This course exposes students to the cross-disciplinary and broad information security field. It surveys a range of fundamental topics of information security principles, architecture, policy and standard, risk management, cryptography, physical, operation, system and network security mechanisms, and law and ethics, among others. This course includes lectures, case studies, and homework. Students will also complete independent study class projects. Recommended Course Background: Basic knowledge of computer system and information technology.
This course will examine various legal and policy issues presented by the tremendous growth in computer technology, especially the Internet. The rights that various parties have with respect to creating, modifying, using, distributing, storing, and copying digital data will be explored. The concurrent responsibilities, and potential liabilities, of those parties will also be addressed. The course will focus on intellectual property issues, especially copyright law, and other legal and economic considerations related to the use and management of digital data. Copyright law and its role within the framework of intellectual property law will be presented in a historical context with an emphasis on its applicability to emerging-technology issues. Specifically, the treatment of various works, such as music, film, and photography that were traditionally, analog in nature will be analyzed with respect to their treatment in the digital domain; works that are by their nature digital, such as computer software, will also be analyzed. The current state of U.S. copyright law will be presented, as will relevant international treaties and foreign laws. The goal of the course is to provide those involved or interested in digital rights management with a general awareness of the rights and obligations associated with maintaining and distributing digital data. (This course will be taught in Washington, DC and video-cast on Homewood Campus.)
Area: Social and Behavioral Sciences
This course focuses on understanding the history, the vulnerability, and the need to protect our Critical Infrastructure and Key Resources (CIKR). We will start by briefly surveying the policies which define the issues surrounding CIKR and the strategies that have been identified to protect them. Most importantly, we will take a comprehensive approach to evaluating the technical vulnerabilities of the 18 identified sectors, and we will discuss the tactics that are necessary to mitigate the risks associated with each sector. These vulnerabilities will be discussed from the perspective of ACM, IEEE or other technical journals/articles which detail recent and relevant network-level CIKR exploits. We will cover well known vulnerable systems such the Internet, SCADA or PLC and lesser known systems such as E911 and industrial robot. Also, a class project is required. Recommended Course Background: EN.650.424 or equivalent or permission by instructor.
Area: Engineering, Natural Sciences
This course focuses on communication security in computer systems and networks. The course is intended to provide students with an introduction to the field of network security. The course covers network security services such as authentication and access control, integrity and confidentiality of data, firewalls and related technologies, Web security and privacy. Course work involves implementing various security techniques. A course project is required. Course Background: EN.601.220, EN.601.226, EN.601.418 or equivalent.
Cyber security affects every facet of industry and our government, and thus is now a threat to National Security. This course is designed to introduce students to the skills needed to defend computer network infrastructure by exposing them to the hands-on identification and exploitation of vulnerabilities in servers (i.e., Windows and Linux), wireless networks, websites, and cryptologic systems. These skills will be tested by having teams of students develop and participate in instructor lead capture-the-flag competitions. Also included are advanced topics such as shell coding, IDA Pro analysis, fuzzing, and writing or exploiting network-based applications or techniques such as web servers, spoofing, and denial of service.
This course explores the ethical and legal underpinnings of the concept of privacy. It examines the nature and scope of the right to privacy by addressing fundamental questions such as: What is privacy? Why is privacy morally important? How is the right to privacy been articulated in constitutional law?
This course addresses the risks (financial, reputation, business, and third party), costs, ROI, and other business issues concerned in planning and managing a secure operation. Topics include disaster recovery, outsourcing issues; service level agreements; evaluating external security service providers; assessing security total cost of ownership; audit procedures; financial integrity; cost/benefit analyses; back-up and recovery provisions; insurance protection; contingency and business continuity plans; qualitative and quantitative risk analysis; monitoring the security of the enterprise; information economics; performance reporting; automated metrics reporting; responses to threats; effects of security policies and practices on business and customers; preparing a business case for information security investments; and developing cost-effective solutions given constraints in money, assets, and personnel. Case studies and exercises will be used to illustrate financial planning and evaluation of security operations.
Intrusion detection supports the on-line monitoring of computer system activities and the detection of attempts to compromise normal services. This course starts with an overview of intrusion detection tasks and activities. Detailed discussion introduces a traditional classification of intrusion detection models, applications in host-centered and distributed environments, and various intrusion detection techniques ranging from statistical analysis to biological computing. This course serves as a comprehensive introduction of recent research efforts in intrusion detection and the challenges facing modern intrusion detection systems. Students will also be able to pursue in-depth study of special topics of interest in course projects.
Area: Engineering, Natural Sciences
This course focuses on the personnel, legal, regulatory and privacy issues that comprise the basic security management areas that must be considered when developing and implementing an effective information security program. Specific topics include security-related legislation, government and industry security frameworks, the identification and management of risk, security controls, defense in depth, critical infrastructure protection, development and implementation of an enterprise wide security strategy, and organizational roles and responsibilities.
This course introduces the student to the field of applied Computer Forensics as practiced by corporate security and law enforcement personnel. The emphasis is on "dead box" (powered off) data extraction and analysis with open-source tools. Topics covered include legal and regulatory issues, forensic imaging and data acquisition from a "dead" system, computer file systems (FAT/NTFS) and data recovery, Windows Registry and configuration records, Windows log analysis and operating system artifacts, memory dump analysis (RAM), software artifacts, computer network forensics, introductory mobile device forensics, case reporting and documentation, end-to-end computer forensic examinations, peer review, and testifying in court.
Cryptography has a rich history as one of the foundations of information security. This course serves as the introduction to the working primitives, development and various techniques in this field. It emphasizes reasoning about the constraint and construction of cryptographic protocols that use shared secret key or public key. Students will also be exposed to some current open problems. Permission of instructor only.
Competent execution of security assessments on modern software systems requires extensive knowledge in numerous technical domains and comprehensive understanding of security risks. This course provides necessary background knowledge and examines relevant theories for software vulnerabilities and exploits in detail. Key topics include historical vulnerabilities, their corresponding exploits, and associated risk mitigations. Fundamental tools and techniques for performing security assessments (e.g., software reverse engineering, static analysis, and dynamic analysis) are covered extensively. The format of this course includes lectures and assignments where students learn how to develop exploits to well-known historical vulnerabilities in a controlled environment. Students will complete and demonstrate a project as part of the course.
Cloud computing promises significant cost savings via economies of scale that typically are not achievable by a single organization. This course examines cloud computing in detail and introduces the security concerns associated with cloud computing. Key topics include service models for cloud computing, virtualization, storage, management, and data processing. Fundamental security principles are introduced and applied to cloud computing environments. The format of this course includes lectures and hands-on assignments. Students will complete a project and present it as part of the course.
Area: Engineering, Natural Sciences
Security analytics refers to information technology solutions that gather and analyze security events to bring situational awareness and enable IT staff to understand and analyze events that pose the greatest risk. Increasingly, detecting and preventing cyber attacks require sophisticated use of data analytics and machine learning tools. This course will cover fundamental theories and methods in data science, modern security analytical tools, and practical use cases of security analytics. Students of this course learn concepts, tasks, and methods of data science; and how to apply data science to cyber security problems. Students also learn how to use modern software in security analytics. Recommend Course Background: Basic knowledge of statistics; Either python or R programming skill (do not require both).
The past few decades have seen a rapid evolution of wireless LAN and cellular technologies. In addition to wireless access technologies, various types of network layer and application layer mobility protocols have been developed to provide seamless connectivity to mobile users. Maintaining end-to-end security for these mobile users needs to take into account authentication, authorization, integrity and confidentiality as mobile devices change their point-of-attachment. This course will provide an overview of various wireless access technologies, mobility protocol taxonomy and will describe end-to-end security including mobile end point, radio access network, network core, and application services. In addition, this will include hands-on lab experiments to examine security over wireless and mobile networks and a research group project. Overall objective of this course is to impart both theoretical and practical knowledge to the students, and at the same time make them ready for any future research to solve complex problems. Recommended Course Background: Knowledge of TCP/IP, Linux, Fundamentals of Networking
Area: Engineering, Natural Sciences
This course provides an overview of cybersecurity capabilities and practices in the global community. International organizations engaged in cybersecurity policy and governance and the national strategies of many countries are examined in detail. Students will gain insights into the political, economic, military, and technological components of cybersecurity as practiced in the U.S., UK, China, Russia, and other countries. The course is designed around four general themes: global cyber threats, strategies and policies in response to cyber threats, comparative cybersecurity capabilities of nation-states; and cybersecurity in international politics. Students will also gain an appreciation of key cybersecurity issues like critical infrastructure protection and information sharing in the international context. The course will provide students a broad perspective on the global context of cybersecurity, complementing knowledge gained in other courses in the graduate program. There will be assignments to study key literature and current events, as well as quizzes and a mid-term exam. Students will also conduct research projects that focus on the interaction of technology, policy, strategy, and governance, and present results to the class. EN.650.401/EN.650.601 recommended
Data breaches, cyber attacks, cybercrime, and information operations in social media continue to increase in frequency and severity, causing businesses and governments to focus more resources on cybersecurity risk management and compliance. Utilizing real-world data breaches and attacks as motivation, this course will provide students knowledge of risk management concepts, frameworks, compliance regimes and best industry practices used to ensure sound cybersecurity practices in government, commercial, and academic organizations. Lab exercises will provide opportunities for students to experience key aspects of the risk management process and help prepare them for post-graduation assignments as cybersecurity professionals. Recommended Course Background: EN.650.601.
This course will analyze advanced topics and state of the art issues in the field of digital forensics. The course will be run in a research seminar format and students will be given both basic and applied research projects in such areas as: intrusion analysis, network forensics, memory forensics, mobile devices, and other emerging issues.
All MSSI programs must include a project involving a research and development oriented investigation focused on an approved topic addressing the field of information security and assurance from the perspective of relevant applications and/or theory. There must be project supervision and approval involving a JHUISI affiliated faculty member. A project can be conducted individually or within a team-structured environment comprised of MSSI students and an advisor. A successful project must result in an associated report suitable for on-line distribution. When appropriate, a project can also lead to the development of a so-called "deliverable" such as software or a prototype system. Projects can be sponsored by government/industry partners and affiliates of the Information Security Institute, and can also be related to faculty research programs supported by grants and Contracts. Required course for any full-time MSSI student. Open to MSSI students. Permission required for non-MSSI students.
Open to MSSI students Permission Required for non-MSSI students All MSSI programs must include a project involving a research and development oriented investigation focused on an approved topic addressing the field of information security and assurance from the perspective of relevant applications and/or theory. There must be project supervision and approval involving a JHUISI affiliated faculty member. A project can be conducted individually or within a team-structured environment comprised of MSSI students and an advisor. A successful project must result in an associated report suitable for on-line distribution. When appropriate, a project can also lead to the development of a so-called "deliverable" such as software or a prototype system. Projects can be sponsored by government/industry partners and affiliates of the Information Security Institute, and can also be related to faculty research programs supported by grants and Contracts. Required for MSSI students on full-time status.
Individual study in an area of mutual interest to a graduate student and a faculty member in the Institute.