Master degree program
Information Security Systems

Information Security Systems

QUALIFICATION

  • Scientific and pedagogical direction - Master of Engineering Sciences

MODEL OF GRADUATING STUDENT

Upon completion of this program, it is expected that undergraduates will be able to:
1.justify the choice of methodological foundations of research activities in the field of information security
2. describe legal acts, international and state standards in the field of information security;
3. choose and reasonably use methods and hardware-software means of information protection;
4. analyze threats to information security of objects and methods of counteraction
5. to assess the cryptographic strength of the encryption algorithms;
6. to use methods of increasing the security of data transmission in telecommunications networks;
7. identify vulnerabilities of cryptographic protocols and transformations and effectively apply them to solve applied problems;
8. use information sources and analytical methods of competitive intelligence, a system of measures to counter industrial espionage, means and methods of unauthorized access (NSD) to IP resources;
9. integrate knowledge and formulate judgments based on incomplete or limited information about the business processes of the organization;
10. develop an information security strategy in accordance with the development strategy of the organization;
11. organize debugging and testing of software, software and hardware for information security;
prepare scientific publications, technical reports on the results of research in the field of information security, by integrating knowledge from new or interdisciplinary fields and taking into account social, ethical, linguistic and scientific considerations.

Program passport

Speciality Name
Information Security Systems
Speciality Code
7M06301
Faculty
Information technology

disciplines

Cryptanalysis
  • Number of credits - 6
  • Type of control - [RK1+MT+RK2+Exam] (100)
  • Description - The purpose of the discipline is to use the basic principles and methods of analysis of cryptographic algorithms. The following will be studied: Theoretical and practical foundations of creating a methodology for a reliable and secure cryptographic protocol. Rules and stages of use when choosing a model in cryptography. Requirements for the reliability of the method used. Classification of the main methods of analysis of cryptographic algorithms and various methods and means of cryptanalysis.

Foreign Language (professional)
  • Number of credits - 6
  • Type of control - [RK1+MT+RK2+Exam] (100)
  • Description - The purpose is to acquire and improve competencies by international standards of foreign language education and to communicate in an intercultural, professional, and scientific environment. A master's student must integrate new information, understand the organization of languages, interact in society, and defend his point of view.

History and Philosophy of Science
  • Number of credits - 3
  • Type of control - [RK1+MT+RK2+Exam] (100)
  • Description - The course forms knowledge about the history and theory of science; on the laws of the development of science and the structure of scientific knowledge; about science as a profession and social institution; оn the methods of conducting scientific research; the role of science in the development of society.

Organization and Planning of Scientific Research (in English)
  • Number of credits - 6
  • Type of control - [RK1+MT+RK2+Exam] (100)
  • Description - The purpose of the discipline is to train masters in conducting scientific research, carrying out scientific and methodological work, socializing young students and their participation in the corporate governance system of Organization of higher and postgraduate education (OHPE). Undergraduates learn to interact with OHPE stakeholders, participate in research projects.

Organization of information security systems
  • Number of credits - 9
  • Type of control - [RK1+MT+RK2+Exam] (100)
  • Description - The purpose of the discipline is to assess the risks of information resources of the organization and information security audit. Will be studied: a Systematic approach to information security management. Standardization in the field of information security management. Content and organization of the information security audit process. Information security risk assessment. Reporting documents on the results of the audit. Implementation of recommendations on the results of the information security audit.

Pedagogy of Higher education
  • Number of credits - 5
  • Type of control - [RK1+MT+RK2+Exam] (100)
  • Description - The purpose is the formation of the ability of pedagogical activity through the knowledge of higher education didactics, theories of upbringing and education management, analysis, and self-assessment of teaching activities. The course covers the educational activity design of specialists, Bologna process implementation, acquiring a lecturer, and curatorial skills by TLA-strategies.

Psychology of management
  • Number of credits - 3
  • Type of control - [RK1+MT+RK2+Exam] (100)
  • Description - The course reveals the subject, the basic principles of management psychology, personality in managerial interactions, personal behavior management, psychology of managing group phenomena and processes, psychological characteristics of the leader's personality, individual management style, psychology of influence in management activities, conflict management.

Security Analysis of operating systems
  • Number of credits - 6
  • Type of control - [RK1+MT+RK2+Exam] (100)
  • Description - The purpose of the discipline is to apply the requirements of information security and skills in the use of methods to ensure the protection of information in operating systems. The following will be studied: Methods and tools for testing and protecting operating system programs. Principles of competent administration of operating systems. Analysis of sources and security threats in operating systems. Tools and methods aimed at eliminating security threats in operating systems.

Security of software applications
  • Number of credits - 5
  • Type of control - [RK1+MT+RK2+Exam] (100)
  • Description - The purpose of the discipline is to conduct software security analysis by identifying vulnerabilities, and to teach security methods in order to prevent threats arising from identified vulnerabilities. The following topics will be studied: Theoretical and practical basics of creating reliable and secure software for information systems. Rules, stages, and technologies for building reliable software.

Software Testing and Verification
  • Number of credits - 5
  • Type of control - [RK1+MT+RK2+Exam] (100)
  • Description - The purpose of the subject is to provide students with theoretical knowledge and practical skills in the basics of verification and validation, where they mainly focus on software testing. Course Outline: Introduction to software verification and validation; Testing review and its classification; Functional testing (black box); Structural testing (white box); Integration testing; Mutational testing; Generating test cases; Mock testing. Toolkit: Eclipse IDE (Unit Testing, Mutation Testing), Java programming language, EvoSuite, Castle Mock.

Data for 2021-2024 years

disciplines

A Semantic-basad Analysis for information Assurance
  • Type of control - [RK1+MT+RK2+Exam] (100)
  • Description - The purpose of the discipline is to provide an understanding of the principles and practices of formal grammar of natural languages. The role of semantic analysis in natural language text processing, morphological analysis, finite automata, probabilistic models, N-grams, tags of speech parts, loading of text corpora, libraries of natural languages NLTK, creation of stemmer for Russian and Kazakh languages, programming in Python will be studied.

Analysis of Network Security
  • Type of control - [RK1+MT+RK2+Exam] (100)
  • Description - The purpose of the discipline is to familiarize with the basic principles of construction of wired and wireless communication systems and ensure their safety. Will be studied: General regularities of construction of modern network communication systems. Methods and tools for securing network connections. Rules, stages and technologies of building reliable software. Methods and means of testing and protection of programs from research by malefactors.

Analytical information security systems
  • Type of control - [RK1+MT+RK2+Exam] (100)
  • Description - The purpose of the discipline is the development of disciplinary competencies related to the disclosure of technologies for intelligent analysis of large information arrays through information and analytical systems. Including aspects: The main provisions related to information and analytical security systems, methods for collecting information about legal entities and individuals, regulatory documents regulating the activities of the relevant services.

Audit of information security
  • Type of control - [RK1+MT+RK2+Exam] (100)
  • Description - The purpose of discipline is to master disciplinary competencies for the use of a set of measures in the system of information security on the basis of the organization and audit of information security. The following will be studied: Legal and methodological bases of information security audit, Standards and guidelines on the basics of audit and information security, Methods of information security assessment, Directions of information security assurance and evaluation will be studied.

Computer Forensics and Competitive Intelligence (OSINT)
  • Type of control - [RK1+MT+RK2+Exam] (100)
  • Description - The purpose of the discipline: the formation of students' knowledge system in the field of cyber security, the development of skills in the use of competitive intelligence techniques. The following will be studied: means of ensuring cybernetic security of information, technical and regulatory approaches to the analysis and identification of cybercrimes, identification and prevention of cyber threats. Working with databases, cyber intelligence methods, machine learning and neural networks, analysis of unstructured information.

Cryptoanalytical methods
  • Type of control - [RK1+MT+RK2+Exam] (100)
  • Description - The purpose of the discipline is to form the ability to apply methods in the field of cryptographic information protection and cryptanalysis. Will be studied: modern methods of ensuring confidentiality, integrity and authentication of data, modern methods of cryptanalysis, cipher requirements and basic characteristics of ciphers, principles for constructing cryptographic algorithms, well-known cryptanalysis methods for modern algorithms, cryptographic strong components of ciphers.

Cyber Security of Information
  • Type of control - [RK1+MT+RK2+Exam] (100)
  • Description - The purpose of the discipline is to form knowledge in the field of cyber security. Will be studied: the main means and methods of ensuring cyber security of information, cyber crime, cyber attacks, technical approaches and security tools, methods, and tools to ensure cyber security in the computer and information communication systems and networks.

Information security in telecommunication systems
  • Type of control - [RK1+MT+RK2+Exam] (100)
  • Description - The purpose of the discipline is to master methods of analyzing the security status of automated information and telecommunication systems and assessing its effectiveness with expert methods. Will be studied: The purpose of an integrated information security system; Methods for identifying channels of unauthorized access to information; Determining the sources of destabilizing effects on information; Expert systems for a comprehensive assessment of security; Decision-making technology in emergency situations.

Key management in cryptosystems
  • Type of control - [RK1+MT+RK2+Exam] (100)
  • Description - The purpose of the discipline is to use the principles of construction and mathematical justification of key management. Will be studied: Key generation mechanisms using symmetric cryptographic methods, setting up a conceptual model of key distribution, characteristics of key management services. requirements for key management systems, the principles of material management for the creation of encryption keys during its life cycle.

Machine learning for detecting network threats
  • Type of control - [RK1+MT+RK2+Exam] (100)
  • Description - Undergraduates will gain experience in detecting network threats based on machine learning, detecting web phishing and APT based on machine learning, detecting anomalies using machine learning, detecting spam in social networks using machine learning, detecting zero-day attacks using machine learning and analyzing user behavior based on machine learning.

Management technologies of information security
  • Type of control - [RK1+MT+RK2+Exam] (100)
  • Description - The purpose of the discipline is to form the ability to apply the principles, methods, approaches and tools of effective information security management in a modern organization. The following will be studied: operation of information security management subsystems of the object of protection, control checks of operability and efficiency of software, hardware and technical means of information security, design of subsystems and means of information security, development of information security management subsystem.

Models and methods of the theory of neural metworks
  • Type of control - [RK1+MT+RK2+Exam] (100)
  • Description - The purpose of the discipline is to form the ability to apply the mathematical and technological foundations of the theory of neural networks. Will be studied: Models of the neuron. Neural network architectures. Single-layer and multi-layer neurons. Principles of construction of artificial neurons. Learning rules perceptron. Mathematical description of the perceptron. Learning the Hebb rule of neural networks. Pattern recognition algorithm for an associative neural network according to the Kohonen Rule.

Policies and models of access control in computer systems
  • Type of control - [RK1+MT+RK2+Exam] (100)
  • Description - The purpose of the discipline is to apply the most common types of security policies and appropriate mathematical models of access to information for computer systems. The following will be studied: understanding of computer systems and mechanisms of their protection in terms of object-subject models, formal models of access control, criteria and classes of security of computer equipment and automated information systems.

Principles of construction of cryptographic protocols
  • Type of control - [RK1+MT+RK2+Exam] (100)
  • Description - The purpose of the discipline is to present the basic principles of construction and mathematical justification of cryptographic protocols. Will be studied: the basics of discrete algebra and number theory and the use of theoretical and numerical apparatus for solving cryptographic problems, the basic mathematical methods used in the synthesis and analysis of standard cryptographic protocols, advantages and disadvantages of cryptographic protocols, the requirement for the security of cryptographic protocols.

Research on the use of machine learning to detect malicious objects
  • Type of control - [RK1+MT+RK2+Exam] (100)
  • Description - The course will examine the current state of the use of machine learning to automate the detection of malicious objects in cyber-physical systems, the most common malicious objects in systems of this type, the most promising machine learning algorithms that allow predicting the presence of malicious objects in cyber-physical systems

Risk assessment and management in cybersecurity
  • Type of control - [RK1+MT+RK2+Exam] (100)
  • Description - Students will be exposed to the study of risk assessment and management in the context of Homeland Security. Topics will include threat assessment, analysis and management of critical infrastructure, resources and locations by both law enforcement and private industry. The course will include national threat assessment, analysis and management while emphasizing practical local and regional issues as well as hands-on planning utilizing case studies.

Theoretical-numerical methods of cryptography
  • Type of control - [RK1+MT+RK2+Exam] (100)
  • Description - The purpose of the discipline is to study the theoretical,numerical and algebraic foundations of cryptography and methods and algorithms of cryptographic protection of information with a secret and public key. Learning outcome: -to master the basic concepts of modular arithmetic (theory of comparisons) of integers; -to master modern methods of cryptography; -be able to apply algorithms of modular arithmetic of integers and polynomials; -develop parameters required by practical circumstances;

Web Application security
  • Type of control - [RK1+MT+RK2+Exam] (100)
  • Description - The purpose of the discipline is to form the ability to use the main types of attacks on web applications and methods to prevent them.The following aspects are considered in the discipline: basic standards on the web.The concept of web applications and campaigns. Server-side controls.Structure and design of web applications

Data for 2021-2024 years

INTERNSHIPS

Pedagogical
  • Type of control - Защита практики
  • Description - Aim оf discipline: formation of the ability to carry out educational activities in universities, to design the educational process and conduct certain types of training sessions using innovative educational technologies.

Research
  • Type of control - Защита практики
  • Description - The purpose of the practice: gaining experience in the study of an actual scientific problem, expand the professional knowledge gained in the learning process, and developing practical skills for conducting independent scientific work. The practice is aimed at developing the skills of research, analysis and application of economic knowledge.

Data for 2021-2024 years