Electrical Engineering
Graduate Programs
MS-Information and Cyber Security
Course Outline
MS in Information and Cyber Security

First Semester
Core 13-0
Core 23-0
Core 33-0
Second Semester
Elective 13-0
Elective 23-0
Elective 33-0
Third Semester
Elective 43-0
Elective 53-0
Fourth Semester
Course Details
Core Courses
CSY-5501Computer and Network Security
Network Security Principles Authentication overview, Biometric authentication, Passwords and password-based authentication, Symmetric- and public-key authentication. Mutual authentication and key exchange, Authenticated key exchange. Mediated authentication and key exchange, PKI and certification authorities System Security: General principles of system security, Authorization and access control, ACLs and capabilities, Access control models, Programming-Language Security, Buffer-overflow attacks, defenses and counterattacks, SQL injection, web security (XSS/CSRF attacks), Web attacks and defenses, Privacy/Anonymity: Database privacy. Network security protocols in practice, SSL, Control-flow integrity, taint tracking, IPsec and IKE, Intrusion detection.

1.William Stallings, Network Security Essentials: Applications and Standards, ISBN-­-10: 0136108059, Prentice Hall, 2010.
2.Computer Networks: A system approach, 5th Ed, Larry L. Peterson, Bruce S. Davie, Morgan Kaufmann, 2011, and selected journal and conference articles.
CSY-5502Applied Probability and Stochastic Processes
Basic laws of probability, conditioning, and Bayes rule. Random variables and their functions; PDF, PMF, and CDF notions; statistical averages; moments and characteristic functions; multiple random variables; joint and conditional PDF and PMF; multiple functions of random variables; correlation and covariance; mean squared estimation of random variables; Markov, Chebychev, and Chernov inequalities; various notions of convergence of random variable sequences; laws of large numbers; central limit theorem; and large deviation theory. Basic notions of estimation and properties of estimators, unbiased and minimum variance estimation, CRLB, sufficient statistics, consistency of estimators, basic notions of discrete and continuous-time random processes, mean and autocorrelation function, WSS and cyclo-stationary processes, ergodicity of random processes.
CSY-5503Information Theory
Entropy and its properties, Conditional entropy, relative entropy, mutual information, Chain rules, data processing inequality, Fano's inequality, Compression : codes and decodability, Kraft's inequality, bounds on optimal codes, block coding, Huffman codes, Markov chains, entropy rate of stochastic processes, Asymptotic Equipartition Property (AEP) and its consequences, Lempel-Ziv, universal source coding, Arithmetic codes, Fibonacci codes, Elias Omega codes, Large deviation theory, Maximum entropy method, Channel coding.

1.T.M. Cover & J.A. Thomas, Elements of Information Theory: 2nd Ed. Wiley, 2006
CSY-5504Introduction To Cryptography
Stream ciphers, Semantic security, Block ciphers and pseudorandom functions, Chosen plaintext security and modes of operation, The DES and AES block ciphers, Message integrity. CBC-MAC, HMAC, PMAC, and CW-MAC, Collision resistant hashing, Authenticated encryption. CCM, GCM, TLS, and IPsec, Key derivation functions, Odds and ends: deterministic encryption, non-expanding encryption, and format preserving encryption, Basic key exchange: Diffie-Hellman, RSA, and Merkle puzzles, Computational number theory, Number theoretic hardness assumptions, Public key encryption, Trapdoor permutations and RSA, The ElGamal system and variants.

1.Introduction to Cryptography – Principles and Applications, 2nd Edition, By Delfs and Knebl
CSY-5505Secure Operating System Design and Implementation
Understanding the OS Kernel, OS-level Memory Protection, Binary Code Reusing Binary Code/Data Representation, Program Representation, Dynamic Binary, Principles of Program Analysis, Revealing Internals of Executable File Format Compiler, Linker, Loader. Library Interposition, Virtualization Technology and Applications, Virtual Machine Monitor (QEMU/VirtualBox/Xen/KVM), Symbolic Execution and Whitebox Fuzzing, Vulnerability Analysis, Exploits: Buffer Overflows, Heap Overflow, Integer Overflow, Robust Exploits: ROP shellcode, Heap Spray, Fighting for Malware: Unpack, Disassemble, Decompile. Understanding the Threats such as Viruses and Worms, Logging, Auditing and Recovery. Malware Capture and Analysis (Honeypots and Honeyfarm).

1.Charles Pfleeger, Shari Lawrence Pfleeger, Security in Computing, 4th Edition, 880pp, ISBN-­-10: 0132390779, Prentice Hall, 2006.
Elective Courses - Information Security
CSY-5511Advanced Cryptography
Digital signatures and certificates, Identification protocols, Authenticated key exchange and TLS key exchange, Zero knowledge protocols and proofs of knowledge, Privacy mechanisms: group signatures and credential systems, Private information retrieval and oblivious transfer, Two party computation: Yao's protocol and applications, Elliptic curve cryptography, Quantum computing, Pairing-based cryptography, Lattice-based cryptography, Fully homomorphic encryption.

1.Cryptography and Network Security, Third Edition or Fourth Edition, by William Stallings, Prentice Hall
CSY-5512Number Theory
Time estimates for doing arithmetic, Divisibility and the Euclidean algorithm, Congruences, Some applications to factoring, Finite Fields and Quadratic Residues, Finite fields, Quadratic residues and reciprocity, Cryptography: Some simple cryptosystems, Enciphering matrices, Public Key: The idea of public key cryptography, RSA, Discrete log, Knapsack, Zero-knowledge protocols and oblivious transfer. Primality and Factoring: Pseudoprimes, The rho method, Fermat factorization and factor bases, The continued fraction method, The quadratic sieve method. Elliptic Curves: Basic facts, Elliptic curve cryptosystems, Elliptic curve primality test, Elliptic curve factorization.
CSY-5513Mathematical Basis for Cryptography
Mathematical preliminaries: probability theory, algebra, computational complexity, and number theory. Foundations of cryptography, public key cryptography, probabilistic proof systems, pseudorandom generators, elliptic curve cryptography, and fundamental limits to information operations.

1.Security+ Guide to Network Security Fundamentals, Third Edition , Ciampa, Mark, Technology Incorpo- rated, 2009, ISBN 13: 978-1-4283-4066-4
CSY-5514Public Key Infrastructure and Managing E-Security
Public Key Infrasturcture (PKI) components, Role of digital certificates, essential aspects of key-management, Capabilities of PKI and digital certificates in the context of business environement, law and regulations, PKI planning, rollout and interoperability issues.
CSY-5515Advanced Algorithm Analysis and Design
NP-completeness, Search Techniques, Randomized Algorithms, Heuristic and Approximation Algorithms, Asymptotic analysis of upper and average complexity bounds, Fundamental algorithmic strategies: brute-force, greedy, divide-and-conquer, backtracking, branch-and-bound, pattern matching, numerical approximations, Standard graph and tree algorithms, Standard complexity classes, time and space tradeoffs in algorithms, using recurrence relations to analyze recursive algorithms, non-computable functions, the halting problem, and the implications of non-computability. Network flows (max flow and min-cost flow/circulation), Data structures (fibonacci heaps, splay trees, dynamic trees), Linear programming (structural results, algorithms), Dealing with intractability: approximation algorithms (techniques for design and analysis), Dealing with large data sets (compression, streaming algorithms, compressed sensing), Computational geometry
Elective Courses - Secure Operating and Application System Design
CSY-5521Secure Architecture Design and Models
Architectures, Secure Systems Architectural Engineering and Models, Systems Architecture Views and related Policies and Processes, Principles of Secure Architecture Framework and Models: Definitions, Products, Design and Development Process, Data Modeling and the Core Architecture Data Model, Design Approaches and Patterns: Object Orientation, Structured Analysis, Service Oriented Architectures, Integrated and Federated Architectures; Loosely Coupled Systems, Technical Foundation: Structured Analysis Approach, Functional Decomposition, and Activity Modeling, Data Modeling, Rule Modeling, Dynamics Modeling, Multi-level security and the Bell-LaPadula, Biba, Clark-Wilson, Information Flow, Noninterferience, Take-Grant, Access Control, Chinese wall, State Machine, and Role-Based access control models for confidentiality and integrity, Access Control Methodologies and Implementation: RADIUS and TACACS.
CSY-5522Secure Systems and Application Software Design and Development
The importance of secure application development, Background/History on why this practice is not as pervasive as it should be today, Framework to assist in secure application design and development, Secure Software Development Life Cycle Processes, Assurance software is vulnerability free (intentionally designed or accidentally inserted), Systems Security Engineering Capability Maturity Model, Microsoft’s Trustworthy Computing Security Development Lifecycle, Common Criteria for Information Technology Security Evaluation, Software Assurance Maturity Model, Software Security Framework, Governance: Strategy and Metrics, Compliance and Policy, Training, Intelligence: Attack Models, Security Features and Design, Standards and Requirements, Architecture Analysis, Code review using static analysis tools, Security Testing, Deployment: Penetration Testing, Software Environment, Configuration and Vulnerability Management, Verification, validation, expert review, and evaluations.

1.Software Security: Building Security In, Gary McGraw, Addison-Wesley Professional, 2006, ISBN-10: 0321356705
CSY-5523Principles of Software and Hardware Reverse Engineering
Reverse Engineering Overview, Definitions, Concepts, Countermeasures, and Taxonomy, Protecting Critical Program Information (CPI) & Critical Technology (CT), Mission of Technology Protection: Prevent, Detect, Deter, Respond, Scope and Activities of DoD Technology Protection: Trusted Foundry, Information Assurance, Software Assurance, Software Protection, Anti-Tamper, Local Non-Invasive, Binary Software Techniques, Static Code Analysis (Disassembler, Decompiler), Dynamic Code Analysis (Debugger), Hardware Analyzers (Network Analyzer, Bus Monitor/Analyzer, JTAG Boundary Scan, Side-Channel Attacks), Local Semi-Invasive: ,Hardware Analyzers (Fault Induction Attack, Optical Probing, UV light, Xrays, Laser, Electromagnetic Pulse, Directional Heat, Illumination), Local Invasive: Hardware Analyzers (Drilling/Milling, Dissolving, Detonating, Data Remanence, Signal Injection, Micro Probing), Remote: Hardware Analyzer (Network Analysis, Differential Protocol Analysis), API Level Analysis (Cryptographic, Info Leakage, Statistical Attack), Buffer Overflows (Root Kit Exploit), Legality Issues: Interoperability, Competition, Copyright Laws, Trade Secrets and Patents, The Digital Millennium Copyright Act, DMCA Cases, License Agreement Considerations, Current Software Protection & Anti-Tamper Capabilities, Hardware Protections: Trusted Processors, Trusted Computing Group TPM v1.2 chips, ATMEL Corporation AT97SC3203 & AT97SC3203S, Sinosun TPM(SSX35), Winbond WPCT200, Secure Microcontroller – Low-cost crypto algorithms 3-DES, AES, etc. FPGAs & DSPs – bitstream encryption & token handshaking security, Secure Tamper-Resistant Hardware Module – From IBM 3848 to 4758, Smart cards/Dongles/Tokens/etc. – Low-end highly portable chip-based secure hardware, Hardware access denial, Self-destructing components, Self-encrypting components, Encryption Wrappers, Code Obfuscation, Watermarking & Fingerprinting, Integrity Checking, Guards, Reversing Malware, Cracking. Piracy and Copy Protection.
Elective Courses - Intrusion Detection & Malware Analysis
CSY-5531Malicious Software Detection
Malicious Software, Botnets detection and Rootkits, Static analysis and its limitations, Reverse engineering, Polymorphism, code obfuscation, Dynamic analysis and its limitations, AccessMiner — system-centric models, Mobile malware, Dynamic analysis of Android malware.
CSY-5532Web Security
Client-side (browser) vulnerabilities associated with browsing the web, system penetration, information breach and identity threat. Encrypting data stream using SSL, Confidentiality and Integrity of data using third party transaction protocols e.g. SET, PCI DSS Standard, Server-side security: CGI security, server configuration, access control, operating system security, malicious e-mails, web scripts, cookies, web bugs spyware, rogue AV etc.
CSY-5533Statistical Methods for Intrusion Detection
Introduction to the data and methodologies of computer intrusion detection, Statistical and machine learning approaches to detection of attacks on computers, Network monitoring and analysis, Estimating the number and severity of attacks; network-based attacks: probes and denial of service attacks; host-based attacks: buffer overflows and race conditions; and malicious code: viruses and worms, Statistical pattern recognition for detection and classification of attacks. Visualization of network data.
CSY-5534Machine Learning for Computer Security
Basic concepts of machine learning, Feature Spaces and Kernel Functions, Analysis of structured data, Anomaly and intrusion detection, Learning-based Intrusion Detection, Clustering and classification of malware, Automatic signature generation, Automatic Network Protocol Analysis, Vulnerability discovery, Evasion, poisoning and mimicry, Adversarial Machine Learning, Machine learning and privacy.
CSY-5535Secure Software & Protocol Engineering
Designing secure systems, Analyzing and verifying program correctness, Examining existing protocols, Limits of techniques for software protection such as code obfuscation, tamper-proofing and watermarking, Analysis of software-based attacks (and defenses), timing attacks and leakage of information, type safety, and capability systems.
Elective Courses - Cyber Security
CSY-5541Mobile Computing
Existing wireless technologies, Impact of mobility on networks, computing systems and security design, Decomposition of protocol stack to layers and analysis of interaction and co-operation between wireless protocol layers, Design and configuration 802.11 and Bluetooth wireless networks, Design and analysis of reliable and secure data communication protocols over wireless links, Design and analysis of wireless MAC protocols, Design and analyze mobile IP, Design and analyze of reliable data communication protocols over mobile networks, Design and analyze ad-hoc routing protocols for the 4th generation wireless networks, Design of systems and applications using wireless technologies, Design of systems and applications in mobile platforms.

1.Yu-­-Kwong Kwok and Vincent Lau, “Wireless Internet and Mobile Computing”, Wiley Interscience, ISBN 978-­-0471-­-67968-­-4.
CSY-5542Distributed Computing
Characterization and Models of Distributed Systems, Networking and Inter-process Communication, Distributed Objects and Remote Invocation, Network Operating System, Security of Distributed Systems, Distributed File Systems, Name and Directory Services, Time and Global States, Coordination and Agreement of Distributed Processes, Distributed Transaction Control and Management, Replica Control of Distributed Objects , Web Services.

1.George Coulouris, Jean Dollimore, Tim Kindberg, and Gordon Blair, Distributed Systems: Concepts and Design, 5th edition, Addison-­-Wesley, 2011.
2.Security Engineering: A Guide to Building Dependable Distributed Systems, 2 edition, Ross J. Anderson, Wiley, 2008, ISBN-10: 0470068523
CSY-5543Wireless Network Security
Security of IEEE 802.11 Wireless LANs, Smart phone and cellular network security, RFID security, Privacy protection in wireless access networks, Location privacy, Anonymous communication in wireless networks, Secure localization, Anti-jamming techniques, Security in cognitive radio networks, Broadcast authentication in wireless sensor networks, Vehicular ad hoc network security.

1.Khalid Sayood, Introduction to Data Compression, 3rd Edition, Morgan Kaufmann Publishers, 2005.
2.Protocols and Architectures for Wireless Sensor Networks, (or most recent edition), Holger Karl and An-­- dreas Willig, Addison-­-Wesley, 2005.
3.Wireless Sensor Networks: An Information Processing Approach (or most recent edition), Feng Zhao and Leonidas Guibas, Morgan Kaufmann.
CSY-5544Trust Networks
Introduction to Trust Concepts: Trust, Trustworthiness, Reputation, and Security, Recommender Systems, Trust Ontology; Trust and the Semantic Web, Trust Frameworks: Trust Metrics and Trust Propagation, Introduction to Beta and Dirichlet Probability Distribution, Bayesian Approaches to Trust with Application to MANETs, Sensor Networks, etc., Common Security Attacks and their Prevention , Semantics of Trust and Influence in Social Networks, Rumor Analysis and Management, Research Challenges: Social, Sensor and Interpersonal trust
CSY-5545Privacy Aware Computing
Data perturbation, Data anonymization, Random Responses, Privacy Measures, Cryptographic methods or data privacy, Privacy preserving data mining, Private information retrieval, Secure data outsourcing, Privacy in social networks.
CSY-5546Smart Phone Security
Android's application architecture, Android system programming, Security policy of Android, Interfaces used to de?ne policy, Best practices for using those interfaces, Pitfalls leading to insecure applications, Design and implementation of selected software attacks (ethical hacking), Design and implementation of security extensions to the Android framework (e.g., access control policy enforcement)
CSY-5547Visualization and Image Processing for Cyber Security
The Visualization Pipeline, Data Representations, Scalar Visualization, Information Visualization, Camera Models and Calibration, Image Processing and Segmentation, Tracking and Motion.

1.VTK User's Guide, Kitware Inc., Kitware Inc., 2010, ISBN-­-13: 978-­-1-­-930934-­-23-­-8
2.Learning OpenCV: Computer Vision with the OpenCV Library, Gary Bradski and Adrian Kaehler, 2008, ISBN-­-13: 978-­-0596516130
CSY-5548Cloud Computing
Cloud and data center file systems, Map reduce programming, High---level parallel processing, Distributed data management systems, Virtualization, Amazon web services, Interactive Web Apps and Google app engine, Security and privacy, Resource management in the cloud
Elective Courses - Digital Forensics
CSY-5551Computer and Network Forensics
Forensics Basics and Criminalistics, Basics of OS and Networking: A Review, Advanced Topics in Computer and Network Forensics, Forensic Modeling and Principles, Forensic Duplication, Forensics Analytics, File Carving, Cyber Forensics Tools and the Testing Thereof, Mobile Device Forensics, Network Surveillance and Accountability, Network Attack Traceback and Attribution, Multicast Fingerprinting, Multimedia Forensics, Intrusion and Online Frauds Detection, Steganography & Steganalysis, Anonymity/Pseudonymity/P3P, Cyber Law, Security and Privacy Policies and Guidelines, Ethical issues, Court Testimony and Report Writing Skills.
Incident handling/Incident response, Manage incidents; understand common attack techniques and tools; and defend against and/or respond to attacks when they occur, Understand current threats to systems and networks and effective countermeasures, The spectrum of computer forensics tools and the Forensics Toolkit, Core forensics procedures necessary for performing thorough investigations on all computer systems and file types. Proven investigative strategies and define proper evidence-handling procedures, Skills to track an offender on the Internet, Coordination with law enforcement and how to design an incident response strategy.

1.Incident Response: Investigating Computer Crime, Second Edition, Chris Prosise, Kevin Mandia, and Matt Pepe, McGraw-Hill/Osborne, 2003, ISBN-13: 978-0072226966
CSY-5553Vulnerability Assessment and Ethical Hacking
Definitions, Concepts, and Phases of Vulnerability Assessments and Ethical Hacking, Legal Statutes and Issues of Vulnerability Research and Ethical Hacking, Exploring the way of thinking for an industrial spy, a competitor, or a hacker, Network Surveying, Port Scanning, System Identification / OS Fingerprinting, Vulnerability assessment and ethical hacking methodologies, technologies, and techniques and from a defensive and offensive perspective, Examining an organization for weaknesses and exploiting vulnerabilities remotely, Vulnerability Research and Verification, Service Identification, Internet Application Testing, Implementing appropriate countermeasures to thwart malicious hacking, Employing tools & exploits; BackTrack, Core Impact, DDOS, Sniffers, Spoofing, Session Hijacking, Buffer Overflows, Hacking Web Servers and Applications, Google Hacking, Network and host monitoring and traffic analysis, Configuring and monitoring intrusion detection systems and honeypots and honeynets, Reading, interpreting, and analyzing network traffic and log files, Footprinting, scanning, enumeration and escalation.

1.CEH: Official Certified Ethical Hacker Review Guide, Kimberly Graves, Sybex, 2007, ISBN-13: 978- 0782144376
CSY-5554Forensic Profiling of the Cyber Terrorist
Psychological Impacts and Consequences of Terrorism, Critical Infrastructure Protection in Today's Climate and facing Today's Challenges, Motivation for Terrorism and Hacking, Profile of a Terrorist and Hacker, Ways terrorists can use the Internet to communicate covertly with each other right under the nose of US law enforcement, How Internet Cafes, Wi-Fi “hotspots” and library Internet terminals provide ways to anonymize terrorists over the Internet, How global networks (ATM terminals, airline reservations, etc.) are used for covert channels through the Internet, Understanding what makes the mind of the terrorist work.
Elective Courses - Cyber Law Policy
CSY-5561Security Management
Security Management - Systems, Models and Frameworks, IS 27001 - Information Security Management for Business Benefit, Internal Control, Audit and Security, Risk analysis and CRAMM, Business continuity planning – a safety net for business, Building an information security management framework, Information Security, Governance and the Law, The Business of Trust.

1.The Definitive Guide to the C&A Transformation, First Edition, Mehan, Julie E. & Krush, Waylon, IT Governance, 2009, ISBN: 978-1-84928-006-8
CSY-5562Ethics and Law of Cyber Security
The Ethics of Cyber Terrorism, Cyber Security & the law, Can governments shut down privately owned Internet Cafes or e-mail servers?, International law and cyber security, The rights of the individual vs. public safety and cyber law & ethics.
1, Islamabad Highway,
Islamabad 44000
T: +92-51-9075100
F: +92-51-9273310 E: info@ist.edu.pk
Send Feedback | Privacy & Security | Copyright | Contact Us
© 2017 Institute of Space Technology . All rights reserved.
Website Last Updated: 22-Mar-2017
This Page Last Updated: 22-Mar-2017