Education program of Administrative management in the field of Infocomunication security - qualification level «Master»
The purpose of the educational program is to prepare highly qualified and competitive professionals with a solid competence in applying research and design methods for system and information security as well as cyber security systems.
The educational program takes part in the Double Degree Program with the Blekinge Technological Institute (Sweden, Karlskrona) as well as in the academic mobility program Erasmus + KA1 with the Blekinge Technological Institute (Sweden, Karlskrona). Each year, in July, a summer school of cyber security is being held, the founders and direct participants of which are lecturers of the Department of Infocommunication Engineering together with representatives of Sweden and Poland, who give the training courses in this educational program.
The core curricula of the educational program were developed within the framework of the Tempus International Project No. 544455-TEMPUS-1-2013-1-SE-TEMPUS-JPCR “Preparing Next Generation of Cybersecurity Experts: A New EU-recognized Master’s Program” (ENGENSEC), funded by the European Union:
Methods for detecting and analyzing malware.
Students study the main types and principles of malware classification, their spreading and structure, methods and tools for counteracting malicious programs.
After passing the Malware course, students will gain practical skills regarding:
- analysis of malware structure;
- classification of malware;
- selection, debugging and using of anti-malware software.
Vulnerability Analysis and Ethical Hacking (Penetration Testing and Ethical Hacking).
Students study tools for diagnosing vulnerabilities in web-based applications and IP-networks, techniques and tools for testing penetration to information and communication systems, methods for setting, optimizing and configuring operating systems, databases, and network equipment, general terms for ethical hacking: vulnerability, exploit, payload, zero day.
Students gain practical skills in testing for the penetration to information and communication systems, setting, optimization and configuration of the operating system, DBMS, and network equipment for the safe operation of information and communication systems, implementation of special software (sniffer, port scanners, antivirus software).
Security Software Development.
Students study the overall structure and requirements for Secure Software Development Lifecycle; standards, protocols, and procedures responsible for checking and managing product safety; general requirements and approaches to developing a software threat model; security patterns: identity management, authentication, access models, session management, etc., common mistakes and vulnerabilities that can be encountered in software development; methods and utilities that help protect software from hacking.
After passing the course students can:
- create a software quality model to assess the level of security and vulnerability thresholds;
- select criteria for risk consideration and assessment;
- perform analysis of attacks (access to utility services, determination of privileges, multilevel protection);
- use gdb to analyze binary programs;
Independently use the knowledge gained in:
- development of algorithms and software code;
- testing of the software for errors, bugs and vulnerabilities;
- developing and testing a model of threats.
Web-security.
Students study the architecture of web application protocols, general vulnerabilities and weaknesses, vulnerabilities in open databases; security aspects that use PHP, JavaScripts, SQL, etc.; Web authentication mechanisms and authentication methods, application encoding errors; existing vulnerabilities and attacks on web resources, their practical application and methods of dealing with them at the design stage and in operation (OWASP – Open Web Application Security Project); design patterns for secure web applications; security architecture, typical for web services; testing of internal and external penetration, wireless penetration; penetration testing and security tools.
After passing the Web-security course, students can:
- analyze vulnerabilities and weaknesses of web-based programs, in particular, testing penetration and testing of internal and external penetration;
- conduct research on information security of the client-server system;
- protect web services from cyber-attacks at the design stage and during operation;
- protect clients and servers on different web platforms.
Digital Forensics
Students study methods for conducting forensic examinations in various file systems, including FAT, NTFS, Ext, and in various operating environments including Windows, Linux, methods of forensic examination in computer networks (network digital forensics), methods of live forensic expertise, including file system and memory analysis.
Students get practical skills in conducting forensic examinations of digital techniques for obtaining evidence of cybercrime using a special software and regulatory framework.
Advanced Networks and Cloud Security:
The course allows students to form competence for work in positions of specialist in cybersecurity of telecommunication organizations, namely:
- ability to work with virtualization tools and possess methods of providing their information security;
- ability to perform basic configuration of the cloud environment based on OpenStack;
- ability to choose the means of providing information security in accordance with the type of network or cloud environment and type of threats;
- ability to configure information security protocols in modern virtual private networks of different levels (IPSec, MPLS VPN, GRE, DMVPN, FlexVPN, GET VPN, SSL/TLS).
Basic knowledge:
- Basic principles for building software-defined networks (SDN).
- Principles of OpenFlow protocol.
- Security of SDN controller.
- Flex VPN configuration, Deep packet inspection using IPS/IDS systems.
- Principles of virtualization of infocommunication networks: problems, threats and solutions.
- Security and privacy issues in cloud environments.
- Cloud environments privacy, availability, integrity, responsibility, privacy.
Wireless & Mobile Security
After passing the Wireless Security course, students will gain practical skills in testing wireless networks using various security methods and will be able to:
- design and configure a secure wireless infrastructure for IEEE 802.11, 802.15, 802.16, 3G, 4G, 5G standards.
- use the appropriate security policies in wireless networks.
- set permissions rating.
- carry out an audit of the wireless network for vulnerabilities.
- ensure compatibility of the wireless network with other networks.
- ensure the availability and scalability of the wireless network considering security issues.
- protect mobile devices and communication channels from cyber-attacks and third-party interventions.
- use appropriate tools to test and detect vulnerabilities in modern wireless and mobile networks.
In the curricula of Master’s training educational program there are also such disciplines as: Fundamentals of Scientific Research, Organization of Science and Copyright as well as Mathematical Methods of Modeling and Optimizing processes, the purpose of which is the formation of competences for conducting scientific research on cyber defense processes.
A graduate in the educational program of Administrative Management in the Field of Information Security can work as:
- A specialist in the development of secure software on C/C++/C#/JAVA/Python;
- An information security manager;
- An engineer, specialist, chief specialist in information security;
- A head of information security department;
- An auditor of information security systems;
- A developer of systems and means of information security;
- An administrator of information security;
- An analyst on information security;
- A head of projects on information security;
- An officer of Cyber Security Special Forces.
After graduation, students receive educational qualifications: Master’s Degree, Cyber Security, Administrative Management in the field of Information Security.
Training and laboratory base:
The CISCO Network Academy, the NURE IT Academy, the Laboratory of Next Generation Networks, the Laboratory of Access Systems, the Laboratory of Technical Information Security, and the Mobile Communications Laboratory have been deployed at the Department of Infocommunication Engineering. In 2018, a cyberpolygon for the study of cybersecurity in cloud technologies, provided by the European Union within the framework of the European Tempus program – Training of Future Generation Cybersecurity Specialists, was put into service.