This course provides an introduction to cryptography, its mathematical foundations, and its relation to security. It covers classical cryptosystems, private-key cryptosystems (including DES and AES), hashing and public-key cryptosystems (including RSA). The course also provides an introduction to data integrity and authentication. Students cannot take and receive credit for this course if they have credit for CSCI-662.

This course is designed to give students a foundation in the theories and practice relating to web application security. The course will introduce students to the concepts associated with deploying and securing a typical HTTP environment as well as defensive techniques they may employ.

Access control and authentication systems are some of the most critical components of cybersecurity ecosystems. This course covers the theory, design, and implementation of systems used in identification, authentication, authorization, and accountability processes with a focus on trust at each layer. Students will examine formal models of access control systems and approaches to system accreditation, the application of cryptography to authentication systems, and the implementation of IAAA principles in modern operating systems. A special focus will be placed on preparing students to research and write about future topics in this area.

Students will gain experience and a better understanding of the application of technologies discussed in classes by working in the field of computing security. Students will be evaluated by their employer. If a transfer student, they must have completed one term in residence at RIT and be carrying a full academic load.

The course provides students an opportunity to explore methods and applications in cyber analytics with advanced machine learning algorithms including deep learning. Students will learn how to use machine learning methods to solve cybersecurity problems such as network security, anomaly detection, malware analysis, etc. Students will also learn basic concepts and algorithms in machine learning such as clustering, neural networks, adversarial machine learning, etc. Students taking this course should have the 4th year status and completed MATH-190 Discrete Math, MATH-251 Probability and Statistics I, and MATH-241 Linear Algebra.

In this course, students will gain in depth knowledge of cryptography and authentication. Students will explore various cryptographic algorithms and authentication protocols, focusing on their design and implementation. Students will also work on a research or implementation project, based on cryptographic algorithms and/or authentication protocols. The applications of cryptography and authentication in the areas of computer networks and systems will also be investigated. This course requires prior knowledge in Discrete Mathematics.

The course provides students an opportunity to explore methods and applications in cyber analytics with advanced machine learning algorithms including deep learning. Students will learn how to use machine learning methods to solve cybersecurity problems such as network security, anomaly detection, malware analysis, etc. Students will also learn basic concepts and algorithms in machine learning such as clustering, neural networks, adversarial machine learning, etc. A key component of the course will be an independent exploratory project to solve a security program with machine learning algorithms. Students taking this course should have knowledge in Discrete Math, Probability and Statistics, and Linear Algebra. Students should also be able to program in Python.

This course explores Information Security Policy development and deployment as well as laws (US and International) that impact information security. Students in this class will develop policies and analyze how policy impacts an organization. Students will also determine how federal, state, and international laws impact the information security policies of an organization.

This course is one of the capstone options in the MS in Computing Security program. It offers students the opportunity to investigate a selected topic and make an original contribution which extends knowledge within the computing security domain. Students must submit an acceptable proposal to a thesis committee (chair, reader, and observer) before they may be registered by the department for the MS Thesis. Students must defend their work in an open thesis defense and complete a written report of their work before a pass/fail grade is awarded. As part of their original work, students are expected to write and submit an article for publication in a peer reviewed journal or conference.

This course is designed to give students an understanding of the role of the system administrator in large organizations. This will be accomplished through a discussion of many of the tasks and tools of system administration. Students will participate in both a lecture section and a separate lab section. The technologies discussed in this class include: operating systems, system security, and service deployment strategies.

Why are we still so bad at protecting computer systems? Is it because we don’t have good enough technology? Or because we lack sufficient economic incentives to implement that technology? Or because we implement technologies but then fail to use them correctly? Or because the laws governing computer security are so outdated? Or because our legal frameworks are ill-equipped to deal with an international threat landscape? All these reasons—and others— have been offered to explain why we seem to see more and more large-scale cybersecurity incidents and show no signs of getting better at preventing them. This course will examine the non-technical dimensions of this problem—the laws and other policy measures that govern computer security threats and incidents. We will focus primarily on U.S. policy but will also discuss relevant policies in the E.U. and China, as well as international tensions and norms. The central themes of the course will be the ways in which technical challenges in security can be influenced by the social, political, economic, and legal landscapes, and what it means to protect against cybersecurity threats not just by writing better code but also by writing better policies and laws.