Cyber Intelligence and Security (CI)


CI 505  Cyber Intelligence and Information Systems Security  3 Credits (3,0)

This course covers the classic problem of a Chief Security Officer today, identify assets, determine vulnerabilities, create protections, monitor the systems, recover from breaches and continue to evolve the security. NIST (National Institute of Standards and Technology) cyber security framework, best practices. CISSP knowledge domains and in depth concepts will be addressed

CI 510  Advanced Analytical and Research Methodologies  3 Credits (3,0)

This course would look at the methods for research, statistical methods when comparing models and theory, survey methods to find related papers and authors to prepare the student for either thesis or professional papers. We will initially cross lit the current research methods course offered in MSSIS 535.

CI 515  System Security and Architecture  3 Credits (3,0)

This course covers the details of system level architecture for designing, developing, deploying and maintaining secure infrastructures. The student will use lab environment and case studies to understand and experience a variety of modern solutions. Virtual machine environments, hybrid clouds, intranets, defense in depth, cloud based solutions will be examined and prototyped to mimic the environments from case studies in a variety of industries

CI 525  Advanced Network Technology and Security  3 Credits (3,0)

Exposure and understanding of the modern network solutions for LAN, WAN, W-LAN and Ad-hoc networks. Software Defined Networks (SDN), Limitations of current solutions, security issues with mixed nodes (IPV4/IPV6). Definitions and research on next generation secure network architectures (BlankSlate and other DARPA Industry / Academic initiatives). Students will demonstrate ability to work with different environments, create and understand policies, discuss and report on emerging systems such as automotive, aviation (nextgen) or IoT network structures. It would delve into modern software defined networks, next generation security methods, blank slate proposals, best practices, mobile networks such as automobile or NextGen aviation systems

CI 535  Intrusion Detection and Prevention  3 Credits (3,0)

Develop understanding of the current practices in intrusion detection, limitations, use of SIEM systems such as AlienVault, policies and legal / ethical concerns of privacy. Demonstrate the ability to detect, identify, resolve and document host or network intrusions.

CI 545  Cyber Policy, Legal, Ethics and Compliance  3 Credits (3,0)

This course covers the complex state of legislation, regulation in the cyber security space for corporations and government agencies. The ethical issues associated with whistleblowing, espionage, competitive intelligence, international norms for protection of intellectual property are varied and intertwined. Students will explore questions facing industry professionals related to the changing laws, regulations in the global economy. Questions of privacy, law enforcement cooperation and adherence to international standards are researched. Questions that include cybersecurity insurance, self-insurance and obligations to shareholders, boards and employees are tackled.

CI 550  Security Program Management  3 Credits (3,0)

Students will demonstrate the ability to define and implement a security program for the protection of an organizations systems and data. Topics will include project and resource management, budget analysis (cost benefit, ROI etc), Risk management and analysis and more. Industry and government best practices will be researched defining elements such as goals, metrics, objectives, frameworks (NIST, ISO). Problems from industry will be utilized as case studies with deliverables and reviews. Open problems will be identified and methods for evaluating effectiveness of programs utilized.

CI 555  Software Reverse Engineering and Malware Analysis  3 Credits (0,3)

In this course, the details of software execution will be utilized to understand the logic associated with malware such as remote access Trojans, embedded phishing or spearphishing attacks and others. Virtual machines are used to isolate the malware from the external network, instructions intercepted and analyzed to discover command and control, file processing and more.

CI 595  Big Data Analytics and Machine Learning  3 Credits (3,0)

This upper level course will address the security issues and challenges related to the widespread use of big data technology by first introducing the basic concepts and tools in big data analytics. The course will discuss the use of massive parallelism, data distribution, high-performance computing, data mining, machine learning, and data visualization in the first part of the course. The course will make use of modern big data analytical tools and algorithms to develop skills in data interpretation and machine learning. The course will also address vulnerabilities from fake data generation and other weaknesses related to security controls. The material in this course will focus on building a clear understanding of big data analytics and AI technologies using case studies of realistic examples and using open source resources, such as Hadoop software and Hortonworks Sandbox toolsets

CI 625  Advanced Network Forensics  3 Credits (3,0)

This course will consider the challenges associated with storage, social interactions and computation in a cloud based and virtual environment. The challenges will include tracing network interfaces, seeking data through service providers, snapshot tools and bringing network traffic analysis together with storage and service logs to create timelines, histories. The current challenges to law enforcement, corporate security and government operations will be explored

CI 630  Threat Intelligence  3 Credits (3,0)

This course will focus on the techniques used today by leading researchers to identify, capture samples of threats (malware) from the wild, analyze the behavior and create actionable intelligence for sharing, publication, and attribution. Companies such as CrowdStrike, FireEye, RSA and others value this training and offer these services to corporations and governments. Our students would interact with leading threat hunters and participate in actual events for clients and training at the same time.Demonstrate the ability to configure IDS/IPS systems to reduce false positives and false negatives. Understand and articulate policies choosing different set points. Understand the current state of the art and areas of current and future research

CI 665  Mobile Device Security  3 Credits (3,0)

The growing threats in the Mobile App world continue to grow and will accelerate as new devices are added to the network. Leading malware now affects billions of devices per year in the form of Trojans, Viruses and Worms. This course will look at the state of the art in protecting at the App Store as well new client based heuristic tools that manage the behavior of the devices watching for anomalous behavior. Research topics abound and students will have the opportunity to explore questions suitable for publication and thesis exploration.

CI 670  Systems Programming and Security  3 Credits (3,0)

This course will be based on problems from industrial controls, system control or other challenge where complex systems are required to link software with hardware for specific mission critical roles. These problems arise in manufacturing, control of navigation systems such as automotive or aerospace, or transactions such as stock market trading systems. The common element is the requirement to interface with hardware, firmware specifications that have time critical or network critical elements that can expose resources if manipulated or attacked outside the expected operation. Open problems and areas of research will be identified and studied offering opportunities for papers or thesis topics.

CI 680  Virtualization Technologies and Security  3 Credits (3,0)

Modern virtualization architectures will be studied and implementations created in the lab environment. Students will research the state of the art in cloud offerings (AWS, Azure, Google etc) as well as the hypervisors used to deploy environments. Topics will include memory management, networking, storage, scheduling, forensics and the emerging security issues associated with migration, snapshots, side channel and hosting challenges. The latest research on virtualization and performance on global scales will be reviewed. Students will have the opportunity to create publishable work in this area.

CI 690  Cyber Security Graduate Project  6 Credits (3,0)

This course consists of a project in Cyber Intelligence and Security that the student will undertake at the end of the academic coursework for the program in lieu of thesis. It will culminate in a written document on a project chosen and carried out by the student under the guidance of the Project Advisor. The project will be expected to demonstrate mastery of the topic and must be of a quality suitable for publication

CI 698  Comprehensive Exam  6 Credits

The student may elect to use coursework only to complete their Masters degree. In this selection, a set of questions will be presented to the student compiled from all courses in the students chosen program. The performance on this exam along with the performance on all coursework will denote the completion. Those choosing this approach will take two additional elective courses to be equivalent to the 6 hours invested in either a thesis or special project.

CI 700  Masters Thesis  6 Credits

The student may elect to complete an academic thesis. The academic thesis will follow the traditional committee review process and the student will be required to present and defend his or her thesis in public presentation open to other faculty, student and interested public. Students are expected to clearly demonstrate their research, analytical and presentation skills during the thesis development and presentation. The student will isolate a critical issue in cyber intelligence and security. Their effort should not only add the body of existing research but demonstrate a unique or difficult approach to explaining or resolving the issue identified, thus extending the body of knowledge in that specific area of expertise.