preparing students to research and write about future topics in this area. (Prerequisites: CSEC-362 or CSCI-462 or equivalent course.) Lec/Lab 3 (Fall, Spring).
   CSEC-473
   Cyber Defense Techniques
Students will study, build, defend and test the security of computer systems and networking infrastructure while potentially under attack. Students will gain an understanding of standard business operations, timelines and the value of risk and project management. Techniques as related to security guidelines and goals will be studied. Aspects of legal requirements, inheriting existing infrastructure, techniques for backup and recovery of data and systems will be examined. (Prerequisites: This course is restricted to students in GCCIS with at least 3rd year student standing.) Lec/Lab 3 (Fall).
   CSEC-476
   Malware Reverse Engineering
This course provides an overview of basic concepts, techniques, and tools of malware reverse engineering. Students will learn how to perform reverse engineering to discover hidden software functions and hidden network communication techniques and protocols. Students will also learn techniques to protect against software reverse engineering. (Prerequisites: (CSCI-462 or CSEC-362) and (CSEC-202 or CSEC-466) or equivalent courses.) Lec/Lab 3 (Spring).
   CSEC-477
   Disaster Recovery Planning and Business Continuity
Security and network professionals are increasingly being called upon to apply their knowledge to the development of disaster recovery and business continuity plans. This course will explore DRP/BC in depth using current tools and techniques. Business requirements will be analyzed from the budget, business needs and risk management perspective. Experience gained from at least one co-op is required. (Prerequisites: CSEC-101 or CSEC-102 or CSEC-140 or equivalent course and at least 3rd year standing.) Lec/Lab 3 (Spring).
   CSEC-520
   Cyber Analytics and Machine Learning
The course provides students an opportunity to explore methods and applications in cyber analytics with advanced machine learning algorithms including deep learning. Students will learn how to use machine learning methods to solve cybersecurity problems such as network security, anomaly detection, malware analysis, etc. Students will also learn basic concepts and algorithms in machine learning such as clustering, neural networks, adversarial machine learning, etc. Students taking this course should have the 4th year status and completed MATH-190 Discrete Math, MATH-251 Probability and Statistics I, and MATH-241 Linear Algebra. (Prerequisites: MATH-190 and MATH-241 and MATH-251 or equivalent courses and at least 4th year standing.) Lecture 3 (Fall).
   CSEC-569
   Wireless Security
   CSCI-455
   Principles of Cybersecurity
This course provides a broad introduction to cybersecurity principles and practices, and emphasizes policies and mechanisms for building secure and trusted computer systems. It will cover cybersecurity principles, policies and mechanisms; core knowledge areas of data, software, component, connection, system, human, organizational and societal security; and crosscutting concepts of confidentiality, integrity, availability, risk, adversarial thinking, and systems thinking. Topics in privacy, and legal and ethical aspects will also be emphasized. Presentations, reports and projects are required. This course requires the knowledge of computer science theory and concepts of computer systems. (Prerequisites: CSCI-250 and (CSCI-262 or CSCI-263) or equivalent courses.) Lecture 3 (Spring).
   CSCI-464
   Xtreme Theory   
A fast paced, informal look at current trends in the theory of computing. Each week is dedicated to a different topic and will explore some of the underlying theory as well as the practical applications of the theory. Sample topics may include: quantum cryptography, networks and complex systems, social welfare and game theory, zero knowledge protocols. Students will be evaluated on homework assignments and a final presentation. Offered every other year. (Prerequisites: (MATH-190 or MATH-200) and (CSCI-140 or CSCI-142 or CSCI-242 or SWEN-124 or CSEC-124 or GCIS-124) or equivalent courses.) Lecture 3 (Fall).
   CSCI-531
   Introduction to Security Measurement
The course will introduce students into the algorithmic foundations and modern methods used for security evaluation and tools design. It will combine a theoretical revision of the methods and models currently applied for computer security evaluation and an investigation of computer security through the study of user's practice. The students will be required to complete a few homework assignments, to deliver a class presentation and to implement a team project. (Prerequisites: CSCI-351 or (4003-420 and 4003-440) or equivalent courses.) Lecture 3 (Fall).
   CSCI-532
   Introduction to Intelligent Security Systems
The course will introduce students to the application of intelligent methodologies in computer security and information assurance systems design. It will review different application areas such as intrusion detection and monitoring systems, access control and biological authentication, firewall structure and design. The students will be required to implement a course project on design of a particular security tool with an application of an artificial intelligence methodology and to undertake its performance analysis. (Prerequisites: CSCI-331 or CSCI-351 or equivalent course.) Lecture 3 (Spring).
   SWEN-331
   Engineering Secure Software
Principles and practices forming the foundation for developing secure software systems. Coverage ranges across the entire development lifecycle: requirements, design, implementation and testing. Emphasis is on practices and patterns that reduce or eliminate security breaches in software intensive systems, and on testing systems to expose security weaknesses. (Prerequisites: SWEN-261 and (SWEN-488 or SWEN-498 or SWEN-499 or CSEC-499 or CSCI-488 or CSCI-499 or CMPE-499) or equivalent course.) Studio 3 (Fall, Spring).

† An equivalent calculus sequence may be determined by the minor advisor.

‡ An equivalent discrete mathematics sequence may be determined by the minor advisor.