Courses
This page includes an outline of courses taught at Georgia State University related to cybersecurity. For more information on any of these courses or related academic programs, please consult the Georgia State University Academic Catalog.
Undergraduate Courses
Andrew Young School of Policy Studies
The purpose of this course is to introduce students with the technical, social and legal aspects of cybercrime as well as expose students to theories and tools that enable scientific exploration of this phenomenon. In the first weeks of the semester we will learn about the computer and the Internet, and discuss several definitions and typologies of cybercrime. Then we will discuss the hacker, the victim and the IT manager. We will conclude this section by reviewing important steps taken by scholars while conducting scientific research. In the second half of the semester we will review various theories of crime causation, and assess the relevance of these theories in the context of cyber space. We will then describe several technical tools that allow the collection of data from the Internet. We will conclude with a discussion on the legal issues affected and created by online crime.
This course is an introduction to the key pillars of the evidence-based cybersecurity approach, and highlights their relevance in the context of existing technical, social, and legal trends in this field.
College of Arts & Sciences
This course provides an initial overview on the topic of Information Security. It covers the basics of encryption and decryption, program security including viruses and other malicious code, application security, security in operating systems, security in networks and distributed systems, different methods of administering security, and legal and ethical issues in computer security.
This course will study privacy in a few settings where rigorous definitions and enforcement mechanisms are being developed, including statistical disclosure limitation, semantics and logical specification of privacy policies that constrain information flow and use, principled audit and accountability mechanisms for enforcing privacy policies, anonymous communication protocols, and other settings in which privacy concerns have prompted much research, such as in social networks, location privacy and Web privacy.
Students must meet the Computer Science Major Eligibility Requirement in order to enroll in this course. Introduction to the methods and techniques used by computer hackers for malicious activity and by penetration testers for defensive measures. Understanding of the techniques used by intruders will lead to the design of countermeasures for secure computer systems. Students will implement hands-on experiments to learn identification of vulnerabilities in servers, websites, wireless networks, and cryptologic systems.
Students must meet the Computer Science Major Eligibility Requirement in order to enroll in this course. This course will introduce students to the fundamentals of malware analysis and defense techniques. Using hands-on-experience students will attain an understanding of identifying the functionalities and behaviors of malicious software. Students will use a disassembler to decompose, execute, and trace each line of a program. They will also learn how to patch the executable file and modify its behavior for a more secure outcome. Students will also have the chance to examine the effects of different types of malicious software that run either natively on a Windows or a Linux platforms. Students will learn how to defend a system by tracing back the infection and identifying the vulnerability used to exploit and implant the malicious software within the system.
Students must meet the Computer Science Major Eligibility Requirement in order to enroll in this course. This course teaches how to obtain and analyze digital information for possible use as evidence in civil, criminal or administrative cases. The course covers the recovery and analysis of digital evidence, addressing legal and technical issues. Topics include applications of hardware and software to computer forensics, computer forensics law, volume and file system analysis, computer forensics investigations, and computer forensics in the laboratory.
Students must meet the Computer Science Major Eligibility Requirement in order to enroll in this course. This course is a study of the foundation of software security. Students will learn the characteristics of secure software, the role of security in the development lifecycle, designing secure software, best security programming practices, security for web applications, static analysis techniques, and software security testing.
J. Mack Robinson College of Business
Prerequisites: CIS 2010
Requirements: Must meet RCB upper division course requirements and 45 semester hours
This course introduces students to the collection, preservation, presentation and preparation of computer based evidence for the purposes of criminal law enforcement or civil litigation. These activities define the central roles of computer forensic practitioners involved in investigating computer crime scenes and torts involving computers. Students will be prepared to assist in the formulation and implementation of organizational computer forensics preparedness policies, to determine the necessity for forensic procedures, extend governance processes to allow for proper future forensic investigations, and to be contributing members of computer forensics investigation teams.
Prerequisites: Departmental Approval Required.
Requirements: Must meet RCB upper division course requirements and 45 semester hours
Understanding, assessing and managing Cybersecurity in FinTech organizations is critical for the viability and success of FinTech organizations. The course is designed to prepare you for the workforce through a collaborative training program between (i) the Robinson College of Business Career Advancement Center, (ii) an academic unit and (iii) a Potential Employer/Project Funder/Project Initiator. You will acquire skills, competencies, understanding and work experience beyond you could gain otherwise. The course covers interviewing and job preparation skills, soft skills, oral and written skills, technical skills reinforcement, apprenticeship and presentation skills.
Prerequisites: CIS 2010 and instructor consent
Requirements: Must meet RCB upper division course requirements and 45 semester hours
This course is designed to develop knowledge and skills for security of information and information systems within organizations. It focuses on concepts and methods associated with security across several systems platforms, including internal and Internet facing networks. The course overviews critical infrastructure concepts as well as techniques for assessing risk associated with accidental and intentional breaches of security. It introduces the associated issues of ethical uses of information and privacy considerations.
Prerequisites: CIS 2010 and CIS 3260
Corequisites: CIS 4680
Requirements: Must meet RCB upper division course requirements and 45 semester hours
This course focuses on three specific aspects of data communication, storage and processing systems: 1) the technological underpinnings of data transmission over computer networks; 2) the known approaches to compromise and/or damage the networks; and 3) skills and methods necessary to prevent, detect and recover from network-based attacks. This course presents both theory and practice of network attack and defense, and discusses contemporary tools, techniques and methodologies of attackers and defenders alike.
Prerequisites: None
Corequisites: CIS 4688
Requirements: Must meet RCB upper division course requirements and 45 semester hours
This course develops knowledge and skills in risk based information security management geared toward preventive management and assurance of security of information and information systems in technology-enabled environments. It focuses on risk assessments, risk mitigation strategies, risk profiling and sensitivity, quantitative and qualitative models of calculating risk exposures, security controls and services, threat and vulnerability management, financing the cost of security risks, and return on investment for information security initiatives. The course presents several risk assessment models with an ultimate goal of identifying and realizing the unique and acceptable level of information risk for an organization.
Graduate Courses
Andrew Young School of Policy Studies
Research and seminar discussions of specified contemporary, behavioral or administrative problems which impact on criminal justice. May be repeated for credit when topics vary.
College of Arts & Sciences
This course provides students with a detailed understanding of the fundamentals of network security. Significant focus will be placed on the five phases of network attacks: reconnaissance, scanning, gaining access/denial of service, maintaining access, and covering tracks. Topics to be covered include: Web security, Security standards-SSL/TLS and SET, Intruders and viruses, PGP and S/MIME for electronic mail security, Firewalls, IDS Secret Key and Public/Private Key Cryptography Cryptographic Hashes and Message Digests, Authentication Systems (Kerberos), Digital signatures and certificates, Kerberos and X.509v3 digital certificates. Also, current network security publications will be surveyed.
This course is intended to provide a general introduction to cryptography. This introductory course will cover a number of fundamental concepts and schemes in cryptography, including symmetric cryptography, stream ciphers, block ciphers, data encryption standard (DES), advanced encryption standard (AES), public-key cryptography, RSA cryptosystem, elliptic curve cryptosystems, digital signatures, hash functions, message authentication codes (MACs), and key establishment. Through the lectures, students will understand the basic knowledge of cryptography, be familiar with various cryptosystems, have sufficient foundation to learn advanced techniques of security, gain experience of implementing cryptosystems, and develop abilities to conduct research in security and privacy.
This course is intended to provide a general introduction to privacy aware computing. This course will cover the fundamental concepts and principles of differential privacy, data perturbation, data anonymization, randomized responses, privacy-preserving data mining, private information retrieval, location privacy, and social network privacy, etc. Students will understand the basic knowledge of privacy aware computing, be familiar with various privacy preserving method, gain experience of designing and implementing methods to defense the privacy leaking with different scenario, and develop abilities of conducting research in privacy aware computing.
The basics of data security and integrity in computer systems. The theoretical basis of data security, including concepts in cryptography, network protocols, operating systems, and authentication. Topics will include the structure, mechanism, and detection of computer viruses and worms; the use of firewalls and packet filters; common security lapses in operating systems and their prevention; checksums and basic cryptography; and related ideas such as buffer overflow attacks and indirect assembly programming. “Real-world” examples of attacks will be analyzed and discussed.
J. Mack Robinson College of Business
Developing and managing efficient and effective database applications requires understanding the fundamentals of database management systems, techniques for the design of databases, and principles of database administration. This course emphasized database concepts, developments, use and management in three main sections: database concepts, practice, and emerging trends. Relational database systems are the main focus. Practical design of databases and developing database applications using modern software tools will be emphasized.
This course focuses on three specific aspects of data communication networks: 1) the technological underpinnings of data transmission over computer networks; 2) the known approaches to compromise and/or damage the networks; and 3) skills and methods necessary to prevent, detect and recover from network-based attacks. This course presents both theory and practice of network attack and defense and discusses contemporary tools, techniques and methodologies of attackers and defenders alike.
This course develops knowledge and skills in risk based information security management geared toward preventive management and assurance of security of information and information systems in technology-enabled environments. It focuses on risk assessments, risk mitigation strategies, risk profiling and sensitivity, quantitative and qualitative models of calculating risk exposures, security controls and services, threat and vulnerability management, financing the cost of security risks, and return on investment for information security initiatives. The course presents several risk assessment models with an ultimate goal of identifying and realizing the unique and acceptable level of information risk for an organization.
This course provides students with a foundation and understanding of IT auditing services focused on protecting information assets. Topics include security, integrity, and availability of information systems. The course will allow the student to establish the scope, control environments and identify risks associated with information assets. It will also cover the protection of assets involving state-of-the art technologies such as virtualization and cloud computing. Students will understand how assessing risk is an important first step in undertaking the proper examination of an organizations IT processes and technologies. Further, the course will cover latest standards and frameworks related to the auditing of information assets.
This course allows for the in-depth study of Cloud Computing security or, more simply, cloud security refers to a broad set of policies, technologies, applications, and controls utilized to protect virtualized IP, data, applications, services and the associated infrastructure of cloud computing. It is a sub-domain of computer security, network security, and more broadly information security.
This course allows for the in-depth study of emerging or advanced topics in cybersecurity. Emphasis will be placed on readings from professional literature, lectures, case studies and projects. The course will benefit the students by exposing them to cloud computing concepts, elaborating on risks and benefits related with cloud. At the end of the course, students will get the complete understanding of the legal and compliance issues related to cloud computing and are able to discuss and solve issues relating to cloud data, infrastructure and operations security.
Recent topics covered in this course include cloud security and security analytics.
This course is designed to develop knowledge and skills for security of information and information systems within organizations. It focuses on concepts and methods associated with planning, designing, implementing, managing, and auditing security to all levels and on all systems platforms, including worldwide networks. The course presents techniques for assessing risk associated with accidental and intentional breaches of security. It covers the associated issues of ethical uses of information and privacy considerations.