Welcoming Message from the Dean

In this globalized community, information about incidents on the other side of the world is delivered to us the next morning. The rapidly changing international environment is of great interest to all. Furthermore, today's knowledge and information society is rapidly moving toward becoming an intelligent society, an IT-convergence society, and a ubiquitous welfare society.

The goal of the Graduate School of International Affairs and Information Security is to educate experts with superb information security, cyber forensics, and home network security skills to contribute to national and social development.

The Department of Information Security, together with the Cyber Forensics Majors, is fostering experts in information security, which is a critical field of information technology. The Graduate School was the first in Korea to establish a Department of Information Security in 1998, and it has graduated many information security experts.

It has also become the first graduate school in Korea to offer evening courses in the Cyber Forensics Major. Currently, these courses are available for the M.A. degree only. The graduate school established an MOU with Britain's Information Security Group at Royal Holloway and ISC2, a Certified Information System Security Professional (CISSP) certification association, and is actively engaging in international exchanges with these organizations.

The graduate school's alumni are establishing themselves as leading experts in a wide array of fields. I sincerely hope to see you become aware of and actively take part in the process of preparing for and creating a new era.

Contact Us

• Webpage : http://gsiai.dongguk.edu/
• Tel : +82-2-2260-3734

Division of Theater Arts

Major in Information Security

Educational Goal

The objective of this course is to foster professional research personnel as well as technology and security management personnel with practical skills who can substantially contribute to institutional development and creative technological development as security experts of a ubiquitous society that is steadily developing into a strong cyber and welfare society; and as leaders who protect the nation's and individuals' information assets, build a sound and ethical cyber society, and develop a security industry that is appropriate for a strong IT nation. Extensive and in-depth educational content is offered, including cyber security policies and management, cryptography, security architecture and engineering, Internet and wireless communication security, database security, operational system security, e-commerce security, biometrics security, privacy security, cyber terror and security, evaluation and certification, system auditing, cyber ethics and law, and forensics.

Curriculum

• Cryptography
  Students extensively study subjects such as block-cipher algorithms, stream-cipher algorithms, single-key cryptosystems, public-key cryptosystems, and electronic signature theory to gain a comprehensive understanding of the theory of cryptography, which is an essential part of security.  


• Cyber Security
  Students learn the overall subjects of cybersecurity, which include information protection and risk management, access control, summarized theory of cryptography, physical and environmental security, security architecture, BCP/DRP, information communications and network security, applied system security, operation security, cyber laws, inspection and analysis, and others.


• Database Security
  Students take an intensive course focused on relational databases, including data security model, limiting questionnaires, multilevel security DBMS, approximate reasoning control theory, and others.
  
• Unix/Linux Security
  Students intensively learn the security technology of Unix and Linux with regard to kernel directories of Unix and Linux, password security mechanisms, file protection mechanisms, logging mechanisms, and various applications.


• Infor/Security Assurance
  Students take an in-depth course on information and security management systems, including their development, evaluation, certification, risk analysis and management, standardization, security policies, auditing, certificate acquisition, ISO 17799, ISO 13335, GMITS, GAISP, ITIL, Common Criteria, and so on.


• Sys/Sec Audit & Governance
  Students learn information system auditing procedure, planning and organizing, protection of information assets and their recovery from disasters, business sustainability, risk management, operation control, IT Security Governance, and others.


• Biometrics Security
  Students take an in-depth course beginning with overall knowledge of Physiological Biometrics, which include keystroke patterns, signatures, and on various bio instruments, bio standards, electronic passports, and international trends.
• Information Security
  In this course, students expand their knowledge and foster their creativity through seminar-style research on selected topics relevant to the theory and practice of information security.


• Seminar Advanced Cryptographic I
  Based on single-key and public-key cryptosystems, students learn design and analysis techniques for key generation, key distribution, electronic signature, message authentication, and cryptographic protocols.


• Advanced Cryptography II
  Taken after Advanced Cryptographic I, this course further provide intensive study, especially on applied systems including newly emerging theories such as key management and key recovery theory, encryption policy, and so on.
  


• System Security Management
  Students closely study security principles, guidelines, standards, laws, and regulations to set up system security policies that satisfy the goals and strategy of the organization, and the establishment and implementation of security policies through risk analysis, taking an in-depth course on system management techniques, and on security governance techniques.


• Security Risk Assessment
  Students have the opportunity to learn essential knowledge for security risk assessment, to comparatively study various risk analysis techniques, and, through hands-on practice with appropriately sampled specimens, to develop professional and practical capabilities in risk analysis.
  
• Secure OS
  Students take this in-depth course to learn the latest security technology for the OS including the design of Secure OS, security policies, implementation, assessment, Server security, OS kernels, and so on.


• Wireless Comm. Security
  Students learn various security measures for wireless communications, including 1G, 2G, 3G, and 4G, as well as CDMA, TDMA, and SMS. The course will also cover the relevant vulnerabilitiesand threats with regard to wireless communications.


• Cyber Forensics
  Students learn through hands-on training in legal scientific investigating and evidence collecting techniques such as investigation for information system related incidents, evidence collection, storing, transferring, deciding liability, chain of evidence, chain of evidence preservation, legal response procedure, and so on.


• Privacy Security
  Students research and study U-society and personal information, infringement of personal information and its collection routes, infringement status of personal information, defense measures, reporting infringements and redemption, personal information protection law, information network law, measure to strengthen infrastructure to protect information, as well as the current personal information protection status, both home and abroad.
  


• Security Project
  · Students take part as research team members and conduct a project by studying, designing, and developing it, focusing on a topic that has been discussed in the Information Security Seminar class, fostering practical skills readily applicable to actual business situations.


• Industry &Trade Secret Security
  Students learn information collection for high technology, industrial secrets, and trade secrets, various gathering methods, realities on criminal activities, accident case study, industry security laws, and so on, enhancing expertise and ability to substantially contribute to the security of workplaces or organizations.
  


• Enterprise Security Architecture
  Students have the opportunity to play a role as security consultants, either in-house or outsourcing, so they learn and come to fully understand security methodology, management for information protection, and by totally utilizing such acquired knowledge, students improve their ability to design security architecture for the whole organization.
  


• Internet TCP/IP Security
  Students learn the basic theories of the Internet, and the overall status of today's IP Security, including TCP/IP protocols, as well as next-generation Internet security technology and updated high technology.


• Ubiquitous Computing Sec.
  Students learn Ubiquitous computing relating studies such as ubiquitous theory, U-architecture, and prospect of new technology, and further study about personal information protection, and USN Security -top edge security technology in ubiquitous societies.
  


• Cyber Ethics & Law
  This course provides students with knowledge to establish and foster healthier ethical values and relevant theories for the information society, including moral reflection on information crimes, various ethics charters, protection of intellectual properties, personal information protection, monitoring unethical crimes, and domestic/foreign laws with regard to investigation of accidents.
  


• E-Commerce Security
  Students learn general knowledge of the Internet business and e-commerce, including threats and cases of accidents.


• Cyber Terror & Security
  Students learn the reverse functions and their countermeasures, deriving from a knowledge-based information society, and types of cyber terror activities including current status and their countermeasures.
  


• Information & Coding Theory
  Students learn the network security, as well as scientific areas overlapping with code theory.


• Security Engineering
  The course covers expertise and regulations in connection with security engineering, such as S/W Engineering, Architectural Engineering, basic engineering skills; also, students extensively learn NIST SP 800-27 Engineering Principles, Design Principles, SSE-CMM, and Security Engineering techniques in order to build reliable, dispersed systems.


• Application Security
  The course particularly focuses on Web Application development methodology, considering the initial stage of development, tools for development policies, and various application systems.


• Cutting Edge Safeguards
  Students learn the development pattern of security equipment, and extensively analyze selected sample models of latest high-tech security gear, thus acquiring practical knowledge and expertise on Safeguards.


• Telecomm/Net Security
  Students learn information communications theories and technologies with regard to communications systems, transmitting methods, codification, and communications protocols; the course deals with network security, security protocols, and routing in order to protect transmitted data.
  


• Integer Theory
  Students learn basic integer theory necessary to understand information protection algorithms and to study theories on cryptography, extensively dealing with integer theoretical concepts employed to maintain the safety of cryptographic algorithms.
  


• IT/Safeguards Evaluation, Assurance 1, 2
  The course provides security assessments techniques for IT security products, especially standards and techniques of Common Criteria, and it cultivates professional talents who have the capacity to make assessment of the security of IT products. Aiming at obtaining certifications on information protection, courses 1 and 2 are provided in succession.
  


• Security Policy &Strategy
  Students learn implementation strategies and policies across various policy areas relevant to production, use, circulation, and management, along with the accompanying national strategy and policy for information protection, and related international trends.

Educational Goal

The objective of this course is to foster professional research personnel as well as technical and cyber forensics experts with practical skills who pursue advancement of knowledge related to forensics, which is the legal and scientific investigation skill needed to resolve legal disputes and control cyber crime; and who can substantially contribute to the development of legal and technical systems related to cyber forensics by developing the ability to efficiently respond to cyber crime and expanding the foundation of forensics. Students will gain theoretical knowledge on technologies and legal matters related to cyber forensics and also engage in effective learning through practical lessons. Upon completion of their courses our students will have the practical skills needed to work in the field.

Curriculum

• Cyber Forensics
  Students learn legal, technological, and investigative aspects of Cyber Forensics in its entirety. The course addresses the importance of evidence collection, analysis, transfer, and storage at each stage of the investigation.
   
• Windows Forensics
  Students learn real-time responding techniques for collecting volatile evidence, such as Windows system, registry, and history data, as well as non-volatile evidence.
   
• File System-1 (Windows)
  Students learn the structure of Windows file systems (FAT, FAT16, FAT32, NTFS, and so on), and by analyzing the file structure, come to understand down to clustering units, the smallest data storage partitions, and learn recovery of deleted files, file time change, and others.
   
• File System (Linux)
  Students acquire basic knowledge of file structures by learning the structure of file systems other than Windows, such as Unix, Linux, and kernel directory, the MAC file system, and so on.
   
• Forensic Investigation
  Students learn, as experts in cyber forensic investigation, what to examine at a crime scene, how to interrogate suspects, how to maintain the linked-storage nature of evidence, and how to prepare an investigation report.
   
• Network/Database Forensics
  Students learn various hacking techniques through networks, and how to cope with them; measures to take on networks to secure flawless digital evidence and log analysis; to secure through database, identity and flawlessness of diverse query materials.
   
• Mobile Forensic
  Students learn how to safely secure data stored in various hand-held instruments such as mobile phones, MP3, PMP, GPS navigators, and so on. The course also focuses on date extraction, analysis, and making reports.
   
• System Forensics
  Students learn about log file analysis across systems such as Unix and Linux, and how to address various hacking techniques.
   
• Source Forensics
  By analyzing program sources, students learn practical techniques with regard to malicious code analysis, infringement of copyright, and content analysis.
   
• Anti-Forensics
  As investigators adopt forensic techniques, so do criminals develop anti-forensic techniques to impede forensic investigations. In this regard, students learn the theory and hands-on practices concerning anti-forensics, various techniques of anti-forensics and their countermeasures.
   
• Forensic Tools
  Students learn the theory and hands-on practices about how to use forensic tools such as forensic analyzing software (including EnCase, iLook, FTK), which are currently used both domestically and internationally.
   
• Investigation
  Students, through actual case analysis of cybercrime, learn investigative know-how for cybercrime and how to prepare an investigative report.
   
• Forensics & Confrontation in Court
  With regard to cybercrime, students learn about a professional investigator's role in court, conducting offensive and defensive debate with prosecutors and attorneys, and other measures, such as how to avoid leading questions.
   
• Forensics & Rules of Evidence
  Students learn commentaries on evidence law in order to secure the legal support for digital evidence, and various case studies, evidence of cybercrime based on the criminal law and the code of criminal procedure.
   
• Forensics & Process of a Lawsuit
  Students learn about civil and criminal procedures in court, and about the process as pre-legal measures, as well as learning about the supporting nature of digital evidences that is pending in the court.
   
• Forensics Practice
  Students how to collect volatile evidence from the system, how to use forensic tools for evidence collection and analysis, and how to prepare an evidence analysis report for submission to a court.
   
• Network Security
  Students acquire theories and techniques of information and communication, including data communication systems, transmission methods, codification, and communication protocols, and learn general technology and theory to protect data during transmission, such as network security, security protocols, routing, and so on.
   
• Cyber Security
  The course provides expertise to establish a security system for a healthier information society, and students learn about various cases of cyber security violation and their countermeasures.
   
• System Security Management
  Students closely study security principles, guidelines, standards, laws, and regulations to system security policies that satisfy the goals and strategy of the organization, and, establishment and implementation of security policies through risk analysis, taking in-depth course on system management techniques, and on security governance techniques.
   
• Security Engineering/Architecture
  Students acquire overall theories and techniques of information communications including data communication systems, transmission methods, codification, communication protocols, and learn knowledge and technology in system security engineering and architecture to protect data transmitted via computers and information communications networks.