Focuses on information security, cryptography, network defense, digital forensics, and secure application engineering.
These are the required courses that define the major specialization journey.
The CIA Triad (Confidentiality, Integrity, Availability). Security Attacks: Passive (Interception, Traffic Analysis) vs. Active (Modification, Masquerade, Replay, DoS). Security Services (X.800) and Mechanisms. The Mo...
Security services (confidentiality, integrity, authentication, non-repudiation), Classical ciphers (Caesar, Vigenère, Playfair, Hill), Cryptanalysis techniques (frequency analysis, known-plaintext attacks), Block vs....
CIA triad in networked environments, Threat modeling for protocols (STRIDE methodology), Secure protocol design patterns (encrypt-then-authenticate, stateful/stateless protocols), Cryptographic agility and algorithm l...
Cybersecurity kill chain and MITRE ATT&CK framework, Legal and ethical considerations (ROE, NDA, scope agreements), Passive reconnaissance (OSINT, WHOIS, DNS enumeration, Shodan), Active reconnaissance (port scanning,...
Differential cryptanalysis principles and attack complexity, Linear cryptanalysis and correlation matrices, Integral cryptanalysis and multidimensional characteristics, Truncated differential attacks, Impossible diffe...
OWASP Top 10 methodology and risk rating, Threat modeling (STRIDE, DREAD, PASTA), Authentication flaws (weak passwords, credential stuffing, broken session management), Authorization bypass techniques (IDOR, missing a...
These electives are available within the same major specialization pathway.
Forensic science principles (Locard's exchange principle, scientific method), Digital evidence types and characteristics (volatile, non-volatile, latent), Chain of custody requirements, Legal considerations (admissibi...
Cloud service models (IaaS, PaaS, SaaS) and deployment models (public, private, hybrid, multi-cloud), Shared responsibility model across providers (AWS, Azure, GCP), Cloud security principles (CIA triad extension, def...
Malware types classification (viruses, worms, trojans, ransomware, APTs), Infection vectors (phishing, drive-by, supply chain), Malware evolution (polymorphic, metamorphic, fileless), Kill chain models (Cyber Kill Cha...
Distributed ledger technology principles, Cryptographic hash functions (SHA-256, Keccak), Digital signatures (ECDSA, EdDSA), Merkle trees and Patricia tries, Consensus mechanisms (PoW, PoS, PBFT, Tendermint), Byzantin...
Android security model (sandboxing, app permissions, SELinux), iOS security (code signing, sandbox, XNU kernel), App lifecycle and inter-process communication (Intents, AIDL, XPC), Secure boot chain and verified boot,...
Information Technology Act 2000 (amendments), Section 43/43A/65/66/66A-66F offenses, Digital Personal Data Protection Act 2023 (DPDP), Reasonable security practices and SOPs, Cyber Appellate Tribunal, Electronic signa...