Master in Information Systems Security

Faculty: Faculty of Science & Technology (FST)

Department: Department of Information and Communication Technology

Program: Master in Information Systems Security

Course Outline

....

General Info

  • Intake: Once in a Year
  • Application Duration: 25 October - 25 November 2024
  • Written Test and Viva Voce: 13 December 2024 (0900 hrs -1100 hrs)
  • Class Start: 24 January 2025
  • Method of Application: Online
  • Course Duration: 2 (two) years, 4 (four) semesters
  • Total Credit Hours: M. Sc. Engineering (Theory: 22 Cr. + Thesis: 18 Cr.) &  M. Engineering (Theory: 34 Cr. + Project: 6 Cr.)
  • Total Course Fee : M. Sc. Engineering - TK. 1,95,000.00 & M. Engineering - TK. 1,80,000.00 which may be re-fixed by the authority.

Eligibility for Admission

1. For admission to the courses leading to the degree of M.Sc. Engg. /M. Engg.in Information Systems Security (MISS), an applicant must have obtained a bachelor degree in CSE, EEE, ICT, EECE, ETE, ECE, ICE, IT, Software Engineering or relevant engineering background from any recognized university from home and abroad.  

.

2.A minimum GPA of 3.50 out of 5.00 or a first division or equivalent in any one of SSC and HSC or in equivalent examinations and must not have a GPA less than 2.50 out of 5.00 or a third division or equivalent in any of the aforementioned examinations.



(3)  At least 50% marks or a minimum GPA of 2.50 out of 4.0 or its equivalent in  B. Sc. Engineering or equivalent in the relevant discipline.

 

Admission Test Syllabus

  •  1) Computer Fundamentals   25 Marks
     2) Software& Hardware 25 Marks
     3) Quantitative Reasoning  20 Marks   
  • Total= 70 Marks

Exam Type

  •  MCQ (1 Hour)

Weightage

  •  1) Written(MCQ) – 50%
     2) Viva- 15%
     3) Previous Exam- 35% (B.Sc.-20% and SSC/HSC-15%)

Contact Information

  •  Program Coordinator, MISS , Dept. of ICT, FST, BUP, Phone- 01769021830
  •  Program Office- 01671087217, Email: miss@bup.edu.bd

Others Information

  •      Course Interaction Time: Friday (09:30 AM - 12:30 PM, 02:30 PM- 05:30 pm) and Saturday (09:30 AM - 12:30 PM, 01: 00 pm - 04:00 pm)

...

--

Objectives

  • No objective found!

Outcomes

  • No outcome found!

References

  • No reference found!

Objectives

  • 1. To gain a fundamental knowledge of what Cyber Security is and how it applies to your daily work. 2. To gain an understanding of terms commonly used in Cyber Security such as ―vulnerability‖ 3. To know how vulnerabilities, occur and how to limit your exposure to them 4. To gain a fundamental understanding of what an attack/threats are,and how to identify and prevent them from occurring 5. To provide the fundamental skills and understanding needed to manage risk & recover disaster

Outcomes

  • This subject provides students with knowledge of cyber security principles along with industry-based vendor-neutral IT security knowledge and skills. Students will be introduced to a broad range of cyber security related topics such as infrastructure security, communications network security, cryptography, access control, authentication, external threats, and operational and organizational security. Upon completion of this course, graduates will be able to: 1. Possess a fundamental knowledge of Cyber Security 2. Understand what a vulnerability is and how to address most common vulnerabilities 3. Know basic and fundamental risk management principles as it relates to Cyber Security 4. Have the knowledge needed to practice safer computing and safeguard your information 5. Demonstrate and apply knowledge of current trends in ICT security, particularly those that relate to security protocols and policy, cryptography, malware, digital forensics, and legal evidence; 6. Investigate emerging security trends and their application to professional practice; 7. Effectively communicate IT security concepts and solutions in a variety of professional settings; 8. Apply skills in the identification of security threats, implementation of secure system properties, security testing, and incident response; 9. Have the knowledge needed to practice safer computing and safeguard your information 10. Critically evaluate and reflect on ethical issues that relate to the IT discipline; 11. Employ research skills that apply to the practice of computer security in a professional context.

References

  • 1. Rhodes-Ousley, Mark. Information Security: The Complete Reference, 1stEdition,. Information Security Management: Concepts and Practice, New York, McGraw-Hill, 2013. 2. David Sutton, Cyber security: A practitioner’s guide. 3. P.W. Singer, Allan Friedman, Cyber security and Cyber war: What Everyone Needs to Know, 1st Edition, ISBN-13: 978-0199918119. 4. Don Franke, Cyber Security Basics: Protect your organization by applying the fundamentals, 1st Edition. 5. Kenneth Geers, Strategic Cyber Security, CCD COE Publication, ISBN 978-9949-9040-7-5 (pdf).

Objectives

  • 1. To identify some of the factors driving the need for network and operating systemsecurity 2. To identify and classify particular examples of attacks 3. To define the terms vulnerability, threat and attack 4. To identify physical points of vulnerability in simple networks 5. To compare and contrast symmetric and asymmetric encryption systems and their vulnerability to attack and explain the characteristics of hybrid systems.

Outcomes

  • 1. Monitor, evaluate and test security conditions and environment 2. Develop an organizational security plan that provides for periodic reviews of security policies and procedures 3. Evaluate tools and technologies for use in protecting the network and individual network systems 4. Implement security plan and monitor solutions 5. Monitor and evaluate audit logs and set administrator alerts 6. Respond to any breach of security and adjust organizational security plan accordingly.

References

  • 1.Guide to Computer Network Security – Joseph MiggaKizza 2. Guide to Operating Systems Security 1st Edition by Michael Palmer

Objectives

  • No objective found!

Outcomes

  • No outcome found!

References

  • No reference found!

Objectives

  • No objective found!

Outcomes

  • No outcome found!

References

  • No reference found!

Objectives

  • No objective found!

Outcomes

  • No outcome found!

References

  • No reference found!

Objectives

  • 1. To gain the fundamentals of storage device hardware 2. To analyze RAID array coding techniques 3. To achieve knowledge on Cloud and big data file systems 4. To analyze Relational storage models 5. To know how to secure cloud data privacy

Outcomes

  • Upon completion of this course, participants will have gained knowledge of database system concepts and the ability to: 1.Understand file systems and analyze existing and future data processing needs 2.Develop relational storage model that reflects the organization's fundamental business rules 3. Develop and refine the conceptual data model, including all entities, relationships, attributes, and business rules 4.Integrate and merge database views into conceptual model 5.Apply cloud and big data file systems

References

  • 1. RamezElmasri, Shamkant B. Navathe, Fundamentals of Database Systems, 6th Edition, Addison-Wesley, ISBN 13: 978-0-136-08620-8. 2. Alfred Basta, Melissa Zgola, Database Security, Cenage Learning, ISBN-13: 978-1-4354-5390-6. 3. HimanshuDwivedi, Securing Storage: A Practical Guide to SAN and NAS Security (paperback), 1st edition, ISBN-13: 978-0321885746. 4. Fei Hu, Big Data Storage, Sharing, and Security, CRC press, ISBN: 9781498734868.

Objectives

  • No objective found!

Outcomes

  • No outcome found!

References

  • No reference found!

Objectives

  • No objective found!

Outcomes

  • No outcome found!

References

  • No reference found!

Objectives

  • No objective found!

Outcomes

  • No outcome found!

References

  • No reference found!

Objectives

  • No objective found!

Outcomes

  • No outcome found!

References

  • No reference found!

Objectives

  • No objective found!

Outcomes

  • No outcome found!

References

  • No reference found!

Objectives

  • No objective found!

Outcomes

  • No outcome found!

References

  • No reference found!

Objectives

  • No objective found!

Outcomes

  • No outcome found!

References

  • No reference found!

Objectives

  • No objective found!

Outcomes

  • No outcome found!

References

  • No reference found!

Objectives

  • No objective found!

Outcomes

  • No outcome found!

References

  • No reference found!

Objectives

  • No objective found!

Outcomes

  • No outcome found!

References

  • No reference found!

Objectives

  • No objective found!

Outcomes

  • No outcome found!

References

  • No reference found!

Objectives

  • No objective found!

Outcomes

  • No outcome found!

References

  • No reference found!

Objectives

  • No objective found!

Outcomes

  • No outcome found!

References

  • No reference found!

Objectives

  • No objective found!

Outcomes

  • No outcome found!

References

  • No reference found!

1st Semester

Objectives

  • 1.To understand how information security can counteract attempts to attack an individual’s ―infosphere,‖ the person’s sensitive information. 2. To understand how people are the weakest components in any security system. 3.To acknowledge the students about the fundamentals of cryptography and how cryptography serves as the central language of information security. 4. To understand the basic software tools for assessing the security posture of a computer or a network. 5. To understanding how issues of privacy affect information security.

Outcomes

  • 1. Demonstrate a basic understanding of the practice of IS, especially in evaluation of information security risks across diverse settings including the Internet and WWW based commerce systems, high bandwidth digital communications and funds transfer services. 2. Explore the idea that in Information Security answers are not always known, and proposed solutions could give rise to new, equally complex problems. 3. Navigate through the language and other dimensions of the field of information security in order to expand your knowledge, skills and their application. 4. Acknowledge the ethical considerations in all judgements and decisions in academic and professional settings. 5. Utilize software packages (for example Maple) to explore the intricacies of cryptography, demonstrating comprehension the use of these and other tools in Information Security.

References

  • 1. Principles of Information Security - Michael E. Whitman, Herbert J. Mattord 2. The Basics of Information Security – Jason Andress

Objectives

  • 1. To identify some of the factors driving the need for network and operating system security 2. To identify and classify particular examples of attacks 3. To define the terms vulnerability, threat and attack 4. To identify physical points of vulnerability in simple networks 5. To compare and contrast symmetric and asymmetric encryption systems and their vulnerability to attack and explain the characteristics of hybrid systems. 6. To gain the fundamentals of storage device hardware and Relational storage model 7. To achieve knowledge on Cloud and Big data file systems 8. To know how to secure cloud data privacy

Outcomes

  • Upon completing the course, the students will be able to - 1. Monitor, evaluate and test security conditions and environment 2. Develop an organizational security plan that provides for periodic reviews of security policies and procedures 3. Evaluate tools and technologies for use in protecting the network and individual network systems 4. Implement security plan and monitor solutions 5. Monitor and evaluate audit logs and set administrator alerts 6. Respond to any breach of security and adjust organizational security plan accordingly. 7. Understand file systems and analyze existing and future data processing needs 8. Develop relational storage model that reflects the organization's fundamental business rules 9. Develop and refine the conceptual data model, including all entities, relationships, attributes, and business rules 10. Apply cloud and big data file systems

References

  • 1.Guide to Computer Network Security – Joseph MiggaKizza 2. Guide to Operating Systems Security 1st Edition by Michael Palmer 3. RamezElmasri, Shamkant B. Navathe, Fundamentals of Database Systems, 6th Edition, Addison-Wesley, ISBN 13: 978-0-136-08620-8. 4. Alfred Basta, Melissa Zgola, Database Security, Cenage Learning, ISBN-13: 978-1-4354-5390-6. 5. Himanshu Dwivedi, Securing Storage: A Practical Guide to SAN and NAS Security (paperback), 1st edition, ISBN-13: 978-0321885746. 6. Fei Hu, Big Data Storage, Sharing, and Security, CRC press, ISBN: 9781498734868.

Objectives

  • 1. To understand the fundamentals of Cryptography 2. To acquire knowledge on standard algorithms used to provide confidentiality, integrity and authenticity. 3. To understand the various key distribution and management schemes. 4. To understand how to deploy encryption techniques to secure data in transit across data networks 5. To design security applications in the field of Information technology

Outcomes

  • 1. Analyze the vulnerabilities in any computing system and hence be able to design a security solution. 2. Identify the security issues in the network and resolve it. 3. Evaluate security mechanisms using rigorous approaches, including theoretical 4.Compare and Contrast different IEEE standards and electronic mail security

References

  • 1. Bruce Schneier. Applied Cryptography: Protocols, Algorithms, and Source Code in C. John Wiley \ Sons, Second Edition, 1996. 2. Jonathan Katz and Yehuda Lindell.Introduction to Modern Cryptography, 2nd Edition, Chapman \ Hall/CRC Cryptography and Network Security Series.Chapman and Hall/CRC, 2014.

2nd Semester

Objectives

  • 1. Discuss how the tools interrelate with each other in an overall penetration testing process; 2. Implement countermeasures for various types of attacks; 3. Apply a common ethical hacking methodology to carry out a penetration test; 4. Analyze how penetration testing and ethical hacking fit into a comprehensive enterprise information security program; and 5. Demonstrate ethical behavior appropriate to security-related technologies

Outcomes

  • 1. Identify the basic principles of computer and network security. 2. Identify threats and monitor perimeter security for a system. 3. Identify, respond to, and assist in the formal investigation of security incidents. 4. Protect information in an organization by using authentication and access control.

References

  • 1. Certified Ethical Hacker Version 9 Study Guide, First Edition,, 10.1002/9781119419303

Objectives

  • No objective found!

Outcomes

  • No outcome found!

References

  • No reference found!

Objectives

  • No objective found!

Outcomes

  • No outcome found!

References

  • No reference found!

Objectives

  • No objective found!

Outcomes

  • No outcome found!

References

  • No reference found!

Objectives

  • 1. To provide an understanding digital forensics fundamental 2. To analyze computer data & various forensics tools 3. To analyze network security tools 4. To identify Intrusion and online frauds detection 5. To know different methods for data recovery. 6. To apply the methods for preservation of digital evidence.

Outcomes

  • Digital Forensics is an area of study that is rapidly growing in importance and visibility. It involves preserving, identifying, extracting, documenting and interpreting digital data. This course will introduce the topics of computer crime and digital forensics. Students will be required to learn different aspects of computer crime and ways in which to uncover, protect and exploit digital evidence. Upon completion of this course, participants will have gained knowledge of: 1. Digital Forensics process 2. Forensics basic and criminalities. 3. Data analysis & Forensics tools 4. Network Forensics 5. Mobile device forensics 6. Anti forensics 7. Court testimony and report writing skills, Digital Evidence control

References

  • 1. John Sammons, The basics of digital forensics, 2nd edition, ISBN: 978-0-12-801635-0. 2. Eoghan Casey, Handbook of Digital Forensics and Investigations, Elsevier Academic Press, ISBN 13: 978-0-12-374267-4. 3. Larry E. Daniel, Lars E. Daniel, Elsevier Syngress, Digital Forensics for Legal Professionals, ISBN: 978-1-59749-643-8. 4. Eamon P. Doherty, Digital Forensics for Handheld Devices, CRC press, International Standard Book Number-13: 978-1-4665-7883-8( ebook-epub).

3rd Semester

Objectives

  • This course provides a forum for students to discuss and generate ideas on issues related to a variety of applied social research. Students conduct an in-depth study of a research topic of their choice, discuss issues with experts in the field of research, work in discussion groups, debate and problem solve on selected issues. In the research seminar, the students are given an opportunity to integrate their knowledge, skills and practical experience gained in the program.

Outcomes

  • Upon successful completion of this course, the student will have reliably demonstrated the ability to: 1. co-ordinate and participate in a seminar(s) on current research issues 2. successfully implement an in-depth research seminar utilizing field experts and collegial discussions/input. 3. articulate in writing a formal description of research design and research analysis. 4. identify and assess data sources and data collection methods for quantitative studies. 5. assess the reliability and validity of measures. 6. demonstrate understanding of quantitative data analysis techniques. 7. interpret analytical results from quantitative studies.

References

  • 1. Writing Successful Science Proposals by Andrew J. Friedland, Carol L. Folt, Publisher: Yale University Press; 2 edition (June 9, 2009) 2. The Myths of Innovation (Hardcover) by Scott Berkun, Publisher: O'Reilly Media (August 30, 2010) 3. Pedhazur, E. J. and Schmelkin, L. P. Measurement, Design and Analysis: An Integrated Appoach, Psychology Press, 2013

Objectives

  • The course represents an advanced course of security in mobile and wireless networks. It treats all currently standardized aspects of security in mobile, wireless, ad–hoc networks and in addition it also covers certain advanced aspects, like key management, certificates handling, and transactions/applications in proximity networks.

Outcomes

  • This course has two major goals: to provide a comprehensive overview of all relevant aspects of security in mobile and wireless networks and also to introduce to students new, advanced research topics. The course will also provide possibilities for hands-on experience with developing security features.

References

  • 1. Wireless and Mobile Network Security: Security Basics, Security in On‐the‐shelf and Emerging Technologies ByHakimaChaouchi and Maryline Laurent‐Maknavicius 2. Wireless Network Security by Xiao, Yang, Shen, Xuemin (Sherman), Du, Ding-Zhu 3. Mobile and Wireless Network Security and PrivacyBy S. Kami Makki, Peter Reiher, Kia Makki, NikiPissinou, ShamilaMakki

Objectives

  • This course will provide an introductory look into the broad areas of information theory and coding theory. As stated in the course text, Information theory answers two fundamental questions in communication theory: what is the ultimate data compression (answer: the entropy H) and what is the ultimate transmission rate of communication (answer: the channel capacity C). In later stages of the course, coding techniques will be discussed which approach these ultimate limits.

Outcomes

  • 1. Learning Outcomes After successful completion of this course, students should 2. Understand the principles of coding techniques used in digital communication systems 3. Evaluate performance of various coding techniques over fading channels 4. Recognize advances of coding theory in next generation broadband communication systems 5. Perform independent work in wireless system design with some creative problem-solving ability 6. Skill in effective communications through presentations, technical writing and research discussion. 7. Appreciate the benefits of teamwork through collaboration with other professionals

References

  • 1. Thomas M. Cover and Joy A. Thomas, Elements of Information Theory, John Wiley & Sons, 1991. (ISBN 0-471-06259-6) 2. Stephen B. Wicker, Error Control Systems for Digital Communication and Storage, Prentice-Hall, 1995. (ISBN 0-13-200809-2)

Objectives

  • 1. To expose students to recent research in cloud computing and the security issues surrounding this field. 2. Students will read and discuss academic research papers to discover the current threats to security and privacy in cloud computing and how to defend against those threats.

Outcomes

  • By the end of this course, students should be able to 1. compare and contrast the various cloud delivery and deployment models, particularly the security implications of each; 2. understand the basics of virtualization technology and current attacks against it; 3. distinguish between terms such as "cloud computing" and "big data" and explain their differences; 4. describe the mechanisms used to secure cloud computing platforms, including trustworthy computing, secure computation, and data security in cloud environments; 5. appreciate the challenges that cloud computing introduces for regulatory compliance and digital forensics. Students will gain an appreciation for ongoing research in the area of cloud computing security. Students will critically review research papers to articulate their contributions to the field and the limitations of that work.

References

  • 1. Securing The Cloud: Cloud Computing Security Techniques and Tactics by Vic (J.R.) Winkler (Syngress/Elsevier) 2. Cloud Computing Design Patterns by Thomas Erl (Prentice Hall) 3. Cloud Computing: From Beginning to End by Ray J. Rafaels, Published April 2015

Objectives

  • No objective found!

Outcomes

  • No outcome found!

References

  • No reference found!

4th Semester

Objectives

  • No objective found!

Outcomes

  • No outcome found!

References

  • No reference found!

Objectives

  • 1. Gain insights on how to run better businesses and provide better service to customers. 2. Get recommendations on how to process big data on platforms that can handle the variety, velocity, and volume of data by using a family of components that require integration and data governance. 3. Learn why Big Data is NoHadoop (“not only Hadoop”) as well as NoSQL (“not only SQL”).

Outcomes

  • 1. Gain the knowledge how to work in big scale data 2. Will able to work with unstructured data such as document, etc.

References

  • 1. Big data. Architettura, tecnologie e metodi per l'utilizzo di grandibasi di dati, A. Rezzani, Apogeo Education, 2013 2. Cathy O’Neil. (2016). Weapons of Math Destruction: How Big Data Increases Inequality and Threatens Democracy. Penguin Books 3. Rob Kitchin. (2014). The Data Revolution: Big Data, Open Data, Data Infrastructures and Their Consequences. SAGE Publications.

Objectives

  • No objective found!

Outcomes

  • No outcome found!

References

  • No reference found!

Objectives

  • No objective found!

Outcomes

  • No outcome found!

References

  • No reference found!

Objectives

  • No objective found!

Outcomes

  • No outcome found!

References

  • No reference found!

Objectives

  • No objective found!

Outcomes

  • No outcome found!

References

  • No reference found!

Objectives

  • No objective found!

Outcomes

  • No outcome found!

References

  • No reference found!