Information Security and Assurance Courses (ISA)
|
ISA course descriptions are also in the University Catalog Course listing at
http://www.gmu.edu/catalog/courses/isa.html
Graduate Courses
|
ISA 562 Information Security Theory and Practice (3:3:0).
Prerequisites: INFS 501, 515, 590, and SWE 510; or permission of instructor.
This course is a broad introduction to the theory and practice of Information Security.
It serves as the first security course for the MS-ISA degree and is required as
a pre-requisite for all subsequent ISA courses (at the 600 and 700 levels).
It also serves as an entry level course available to non-ISA students,
including MS-CS, MS-ISE and MS-SWE students.
|
|
|
ISA 564 Security Laboratory (3:3:0).
Prerequisites: INFS 501, 515, 590, and SWE 510.
This course provides hands-on experience in configuring and experimenting
with commodity networked systems and security software in a live laboratory environment,
with the purpose of understanding real-world security threats. This course will take
both offensive and defensive approaches and expose students to a variety of
real-world attacks, including viruses, worms, rootkits, and botnets.
Possible mitigation and defending mechanisms such as firewalls and intrusion
detection software will also be covered.
|
|
|
ISA 640 Programming Language Security (3:3:0).
Prerequisites: CS 540 and ISA 562.
This course describes language-based techniques to provide security
for executing code. Topics include a discussion on the need for and
the advantages of language based security, security principles and properties,
memory and type safety, encapsulation and access control, certifying compilers
and their verification methods, security types and information flow,
and applying programming language-inspired techniques to enforce security
in the semantic-web based languages.
|
|
|
ISA 656 Network Security (3:3:0).
Prerequisites: ISA 562 and CS 555; or permission of instructor.
This course is an in-depth introduction to the theory and practice of Network Security.
It assumes basic knowledge of cryptography and its applications in
modern network protocols. The course studies firewalls architectures and
virtual private networks and provides deep coverage of widely used
network security protocols such as SSL, TLS, SSH, Kerberos, IPSec, IKE, and LDAP.
It covers countermeasures to distributed denial of service attacks,
security of routing protocols and the Domain Name System, Email security
and spam countermeasures, wireless security, multicast security and trust
negotiation.
|
|
|
ISA 673 Operating Systems Security (3:3:0).
Prerequisites: CS571 and ISA 562; or permission of instructor.
This course covers both fundamentals and advanced topics in operating system (OS) security.
It will study OS level mechanisms and policies in investigating and defending
against real-world attacks on computer systems, such as self-propagating worms
and large-scale botnets. Basic OS security techniques such as logging,
system call auditing, and memory protection will be discussed.
Recent advanced techniques such as honeypots and honeyfarms, system randomization,
vulnerability fingerprinting, and virtualization will also be introduced.
|
|
|
ISA 674 Intrusion Detection (3:3:0).
Prerequisites: ISA 562 and 656; or permission of instructor.
Studies methodologies, techniques, and tools for monitoring events in computer system
or network, with the objective of preventing and detecting unwanted process activity
and recovering from malicious behavior. Topics include types of threats, host-based
and network-based information sources, vulnerability analysis, denial of service,
deploying and managing intrusion detection systems, passive vs. active responses,
and designing recovery solutions.
|
|
|
ISA 681 Secure Software Design (3:3:0).
Theory and practice of software security, focusing in particular on some common
software security risks, including buffer overflows, race conditions and
random number generation, and on the identification of potential threats
and vulnerabilities early in the design cycle. The emphasis is on methodologies
and tools for identifying and eliminating security vulnerabilities,
techniques to prove the absence of vulnerabilities, and ways to avoid security holes
in new software and on essential guidelines for building secure software:
how to design software with security in mind from the ground up and to integrate
analysis and risk management throughout the software life cycle.
|
|
|
ISA 697 Topics in Information Security (3:3:0).
Prerequisite: permission of instructor.
Special topics in information security and assurance not occurring in regular
ISA sequence. May be repeated for credit when distinct offerings of course
differ in subject.
|
|
|
ISA 763 Security Protocol Analysis (3:3:0).
Prerequisites: ISA 656.
This course teaches how to design, understand, verify and test communication protocols
so that they meet their objective: recognize the basic components of a communication protocol,
specify security properties accurately, model actors and mal-actors against which
a protocol ought to be secure, discuss verification methods and their limitations
in ensuring that the specified protocol satisfies stated security objectives in
the presence of intended mal-actions, design a medium-sized protocol that
satisfies a specification of requirements, use existing tools to specify and
verify security protocols and test protocols for satisfying their security objectives.
|
|
|
ISA 764 Security Experimentation (3:3:0)..
Prerequisites: ISA 562, 564, and 674.
This course teaches how to conduct security experimentations and how to
empirically demonstrate, validate and evaluate security vulnerabilities,
exploits and defense mechanism. By the end of the course, students will gain
deeper understanding and first hand experiences on: capturing packets of interests
from both wired and wireless networks; and replying interested network flows;
how shellcode works; how various buffer overflows work; how worm, spyware,
rootkit, botnet work; how anonymous communication works; and how traceback works.
|
|
|
ISA 765 Database and Distributed Systems Security (3:3:0).
Prerequisite: INFS 614 and ISA 562; or permission of instructor.
Science and study of methods of protecting data: Discretionary and mandatory
access controls, secure database design, data integrity, secure architectures,
secure transaction processing, information flow controls, inference controls,
and auditing. Covers security models for relational and object-oriented databases,
security of databases in a distributed environment, statistical database security, and
survey of commercial systems and research prototypes.
|
|
|
ISA 767 Secure Electronic Commerce (3:3:0).
Prerequisites: ISA 562 and 656; or permission of instructor.
Cryptography review, cryptographic protocols, secure electronic transactions,
public key certificates and infrastructures, authentication and authorization certificates,
secure credential services and role-based authorization, mobile code security,
security of agent-based systems, electronic payment systems, intellectual
property protection, secure timestamping and notarization.
|
|
|
ISA 796 Directed Readings in Information Security (3:3:0).
Prerequisite: Graduate standing in information systems with at least 12 prior credit hours
in M.S. Research and analysis of a contemporary problem in information security.
Prior approval is required by a faculty sponsor who supervises the student's work.
Written report or thesis proposal is required. A maximum of 6 hours may be earned.
(In order to register, the student must complete an independent study form,
which is available in the department office. The form must be initialed by
the faculty sponsor and approved by the department chairman.)
|
|
|
ISA 797 Advanced Topics in Information Security (3:3:0).
Prerequisite: Permission of instructor.
Special advanced topics not occurring in the regular ISA sequence.
May be repeated for credit when distinct offerings of the course differ in subject.
|
|
|
ISA 798 Research Project (3:3:0).
Prerequisite: 18 hours of credit applicable towards M.S.
Research project chosen under the guidance of a full-time graduate faculty member,
resulting in a written technical report. Prior approval required by
a faculty sponsor who supervises the student's work.
(In order to register, the student must complete an independent study form,
which is available in the department office. The form must be initialed by
the faculty sponsor and approved by the department chairman.)
|
|
|
ISA 799 Thesis (6:3:0).
Prerequisite: 18 hours of credit applicable toward M.S; or permission of instructor
Original or expository work chosen and completed under supervision of graduate faculty
member, which results in technical report accepted by three member faculty committee.
Report must be defended in oral presentation.
(In order to register, the student must complete an independent study form,
which is available in the department office. The form must be initialed by
the faculty sponsor and approved by the department chairman.)
|
For Further Information
Additional information on the program is available from the
ISE Student Advisor
Financial aid information is available at the
GMU Office of Financial Aid
[Go Back]
Effective Fall 2007
|
|
