Courses at Khas

The first year of CyberMACS is dedicated to the fundamental courses of the field of cybersecurity at KHAS, including the research methods and language courses to enhance your intercultural awareness and support you to integrate into the academic life, social and cultural community in Türkiye.

Year/Partner Term

Course Name

ECTS
2023/ KHAS Fall Introduction to Data Science Tools (C)*

NC***
Seminar** (C)

1
Research Methods and Scientific Ethics (C)

6,5
Cybersecurity Basics (C)

7,5
Computer Networks and Security (C)

7,5
Operating Systems & System Programming (C)

7,5
Language Courses: Turkish I, German I, and Macedonian I

NC
Year/Partner Term

Course Name

ECTS
2024/ KHAS Spring Cryptography (C)

7,5
System Exploitation and Penetration Testing (C)

7,5
Elective Course (E1)

7,5
Elective Course (E2)

7,5
Language Courses: Turkish II, German II, and Macedonian II

NC

* C : Compulsory
** Seminar : Seminars will be collectively held in Winter School.
*** NC : Non-Credit
Ei : ith Elective Course

List of Elective Courses (E):

Course Name

ECTS
Information Security Management Systems

7,5
Scripting Languages for Cybersecurity

7,5
Cyber Resilience

7,5
Legal Aspects of Cybersecurity

7,5
Cyberwarfare

7,5

Course Descriptions at KHAS

Introduction to Data Science Tools: 

This course aims to familiarise students with Data Science and Big Data fundamentals. Students will be trained in the skills needed to become a data scientist, including Introduction to R (Python) Programming and Advance Features in R (Python). The course introduces students to Visualization (Basic principles, ideas, and tools) and Advanced Visualization in R (Python). Exploratory Data Analysis and the Data Science Process will be presented. Basic tools (Visualization: plots and graphs and summary statistics) of EDA Using R (or Python) will be provided. Statistical Inference and Extracting Meaning from Data (Feature Generation, Feature Selection algorithms – Filters; Wrappers; Decision Trees; Random Forests, Example: Churn Analysis will be taught. Three Basic Machine Learning Algorithms - Linear Regression will be presented. Ethical Issues in Data Science (Privacy, Security, and Ethics) will be introduced. 

Course Outcomes:

  1. Students can describe the skill sets needed to be a data scientist.
  2. Students can use R and/or Python to carry out basic statistical modeling and analysis, such as statistical Inference.
  3. Students can apply basic tools, such as plots, graphs, summary statistics, etc. for exploratory data analysis (EDA).
  4. Students can apply basic machine learning algorithms (Linear Regression, k-Nearest Neighbors (k-NN), k-means, Naive Bayes) for predictive modeling.
  5. Students can create effective visualizations using different packages available in both R and Python.
  6. Students can apply basic SQL commands to extract data from or run queries on a structured database.
  7. Students can understand different types of noSQL and in-memory databases and reasons of usage.

Research Methods and Scientific Ethics: 

This course introduces graduate students to essential topics in social science research, such as epistemology, research design and methodological choices. Students will learn basic concepts such as method, theory, paradigm and research ethics, and approaches such as positivism and post-positivism. Students will be given a comprehensive education on qualitative and quantitative research methods. Students will learn about the stages of research in social sciences. Philosophy and sociology of information, theory, positivist social science, quantitative research methods, post-positivist and critical social science, feminist and post-modern research, qualitative research methods, theory research design and method, literature review, writing strategies, research ethics, and the politics of social research. 

The competence objectives of this course are as follows: 

  1. To understand, define and explain the basic concepts and approaches in social research, 

  2. To gain the ability to use qualitative and quantitative research methods, 

  3. To acquire knowledge of social research processes, 

  4. To gain experience in designing social research.

Course Outcomes:

  1. Based on a critical analysis, students can choose and use appropriate scientific research methods in their research activities.

  2. Students can structure and plan a research project leading to a research proposal.

  3. Students can consider and apply ethical principles in research and publication.

Cyber Security Basics: 

This course will equip students with fundamental knowledge in the cybersecurity field. The course introduces key concepts and definitions, assets, cyber threats & vulnerabilities, and inherent risks. The course will familiarise students with a comprehensive cybersecurity strategy and teach them how to provide cybersecurity awareness (Training and Education) in their organisations. Other topics to be covered: Risk Management, Security Architecture, Security Implementation (Network security, routers, switches, firewalls, intrusion detection and prevention, application security, software development lifecycle, web application firewall, data security), Incident Response (Detection, prevention, response, security events and incidents, legal aspects), Mobile Security, Social Engineering, and Legal and Ethical issues in cybersecurity.

Course Outcomes:

  1. Students learn in projects the fundamental technologies of security.
  2. Students can applying technologies for implementing of security requirements. 
  3. Students can locate typical security flaws and vulnerabilities in distributed applications.
  4. Students can formulate high-level security policies for practical case studies. 
  5. Students can identify risks and appropriate risk-reducing security measures. 
  6. Students can perform a security analysis following accepted standards.

Computer Networks and Security: 

The course covers principles of building secure systems. It explores the principles of up-to-date network systems and focuses on key operational and technical aspects. The course content is as follows: An Overview of Computer Security, Linux/Unix Security Basics, Software Security: Vulnerabilities, Attacks, and Countermeasures, Privileged programs (Set-UID programs) and vulnerabilities, Buffer Overflow Vulnerability and Attack, Race Condition Vulnerability and Attack, Format String vulnerability and Attack, Input Validation, Shellshock Attack, Web Security, Vulnerabilities, Attacks, and Countermeasures, Same Origin Policy, Cross-Site Scripting Attack, Cross-Site Request Forgery Attack, SQL-Injection Attack, Click-Jacking Attack, Web Tracking, Web Proxy and Firewall, Smartphone Security, Access control in Android Operating System, Rooting Android devices, Repackaging attacks, Attacks on Applications, Whole-disk Encryption, Hardware protection and TrustZone.

Course Outcomes:

  1. Students can understand the fundamentals of communication networks, covering the 5-layer architecture, protocols, components like hubs, switches, and routers and functions of networks.
  2. Students obtain comprehensive knowledge of the Application Layer by focusing on web technologies like HTTP, SMTP, DNS, FTP and video streaming.
  3. Students attain an in-depth knowledge of the Transport Layer by examining the basics of UDP and TCP in detail.
  4. Students explore the data and control planes of Network Layer by covering forwarding, routing, IP, SNMP and Netconf/Yang.
  5. Students learn about the Link Layer and LANs, emphasizing error detection and correction, multiple access protocols, ARP and Ethernet.
  6. Students gain insights into wireless and mobile networks by addressing Wi-Fi, 4G & 5G technologies and mobility management.
  7. Students establish a strong foundation in network security by understanding message integrity, digital signatures and network layer security.
  8. Students acquire skills to work in the industry/ continue to academic journey in the field of communication networks.
Operating Systems and System Programming:

Operation System (OS) purposes are resource management and the extended virtual computer, historical development. Processes are critical sections and mutual exclusion, semaphores, monitors, classical problems, deadlock, process scheduling. Input and Output: hardware and software control. Memory management: multi-programming; swapping; virtual memory, paging and symbolic segmentation; File System: operations, implementation, performance. Operating System Security and Protection Mechanisms: protection domains, access lists, capability systems, the principle of minimum privilege, security threats and attacks, encryption, and authentication.

Course Outcomes:

  1. Students can understand the concepts of interrupts, memory hierarchy, cache memory, direct memory Access, multiprocessor and multicore organization.
  2. Students are able to describe the objectives and functions of the operating systems.
  3. Students have a knowledge about the evolution of the operating systems.
  4. Students can know about the developments leading to modern OS.
  5. Students can understand the concepts of virtual machines.
  6. Students are able to write bash scripts to manipulate OS.
Turkish: 

The course aims at helping students improve their skills in written and oral narration by teaching them the features and rules of the language. Course Content: General information about language in general, world languages, the historical evolution of Turkish and its relationship with other languages, phonetical and morphological characteristics of Modern Turkish, applying/practising rules of orthography and punctuation.

Course Outcomes :

  1. Students can understand and use familiar everyday expressions and very basic phrases aimed at the satisfaction of needs of a concrete type,
  2. Students can introduce themselves and others,
  3. Students can ask and answer questions about personal details such as where they live, what they like, where a place is, how much something costs,
  4. Students can interact in a simple way provided the other person talks slowly and clearly and is prepared to help.
  5. Students can write simple sentences and short paragraphs.

German/Macedonian: 

Based on the Common Framework Program for European Languages, it aims to improve students' ability to communicate at the initial level, as well as their reading comprehension, listening comprehension, writing and speaking skills. Course Content: Greeting, introducing yourself and someone else, ordering in a cafe and paying an account, objects, cities and attractions, countries and languages, geographical directions, items, home recipe, daily flow, giving information about life and workplaces, ordinal numbers, prepositions.

German Outcomes:

  1. At the end of this class, students can greet each other
  2. At the end of this class, students can read the alphabet and spell their own name
  3. students can order and pay in a cafe
  4. students can tell objects in the class
  5. students can say singular and plural nouns
  6. students can speak about cities, languages,people
  7. students can say about cardinal points
  8. students can write an E-Mail
  9. students can use Question words, tell the time
  10. students can tell the days and months
  11. students can tell the daily routine
  12. students can use past verb haben
  13. students can say ordinal numbers and dates

Macedonian (Fall) Outcomes:

  1. Students can read and write the Cyrillic alphabet.
  2. Students can give appropriate greetings and introduce themselves and others.
  3. Students can ask and answer questions, give information about address, direction, time, and weather.
  4. Students can understand and use familiar everyday expressions and very basic sentences in different social contexts.
  5. Students can interact simply if the other person speaks slowly and clearly and is willing to help.
  6. Students can write simple sentences and short paragraphs.

Macedonian (Spring) Outcomes:

  1. Students can understand and use everyday expressions and very basic sentences to ask and give directions and to describe people, objects and places in simple terms.
  2. Students can create personal social profiles, prepare job cards and resumes.
  3. Students can make reservations, organize holiday programs and write invitations.
  4. Students can describe their home/city/country, favorite places and cuisine.
  5. Students can express their opinions about different lifestyles in the past, present and future.

Cryptography: 

This course explores cryptography concepts for enhancing the security properties of systems being designed, implemented, and maintained. Common cryptanalysis techniques and tools are covered.

System Exploitation and Penetration Testing: This course explores common vulnerabilities and how an adversary can exploit vulnerabilities to disrupt a system’s integrity. The course covers the common attack techniques that can be used for penetration testing but also can help understand how to avoid common exploits that creep into systems during the design and implementation phases. 

Information Security Management Systems (ISMS): After completing the module, students are able to apply the standards of BSI Basic Protection and ISO 27001 / ISO 27002. They can analyse and evaluate the security level within an organisation concerning these standards and develop measures for optimisation. They can convincingly defend these optimisations against objections. The course content consists of these main topics. 

  1. Introduction and Fundamentals – ISMS and ISO, 

  2. Overview of the standards of the ISO/IEC 27000 family, 

  3. Fundamentals of Information Security Management Systems (ISMS),

  4. ISO/IEC 27001 – Requirements, 

  5. ISO/IEC 27002 – Recommendations and Guidance, 

  6. Related Standards and Frameworks, 

  7. Processes of an ISMS, 

  8. Certification Opportunities with ISO/IEC 27001.

Cyber Warfare: 

This course addresses unique and emerging policies, doctrines, strategies, and operational requirements for conducting cyber warfare at the nation-state level. It provides students with a unified battlespace perspective. It enhances their ability to manage and develop operational systems and concepts, resulting in the integrated, controlled, and effective use of cyber assets in warfare.

Cyber Resilience: The skills that the course will equip the students with the following skills: 

  • Identify the key business assets needed to be protected within an organisation,

  • Compare attacker profiles, motivations, and tactics to know enemies better, 

  • Analyse the risk and prepare your response, 

  • Analyse current strategies, methodologies, and frameworks to protect business assets and promote organisational resilience, 

  • Demonstrate the common cyber security tools and techniques used by organisations to protect their critical assets, 

  • Articulate the basic regulatory, legal, and ethical requirements that frame the work of cybersecurity professionals.

Scripting Languages: 

Perl, PHP, JavaScript, and Visual Basic are often-requested skills for employment, but most of us need more time to find out what they are all about. This course teaches you how to use scripting languages for rapid prototyping, web programming, data processing, and application extension. Besides covering traditional programming language concepts as they apply to scripting (e.g., dynamic typing and scoping), this course looks at new concepts rarely found in conventional languages (e.g., string interpolation, hashes, and polylingual code). Through a series of small projects, you use different languages to achieve programming tasks that highlight the strengths and weaknesses of scripting. As a side effect, you practice teaching yourself new languages.

Legal Aspects of Cybersecurity: 

This course examines legal and policy challenges stemming from rapidly evolving cybersecurity threats. Cyber insecurities affect many types of actors—individuals who suffer data breaches, local governments disabled by ransomware, businesses whose intellectual property is plundered, and states that both undertake and attempt to defend against espionage, election interference, and destructive cyber operations. This course will explore the national and international legal frameworks governing malicious and defensive actions in cyberspace, including cybercrime, cyberespionage, and cyberwar laws. The course will consider legal questions within the context of broader debates about issues such as the roles of governmental and non-governmental actors and the role of law in governing a constantly changing domain where many actors operate in secret. The objective of the course is to contextualise cybersecurity threats and responses to them in a national and international law framework while also recognising the limits of current law, the need for further policy evolution, and the real-world impacts of different legal and policy options. No technical knowledge is required.

Courses at UKIM

Students at UKIM for the 2nd year have two specialisation paths: Web and Cybersecurity and Cryptology. The courses for these two mobility paths are presented below.

Web and Cybersecurity/Fall 2024:
Year/Partner Term

Course Name

ECTS
2024/ UKIM Fall Applied Cryptography (C)

6
Digital Trust and Identity (C)

6
Multimedia and Scalable Web (C)

6
Elective Course (E1)

6
Elective Course (E2)

6
Cryptology/Fall 2024:
Year/Partner Term

Course Name

ECTS
2024/ UKIM Fall Applied Cryptography (C)

6
Digital Trust and Identity (C)

6
Coding Theory and Applications (C)

6
Elective Course (E1)

6
Elective Course (E2)

6
Both Specializations/Spring 2025:
Year/Partner Term

Course Name

ECTS
2025/ UKIM Spring Thesis jointly supervised with KHAS (C)

18
Advanced Information Security (C)

6
Research Project (C)
List of Elective Courses in UKIM

Course Name

ECTS
Mobile and Web Application Security

6
Biometric Systems

6
Application of Machine Learning in Information Security

6
Cryptanalysis

6
Cryptographic Engineering

6
Cryptographic protocols

6
Mathematical Logic for Computer Science

6
Advanced algebraic structures

6
Advanced coding algorithms

6
Applied Information Theory

6
Random processes

6
Change and risk management

6
Practical application of digital forensics

6
* Students can choose one of the elective courses from an expanded list of elective courses

Course Descriptions at UKIM

Applied Cryptography: Course program content: Real cryptographic problems and their application, Internet and communication protocols, Anonymous communication, Privacy saving techniques (in data mining, publishing and processing data), Identity-based cryptography and attributes, Zero Knowledge evidence, Secret sharing and multiparty computation, Electronic voting, Cryptographic aspects of E-Cash and block-chain technology.

Course program goals (competencies): Students' ability to apply more advanced cryptographic techniques in real problems. Studying more advanced cryptographic algorithms and techniques will enable understanding and solving. The security problems in the industry and the daily systems used.

Digital Trust and Identity: Course program content: Digital Identity, Digital Identity Authentication and Authentication Levels, Digital Identity Exchange Protocols, Digital Identity Federations, Trust in Digital Identity Federations, Trusted Services, EIDAS.

Course program goals (competencies): After completing the course, the student is expected to know the mechanisms for identifying users in the digital world and the protocols for exchanging this information between systems. In addition, the student will be familiar with the legal framework related to trusted services.

Multimedia and Scalable Web: Course program content: The use of multimedia content in web products, including standards and technologies. Use of various multimedia technologies and combinations of multimedia technologies. Designing multimedia web, streaming media, advanced multimedia content scripting, multimedia web applications, web availability, mobile multimedia applications, HTML 5 Canvas, JavaScript. SEO Search Engines – SEO, Multimedia web applications for mobile devices such as mobile phones and downs, but also large screens, and TVs. Development of games, design, mobile viewers, and categories of multimedia content. Scalable web design. Safe Web Development (Principles, Error Management, Authentication, Authorization, Record, IO Validation, Sessions Management), (XSS, SQL Injection, CSRF, ClickJacking, DOS, DT, FI, CI).

Course program goals (competencies): After completing the course, candidates are expected to know how to develop contemporary design websites, including structure, architecture, compatibility with different devices, cascading styles, usability, scalability with different number of users, search engine optimisation, etc. Candidates are expected to: Demonstrate an advanced understanding of the importance of good design, interaction and usability of web pages on different platforms and devices. Demonstrate practical knowledge of design and usability and be able to apply knowledge when designing effective multimedia websites. Communicate with the terminology specific to this area. Critically evaluate examples of design and interactivity on websites, including an assessment of their own products. Demonstrate awareness of strategies related to understanding the needs of web multimedia products users.

Coding Theory and Applications: Course program content: Introduction to codes that correct errors and their application. Linear codes. Coding and decoding in linear codes. Hamming codes. Cyclic codes. Codes of Reed Miller and Codes of Reed-Solomon. Codes that detect errors and CRC codes.

Course program goals (competencies): The main purpose of coding theory is to find codes that provide fast and correct transmission through the channel with noise. Different codes are optimal in different applications. The course aims to know the basic codes that reveal and fix errors and their practical application.

Advanced Information Security: Course program content: Information security concepts: integrity, confidentiality, secrecy, privacy, anonymity, Advanced methods for authentication and authorisation, Types of access controls, Advanced security models, Advanced Methods for Detection of Attacks, Realistic authentication protocols, Analysis of protocol security, Software security, Malicious software, Advanced Operating System Safety Methods, Types of tape techniques, Information security management.

Course program goals (competencies): Learning Advanced Methods for Authentication and Authorization, Safety Models for Access Control, Protocols and software for computer configurations.

Mobile and Web Application Security: Course program content: Modeling web security, modelling the security of mobile applications, the configuration of HTTP security, Detection of unauthorised content modification, Protecting the interaction between application and databases, Session Authentication Management, performing an entrance validation, protecting web services, Scan the weakness of applications, Model of Safety in Mobile Operating Systems.

Course program goals (competencies): The subject will introduce students to possible threats and attacks on web and mobile applications and detecting them. It will give a detailed review of approaches to achieving greater security in mobile and web applications, using: web server security, using the security of mobile operating systems, implementation of application protection mechanisms, promoting AJAX security, Web service protection. Upon completion of the course, the student is expected to be able to: configure web server protection, designing a security solution for mobile applications, and implement appropriate techniques for protecting mobile and web applications. Students will be able to analyze and determine the weaknesses of existing mobile and web applications, as well as to propose solutions to overcome them.

Biometric Systems: Course program content: Introduction and basic concepts in biometric systems. History of biometric systems. Requirements and properties of biometric systems. Processing images and extracting visual features. Classification techniques. Recognizing fingerprints. Venous recognition. Recognition of persons. Recognition of 3D persons. Iris recognition. Multi-modal biometric systems. Evaluation schemes for biometric systems, performance testing and safety aspects. E-Pass. Privacy of data in biometric systems.

Course program goals (competencies): The course aims to get acquainted with the basic principles used in biometric algorithms and systems. After completing the course, candidates will have deepened knowledge of advanced technologies and methods in biometric systems; You will be able to choose an appropriate algorithm and system for a given application context; will understand the complex relationships between biometric systems and environmental conditions (brightness, variations in the placement of objects of interest, etc.); You will have an understanding of the principles of privacy and their impact on the design and configuration of biometric systems.

Application of Machine Learning in Information Security: Course program content: Analysis of methods from machine learning and application of a suitable method for solving problems related to information security. Analysis of the results obtained with machine learning methods and finding solutions to improve them by using various features of the methods and algorithms.

Course program goals (competencies): The aim of the course is to apply machine learning through examples from the field of information security and to illustrate the use of different learning techniques in clear scenarios.

Cryptanalysis: Course program content: Types of brute force attacks, statistical attacks, differential and linear cryptanalysis, representations of cryptosystems as Boolean functions and tests of linearity properties, special types of attacks for special crypto primitives (hash functions, block ciphers, public key, protocols). Application of ML, DL, NLP in cryptanalysis.

Course program goals (competencies): Study of cryptanalysis tools and their application.

Cryptographic Engineering: Course program content: Introduction to secure implementation of cryptographic software. Implementation of modular arithmetic and arithmetic of finite fields. Implementation aspects for symmetric crypto primitives (AES, SHA). Implementation aspects for public key cryptographic primitives (RSA, ECC). Implementation aspects for lightweight cryptography. Secure implementation of cryptographic primitives. Side-channel attacks and countermeasures. Cryptographic software packages

Course program goals (competencies): After completing the course, the student is expected to know how to program a secure crypto-primitive. Will have knowledge of implementing crypto-primitives on different platforms. Through examples, the student will understand how side-channel cryptanalysis works on different cryptographic implementations and what countermeasures should be taken.

Cryptographic protocols: Course program content: Safety assumptions. Proving protocols' security. Key exchange protocols. Binding schemes. Challenge-Answer Protocols for Identification. Zero-Knowledge Identification Protocols. Tools for formal verification of protocols. Real-World protocols

Course program goals (competencies): Acquiring the basic knowledge of cryptographic protocols, their design and analysis.

Mathematical Logic for Computer Science: Course program content: Propositional logic: Boolean operations and interpretations, formulas, logical equivalence and substitutes, semantic charts, deductive evidence, resolutions, Gencenov and Hilbertov system. Predicate logic: relationships, predicate formulas, interpretations, logical equivalents and substitutes, semantic charts, deductive forms, functions, and terms. Resolution and logical programming: basic resolution, replacement, unification, general resolution, logical programming. Temporal logic.

Course program goals (competencies): Understanding the notions and properties of propositional and predicate logic and their application in computer science.

Advanced algebraic structures: Course program content: Study of the structures and properties of Grupoids: half -groups, groups and quasigroup. Multi-operations algebra: rings, fields, Boolean algebra. Relational algebra. Special reference to the finite algebraic structures of the previous species, which are important for the application.

Course program goals (competencies): Introduction of algebraic structures that will be used in other subjects from studies.

Advanced coding algorithms: Course program content: Iterative decoding methods: Turbo codes. Decoding with probabilities (Posteriori Probability (App) Decoding). Statistical Analysis Methods (Monte-Caro Simulations and Exit-Chart Analysis). LDPC Codes (Low-Density Single Parity Check). Representing LDPC codes with matrix and graphs. Construction of the code. Iterative decoding with Message Passing. Statistical and Graph-based Analysis Methods (Density Evolution, Stopping Sets). Algebraic decoding methods: Syndrome decoding. Reed-solomone codes. Decoding with Peterson-Gorenstein-Zierler and Forne algortes. IRS codes (Interleaved Reed-Solomon). Interpolation-based techniques. Interpretation of the decoding problem as a problem of polynomial interpolation. Sudan's algorithm. Decoding with a list. Quasigroup-based detection and correction codes.

Course program goals (competencies): The aim of the course is to deepen the knowledge in coding theory and to study advanced and new aspects in codes for correcting and detecting errors. Iterative and algebraic decoding methods will be considered. The course foresees the development of papers with new results from coding theory.

Applied Information Theory: Course program content: Communication system. Entropy. Information. Data compression: loss coding. Asymptotic Equipartition Property (AEP) for independent random variables. Shannon's theorem for source signal coding. Loss-free coding. Symbolic codes. The problem of only decoding. Instant codes. Kraftovo inequality. The theorem of silent coding. Construction of optimal codes. Communication through a noise channel (communication channel. Communication channel models. Discrete channel without memory. Discrete channel capacity without memory). Sources of information: Markov's chains. Source of information. Regular Markov source. The entropy of the source. Source order. Approximation of a general source of information with a final order source. Earnest source. Shannon theorem - McMillan (Asymptotic Equipartition Property (AEP)). Discrete channel with memory: Model models with memory. Channel with a finally set of states. The capacity of the general discreet channel. The coding theorem for a regular channel with a finally set of conditions. Continuous channels: entropy of continuous random variables. The entropy of Gaussian random variable. Types of non-jet channels. Gaussian channel (time discreet). AEP for continuous random variables. Coding theorem for Gaussian Channel.

Course program goals (competencies): Studying the advanced aspects of a mathematical model of a communication system.

Random processes: Course program content: Random processes: definition, features, classification, transformations. Razing processing processes. Processes with independent stationary growths; Marks processes with a discreet and continuous set of conditions: birth and die processes; Markov's chains, Markov's nested chains. Special random processes: accidental wandering, POSONOV, Vinerov process. Branching processes. Recovery processes. Advanced queues waiting.

Course program goals (competencies): Random processes are a mathematical model that models many processes in computer science. The purpose of this course is to introduce in the theory of random processes, studying the characteristics of special accidental processes, so they can be used to model real processes.

Change and risk management: Course program content: Basic risk management concepts; the importance of risk management for business success; risk types; risk analysis; Systems, models and frameworks when managing information security risks; Objectives of risk management; risk identification; risk management strategies; Management of changes in software projects, risk assessment, organisational changes in IT environment, IT process improvement, open software change and consumer software, project research by: IT security, cloud calculation, agile methods, projects with exceeding budget and high delays, Euladin projects and new technologies.

Course program goals (competencies): The course highlights the need for good risk management and changes. By successfully completing the course, the student will be able to independently identify problems related to risk management and their application in information security and changes in software projects and to apply different ways and techniques to solve these problems.

Practical application of digital forensics: Course program content: Analysis of methods, techniques and tools for digital forensics and their practical application to solve problems related to digital forensics.

Course program goals (competencies): The course highlights the need to study elements of digital forensics and its practical application. The aim is to study the stages of digital forensics and apply them practically using appropriate tools and methods.

Research project: The students, together with the supervisor, define a project that will be related to the Master's thesis research. The project allows students to get acquainted with current research in preparation for the Master's topic. Specific problem statements are derived from recent research activities. All rules for ensuring fair scientific work in their current version are applicable. The competence goals of this course are: 

Professional Competence: Students can apply their previously acquired knowledge and skills in projects in the focus subject. 

Methodological Competence: Students can apply scientific methods learned during their studies in the focus subject. 

Personal Competence: Through project work, students will develop the habit of responsibility and motivation to solve a problem. They can create different perspectives on a problem and find optimised solutions. 

Social competence: Students will improve their intercultural experience by working in international teams and projects, and they can develop solution strategies in groups.

Thesis jointly supervised with KHAS: Students will be able to conduct research on their Master topic independently. The ability to do research and to formulate it scientifically is tested in the Master thesis. The contents of this competence field are defined with respect to the selected topic of the Master thesis. The competence goals of this course are:

Professional competence: Students can follow the state of the art in knowledge and technology in their respective research fields. 

Methodological competence: Students can apply appropriate scientific methods to tackle research questions. 

Personal competence: Students can manage their Research project, including the outline of the Research project and staying within the timeline. 

Social competence: The students can defend their Master's thesis and discuss it with scientific language.

Courses at SRH

For CyberMACS students, SRH offers two specialisation tracks: Cybersecurity Management and Cybersecurity Technologies. For students who prefer long-term practical training instead of regular courses, a third specialisation focusing on practical skills in cybersecurity is possible. The following infrastructures are offered for advanced research of CyberMACS students: Lab. for Cybersecurity, Lab. for Big Data and Artificial Intelligence, Lab. for Industrial Automation and Lab. for Renewable Energy and Industry 4.0.

Advanced Technologies in Cybersecurity /Fall 2024:
Year/Partner Term

Course Name

ECTS
2024/ SRH Fall Cybersecurity Management Project (C)

5
Open-Source Intelligence OSINT (C)

5
Security Technologies (C)

5
Cloud Solutions (C)

5
Elective Course (E1)

5
Elective Course (E2)

5
Cybersecurity Management /Fall 2024:
Year/Partner Term

Course Name

ECTS
2024/ SRH Fall Cybersecurity Management Project (C)

5
IT Security Management & DevOps (C)

5
IT Revision and Audit (C)

5
Elective Course (E1)

5
Elective Course (E2)

5
Elective Course (E3)

5
Long-Term Practical Training/Fall 2024:
Year/Partner Term

Course Name

ECTS
2024/ SRH Fall SRH will connect students with industrial partners for long-term practical work. In this case, a representative from the industry might be involved in students’ thesis defence examination. This might be confidential should the industrial partner requests so. Professors in SRH have part-time Professor positions in SRH University and hold management and research positions in big companies (Price Waterhouse Coopers, Ernst & Young, Siemens, etc.). This ensures good cooperation with different companies for long-term practical training and technology transfer, internship and master thesis work, and job opportunities for students.

30
Both Specializations/Spring 2025:
Year/Partner Term

Course Name

ECTS
2025/ SRH Spring Thesis jointly supervised with KHAS (C)

20
Master Project (C)

5
Thesis Project (C)

5
List of Elective Courses in SRH

Course Name

ECTS
Advanced Data Technologies

5
Machine Learning

5
Artificial Intelligence

5
Big Data and Business Intelligence

5
Advanced Security Technologies

5
 

Course Descriptions at SRH

Security Technologies: Students learn in projects the fundamental technologies of security. The level of mastery is tested in the project presentation.

The course content consists of these main topics:

  1. Introduction to Information Security 

  2. The Need for Security

  3. Legal, Ethical, and Professional Issues in Information Security,

  4. Planning for Security, 

  5. Risk Management,

  6. Security Technology: Access Controls, Firewalls, and VPNs,

  7. Security Technology: Intrusion Detection and Prevention Systems, and other security tools, 

  8. Cryptography,

  9. Physical Security,

  10. Implementing Information Security, 

  11. Security and Personnel, 

  12. Information Security Maintenance.

The competence goals of this course are: 

Personal competence: Assessing own competence.

Social competence: Work in new aspects of computer science, work out and present solutions in teams and understanding Social Engineering.

Cloud Solutions: Technology refers to the ability to use distributed hardware and software resources provided by a provider on the Internet on demand and to pay for them based on usage. This course introduces concepts (e.g., "Everything-as-a-Service", virtualisation) of cloud computing and some cloud architectures, cloud offerings, programming models, software tools and applications developed in recent years. Economic considerations, as well as opportunities and risks of cloud computing, will be explained. One focus of the course is on practical testing of the concepts taught in the form of programming exercises in an IoT background.

The course content consists of these main topics:

  1. Cloud Computing Basics,

  2. Framework and Terminology, 

  3. Case Studies,

  4. Cloud Solution Architect,

  5. Amazon AWS, Google 

  6. Essential Cloud Infrastructure: Google, Amazon, Microsoft, 

  7. Docker Technologies 

  8. Compartmentalising web applications, 

  9. Cloud Monitoring and SysOps, 

  10. Monitoring EBS, RDS, ELB, EC2, Elasticcache,

  11. High-availability, Deployment & provisioning Opsworks,

  12. Data management Security, networking with Route53, VPC, 

  13. Serverless.

The competence goals of this course are:

Professional competence: Students will be able to independently solve technical programming tasks and problems in a cloud as well as meet the changing technical demands of the profession. 

Methodological competence: Students are able to handle the processing of professional requirements, tasks and activities and proceed in work in a targeted, structured and effective manner. 

Personal competence: The students are well trained in oral communication skills in the exercises by practising free speech in front of an audience and during discussion. They are able to assess their strengths and weaknesses by means of exercises and to organise and optimise their time and learning management. 

Social competence: Students will be able to communicate and justify their own approaches to solutions within the group structure but also be enthusiastic about the solution in the group and work on it profitably.

Open-Source Intelligence: This module looks at how we can store, manipulate, and analyse big data. We define big data essentially as data that is nonatomic and is not well suited to tabular storage and manipulation.

It is important to ensure that the students can understand why these two broad classes of data really are different and why they warrant such different treatment. The course content consists of these main topics:

  1. This Advanced OSINT Lab consists of several exercises that start with setting up a working environment and teach how to work efficiently in it., Afterwards, freely available tools are presented, and the use of these tools is trained. This is followed by the presentation of the most common commercial tools, which are worked out step by step in the individual exercises. Finally, it is shown how all these tools can be used to aggregate search results from many individual data.

  2. Linux Fundamentals for OSINT: Linux Shell Fundamentals, – Linux File System Hierarchy Fundamentals, – Linux Pipe Fundamentals. OSINT Basics; – Advanced Google Search, – Linux Networking Tools, – Linux Forensics Tools. OSINT Commercial Tools; – Hacking-Lab Environment Preparation, – PassiveTotal, – Censys, – Shodan, – Maltego.

The competence goals of this course are:

Professional competence: The students have a comprehensive overview of the topic of Open-Source Intelligence. It allows them to work independently with the newly taught tools, collect data from freely available sources, and aggregate it into investigation results. They are well prepared for the requirements of the profession and can use acquired knowledge profitably. 

Methodological competence: Students are able to recognise and name possible solutions based on given tasks. They are able to work out suitable solutions and apply the professional knowledge they have acquired. Students are able to solve complex problems and transfer them to other situations. Students apply networked and abstract thinking and analyse their solution approach before and after solving the problem. 

Personal competence: Students are able to coordinate their working methods and time management in a concrete and complex project environment and act in a self-reliant and independent way. 

Social competence: Students are able to work on complex tasks in a self-reflective way and discuss solutions constructively in the group, and defend them in a diplomatic manner.

Cybersecurity Management Project: Students will be able to independently manage a cybersecurity project and gain expertise in the terminology. Information Security terminology: Security targets, threats, vulnerabilities, risks, security controls, management systems, Introduction in the Information Security Management Systems (ISMS) based on the standards family ISO 27000, Identification, assessment and treatment of typical risks in information systems, Typical security measures in distributed information systems, in particular in web-based systems Special fields of interest, e.g., malware control, firewalls systems hardening, encryption technologies, cyberwar, cybersecurity, auditing and reviewing information security, business continuity management, Darknet, network security etc., Passwords & biometrics, Introduction to cryptography, Sessions, SSL/TLS, Certificates, electronic signatures, public key infrastructures, Side-channel analysis, Access control, Privacy.

IT Security Management & DevOps: The aim of the module is to equip the students with the analytical skills and knowledge to assess security in large systems and organisations and to incorporate appropriate levels of security in the various steps of a system's lifecycle.

The course content consists of these main topics: 

  1. Introduction to the Management of Information Security, 

  2. Compliance: Law and Ethics, 

  3. Governance and Strategic Planning for Security, 

  4. Information Security Policy, 

  5. Developing the Security Program, 

  6. Risk Management: Assessing Risk

  7. Risk Management: Treating Risk, 

  8. Security Management Models, 

  9. Security Management Practices, 

  10. Planning for Contingencies, 

  11. Security Maintenance, 

  12. Protection Mechanisms, 

  13. Devsope.

The competence goals of this course are: 

Professional competence: Identify and discuss the benefits of embedding security throughout an organisation; Understand how to relate and adapt information systems in general and security solutions in particular to specific business processes and requirements to meet overall goals.

Methodological competence: Methods of IT Operations and Software Development (holistic).

Personal competence: Be able to communicate clearly and unambiguously about security problems to other people in an organisation; Be able to identify assets and threats and assess risks; Assess own competence. 

Social competence: Students are able to discuss several fundamental IT Security Management problems in the group to bring about an agreement process and to share responsibility for this. 

IT-Revision und Audit: In an interactive seminar, the students learn the principles of IT revision and audit and have to show their level of mastery in a portfolio exam consisting of different tasks. The course content consists of these main topics:

  1. Auditing and Internal Control,

  2. Auditing IT Governance Controls,

  3. Security Part I: Auditing Operating Systems and Networks, 

  4. Security Part II: Auditing Database Systems,

  5. Systems Development and Program Change Activities,

  6. Transaction Processing and Financial Reporting Systems Overview, 

  7. Computer-Assisted Audit Tools and Techniques,

  8. Data Structures and CAATTs for Data Extraction, 

  9. Auditing the Revenue Cycle,

  10. Auditing the Expenditure Cycle,

  11. Enterprise Resource Planning Systems,

  12. Business Ethics, Fraud, and Fraud Detection

The competence goals of this course are:

Professional competence: Students will be able to describe all steps of an information security auditing process for IT systems / IACS / processes. The students know all the essential steps/phases of the auditing process and can apply auditing processes to IT systems and processes. The students know the essential requirements for an auditing process of the relevant standards. Students will be able to perform audits for an object of investigation (IT system, part of an IT system, process). 

Methodological competence: Students can select the correct type and appropriate procedure of an audit for an object of investigation (IT system, part of an IT system, process) and evaluate the criticality of identified deficiencies. Students will be able to assess whether certain measures are suitable to remedy or alleviate identified deficiencies / weaknesses / findings. 

Personal competence: Through the exercises that take place, students are encouraged to work out issues independently and present them in a comprehensible manner. 

Social competence: Students perform audits on case studies as a team in changing roles. Through this collaboration, the knowledge and skills of other students are experienced as helpful and beneficial.

Long-Term Practical Training: This course is one of the areas of specialisation that can be selected in the first semester of the 2nd year. SRH will connect students with industrial partners for long-term practical work. In this case, a representative from the industry might be involved in students’ thesis defence examination. This might be confidential should the industrial partner request so. Professors in SRH have part-time Professor positions in SRH University and hold management and research positions in big companies (Price Waterhouse Coopers, Ernst & Young, Siemens, etc.). This ensures good cooperation with different companies for long-term practical training and technology transfer, internship and master thesis work, and job opportunities for students.

Advanced Data Technologies: With the interplay of lectures and exercises, the students develop the knowledge of state-of-the-art methods of Artificial Intelligence for problem-solving. The level of mastery is tested with a written exam.

The course content consists of these main topics:

  1. Exploring Data, Regression, 

  2. Linear Regression Multiple Regression, 

  3. Non-linear Regression Assessing Model Accuracy, 

  4. Classification, Logistic Regression, 

  5. K-Nearest Neighbors Naive Bayes, 

  6. Decision Trees,

  7. Random Forests, 

  8. Unsupervised Learning K-Means Clustering Hierarchical Clustering, Using R.

The competence goals of this course are: 

Professional competence: Students know methods for data exploration like regression, classification and unsupervised learning as the methodological basis for Artificial Intelligence. 

Methodological competence: Students are able to explore data by applying common methods like regression, classification, or unsupervised learning. They develop problem-oriented as well as abstract and joined-up thinking. They are able to apply the methods in practice. Personal competence: plan, organise and prioritise their work efficiently and effectively; critically reflect on their work and results; communicate their ideas in class; held group meetings and demonstrate their results. 

Social competence: effectively work in teams; take on team responsibilities; receive and discuss constructive feedback; analyze and transform requirements into feasible tasks.

Machine Learning: Machine learning is a field of scientific study concerned with algorithmic techniques that enable machines to learn performance on a given task via the discovery of patterns or regularities in exemplary data. Consequently, its methods commonly draw upon a statistical basis in conjunction with the computational capabilities of modern computing hardware. This course aims to acquaint the student with the main branches of machine learning and provide a thorough introduction to the most widely used approaches and methods in this field.

The course content consists of these main topics: 

  1. Introduction to Machine Learning,

  2. Supervised and Unsupervised learning,

  3. Clustering, 

  4. Linear Regression with One Variable,

  5. Linear Algebra Review,

  6. Linear Regression with Multiple Variables, 

  7. Logistic Regression,

  8. Regularisation, 

  9. Predictive and Classification Algorithms, 

  10. SVM, k-NN, Decision trees, Random Forests, 

  11. Convolution, 

  12. Neural Networks, CNNs, 

  13. Applying Machine Learning: Natural Language Processing.

The competence goals of this course are:

Professional competence: On successful completion, students will be able to learn different machine learning model classes; comprehend the difference between supervised, unsupervised, and reinforcement learning methods; understand common machine learning models; analyse trade-offs in the application of different models; appropriately choose machine learning models according to a given task. 

Methodological competence: The students understand the statistical foundations of generalisation, i.e., the induction of models from data, as well as practical tools for model validation. They are able to apply basic methods of supervised learning to problems of classification and regression. The students have an overview of methods for multi-class classification, the learning of nonlinear models, and extensions of the simple setting of supervised learning. They understand algorithmic concepts of corresponding methods and are able to apply them to real problems.

Personal competence: Students will be able to communicate and justify their approaches to solutions within the group structure but also be enthusiastic about the solution in the group and work on it profitably. 

Social competence: Students work in teams, present their results and reflect their results in the group.

Artificial Intelligence: With the interplay of lectures and exercises, students develop the ability to apply methods of Artificial Intelligence to different use cases. The level of mastery is tested with the written exam.

The course content consists of these main topics:

  1. Support Vector Machines, ROC Curves,

  2. Neural Networks, Deep Learning Projects Using R or similar language,

The competence goals of this course are:

Professional competence: Students know typical methods of Artificial Intelligence like Neural Networks, Deep Learning, ROC curves and how to implement these methods in a programming language like R or Python. 

Methodological competence: Students are able to analyse problems of industrial automation and digital systems by using methods of Artificial Intelligence. They develop problem-oriented as well as abstract and joined-up thinking. They are able to apply the methods in practice. 

Personal competence: Students are able to plan, organise and prioritise their work efficiently and effectively; critically reflect on their work and results; communicate their ideas in class; held group meetings; and present their results. 

Social competence: Students are able to effectively work in teams; take on responsibilities in teams; receive and discuss constructive feedback; analyse and transform requirements into feasible tasks.

Big Data and Business Intelligence: This module looks at how we can store, manipulate, and analyse big data. We define big data essentially as data that is non-atomic and is not well suited to tabular storage and manipulation. It is important to ensure that the students can understand why these two broad classes of data really are different and why they warrant such different treatment. The course content consists of these main topics: 

  1. Introduction to Big Data,

  2. Big Data Modelling and Management Systems, 

  3. Big Data Integration and Processing, -Machine Learning with Big Data,

  4. Graph Analytics with Big Data, 

  5. Big Data Project.

The competence goals of this course are: 

Professional competence: Describe the purpose and uses of Business Intelligence & Big Data in the business world today; identify the terminology used in Big Data and quantitative analysis programs in general. 

Methodological competence: Build a dataset based on gathering data from multiple sources and merging those databases into a single unified set; clean a database through automated methods like winsorizing and evaluation of univariate metrics to determine the accuracy of inputs; identify key risk issues involved in Big Data and the role that information governance plays. 

Personal competence: Be able to communicate clearly and unambiguously about Big Data and Business Intelligence problems to other people in an organisation; be able to identify assets and threats and assess risks; assess own competence.

Advanced Security Technologies: Students learn in projects the fundamental technologies of security. The level of mastery is tested in the project presentation. The course content consists of these main topics:

  1. Introduction to Information Security,

  2. The Need for Security, 

  3. Legal, Ethical, and Professional Issues in Information Security,

  4. Planning for Security, 

  5. Risk Management, 

  6. Security Technology: Access Controls, Firewalls, and VPNs,

  7. Security Technology: Intrusion Detection and Prevention Systems, and other security tools, 

  8. Cryptography, 

  9. Physical Security, 

  10. Implementing Information Security, 

  11. Security and Personnel, 

  12. Information Security Maintenance.

The competence goals of this course are:

Professional competence: On completing the module successfully, the students will be able to locate typical security flaws and vulnerabilities in distributed applications; formulate high-level security policies for practical case studies; identify risks and appropriate risk-reducing security measures. 

Methodological competence: Perform a security analysis following accepted standards; identify, document, and reason appropriate security controls. 

Personal competence: Assessing own competence. 

Social competence: Work in new aspects of computer science; work out and present solutions in teams; understand Social Engineering.

Thesis / Projects

Thesis jointly supervised with KHAS/Master Thesis and Defence: Students will be able to conduct research on their Master topic independently. The ability to do research and to formulate it in a scientific way is tested in the Master thesis. The contents of this competence field are defined with respect to the selected topic of the Master thesis. The competence goals of this course are:

Professional competence: Students are able to follow the state of the art in knowledge and technology in their respective research fields. 

Methodological competence: Students are able to apply appropriate scientific methods to tackle research questions. 

Personal competence: Students are able to manage their Master project including following the outline of the Master project and staying within the timeline. 

Social competence: The students are able to defend their Master thesis and to discuss it with scientific language.

Master Project: This course serves to deepen students’ ability to practically implement previously acquired knowledge and skills in the field of security management as well as offers an opportunity for networking within a company or research institution. Students can add to their personal profiles via acquired in-depth knowledge of key corporate functions. The project phase allows students to get acquainted with current research and industry topics in preparation for the Master's topic. Specific problem statements are derived from current research activities in the industry partners' subject area or practical requirements. All rules for ensuring fair scientific work in their current version are applicable. The competence goals of this course are:

Professional competence: Students are able to apply their previously acquired knowledge and skills in projects in the focus subject. 

Methodological competence: Students are able to apply scientific methods learned during the studies in the focus subject. 

Time and Project Management 

Personal competence: Through project work, students will develop the habit of responsibility and motivation to solve a problem. They have the ability to create different perspectives on a problem and to find optimised solutions. 

Social competence: Students enhance their communication abilities by working in companies or projects. They also improve their intercultural experience by working in international teams and projects, and they can develop solution strategies in groups.

Research Project: This course serves to deepen students’ ability to practically implement previously acquired knowledge and skills as well as offers an opportunity for networking within a company or research institution. Students can add to their personal profiles via acquired in-depth knowledge of key corporate functions. The student defines a project with the internship company or research institution and agrees with the supervising faculty member. The approach to this project is discussed with the university supervisor and agreed to by the company or research institution. At the end of the practice phase, the student reflects on their experiences in practice and how they relate to the theories and models that were covered during their studies.

The competence goals of this course are: 

Professional competence: Students are able to apply their previously acquired knowledge and skills in projects in the focus subject. 

Methodological competence: Students are able to apply scientific methods learned during the studies in the focus subject. 

Personal competence: Through project work, students will develop the habit of responsibility and motivation to solve a problem. They have the ability to create different perspectives on a problem and to find optimised solutions. 

Social competence: Students enhance their communication abilities by working in companies or projects. They also improve their intercultural experience by working in international teams and projects.