Computer Forensics and Security Management

To obtain specific admissions requirements on how to apply to Graduate School, prospective students should visit this page:http://www.uab.edu/cas/computerscience/graduate-programs/masters-programs/mscfsm

Program Contact Information

Dr. Nitesh Saxena
Department of Computer Science
1300 University Blvd.
CH 133
Birmingham, AL 35294-1170
saxena@uab.edu

Program Information

The Master of Science in Cyber-Security (formerly known as Computer Forensics and Security Management) (MSSec) is an interdisciplinary program that prepares graduates for a professional career in the field of cyber security by developing in them the necessary skills crucial for success. The program also provides current practitioners the opportunity to obtain advanced-level training to facilitate career advancement. The program includes a set of core, required courses and the opportunity to select from a default option or two tracks of specialization.

Admission Requirements

Students accepted into the program will have earned a bachelor's degree from an accredited college or university or recognized university from abroad. Most of these students will have earned a cumulative undergraduate grade point average (GPA) of 3.0 or higher. Applicants whose native language is not English are required to take either the TOEFL or the IELTS and score 80 or higher on the TOEFL or 6.5 or higher on the IELTS.

Students seeking admission to the program who lack a background in computer science or information systems but meet the remaining minimum requirements for admission may be admitted contingent on them completing a set of prerequisite courses (or their equivalents) that include:


RequirementsHours
CS 103
103L
Introduction to Computer Science in Python
and Introduction to Computer Science in Python Lab
4
IS 204Introduction to Business Programming3

Master of Science in Computer Forensics and Security Management

A total of 30 semester hours are required for the degree, organized into: (a) 15 hours of required core courses, (b) 9-12 hours of course work following a default option or one of the two tracks of specialization, and (c) 3-6 hours of electives from an approved list of relevant courses. The two specialization tracks are Cybercrime Investigations and IT Audit/Fraud Examination.

RequirementsHours
Core courses
CS 534Networking3
CS 534LNetworking Laboratory0
CS 623Network Security 3
CS 623LNetwork Security Laboratory0
CS 636Computer Security3
CS 689Cyber Risk Management3
or IS 613 Information Security Management
CJ 502Computer Forensics 3
Total Hours15

In addition to completing the five (5) core courses worth 15 credit hours, students by default may choose three courses worth nine credit hours from the following list of approved courses in cyber security, followed by two additional computer science electives worth six credit hours at the 500+ level or 600+ level1. Alternatively, students may choose one of the two tracks of specialization (Cybercrime Investigations and IT Audit/Fraud Examination, both worth 15 credit hours) to fulfill the requirements of the Master’s degree. 

Approved Cyber-Security Centric Courses

RequirementsHours
Choose any three courses9
Modern Cryptography
Digital Currency
Penetration Testing and Vulnerability Assessment
Cloud Security
Total Hours9

Cybercrime Investigations Track

RequirementsHours
CS 519Investigating Online Crimes3
CS 537Digital Media Forensics3
CJ 675Law Evidence and Procedure3
CJ 696Graduate Internship in Criminal Justice 3
Choose one (1) CS elective at the 500+ level 13
Total Hours15

IT Audit/Fraud Examination Track

RequirementsHours
AC 572Information Technology Auditing3
AC 573Fraud Examination3
LS 571Legal Elements of Fraud Investigation3
Select two (2) courses from the IS courses listed below or approved CS courses 16
CISSP I
CISSP II
Total Hours15
1

 CS 500-level courses: CS 501 and CS 501L, CS 510, CS 520 and CS 520L, CS 533 and CS 533L, CS 555, CS 591, CS 592, CS 597,CS 598

CS 600-level courses:CS 600, CS 601, CS 602, CS 610, CS 614, CS 616, CS 617, CS 620,CS 621 and CS 621L, CS 622, CS 624, CS 625, CS 626, CS 629, CS 630, CS 631, CS 632, CS 633, CS 634, CS 635,CS 639, CS 640, CS 641, CS 642, CS 646, CS 647, CS 649, CS 651, CS 652, CS 653, CS 654, CS 656, CS 659, CS 660, CS 662, CS 663, CS 665, CS 667, CS 669, CS 670, CS 671, CS 672, CS 673,CS 674, CS 675, CS 676, CS 680, CS 682, CS 683, CS 684, CS 690, CS 691, CS 692, CS 697, CS 698,CS 699

AC 572. Information Technology Auditing. 3 Hours.

Introduction to the practice of information technology auditing. An emphasis is placed on information technology auditing standards and methodology, as well as guidance on auditing general computer controls and application controls.

AC 573. Fraud Examination. 3 Hours.

Advanced forensic accounting concepts with a primary focus on occupational fraud and abuse--its origins, perpetration, prevention, and detection.

CS 537. Digital Media Forensics. 3 Hours.

Digital media forensics addresses all stored digital evidence types faced by cyber security professionals and computer forensics examiners. Students will learn to analyze character encoding, file formats, and digital media, including hard drives, smartphones and other portable devices, and cloud-hosted evidence, as well as disk acquisition, duplication and evidence preservation techniques and how to apply these techniques in typical criminal investigation scenarios.

CS 537L. Digital Media Forensics Lab. 0 Hours.

Laboratory to accompany CS 537.

CS 623. Network Security. 3 Hours.

Conventional network security (symmetric and public-key cryptography). Message encryption and authentication. Secure communication between computers in a hostile environment, including E-mail (PGP), virtual private networks (IPSec), remote access (SSH), and E-commerce (SSL), firewalls, intrusion detection and prevention, security of IEEE 802.11 wireless networks (WEP, WPA). Mandatory weekly Linux-based lab.

CS 623L. Network Security Laboratory. 0 Hours.

Laboratory to accompany CS 623.

CS 636. Computer Security. 3 Hours.

Study of the breadth of major computer security topics including cyber threats, malware, information assurance, authorization, applied cryptography, web security, mobile and wireless security, network security, systems/software security, database and storage security, user-centered security, and best security practices and countermeasures.

CS 643. Cloud Security. 3 Hours.

Definition of cloud computing, cloud computing models, privacy, authenticity and integrity of outsourced data, proof of data possession / retrievability, cloud forensics, malware analysis as a service, remote verification of capability and reliability, proof of availability, economic attacks on clouds and outsourced computing, virtual machine security, trusted computing technology and clouds, verifiable resource accounting, cloud-centric regulatory compliance issues and mechanisms, business and security risk models, secure MapReduce, applications of secure cloud computing, private information retrieval and cloud cartography.

CS 645. Modern Cryptography. 3 Hours.

Theory and practices of modern cryptographic techniques, algorithms and protocols, including formal analysis. Secret key encryption algorithms, public key encryption algorithms, stream ciphers, one-way hashing algorithms, authentication and identification, digital signatures, signcryption, key establishment and management, secret sharing and data recovery, zero-knowledge proofs, public key infrastructures, efficient implementation, cryptanalytic attacks and countermeasures, security models, assumptions and proofs.

CS 646. Digital Currency. 3 Hours.

Fundamental principles of digital cash systems including Bitcoin, Ripple and other notable cryptocurrencies. Topics to be covered include how a cryptocurrency works, blockchain and other decentralized consensus protocols, proof of work, proof of stake, security and privacy of cryptocurrencies, cryptographic techniques for digital currency, and applications of blockchain in peer-to-peer trust establishment, smart contracts, digital asset management, financial exchanges and distributed autonomous organization.

CS 654. Malware Analysis. 3 Hours.

Hands-on course teaching static, dynamic and contextual analysis of malware. Malware analysis and reverse-engineering techniques are taught through interaction with both "classroom" and "wild" malware samples. Defensive and counter-measure techniques for both corporate and law enforcement environments are explored.

CS 657. Penetration Testing and Vulnerability Assessment. 3 Hours.

This course focuses on penetration testing and vulnerability analysis. It introduces methodologies, techniques and tools to analyze and identify vulnerabilities in stand-alone and networked applications. It also covers methodologies for legal and standards compliance.

CS 689. Cyber Risk Management. 3 Hours.

This course develops knowledge and skills in risk based information security management geared toward preventive management and assurance of security of information and information systems in technology-enabled environments. It focuses on risk assessments, risk mitigation strategies, risk profiling and sensitivity, quantitative and qualitative models of calculating risk exposures, security controls and services, threat and vulnerability management, financing the cost of security risks, and return on investment for information security initiatives. The course presents several risk assessment models with an ultimate goal of identifying and realizing the unique and acceptable level of information risk for an organization.

IS 613. Information Security Management. 3 Hours.

Primary objectives of the course are for the student to develop an understanding of key information security concepts, develop an understanding of how people, technology, and organizational policies should be developed and managed to safeguard an organization's information resources, learn how to manage under uncertainty and risk, develop policies and procedures to make information systems secure, and learn how to audit and recover from security breaches.

LS 571. Legal Elements of Fraud Investigation. 3 Hours.

Key legal principles and courtroom procedures relevant to forensic accounting, and survey of related topics--criminology theories, evidence management, and litigation services.

CJ 502. Computer Forensics. 3 Hours.

Use of analytical and investigative techniques in criminal or civil litigation to identify, collect, examine and preserve evidence/information magnetically stored or encoded.

CJ 530. Ethics and Computer Forensics. 3 Hours.

Overview of different systems of ethics; the role of ethics in computer forensics, cybercrime investigation, and information security; examination of ethical issues facing professionals involved in computer forensics, cybercrime investigation, and information security.

CJ 515. Investigating Online Crimes. 3 Hours.

Introduction to cyber investigative techniques, involving focused analysis of email and websites; examination of legal process and preparing evidence in cyber crime cases.

CJ 675. Law Evidence and Procedure. 3 Hours.

Overview and examination of the legal aspects of physical evidence, including rules of evidence, procedural rules, and the role of expert witnesses.

CJ 696. Graduate Internship in Criminal Justice. 3 Hours.

Field experience in criminal justice agency setting. May be repeated for a maximum of 6 hours credit.

Faculty

Byrd, Jim, Instructor of Accounting, Program Director, MAc, 2013, B.S. (Auburn), M.B.A. (Georgia State), M.A., Ph.D. (UAB), CPA, CHFP
Earwood, Martha, Teaching Assistant Professor of Criminal Justice & Internship Coordinator, 2003, B.S., M.S. (Georgia State), Corrections, Victimology, Restorative Justice, Experiential Learning.
Hasan, Ragib, Assistant Professor of Computer Science, 2011, B.S. (Bangladesh), M.S., Ph.D. (Illinois Urbana-Champaign)
Johnston, Allen, Associate Professor of Information Systems, Director of Information Systems Programs, 2007, B.S. (LSU), M.B.A., PhD. (Mississippi)
Leece, Ryan, Assistant Professor of Accounting, 2014, BS (University of Minnesota); MA (University of North Carolina), PhD (Virginia Tech)
Saxena, Nitesh, Associate Professor of Computer Science; MS CFSM Program Co-Director, 2011, B.S. (Kharagpur), M.S., Ph.D. (University of California-Irvine)
Walker, Jeffery, Professor and Chair, 2015, B.S. (Arkansas), M.A. (Arkansas - Little Rock), Ph.D. (Sam Houston), Social Structures of Neighborhoods, Crime Analysis/Mapping, Crime and Place
Warner, Gary, Instructor and Director of the Computer Forensics Research Lab, 2007, B.S. (UAB), Digital Forensics, Cybercrime and Security
Zheng, Yuliang, Professor and Chair of Computer Science, 2015, Ph.D. (Yokohama - Japan)