Master in Cyber Security

University of Tripoli - Department of Computer Networks

b

Description

Computing infrastructure is now central for communication, government, commerce, and control of our physical environment, and is a potential target of organized crime, terrorist and criminal attacks. Graduates who understand the technologies and practices that support secure computer systems are in great and ever-growing demand.

Cyber security is about designing systems that resist attack. As computers become ever more ubiquitous and ever more connected with each other, the opportunities for attackers become even greater, and the need to resist them becomes more urgent. 

This Cyber Security Masters/MSc program will give the graduates the skills they need to deal with current and future cyber security threats. It provides a solid foundation for graduates to pursue a career in the software and networking industry or research.

Included in the program is the opportunity to enhance industry relevant skills with study in ISO27001 Lead Implementer and Ethical Hacking.

This is MSc degree program is suitable for many graduates in a computing-related discipline. It will allow students to obtain the knowledge and expertise to evaluate, design and build secure computer systems, processes, and people that are involved in cyber security. It covers the theory and practice of designing and building secure systems and gives students a firm grounding in cryptography, network security and secure programming, as well as optional courses in topics such as hardware and embedded system security, database security, operating systems and incident management and forensics. In addition, this MSc program gives students the required practical experience with technologies and toolkits for building internet-based software systems

Objectives

  • Allow students to obtain knowledge and expertise to evaluate, design and build secure computer systems and to manage the systems, processes, and people that are involved in cyber security.
  • Provide exposure to and experience with technologies, potential vulnerabilities, and standards for such systems.
  • Provide a solid foundation for graduates to pursue a career in the cyber security industry or research.

Outcomes

Intended Learning OutcomesAfter successful completion of the program, students will be able to:

  • Choose the appropriate research methodology.
  • Explain the ethical and professional issues that may arise in research.
  • Understand the fundamentals of security Management and Standards.
  • Know and use the common Information Systems Security models.
  • Use the performance parameters to measure the efficiency of security protocols.
  • Ability to implement and configure network and system security tools.  
  • Program Learning Outcomes Knowledge &understand
    • The essential facts, concepts, principles, and theories relating to computer security.
    • Appropriate theory, practices, and tools for the design, implementation and evaluation of secure computer systems.
    • Appropriate theory, practices and processes for the management and governance of cyber security in industry.
    mental skills
    • The ability to apply the knowledge and understanding noted above to the analysis of a given information handling problem.
    • The ability to specify, design and construct secure computer systems, using appropriate tools, and to document all stages of this process.
    • The ability to discover vulnerabilities in implementations.
    • The ability to evaluate internet-based software systems in relation to given computer security requirements.
    Practical & professional skills
    • Hands on training in developing applications.
    • Diagnosis of problems and use of diagnostic and auditing tools.
    • Students will complete activities that involve creating Group Policy Objects using Active Directory Server.
    • Prepare a research paper.
    • Evaluate the security level for information technology systems.
    • Diagnose the performance level of the Data Center and how to protect it.
    • Gain a problem-solving skills using different modeling and simulating tools.
    General and transferable skills
    • The ability to work independently on a substantial software project and as an effective team member.
    • Management of learning and development, including time management, organizational skills, and the ability to pursue independently further development of their IT education
    • Teamwork: ability to function on multidisciplinary teams as a leader or a member.
    • An ability to communicate effectively, orally and in writing.
    • Time mgmt., working under pressure
    • Public speaking, presentation of results

    Certificate Rewarded

    Master of Information Technology in Cyber Security

    Entry Reuirements

    • Holds BSc in Information technology or engineering or Computer science from a well-known accredited program at a University level
    • Passing a written exam
    • passing an interview

    Study Plan

    The Master in Cyber Security prepares students to qualify for Master in Cyber Security. The student studies several subjects which have been carefully chosen in this major to cover its different aspects.

    It comprises 4 Semesters of study, in which the student will study a total of 30 units, which include 3 units of general subjects, and 12 major units, 6 of elective units. In addition to a final project in the student's major.

    Study plan for this program is shown below:

    1st Semester

    Code Title Credits Course Type Prerequisite
    ITNS511 Research Methods 03 Compulsory +

    This course introduces students to the issues, concepts, methods and techniques associated with science and technology research in general and those most commonly used for research in information technology and management. On successful completion of this course, students should be able to: Recognize and explain the main research methodologies used in information technology research, Choose the appropriate research methodology, Describe the most common data collection and analysis methods used in information systems research, Explain the ethical and professional issues that may arise in research, Communicate both orally and in writing, and describe the professional environment and different kinds of roles in which information technology research is conducted.

    ITNS513 Secure software systems 03 Compulsory +

    Many failures and vulnerabilities arise at the programming level. These are often due to inadequate handling of exceptional situations, poor understanding of the details of the programming language in use, and incomplete descriptions of the interfaces between components. This course aims to improve the practitioner's capability in writing and reviewing code, through a thorough understanding of static analysis, run- time assertion checking, and compile-time verification.

    2nd Semester

    Code Title Credits Course Type Prerequisite
    ITNS515 Internet Security and protocols 03 Compulsory +

    To develop a comprehensive understanding of the underlying technologies of computer and network security mechanisms and a critical awareness of the overhead, impact and relative value of the protection offered. Models for network security. Threat of and countermeasures for intruders. Internet security architecture. Internet standards and security standards. Network security tools and applications. Security protocols for Application, Transport and Network layers in TCP/IP architecture of the Internet. Security protocols for new emerging technologies such as Internet of Things and Cloud computing.

    ITNS522 Advanced cryptography 03 Compulsory +

    To gain an advanced understanding of the mathematical principles underlying cryptography and to be able to apply widely researched cryptographic techniques to securing network applications. To gain insight into further cryptographic primitives and protocols for information security, as well as some advanced crypt analysis techniques. Mathematical principles for cryptography techniques. Types of cipher. Digital signatures, Hash functions and data integrity. Identification and entity authentication. Key establishment key management. Encryption and signature schemes based on advanced discrete logarithms and factoring algorithms. Multivariate cryptography and algebraic attacks. Side-channel and fault attacks.

    3rd Semester

    Code Title Credits Course Type Prerequisite
    ITNS524 Security Policy and Risk Management 03 Compulsory +

    This course discusses how to implement security policies to support organizational goals. It provides students with an introduction to information security policies, discuss the entire lifecycle of policy creation and enactment and presents students with issue specific policies in different domains of security. The course also discusses disaster recovery methodologies for identifying, quantifying, mitigating, and controlling security risks. Students learn to write IT risk management plans, standards, and procedures that identify alternate sites for processing mission-critical applications, and techniques to recover infrastructure, systems, networks, data, and user access.

    ITNS526 Ethical hacking for cyber security 03 Compulsory +

    To develop a comprehensive understanding of how to secure business systems. Background to ethical hacking; footprint and reconnaissance; scanning networks; enumeration; system hacking; Trojans, backdoors, sniffers, viruses and worms; social engineering; DoS; DDoS, hijacking and hacking; cryptography and penetration testing.

    4th Semester

    Code Title Credits Course Type Prerequisite
    ITNS600 M.Sc. Theses 03 Compulsory +

    Dissertation combines the educational theory and practice to create a learning experience that enables the development of skills that can be applied to complicated real-world problems. The dissertation project module commences with a research methods training component during which students will be given instruction and guidance on the planning and organization of their work. During the course of the research methods training students will also be expected to start formulating their project. The project itself, will be individually or jointly supervised as soon as the committee approves the proposal. There is an interim assessment point during the course of the project where students submit their project specification and design. At the end of the project students are expected to submit a dissertation describing their project.

    Elective Subjects

    Code Title Credits Course Type Prerequisite
    ITNS501 تصميم أنظمة آمنة 03 Elective +

    The course will cover the fundamental concepts supporting the design and management of secure systems. Security by design means that security is integrated in the entire development lifecycle of IT systems, including programming, testing, deployment, configuration and operation. This course teaches how to build adequate security into systems that thereby are able to maintain their functionality while being exposed to cyber-threats. Security devices, processes, techniques, and tools are emphasized in this course such as firewalls, intrusion detection, intrusion prevention, VPN types.

    ITNS502 Forensics, Malware, and Penetration Testing 03 Elective +

    This module will look at ways of assessing the security of computer software and hardware, and how to investigate and respond when security has been compromised. A range of methods and tools will be introduced to identify vulnerabilities, and to analyze systems that have already been attacked.

    ITNS503 Security management and business continuity 03 Elective +

    This course is based on Information Security Management System Framework (ISO27000) and ISO 22301 standard, to develop a comprehensive understanding of an Information Security Management System (ISMS) based on ISO27001 compliance. How to implement a compliance framework for ISO27001; fundamental principles of information security; Information security control best practice based on ISO27002 (including reference to ISO22301); planning and implementing ISMS; performance evaluation, monitoring and measurement of an ISMS; continual improvement of an ISMS; preparation for an ISMS audit

    ITNS504 Information Security Governance and Risk Management 03 Elective +

    This course discusses how information security governance helps organizations to move from a reactive approach to cybersecurity to a proactive approach. This course discusses how the information security governance will Categorize and mitigate risks and threats, Prepare an organization for identifying, remediating, and recovering from a cyberattack or breach, Provide a method for executive leadership to understand their risk posture and maturity levels, and Outline a risk-based approach to the people, systems, and technology that are used every day.

    ITNS506 Wireless networks and security 03 Elective +

    The course will study security mechanisms and protocols in different wireless networks and technologies. It will present network security protocols and cryptographic communication mechanisms for realizing specified security properties in wireless and mobile networks, such as secrecy, integrity, authentication, privacy, crypto key distribution, and access control. In addition, it will discuss and analyze the security concerns associated with wireless networks.

    ITNT505 Network and system Security 03 Elective +

    The course begins with a study of classical cryptosystems and the methods used to break them. The major currently used systems, DES, AES and RSA, are then introduced and examined from a design and security perspective. It then reviews how these tools are utilized in the Internet protocols and applications such as SSL/TLS, IPSEC, Kerberos, PGP and others including wireless. They will learn how to identify network security threats.System security issues are also covered, such as viruses, intrusion and firewalls. The design, implementation and configuration of system security for operating systems, databases and servers with attention given to defense and prevention systems, intrusion detection systems and trace-back systems. They will also learn how to select and deploy firewalls and manage VPNs.