The schedule and the course contents are designed to address and cover the contemporary cybersecurity issues and problems and they will reviewed and updated with the developments in cybersecurity field. The contents of all courses cover the following subjects: Cryptography, network security, malware analysis and detection, computer forensics, blockchain security and applications, penetration testing, privacy-preserving data management, cyber security law , cybersecurity planning and management. As the program is primarily intended for professionals, not to interfere with regular working hours, the classes are scheduled after working hours and on Saturdays. The lectures will take place in Altunizade Digital Campus, İstanbul.
I. Semester: Fall
Code | Course | Credits |
---|---|---|
SEC 500 |
Fundamentals of Computing
Albert Levi![]() Education B.S. in Computer Engineering, Boğaziçi University, Computer Engineering Department, 1991. M.S. in Computer Engineering, Boğaziçi University, Computer Engineering Department, 1993. Ph.D. in Computer Engineering, Boğaziçi University, Computer Engineering Department, 1999. Areas of Interest: Information and Network Security, Wireless Network Security, IoT Security and Privacy, Cryptography, Certificate Systems and Public Key Infrastructures, Computer Networks Memberships: IEEE, IEEE Computer Society, IEEE ComSoc, ACM, ACM SIGSAC |
3 |
SEC 501 |
Introduction to Cryptography and Security Protocols
General concepts of cryptography, classical cryptosystem and basics of cryptanalysis, symmetric encryption algorithms, public key cryptography, cryptographic hash functions, data integrity and message authentication, digital signatures, secure key exchange and management, authentication mechanisms (password-based, biometrics, multifactor), related attacks and authentication protocols, security protocol design and implementation, security protocol analysis and verification, access control and authorization. Some existing application layer security protocols (such as email security, e-commerce security) are also discussed. Instructor: Atıl Utku AyAtıl Utku Ay![]() Atıl Utku Ay received his BS degree in electronics engineering in 2013 and MS degree in computer science and engineering in 2016 from Sabancı University. He worked as a Researcher and Senior Researcher at TÜBİTAK BİLGEM, National Research Institute of Electronics and Cryptology (UEKAE) Semiconductor Technologies Research Laboratory (YİTAL) between 2017-2021. His research interests include applied cryptography and computer architectures. |
3 |
SEC 502 |
Network Security
Overview of the Internet and the TCP/IP protocol stack (incl. TCP, UDP, IP and application layer protocols), network packet/traffic analysis, physical layer security, network layer security (IPSec), transport layer security (SSL/TLS, SSh, HTTPS), DNS Security, wireless security, network-based attacks and defense, firewalls, intrusion detection and prevention, network hardening, honeypots and honeynets, web security principles, WAF (web application firewalls), secure web application design and development. Instructor: Duygu Karaoğlan AltopDuygu Karaoğlan Altop![]() Duygu Karaoğlan Altop received the BSc. degree in Telecommunications Engineering (2007) and the MSc. degree in Computer Science and Engineering (2009), from Sabancı University. She completed the Ph.D. degree in Computer Science and Engineering at Sabancı University in December 2016. Since September 2017, Dr. Karaoğlan Altop is an instructor in Foundations Development Department, Sabancı University. She served as logistics chair of CSW (Computer Science Student Workshop) in both 2010 and 2011, and as publications chair of CSW in 2012. Her research interests include computer and network security, data and communication security, cryptography, pervasive healthcare security, and biometrics. |
3 |
SEC 503 |
Malware Analysis and Detection
General concepts of malwares, malware types, fundamentals of static and dynamic malware analysis, advanced static analysis, advanced dynamic analysis, reverse engineering, malware countermeasures. Instructor: Orçun ÇetinOrçun Çetin![]() Dr. Orçun Çetin received his B.Sc. (Hons) Computing Science (Networked Systems and Internet Technologies) from Newcastle University in England. He received his M.Sc. on Networks and Security from University of Kent (England) with highest distinction. He has completed his Ph.D. degree at Delft University of Technology. He also worked as a Research Associate at the University of Kent’s School of Computing. Dr. Orcun Cetin and his co-authors won the Distinguished Paper Award for their work “Cleaning up the internet of evil things: real-world evidence on ISP and consumer efforts to remove mirai” at the Network and Distributed System Security Symposium 2019 (NDSS), one of the “Big 4” conferences in the cyber security field, which took place in San Diego. His research focuses on the global vulnerability and malicious activity scanning and notifying affected parties all around the world. In recent projects, he focused on economics and human aspects of cybersecurity, where he uses qualitative and quantitative methods to answer questions related to cybersecurity policies and cybercrime victimisation. |
3 |
SEC 505 |
Blockchain: Security and Applications
Cryptographic fundamentals for blockchain, distributed systems, crypto-currencies, smart contracts, distributed blockchain applications, consensus algorithms, blockchain mining, security and privacy in blockchain, blockchain ecosystem. Instructor: Kamer KayaKamer Kaya![]() Kamer Kaya obtained his PhD in Cryptography at Faculty of Engineering, İhsan Doğramacı Bilkent University in 2009. He then joined CERFACS (European Research Lab for Scientific Computing, Toulouse, France) as a member of the Parallel Algorithms group. In 2011, he joined HPC Lab at the Ohio State University as a Post-graduate Researcher and appointed as Research Assistant Professor in 2012. Since June 2014, Dr. Kaya has been working on Faculty of Engineering and Natural Sciences, Sabancı University. He is actively doing research on High Performance Computing, Parallel Algorithms and Cryptography. |
3 |
II. Semester: Spring
Code | Course | Credits | ||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
SEC 504 |
Incident Response and Digital Forensics
Fundamentals of computer forensics, computer crimes and law, evidence gathering, data recovery, computer forensics tools, network forensics, wireless and mobile network forensics. Instructors: Kamil AkdağKamil Akdağ![]() After graduating from the Physics Department of the Faculty of Arts and Sciences of Dokuz Eylul University, he started his work on server and network security in the area of informatics. After 7 years of experience in server infrastructure and network security, he turned to the field of Digital Forensics Informatics and completed his master's degree in information security. Since 2014, he has been working on Forensic Cyber Crimes. In 2017, he started to work as a laboratory director in Fordefence Adli Bilişim. |
3 | ||||||||||||||
SEC 507 |
Penetration Testing
Fundamentals of modern IT systems and their vulnerabilities, ethical hacking methods, reconnaissance methods and tools, scanning methods and tools, network and web vulnerabilities, social engineering, penetration testing tools. Instructor: Nurlan AbishovNurlan AbishovOSCP, CISSP, CISA, CIA, CEH, ISO27001 LA, BS25999 LA![]() |
3 | ||||||||||||||
SEC 508 |
Privacy-Preserving Data Management
Privacy of personal and sensitive data; privacy issues concerning data collection, storage, processing and publishing; anonymity metrics; privacy-enhancing techniques; case studies. Trainer: |
3 | ||||||||||||||
SEC 509 |
Secure Coding and Software Security
Secure coding principles; vulnerabilities and exploits: buffer overflow, SQL injection, cross-site-scripting, session hijacking, sensitive data exposure; countermeasures; advanced testing and program analysis techniques. Instructor: Orçun ÇetinOrçun Çetin![]() Dr. Orçun Çetin received his B.Sc. (Hons) Computing Science (Networked Systems and Internet Technologies) from Newcastle University in England. He received his M.Sc. on Networks and Security from University of Kent (England) with highest distinction. He has completed his Ph.D. degree at Delft University of Technology. He also worked as a Research Associate at the University of Kent’s School of Computing. Dr. Orcun Cetin and his co-authors won the Distinguished Paper Award for their work “Cleaning up the internet of evil things: real-world evidence on ISP and consumer efforts to remove mirai” at the Network and Distributed System Security Symposium 2019 (NDSS), one of the “Big 4” conferences in the cyber security field, which took place in San Diego. His research focuses on the global vulnerability and malicious activity scanning and notifying affected parties all around the world. In recent projects, he focused on economics and human aspects of cybersecurity, where he uses qualitative and quantitative methods to answer questions related to cybersecurity policies and cybercrime victimisation. |
3 | ||||||||||||||
SEC 510 |
Cyber Security Law
Cyber crimes; digital signature law; intellectual property law; digital communication law; data protection and privacy law; cybercrime incidences; laws and regulations for cyber security in the world; ethical issues in cyber security. Instructor: Batu KınıkoğluBatu Kınıkoğlu![]() Dr. Batu Kınıkoğlu graduated from Istanbul University Law Faculty and received his LL.M. degree in Innovation, Technology and the Law from the University of Edinburgh. He received his Ph.D. degree in Law from Vrije Universiteit Amsterdam with his thesis on intellectual property rights on virtual items. He is working as a lawyer specializing in information technology law and continues to teach undergraduate and graduate law courses as a lecturer. He has articles published in international refereed academic journals on subjects ranging from cybersecurity to data protection, copyright, and internet regulation. SEC 506 |
|
Advanced Cryptography
Mathematical foundations, elliptic curve cryptography, homomorphic encryption, secret sharing protocols, oblivious transfer, zero-knowledge proofs, secure multi-party computation, e-voting applications, e-cash, post-quantum cryptography. Instructor: Erkay Savaş3 |
SEC 511 |
|
Cyber Security Planning and Management
Cyber security risk management; cyber security planning and policy; management of cyber security operations: detection, response and intelligence; incident response team management; security awareness and training management; security management standards and best practices; regulatory compliance in cyber security. 3 |
SEC 512 |
|
Advanced Malware and Code Analysis
A small reminder of previous course
3 |
SEC 592 |
|
Project Course
All graduate students pursuing a non-thesis MSc. Program are required to complete a project. The project topic and contents are based on the interest and background of the student and are approved by the faculty member serving as the Project Supervisor. At the completion of the project, the student is required to submit a final report and present the project. The final report is to be approved by the Project Supervisor. 3 |
DA 525 |
|
Project Management and Business Communication
This course is intended to provide industry insight into the world of project management and business communication. Upon completion of this course, students are expected to have a clear understanding of the tasks and challenges that are fundamental to project management requirements. The course will also cover issues on team management and other aspects of project management on schedules, risks and resources for a successful project outcome. The second part of this course will concentrate on effective communication with team members, presentation techniques for a wide range of audiences and communicating results and recommendations to upper management and clients. Instructor: Hakan AksungarHakan Aksungar![]() Aksungar started his career as a software development expert in the field of Information Technologies in 1984 and completed his institutional experience as a Program Manager in the finance sector in 2007. In the meantime, he has assumed managerial responsibility in a wide range of projects. Then, as a self-employed consultant in the field of Information Technologies, he continued his services by sharing his knowledge and experiences in different sectors and companies. In 2010, as a founding partner, Fonksiyon Information Technologies Consulting and Training Ltd. Sti. under the umbrella of Chief Executive Officer and continuing his training and consulting activities. Fonksiyon360, Training, Consultancy and Coaching Services. 3 |
|