BGK503E Information and Computer Security
Introduction to information, security and computer security. Information security. Threats and defenses of information security. Confidentiality methods: encryption, fundamentals of encryption methods and classes. Symmetric and asymmetric encryption. Linearity, authentication, electronic signature, PKI. Attack methods and counter measurements. Classifications and standards of security.
BGM505E Network Security
Web security. Security standards. Intruders and viruses. E-mail security. Firewalls. Secret Key and Public/Private Key Cryptography Cryptographic Hashes and Message Digests Authentication Systems. Digital signatures and certificates. Digital certificates. Current Network Security Topics and Publications.
BGM507 Information System Security Engineering
Varieties of information systems, hardware architectures, operating systems, datacenters, security attacks, threats, vulnerabilities, security inspection and evaluation of information systems, control and authorization, penetration tests, access of information systems, data theft, data deletion, data modification, physical security, security control, security policies.
BGK509 E-Commerce Security
History of commerce, basic rules of commerce, mutual benefits, secure commercial markets, mutual trust, security methods for e-commerce, encryption, principles of encryption, secure transactions, PKI, identity verification and authorization documents, secure identity services and role-based authorization, electronic payment systems, protection of intellectual properties, e-notary, one time passwords.
BGK511 Information Assurance and Secure Software Development
Fundamentals of information assurance, SDLC, software maturity, security enhancement methods, security measurement methods
BGK513 Information Security Law and Policy
Introduction and comparison of national and international policies, fundamental principles of law and ethics, public and private rules, national security, privacy of personal data, intellectual property, ethics and culture, criminal law, prosecution, evidence collection, informational forensics
BGK505E Discrete Mathematics
Order concept, its importance in computer science. Noether order, induction principles. Application to recursive functions. Modulo relation, modular arithmetic and its theorems. Chinese remainder theorem and applications. Counting and multiple combinations. Group theory, congruence relation, homomorphism. Permutation functions and Polya theorem. Group codes, their utilization in fault detection and correction.
BGK502E Operating System Security
Introducing operating systems, common operating systems and their distinctive properties. Security facilities of operating systems. Security flaws caused by operating systems. Process security. Access security. User definition and authorization. Access monitoring and auditability. Logging. Security models.
BGK504E Information Security and Management
Introduction of data security principles. Standards defining data security levels. Standards regarding user security levels. Classification of data stored in the information systems. Classification of user access levels from security perspective. Access monitoring, auditing and reporting with respect to defined user and data security levels. Information management strategies and policies. Introducing national and international information management legislation.
BGK506 Intrusion Detection and Prevention
Varieties of attacks to information systems. Counter measures and techniques. Counter measures against a specific type of attack. Heuristic methods. Monitoring methods. Determining malicious logic. Analysis of security flaws. Enhancing protective methods.
BGK510 Data Mining Methods in Security
Fundamentals of data mining, data cleaning, data modelling, relation rules, classification, clustering and aggregation algorithms and their applications. Application of data mining topics to information security.
BGK512E Security for Cloud Computing
Cloud computing infrastructure. Cloud computing rules. Security problems specific to cloud computing. Architecture and infrastructures for private, public, institutional and hybrid clouds. Virtualization security. Application security. Policy and risk assessment for clouds. Contracts and agreements in clouds. Grid services and remote security control. SaaS, PaaS, IaaS concepts. Security models.
BGK514E Stream Ciphers
Fundamentals of Stream Ciphers; Cryptanalysis of Stream Ciphers; Properties of Running Key Sequences; Requirements; One-Time Pad and Vernam Cipher; Deterministic Random Number Generators; Linear Congruential Generators; Cellular Automata; GLIBC; Linear Feedback Random Number Generators; Connection Polynomial; Irreducible and Primitive Polynomials; Berlekamp-Massey Algorithm; Linear Complexity; Nonlinear Stream Ciphers.
Classical cryptography: introduction: some simple cryptosystems, cryptanalysis of simple cryptosystems. Shannon’s theory: probability theory, entropy, properties of entropy, product cryptosystems. Block ciphers: substiturion-permutation network, linear cryptanalysis, differential cryptanalysis, the data encryption standard (DES), advanced encryption standard (AES), modes of operation. Hash functions: collision-free hash functions, authentication codes. The RSA system and factoring: introduction to public-key cryptography, more number theory, the RSA cryptosystem. Public-key cryptosystems based on discrete logarithm problem: the ElGamal cryptosystem, finite field and elliptic curve systems, galois fields, elliptic curves. Signature schemes: introduction, the ElGamal signature scheme, the digital signature algorithm (DSA), the elliptic curve digital signature algorithm (ECDSA).
BGK601E Machine Learning Methods in Security
Fundamental topics in machine learning. Decision tree. Neural networks. Fuzzy logic. Genetic algorithms. Naïve-Bayes method. Support vector machines. Application of machine learning topics to information security.
BGK603 Programming Language Security
Secure programming languages. Secure software development. Coding consistent with standards. Software analysis, solution, modelling, testing and delivery processes. Semantic concepts. Memory sharing. Buffer overflow attacks. Message passing interfaces. Access control. Data transfer. Secure communication protocols. Secure processing.
BGK605 Vulnerability Scanning and Prevention
Firewalls. Integrated and transparent firewalls. Smart protection. Adaptive intelligence. Worms and botnets. Trojan horses and back doors. Web, Mail, VoIP, DNS vulnerabilities. SQL injection. Spyware. Phishing. Web application security scans. SIP software security. Social security topics. NIST 800-53. ISO 27001/2. Data loss prevention.
BGK607 Cryptographic Microprocessor Design
Introduction to microprocessor, microcontroller, FPGA. Principles of microprocessor system design. Encryption methods. Embedded systems.
BGK609E Cryptography and Number Theory
Introducing historical techniques of encryption and their cryptanalysis. Public key cryptography (RSA, ElGamal systems). The Data Encryption Standard (DES) and the Advanced Encryption Standard (AES). Signature schemes and key distribution. Secret sharing schemes and hash functions. Zero knowledge proofs. Elliptic curves arithmetic. Integer and modular arithmetic.
BGK602 Information Security Audit and Assurance
Management of data in an organizational information system. Designing organizational information security policies. Organizational structure and defining liabilities. Risk management. Audit areas. Legal issues. COSO, ISO 27001, BGYS, COBIT, ITIL, CMMI, GRC ve benzeri modeler. Audit standards. Certification process.
BGK622 Applied Cryptography for Cyber security and Defense
Cyber security. Encryption. Authentication based on encryption to protect information security systems. Encryption in web and e-mail systems. Encryption in e-commerce. Encryption in sensor networks. Electronic voting protocols. Network security. Encryption methods and hardware software applications.
BGK606 Cyber Warefare, Cybersecurity and Defense
Cyberwars, Security units and processes, Basic properties of the cyber world. Critical infrastructures and systems. Strategic and functional cyberwars. Attack sources. Attack types. Defense systems. Detecting advanced cyber weapons and preventing them. Defense architecture. Cryptography applications. Electronic security. Information security standards. Espionage and intelligence methods. Requirements of a cyberwar as a nation / state. Cyberwar management. Integration of cyberwar treasury, its control and efficient use.
BGK608E Cryptographic Engineering
Understanding, modeling, designing, developing, testing, and validating cryptographic software and hardware. We study algorithms, methods, and techniques in order to create state-of-art cryptographic embedded software and hardware using common platforms and technologies.