Cybersecurity & Information Assurance

This course covers vital information assurance and computer security principles as applied to computer systems and organizational information systems. Information assurance principles such as availability, integrity, and confidentiality are applied strategically to ensure the integrity of data and information. The complex concepts of data privacy, data security, and the relationship of security to organizational computer systems are integral to this course. Many facets of computer security such as integrated circuit security, physical security, personnel security, systems security, and operations security are discussed and related directly to information assurance principles. The concepts of risks, threats, and vulnerabilities as applied to computational systems are covered as well as the mitigation them through various forms of software and computer technologies in a defense in depth structure. The course also includes a survey of various laws and government initiatives to implement information assurance in the organization in a lawful manner. The course concludes with the development of a NIST compliant comprehensive information assurance plan for the complete organization: PCs, networks, databases, and supporting communications infrastructure.

This course will cover the proactive and pre-emptive cyber defense of information system assets at the data level through the organizational level and ultimately the national level. The ultimate goal of proactive defense is to mitigate the cyber risk of the organization. As such, risk management is comprehensively integrated into the course. The defense of critical infrastructure is studied and plans for preventing, protecting, and providing time sensitive responses to attacks or threats are covered in detail to insure the confidentiality, integrity, and availability of data and information throughout the organization. The complexity of attacks and blended threats is covered from a holistic security point of view to ensure that threats from advanced or multiple sources are effectively mitigated to protect sensitive information and to safeguard organizational assets.

This course covers the art and science of cyber security forensics, which is the application of investigation and analytical techniques to cyber systems to extract and preserve information that can inform cyber professionals on risk mitigation and that can legally be presented as evidence in a court of law. The course covers attack analysis in detail and provides sound investigative methods for collecting, analyzing, preserving, and interpreting cyber information and evidence. In addition to the technological aspects of cyber forensics, the course will cover the legal aspects of cyber forensics including classifications of evidence, evidence preservation, evidence tampering, discovery procedures and protocols, and case presentation in court. The course will conclude with a comprehensive case study and the techniques and processes used to construct cyber forensic reports and evidence repositories for pending cyber-criminal cases.

This course covers the basic and advanced concepts of cryptography and applies them to real world applications with a special emphasis on cyber security applications. It covers the mathematical and logical aspects of cryptographic systems and how these constructs apply to real-world applications. The course also covers basic and advanced cryptographic protocols. Ciphers, encryption, and message integrity will be studied expensively. A comprehensive study of key systems will be a major part of the class. The course will conclude with the construction of original cryptographic constructs that are applied to real world applications and tested for effectiveness and efficiency.

This course covers advanced techniques of complex, blended threat analysis to ensure that the organization and its information assets are safe and secure through methods that facilitate the confidentiality, integrity, and availability of data and information at all organizational levels. The course focuses on advanced machine learning and artificial intelligence techniques and software that pre-emptively assess and mitigate threats from local, national, and international sources. Extensive threat data modeling and analysis techniques are studied and applied to myriad science, technology, engineering, and management domains and industries. Special emphasis is placed on mitigating zero-day and large scale coordinated attacks on an organization’s information infrastructure. The course explores and dissects case studies to demonstrate the best approaches and lessons learned from recent global cyber-attacks. The course concludes with the development of a software system that can sense and detect attack pre-emptions and protect the organization from those attacks, even if they are zero-day attacks based on sound threat analytics, visualizations, and models.

Machine learning is a complex yet a fast-moving field with many real world commercial applications. The goal of machine learning is to build computer models that can produce useful information whether they are predictions, associations, or classifications. The ultimate goal for many machine-learning researchers is to build computing systems that can automatically adapt and learn from their experience. This course will study the theory and practical algorithms, basic concepts and paradigms, key techniques, challenges, and tricks of machine learning. It also covers examples of how machine learning is used/applied today in the real world, and exposes students to the construction and use of machine learning algorithms. This course discusses recent applications of machine learning, such as to robotic control, speech recognition, face recognition, data mining, autonomous navigation, bioinformatics, and text and web data processing. It also fuses machine learning with other areas of artificial intelligence and robotics.