Cybersecurity

This course lays a strong foundation in managing Linux-based systems within professional, security conscious environments. Students learn to configure and optimize key services, administer file systems and user accounts, and automate tasks with scripting. Beyond the basics, the course covers advanced security mechanisms such as SELinux, AppArmor, and mandatory access controls to mitigate threats. Students also explore containerization (e.g., Docker, Podman), virtualization techniques, and system monitoring tools to ensure performance and compliance with security policies. By the end of the course, students will be equipped to maintain resilient, efficient, and secure Linux infrastructures in dynamic organizational settings.

Students will learn the low-level design of a computer. Topics will include cache hierarchies, main memory layout, addressing schemes, virtual memory, virtualization, data storage, accelerators, etc. They will conduct experiments simulating multi-threading and multi-core processing

This course provides an overview of core cybersecurity concepts, emphasizing the fundamental principles, tools, and procedures used to secure information systems. Students will employ the CIA triad as a guiding framework, explore prevalent threats, and examine various information security solutions. The course focuses on security and risk management, business impact analysis (BIA), asset security, vulnerabilities, threats and countermeasures, identity and authentication management, incident response and BCP/DRP, as well as key compliance and regulatory issues. By the end of the course, students will have broad, practical knowledge of cybersecurity, including the ability to identify security risks, implement effective defensive measures, and approach cybersecurity challenges with strategic thinking

This course offers a comprehensive introduction to the mathematical foundations, fundamental primitives, and modern techniques of cryptography, as well as the essential principles of data privacy. Students will learn both symmetric and asymmetric encryption, hashing, digital signatures, message authentication codes (MAC), and other critical tools for protecting data and ensuring privacy, while simultaneously developing the necessary mathematical background in number theory and algebraic structures. The course also explores modern cryptographic schemes—such as zero-knowledge proofs and homomorphic encryption—and examines their applications in current research areas. Additionally, students will study privacy-preserving methodologies, learning how to apply cryptographic techniques to safeguard sensitive information and maintain user privacy. By the end of the course, students will possess a solid understanding of cryptography and privacy theory, enabling them to apply these concepts in real-world contexts and research. Introduction to Probability and Statistics and Introduction to Cybersecurity are prerequisites for this course.

This course introduces students to the core principles and practices involved in investigating digital assets (e.g., mobile phones, laptops, workstations) and cyber incidents. By examining methods for collecting, preserving, analysing, and presenting digital evidence, students will gain a practical understanding of forensic tools and techniques (e.g., FTK Imager, Autopsy, EnCase). Topics include chain of custody, evidence handling, imaging, file system analysis, investigations, and the use of industry-standard forensic software. Upon completing this course, students will be better prepared to conduct thorough, methodical examinations of digital devices and networks in support of security investigations.

This course focuses on safeguarding data at rest and in transit within various database environments. Students explore the principles of secure database design, learn to implement robust access controls, and detect and mitigate threats such as SQL injection. The curriculum covers secure database architectures, hardened configurations, and DevOps integration for continuous security testing and validation. Students also analyze case studies of large-scale data breaches to understand evolving threat patterns and compliance obligations. By the end of the course, participants will have the foundational skills required to maintain data integrity, confidentiality, and availability in diverse database systems.

In this course, students explore how operating systems manage resources, enforce security policies, and prevent unauthorized activity. Through hands-on exercises, they learn about file permissions, authentication mechanisms, secure configuration, patch management, and system hardening. By examining both traditional and emerging operating systems, students gain the skills to identify vulnerabilities and implement measures that strengthen a system’s defenses against internal and external threats.

An internship is an important aspect of the Cybersecurity Engineering curriculum that provides the student with hands-on experience and a good sense of what an actual job in an organization will be like. Students are required to join an IT department in a government or private organization for a summer period of at least 8 weeks in the last summer prior to student graduation. Students should be able to relate the internship experience to the knowledge that he or she has gained through the CSE program courses

This course provides a comprehensive overview of designing and evaluating robust security architectures within enterprise environments. Students move beyond foundational concepts to explore layered defense models, identity and access management frameworks, and Zero Trust Network Access (ZTNA). Topics include integrating cryptographic controls, establishing secure communication channels, leveraging threat intelligence, and applying architecture frameworks such as SABSA or TOGAF. Students will also assess emerging technologies and evolving regulatory requirements to ensure that architectures remain adaptive and forward-looking. Upon completion, they will be able to create strategic, standards-based security designs that protect complex systems against diverse threats.

This course explores the strategies, tools, and standards used to secure data as it traverses networks. It covers intrusion detection and prevention systems, advanced firewall orchestration, zero-trust network segmentation, and the integration of software-defined networking (SDN) security controls. Students will also work with network traffic analysis tools, threat intelligence platforms, and network forensics techniques to identify advanced persistent threats and devise mitigation strategies. By the end of the course, students will have the analytical and technical skills to implement scalable security architectures and maintain secure communication channels in dynamic, distributed networks.

This course focuses on identifying, assessing, and managing security risks within organizational settings. Students will explore frameworks such as NIST and ISO, perform both quantitative and qualitative risk analyses, prioritize mitigation measures, and ensure alignment with compliance requirements and regulatory guidelines. Topics include vendor risk management, third-party audits, continuous monitoring, cyber insurance considerations, and integrating risk metrics into strategic decision-making. By the end of the course, students will be equipped to shape security governance, effectively communicate risk to stakeholders, and foster a responsive risk management culture within organizations.

This course focuses on the unique security challenges associated with web applications and mobile platforms. Students examine common vulnerabilities such as cross-site scripting, broken authentication, insecure data storage, and malicious code injection. Topics extend beyond basic weaknesses to include API security, single-page application (SPA) safeguards, mobile application sandboxes, secure session management, and hardened containerized deployments. By mastering these concepts, students will be equipped to build and maintain secure web and mobile applications that protect user data and privacy across multiple platforms.

This course focuses on building security into every phase of software development through a proactive approach. Students explore secure development lifecycles (SDLCs) and engage with industry standards such as OWASP to integrate security considerations at each stage of design and implementation. Through hands-on exercises, they learn to identify and prevent common vulnerabilities, apply threat modeling techniques, and incorporate automated security testing tools— including static and dynamic analysis— into modern CI/CD pipelines. Topics include code reviewing best practices, secure coding frameworks, application security architecture, and the practical integration of cryptographic services. By applying these practices, students gain the skills to produce resilient software that can withstand attacks while protecting user data and system integrity.

This course focuses on identifying, assessing, and managing security risks within organizational settings. Students will explore frameworks such as NIST and ISO, perform both quantitative and qualitative risk analyses, prioritize mitigation measures, and ensure alignment with compliance requirements and regulatory guidelines. Topics include vendor risk management, third-party audits, continuous monitoring, cyber insurance considerations, and integrating risk metrics into strategic decision-making. By the end of the course, students will be equipped to shape security governance, effectively communicate risk to stakeholders, and foster a responsive risk management culture within organizations.

In this hands-on course, students learn to think like attackers to identify vulnerabilities before malicious actors can exploit them. They practice reconnaissance, vulnerability scanning, exploitation techniques, and the safe use of testing tools. Ethical guidelines, scoping agreements, and reporting findings are integral parts of the curriculum. Students emerge with a structured methodology for uncovering system flaws and providing recommendations to strengthen defensive measures.

In this first part of the capstone sequence, students embark on a comprehensive, team-based project to address real-world cybersecurity engineering. The focus of this course is on problem identification, requirements analysis, and solution design. Students will define the project scope, conduct a literature review, and create a detailed project proposal. Emphasis is placed on applying knowledge from previous coursework to develop innovative and practical solutions. By the end of this course, students will have a clear roadmap for implementation of a cybersecurity engineering solution.

Building on the groundwork laid in CSE 495, this course focuses on implementing and completing the capstone project. Students will execute their proposed solutions. Teams will utilize industrystandard tools and techniques to develop a functional prototype or system. The course culminates with a comprehensive project report and a formal presentation to faculty and/or industry stakeholders, demonstrating the ability to tackle complex, real-world problems with data-driven strategies. Emphasis is placed on teamwork, project management, and effective communication of findings.