Enter your keyword

Course

M.Sc Information and Cyber Security

information and cyber security masters program

Course Overview

M.Sc Information and Cyber security courses are prevalent through degree programs in information technology, cyber security, and information security at the associate’s, bachelor’s and master’s levels, as well as at the certificate level. Through these different programs, students learn how to identify security issues and protect information as well as track down those who steal that data. Because cyber security is necessary for homeland security and so many other fields, there are several types of programs available that vary in scope and focus.

Course Objectives

  •  To provide an understanding of principal concepts, major issues, technologies and basic approaches in information and cyber security.2. Develop an understanding of information assurance as practiced in computer operating systems, distributed systems, networks and representative applications.
  •  Gain familiarity with prevalent network and distributed system attacks, defenses against them and forensics to investigate the aftermath.
  •  Develop a basic understanding of cryptography, how it has evolved and some key encryption techniques used today.
  •  Develop an understanding of security policies (such as authentication, integrity andconfidentiality), as well as protocols to implement such policies in the form of messageexchanges.

Admission Requirements

Any applicant who meets the minimum entry requirements for admission into the University may be granted admission, the requirements are :

  • An A’ Level Certificate (a Degree, HND or PGD) with 2:2, Lower credit, or Pass respectively and above.
  • Transcript of the A’Level result.
  • Copy of International Passport data page.
  • A copy of CV.

REGISTTRATION PRPOCESS

To register for any of the available courses take the following steps

  • Click on courses on the menu bar or apply now button to pick a course
  • After selecting the course, click apply now to add to cart
  • View the cart to fill the application form
  • Submit the form to go to the payment page
  • Complete the payment form and select method of payment and submit.
  • You will receive an email letting you know of your registration and your application status
  • You will be contacted by one of our admission team member to guide you on the admission.
  • After making the payment of application fee admission letter will be sent to your email with fee structure.
  • You will need to make payment of at least 70% of the tuition and acceptance fee for you to be granted access to the course applied for.
  • After making the payment an email will be sent to your email with access link to your registered course.
  • You study online and can come to school every semester for exams.

FEE STRUCTURE

Tuition per Session

Tuition Fee = 480,000

Application = 10,ooo

Acceptance = 20,000

Course kit =20,000

Administrative Charges = 60,000

Project supervision = 20,000

Convocation = 40,000

Total = ₦650,000

CURRICULUM

Section 1: cryptography
Introduction
30M Lecture
Cryptology consists of two branches:
Cryptography is the area of constructing cryptographic systems.
Cryptanalysis is the area of breaking cryptographic systems.
Cryptography is a field of computer science and mathematics that focusses on techniques for secure
communication between two parties (Alice & Bob) while a third-party (Eve1 or Mallory2 ) is present (see Figure
This is based on methods like encryption, decryption, signing, generating of pseudo random numbers,
etc.Confidentiality Defines a set of rules that limits access or adds restriction on certain information. Data
Integrity Takes care of the consistency and accuracy of data during its entire life-cycle.
Authentication Confirms the truth of an attribute of a datum that is claimed to be true by some entity.
Non-Repudiation Ensures the inability of an author of a statement resp. a piece of information to deny it.
Nowadays there are in general two different schemes: On the one hand, there are symmetric schemes, where
both, Alice and Bob, need to have the same key in order to encrypt their communication. For this, they have
to securely exchange the key initially. On the other hand, since Diffie and Hellman’s key exchange idea from
1976 (see also Example 1.1 (3) and Chapter 8) there also exists the concept of asymmetric schemes where
Alice and Bob both have a private and a public key. The public key can be shared with anyone, so Bob can use
it to encrypt a message for Alice. But only Alice, with the corresponding private key, can decrypt the encrypted
message from Bob.
In this lecture we will discover several well-known cryptographic structures like RSA (RivestShamir-Adleman
cryptosystem), DES (Data Encryption Standard), AES (Advanced Encryption Standard), ECC (Elliptic Curve
Cryptography), and many more. All these structures have two main aspects:
1. There is the security of the structure itself, based on mathematics. There is a standardization process for cryptosystems based on theoretical research in mathematics and complexity theory. Here our focus will lay in this lecture.
2. Then we have the implementation of the structures in devices, e.g. SSL, TLS in your web browser or GPG for signed resp. encrypted emails. These implementations should not diverge from the theoretical
standards, but must still be very fast and convenient for the user.
Basic Concepts
30M Lecture
We define basic notations and formal definitions for the main structures we are working on in the following.
2.1 Quick & Dirty Introduction to Complexity Theory
Definition 2.1. An algorithm1
is called deterministic if the output only depends on the input.
Otherwise we call it probabilistic or randomized. □
Definition 2.2. Let f , g : N → R be two functions. We denote f (n)= O (g(n)) for n → ∞ iff there is a
constant M ∈ R>0 and an N ∈ N such that |f (n)| ≤ M|g(n)| for all n ≥ N. In general O (g) denotes the set
O (g)= {h : N → R | ∃Mh ∈ R>0∃N ∈ N : |h(n)| ≤ Mh|g(n)|∀n ≥ N}.
We are always interested in the growth rate of the function for n → ∞, so usually we write f = O (g)
(equivalend to f ∈ O (g)) as a shorthand notation. □
Example 2.3. Let f , g : N → R be two functions
Modes of Ciphers
30M Lecture
For ciphers we have, in general, four different categories:

 

  1. symmetric and asymmetric ciphers (see Definition 2.20), and
  2. stream and block ciphers.
    In the following we often assume binary representation of symbols, i.e. we are working with bits in Z/2Z. All of what we are doing can be easily generalized to other representations and other alphabets.
  3. Block Ciphers
  4. Definition 3.1. Let Σ be an alphabet. A block cipher is a cipher acting on P = C =Σn for a given block size n ∈ N. Block ciphers with block size n = 1 are called substitution ciphers. □ Lemma 3.2. The encryption functions of block ciphers are the permutations on Σn.
  1. A permutation cipher is a block cipher that works on P = C =Σn n for some n ∈ N and uses K ′ = K = Sn. In this way |K ′| = n! which is much smaller than |S (Σ )|. Let π ∈ K :

Section 2: economics of cybersecurity
The development of NCSSs has been a growing area of interest over the last few years in most developed
countries as the issue has gained prominence on the policy-maker’s agenda. Addressing the cyber issue has
been a long process for states which consider it their responsibility to lead the way in delivering cyber security.
As a global policy involving many stakeholders, the economic aspects are key to understanding the motivation
of state actors. Cybercrime has been described as the ‘largest transfer of wealth in human history’.1 Such an
assertion has the capacity to generate concern among all policy-makers, especially when early estimates of
losses were evaluated at $1 trillion every year, roughly 1.4% of the World’s GDP. One of the main objectives
pursued when securing cyberspace is one nation’s ability to sustain and increase its economic activity through
the use of information and communication technologies (ICT)2 such as ecommerce, finance, and e-government. It is considered of the utmost importance that these activities are protected, and that they are perceived as a common universal goal for all stakeholders in order to achieve the prosperity of societies.34 Prosperity is a recurrent theme mentioned in NCSSs worldwide. A policy that is well-balanced, ensuring the continuity of critical infrastructure, resiliency and a stability of the economy while taking into account factors that might lead to an increased competitiveness of its industry, is both key and difficult to achieve.In order to achieve these goals, most NCSSs focus on a comprehensive approach to the measures that should be implemented in order to respond to threats in cyberspace. 6 The cyber society is considered as a whole, with all types of stakeholders and states providing the instruments that will enable them to carry out their activities without disruption, and also provide a normative environment in order to share the burden of cyber security.States are mandated to provide safeguards in cyberspace in terms of national security, whilst the infrastructure is, for the most part, privately owned. This is where principles of economics surface and start to play a role in policymaking.
The NATO Cooperative Cyber Defence Centre of Excellence (NATO CCD COE), in its 2014 Programme of
Work, launched a project that aimed to address the economic aspects of national cyber security strategies
(NCSSs). The project’s aim was to conduct a study and in order to build on the work that was published in the National Cyber Security Framework Manual in 2012 under the auspices of the NATO CCD COE.1
For the preparation of the study, a workshop was organised in 2014 in order to discuss the outline and ideas to be developed. Due to lack of interested authors and available data, only a limited study was performed which is included in Annex I of this report. The starting point for this project was to assess to what extent economics have a clear and defining role in the drafting of an NCSS by conducting a study that could serve as a basis for decision making processes in the course of that drafting. There is a clear need for an evaluation framework of such policies that looks at several factors, such as implementation, value for money and efficiency. This researchproject sought to address these aspects from an economic standpoint.The project methodology was based on a literature review and desk research using open source materials.

The NATO CCD COE drafted a preliminary outline of the research in order to break down the topic into 4 main categories. These are:

 

  • The stage of maturity of cyber security strategies;
  • The intervention of states to correct market failures (the regulatory vs voluntary approach);
  • Metrics to assess the efficiency of cyber security strategies; and
  • Industrial policy and economic competitiveness – a cyber security industry.

An overview of the general approaches to the economic aspects of an NCSS is attached to this report (Annex I) and provides a useful introduction to the topic for a policy-maker interested in the field. As part of the project, the NATO CCD COE held a thematic workshop in order to gather specialists and an interested audience in order to discuss and present the issues surrounding the economics of cyber security. Annex II of this report includes the main findings of the workshop.

Section 3:cyber offense and cyber defense
INTRODUCTION
30M Lecture

One of the most striking technological developments of the last fifty years has been the emergence of digital
technology as a powerful force in our lives.5 For many of us, this technology is embodied in the digital computer,
which has evolved to be an essential tool for our work as well as our personal needs. In 1951, when the first
commercial electronic digital computer, a UNIVAC I, was delivered to the U.S. Bureau of the Census, computers
were essentially unknown to most people, and were found only in a few research laboratories and universities.
They were large, expensive, and prone to frequent failure. In contrast, today’s computers are relatively small, inexpensive, reliable, and are found in every country

BACKGROUND
30M Lecture

Offense-defense balance theory is a proposition that the onset of international conflicts can be explained and predicted by comparing the relationship of the cost balance between offensive and defensive operations. Robert Jervis proposed that states that had less risk of being exploited were more likely to be at peace and less likely to threaten their neighbors.[

Put in the simplest possible terms, conflicts will tend to increase when the costs of offensive operations are less than the cost of defending against them. Put another way, if defensive operations are dominant (or easier to apply), it is less costly to defend than to attack, and according to the theory, countries are more likely to be at peace, if all other factors are close to being equal.

Offense-defense theory remains extremely controversial today, with, successful critical attacks on several levels. However, these critiques usually center around two primary axes, first, the difficulty of categorizing weapons or systems as offensive or defensive, and second, the historical argument for the pre-eminence of defense over offense.

The first, and primary, critique of the theory is based on the difficulty of determining whether a weapon, system, or other hardware should be considered offensive or defensive in application. Depending on use, it appears that any weapon could be either.

In order to analyze the offense-defense balance theory for conflicts within cyberspace, it is necessary to build a comprehensible framework. This proposed framework must be designed to help define costs so that offense and defensive spending can be compared and contrasted. However, when comparing offense and defense costs, there are some difficulties. Problems with multiple use, hidden costs and balancing costs create issues within any framework capable of determining relationships between offense and defense with any fidelity and reliability.
First, very little spending on computers is specifically designated for offense or defense, even within software purchases. The purchase of a firewall within a specific software program certainly does not inherently imply that the program was purchased for defensive purposes. And while defensive aspects of specific software may be considered in the purchase of a program, i.e., a program may be more protected or less vulnerable, determining the portion of the cost that can be considered defensive in nature is very hard to discern.
In addition to these multiple use problems, specific aspects of offense abound with hidden costs that are equally difficult to determine. For example, how many hours were spent conducting reconnaissance of a target, was it necessary, and did it require physical presence (human intelligence) to determine vulnerability of the target? How much time was spent developing an attack program and what systems were used? Each aspect of the problem adds to the difficulty in determining specific attack costs.