This course introduces students to the issues, concepts, methods and techniques associated with science and technology research in general and those most commonly used for research in information technology and management. On successful completion of this course, students should be able to: Recognize and explain the main research methodologies used in information technology research, Choose the appropriate research methodology, Describe the most common data collection and analysis methods used in information systems research, Explain the ethical and professional issues that may arise in research, Communicate both orally and in writing, and describe the professional environment and different kinds of roles in which information technology research is conducted.

Many failures and vulnerabilities arise at the programming level. These are often due to inadequate handling of exceptional situations, poor understanding of the details of the programming language in use, and incomplete descriptions of the interfaces between components. This course aims to improve the practitioner's capability in writing and reviewing code, through a thorough understanding of static analysis, run- time assertion checking, and compile-time verification.

To develop a comprehensive understanding of the underlying technologies of computer and network security mechanisms and a critical awareness of the overhead, impact and relative value of the protection offered. Models for network security. Threat of and countermeasures for intruders. Internet security architecture. Internet standards and security standards. Network security tools and applications. Security protocols for Application, Transport and Network layers in TCP/IP architecture of the Internet. Security protocols for new emerging technologies such as Internet of Things and Cloud computing.

To gain an advanced understanding of the mathematical principles underlying cryptography and to be able to apply widely researched cryptographic techniques to securing network applications. To gain insight into further cryptographic primitives and protocols for information security, as well as some advanced crypt analysis techniques. Mathematical principles for cryptography techniques. Types of cipher. Digital signatures, Hash functions and data integrity. Identification and entity authentication. Key establishment key management. Encryption and signature schemes based on advanced discrete logarithms and factoring algorithms. Multivariate cryptography and algebraic attacks. Side-channel and fault attacks.

This course discusses how to implement security policies to support organizational goals. It provides students with an introduction to information security policies, discuss the entire lifecycle of policy creation and enactment and presents students with issue specific policies in different domains of security. The course also discusses disaster recovery methodologies for identifying, quantifying, mitigating, and controlling security risks. Students learn to write IT risk management plans, standards, and procedures that identify alternate sites for processing mission-critical applications, and techniques to recover infrastructure, systems, networks, data, and user access.

To develop a comprehensive understanding of how to secure business systems. Background to ethical hacking; footprint and reconnaissance; scanning networks; enumeration; system hacking; Trojans, backdoors, sniffers, viruses and worms; social engineering; DoS; DDoS, hijacking and hacking; cryptography and penetration testing.

Dissertation combines the educational theory and practice to create a learning experience that enables the development of skills that can be applied to complicated real-world problems. The dissertation project module commences with a research methods training component during which students will be given instruction and guidance on the planning and organization of their work. During the course of the research methods training students will also be expected to start formulating their project. The project itself, will be individually or jointly supervised as soon as the committee approves the proposal. There is an interim assessment point during the course of the project where students submit their project specification and design. At the end of the project students are expected to submit a dissertation describing their project.

The course will cover the fundamental concepts supporting the design and management of secure systems. Security by design means that security is integrated in the entire development lifecycle of IT systems, including programming, testing, deployment, configuration and operation. This course teaches how to build adequate security into systems that thereby are able to maintain their functionality while being exposed to cyber-threats. Security devices, processes, techniques, and tools are emphasized in this course such as firewalls, intrusion detection, intrusion prevention, VPN types.

This module will look at ways of assessing the security of computer software and hardware, and how to investigate and respond when security has been compromised. A range of methods and tools will be introduced to identify vulnerabilities, and to analyze systems that have already been attacked.

This course is based on Information Security Management System Framework (ISO27000) and ISO 22301 standard, to develop a comprehensive understanding of an Information Security Management System (ISMS) based on ISO27001 compliance. How to implement a compliance framework for ISO27001; fundamental principles of information security; Information security control best practice based on ISO27002 (including reference to ISO22301); planning and implementing ISMS; performance evaluation, monitoring and measurement of an ISMS; continual improvement of an ISMS; preparation for an ISMS audit

This course discusses how information security governance helps organizations to move from a reactive approach to cybersecurity to a proactive approach. This course discusses how the information security governance will Categorize and mitigate risks and threats, Prepare an organization for identifying, remediating, and recovering from a cyberattack or breach, Provide a method for executive leadership to understand their risk posture and maturity levels, and Outline a risk-based approach to the people, systems, and technology that are used every day.

The course will study security mechanisms and protocols in different wireless networks and technologies. It will present network security protocols and cryptographic communication mechanisms for realizing specified security properties in wireless and mobile networks, such as secrecy, integrity, authentication, privacy, crypto key distribution, and access control. In addition, it will discuss and analyze the security concerns associated with wireless networks.

The course begins with a study of classical cryptosystems and the methods used to break them. The major currently used systems, DES, AES and RSA, are then introduced and examined from a design and security perspective. It then reviews how these tools are utilized in the Internet protocols and applications such as SSL/TLS, IPSEC, Kerberos, PGP and others including wireless. They will learn how to identify network security threats.System security issues are also covered, such as viruses, intrusion and firewalls. The design, implementation and configuration of system security for operating systems, databases and servers with attention given to defense and prevention systems, intrusion detection systems and trace-back systems. They will also learn how to select and deploy firewalls and manage VPNs.