Download Syllabus - M.Tech Course - Information Security

File Ref.No.42471/GA - IV - E2/2013/CU
UNIVERSITY OF CALICUT
Abstract
Faculty of Engineering - Board of Studies in Engineering(PG) - Syllabus - M.Tech Course - Information Security and Cyber
Forensics - with effect from 2014 admission - Approved - Sanctioned - Orders issued.
G & A - IV - E
U.O.No. 7799/2014/Admn
Dated, Calicut University.P.O, 11.08.2014
Read:-1. U.O. No. 4126/2014/Admn dated 25-04-2014
2. Item No. 1(b) of the Minutes of the meeting of the Board of Studies in Engineering(PG) held on 19-06-2014.
3. Item No. 2 of the minutes of the meeting of the Faculty of Engineering held on 25-06-2014.
ORDER
Vide paper read as 1st above, an Expert Committee was constituted to frame the syllabus for M.Tech Programme in
Information Security and Cyber Forensics in tune with the M.Tech Regulation -2010 of this University.
Vide paper read as 2nd above, the Board of Studies in Engineering (PG) at its meeting held on 19-06-2014, resolved to
approve the Syllabus of M.Tech Programme in Information Security and Cyber Forensics, submitted by the Expert Committee,
fixing the Eligibility Criteria for the admission the the Course to be B.Tech Degree in Computer Science and
Engineering / Information Technology or Equivalent.
The meeting of the Faculty of Engineering held on 25-06-2014, vide item No. 2 of its minutes, resolved to approve the minutes
of the meeting of the Board of Studies in Engineering(PG) held on 19-06-2014.
Considering the exigency of the matter, Hon'ble Vice Chancellor, after having examined the matter in detail has accorded
sanction to implement the syllabus for M.Tech Programme in Information Security and Cyber Forensics, subject to ratification
by the Academic Council.
Sanction has therefore been accorded for implementing the syllabus of M.Tech Course in Information Security and Cyber
Forensics with eligibility criteria for admission to the course to be B.Tech Degree in Computer Science and Engineering /
Information Technology or Equivalent, subject to ratification by the Academic Council
Orders are issued accordingly.
( Syllabus appended.)
Muhammed S
Deputy Registrar
To
Principals of all affiliated Engineering Colleges
Copy to : - PS to VC/PA to PVC/ PA to Registrar/PA to CE/ DR/AR M.Tech/ CDC / Dean, Faculty of Engineering/
Chairman, BS in Engineering/ PRO/ Enquiry Section/SA( to upload in the University website)
Forwarded / By Order
Section Officer
Syllabi & Scheme
for M.Tech Course in
INFORMATION SECURITY AND
CYBER FORENSICS
of Calicut University
Scheme of M.Tech. Programme in INFORMATION SECURITY and CYBER FORENSICS
Credits
T
P
Semester
End Exam
Duration
CIC 14 101
2
CIC 14 102
3
4
5
CIC 14 103
CIC 14 104
CIC 14 105
CIC 14 106
(P)
CIC 14 107
(P)
7
L
3
1
0
100
100
200
3
4
3
1
0
100
100
200
3
4
3
3
3
1
1
1
0
0
0
100
100
100
100
100
100
200
200
200
3
3
3
4
4
4
Seminar
0
0
2
100
0
100
-
2
Operating System and Security Lab
0
0
2
100
0
100
-
2
15
5
4
700
500
1200
-
24
Hours/Week
Course Code
1
6
Total
Sl.
No.
Internal
Evaluationn
End Sem
FIRST SEMESTER
Name of the Subject
Advanced Mathematical Structures
(Same as MCS 10 101)
Computer Architecture and Security
Analysis
Trusted Operating System Design
Cyber Forensics Basics
Elective-I
Total
Elective-I
CIC 14 105 (A) Access Control and Authentication System
CIC 14 105 (B) File System Forensic Analysis
CIC 14 105 (C) Biometric Image Processing
CIC 14 105 (D) Pattern Recognition
L – Lecture, T- Tutorial, P – Practical
Page No.: 1 Scheme of M.Tech. Programme in INFORMATION SECURITY and CYBER FORENSICS
6
7
Database Design and Security
Network Security
Cyber Law and Security Policies
Elective-II
Elective-III
L
3
3
3
3
3
T
1
1
1
1
1
P
0
0
0
0
0
100
100
100
100
100
100
100
100
100
100
200
200
200
200
200
3
3
3
3
3
4
4
4
4
4
Seminar
0
0
2
100
0
100
-
2
Database Security Laboratory
0
0
2
100
0
100
-
2
15
5
4
700
500
1200
-
24
Hours/Week
Course Code
CIC 14 201
CIC 14 202
CIC 14 203
CIC 14 204
CIC 14 205
CIC 14 206
(P)
CIC 14 207
(P)
Name of the Subject
Total
Elective-II
CIC 14 204 (A) Advanced Cryptography
CIC 14 204 (B) Ethical Hacking and Network Defense
CIC 14 204 (C) Algorithms and Complexity
Elective-III
CIC 14 205 (A) Risk Management and Security
CIC 14 205 (B) Windows and Linux Forensic Analysis
CIC 14 205 (C) Biometric Security
CIC 14 205 (D) Speech Processing
L – Lecture, T- Tutorial, P – Practical
Page No.: 2 Semester
End Exam
Duration
Credits
Total
1
2
3
4
5
End Sem
Sl.
No.
Internal
Evaluationn
SECOND SEMESTER
Scheme of M.Tech. Programme in INFORMATION SECURITY and CYBER FORENSICS
4
CIC 14 304
(P) L
T
P
Elective-IV
Elective-V
3
3
1
1
0
0
100
100
Industrial Training
0
0
0
50
Master Research
Phase - I
Total
Project
Guide 50
0
0
EC# 50
6
2
Elective-IV
CIC 14 301 (A) Digital Watermarking and Steganography
CIC 14 301 (B) PKI and Trust Management
CIC 14 301 (C) Artificial Intelligence
Elective-V
CIC 14 302 (A) Mobile Forensics
CIC 14 302 (B) Security Threats
CIC 14 302 (C) Data Mining
L – Lecture, T- Tutorial, P – Practical
# EC - Evaluation Committee
Page No.: 3 22
22
350
100
100
0
200
200
50
3
3
-
300
-
6
750
-
15
Guide
100
EC#
100
400
Credits
Semester End
Exam Duration
3
CIC 14 301 CIC 14 302 CIC 14 303
(P) Name of the Subject
Total
1
2
Course Code
End Sem
Hours/Week
Sl.
No.
Internal
Evaluationn
THIRD SEMESTER
4
4
1
Scheme of M.Tech. Programme in INFORMATION SECURITY and CYBER FORENSICS
CIC 14 401
(P)
Guide
EC#
Ext.
Guide
Viva
Voce
30
150
150
150
150
600
12
30
150
150
150
150
600
3750
12
75
Name of the Subject
L
1
Credits
Course Code
Total
Sl.
No.
T
Master Research Project
Phase - II
Total
Grand Total
P
* The students have to undertake the departmental work assigned by HOD
# EC - Evaluation Committee
Page No.: 4 End Sem
Hours/Week
Internal
Evaluationn
FOURTH SEMESTER*
FIRST SEMESTER
CIC 14 101: ADVANCED MATHEMATICAL STRUCTURES
Module I
Modules
I
II
III
IV
Tutorial
Total
Hours
9
10
10
10
13
52
Stochastic Processes: Renewal Processes- Reward and Cost Models, Poisson Process, Point Process
Regenerative Processes, Renewal Theorems
Module II
Markov Models: Discrete Time Markov Chain- Transition Probabilities Communication ClassesIrreducible Chains. Continuous Markov Chain- Pure Jump Continuous- Time Chains, Regular Chains,
Birth and Death Process. Semi-Markov Processes.
Module III
Single Class and Multi class Queuing Networks: Simple Markovian queues- M/G/1 queue – Open
Queuing Networks Closed Queuing Networks- Mean Value Analysis- Multi- class traffic ModelService Time distributions- BCMP Networks- Priority Systems.
Module IV
Time delays and blocking in queuing Networks- Time delays in single server queue- time delays in
networks of queues- Types of Blocking – Two finite queues in a closed network- aggregating
Markovian States
References
1. Ronald W. Wolff, “Stochastic Modeling and Theory of Queues”, Prentice- Hall International Inc
1989.
2. Peter G Harrison and Naresh M Patel, “Performance Modeling of Communication Networks and
Computer Architectures”, Addison – Wesley, 1992
3. Gary N Higginbottom, “Performance Evaluation of Communication Networks”, Artech House,
1998
4. Anurag Kumar, D. Manjunath and Joy Kuri, “Communication Networking: An Analytical
Approach”, Morgan Kaufman Publ. 2004
5. D. Bertsekas and R. Gallager, “Data Networks”, Prentice- Hall of India 2001
6. Ross K W, “Multiservice Loss Models for Broadband Telecommunication Networks”, SpringerVerlag, 1995
7. Warland J, “An Introduction to Queuing Networks”, Prentice- Hall ,1988
8. Cinlar E, “Introduction to Stochastic Processes”, Prentice- Hall , 1975
9. Karlin S and Taylor H, “A first Course in Corse in Stochastic Processes”, 2nd Edition Academic
Press, 1975
Internal Continuous Assessment: 100 marks
Internal continuous assessment is in the form of periodical tests, assignments, seminars or a combination
of all whichever suits best. There will be a minimum of two tests per subject. The assessment details are
to be announced to the students, right at the beginning of the semester by the teacher.
Page No.: 5 End Semester Examination: 100 marks
Question Pattern
Answer any five questions by choosing at least one question from each Module.
Module I
Question 1 : 20 marks
Question 2 : 20 marks
Module II
Question 3 : 20 marks
Question 4 : 20 marks
Module III
Question 5 : 20 marks
Question 6 : 20 marks
Page No.: 6 Module IV
Question 7 : 20 marks
Question 8 : 20 marks
CIC 14 102: COMPUTER ARCHITECTURE AND
SECURITY ANALYSIS
Module I
Modules
I
II
III
IV
Tutorial
Total
Hours
10
9
10
10
13
52
Register Transfer language – Register, Bus and Memory Transfers - Arithmetic Logic and Shift Micro
operations. Instruction codes – Instructions – Timing and Control. Instruction Cycle– Input, output and
Interrupt. Instruction Formats – Addressing Modes- Program Control – Control Memory
Module II
Basic Concepts – Memory Hierarchy – Main Memory – Cache and Virtual Memory Concepts – Input /
Output Interface – Direct memory Access – I/O Processor.
Module III
Parallelism- pipelining- pipeline hazards. Memory interleaving - Parallel computer architecture
classifications. Introduction to CISC and RISC Processors. Basic components of Security:
Confidentiality, Integrity, Availability, Threats. Security policies, types , role of trust, types of access
control
Module IV
Authentication - Basics, Passwords: attacking, countering, password ageing Biometrics. Confinement
Problem - Introduction, isolation: virtual machines, sandboxes, covert channels, detection analysis,
mitigation.
References
1. Morris Mano M, “Computer System and Architecture”, Pearson Education, New Delhi, Third
edition, 2004.
2. D. Patterson and J. Hennessy, “Computer Organization and Design: The Hardware/Software
Interface”, Morgan Kaufmann Publishers, Inc., Third edition, 2002.
3. Kai Hwang and Briggs F.A., “Computer Architecture and Parallel Processing”, McGraw Hill
International Edition, New Delhi, 2007.
4. Matt Bishop, “Computer Security”, Pearson Education, New Delhi, 2003.
5. Michael E Whitman and Herbert J Mattord, “Principles of Information Security”, Vikas
Publishing House, New Delhi, 2003
6. Micki Krause, Harold F. Tipton, “ Handbook of Information Security Management”, Vol 1-3
CRC Press LLC, 2004
Internal Continuous Assessment: 100 marks
Internal continuous assessment is in the form of periodical tests, assignments, seminars or a combination
of all whichever suits best. There will be a minimum of two tests per subject. The assessment details are
to be announced to the students, right at the beginning of the semester by the teacher.
End Semester Examination: 100 marks
Question Pattern
Page No.: 7 Answer any five questions by choosing at least one question from each Module.
Module I
Module II
Module III
Module IV
Question 1 : 20 marks
Question 2 : 20 marks
Question 3 : 20 marks
Question 4 : 20 marks
Question 5 : 20 marks
Question 6 : 20 marks
Question 7 : 20 marks
Question 8 : 20 marks
Page No.: 8 CIC 14 103: TRUSTED OPERATING SYSTEM
DESIGN
Module I
Modules
I
II
III
IV
Tutorial
Total
Hours
10
9
10
10
13
52
Introduction- Introduction, hardware interface, operating system interface. design problems.
Operating System design techniques. Implementing processes - The system call interface, system
initialiIation, process switching, system call interrupt handling, program error interrupts, d isk
driver system. implementing waiting, flow of control through OS, signaling and interrupts, event
table managers, process implementation. Parallel systems- Parallel hardware, OS for two processor
systems, race conditions with shared processes, atomic actions, multiprocessor OS, threads.
Module II
Interprocess communication patterns-competing and co-operating, problems, race conditions and
atomic actions, new message passing system calls. IPC pattern: mutual exclusion, signaling and
rendezvous models, producer-consumer and client server models. Deadlocks- Conditions for deadlock,
dealing with deadlocks, two-phase locking, message variations, synchronization, semaphores, Design
techniques- some example design techniques. Memory management- levels of memory management,
linking and loading process, memory management design, dynamic memory allocation, keeping track
allocation of blocks, multiprogramming issues, memory protection, memory management system calls.
Module III
Virtual memory- Fragmentation and compaction, dealing with fragmentation- paging, swapping,
overlay, page replacement- global and local page replacement algorithms, thrashing and load control,
dealing with large page tables, sharing memory, design techniques- examples of multiplexing and late
binding. I/O devices - devices and controllers, terminal devices, communication devices, disk devices,
disk controllers, SCSI interfaces, tape devices, CD-devices. I/O subsystems- I/O system software, disk
device driver access strategies, modeling disks, unification of files and device, generalized disk device
drivers, disk caching. File systems- File abstraction, naming, file system objects and operations. - case
study in Windows NT and Linux
Module IV
Protection in General Purpose Operating Systems: protected objects and methods of protection –
memory and address protection – control of access to general objects – file protection Mechanisms –
user authentication - Designing Trusted Operating Systems.
Test Book
1. Charles Crowley, “Operating Systems- A Design Oriented Approach”, TMH, 1998
2. Charles P. Pleeger, "Security in Computing", Prentice Hall, New Delhi, 2009
References
1. Silberschatz and Galvin. “Operating system concepts”. Addison Wesley, 1998
2. Tanenbaum Andrew S. “Modern Operating System”. Eaglewood Cliffs, PHI, 1992
3. Gary J. Nutt. “Operating systems - A Modern Perspective”. Second edition. Addison Wesley,
2000.
Page No.: 9 4. W. Stallings, “Operating systems- Internals and design principles”, 4 th Ed. PHI, 2002
Internal Continuous Assessment: 100 marks
Internal continuous assessment is in the form of periodical tests, assignments, seminars or a combination
of all whichever suits best. There will be a minimum of two tests per subject. The assessment details are
to be announced to the students, right at the beginning of the semester by the teacher.
End Semester Examination: 100 marks
Question Pattern
Answer any five questions by choosing at least one question from each Module.
Module I
Question 1 : 20 marks
Question 2 : 20 marks
Module II
Question 3 : 20 marks
Question 4 : 20 marks
Module III
Question 5 : 20 marks
Question 6 : 20 marks
Page No.: 10 Module IV
Question 7 : 20 marks
Question 8 : 20 marks
CIC 14 104: CYBER FORENSICS BASICS
Module I
Modules
I
II
III
IV
Tutorial
Total
Hours
10
9
10
10
13
52
Introduction to Computer Forensics, history of computer forensics, understanding case law, developing
computer forensics resources, preparing for computer investigations, understanding law enforcement
agency investigations, understanding corporate investigations, maintaining professional conduct,
Understanding Computer Investigations -Preparing a computer investigation, taking a systematic
approach, procedures for corporate high tech investigations, understanding data recovery workstations
and software, conducting an investigation, completing the case, Requirements for forensic lab
certification , determining the physical requirements for a computer forensics lab, selecting a basic
forensic workstation, building a business case for developing a forensic lab.
Module II
Data Acquisition - storage formats for digital evidence, determining the best acquisition method,
contingency planning for image acquisitions, using acquisition tools, validating data acquisitions,
performing RAID data acquisitions, using remote network acquisition tools, using other forensic
acquisition tools, Processing Crime and Incident Scene-identifying digital evidence, collecting evidence
in private sector incident scenes, processing law enforcement crime scenes, preparing for a search,
securing a computer incident or crime scene . Seizing digital evidence at the scene, storing digital
evidence, obtaining a digital hash.
Module III
Working with windows and DOS systems- file systems, exploring Microsoft file structures, examining
NTFS disks, whole disk encryption, the windows registry, Microsoft and Ms-DOS start up tasks, virtual
machines, Evaluating Computer Forensic s Tool needs, computer forensics software and hardware tools,
validating and testing forensics software. the Macintosh file structure and boot process, examining UNIX
and LINUX disk structures and boot processes, examining CD data structures, examining SCSI Disk,
examining IDE/EIDE and SATA devices.
Module IV
Analysis and validation -determining what data to collect and analyze, validating forensic data,
addressing data -hiding techniques, performing remote acquisitions. Recovering Graphics FilesRecognizing ,locating and recovering graphic files, understanding data compression, copy rights issues
with graphics, identifying unknown file formats, copyright issues with graphics. Network Forensicsoverview, performing live acquisitions, developing standard procedures for network forensics, using
network tools. Email Investigations-role of E-mail in investigations, exploring the roles of the client and
server, investigating e-mail crimes and violations, understanding E-mail servers, specialized E-mail
forensic tools. Cell Phone and Mobile Device forensics- Mobile device forensics, acquisition procedures
for cell phones and mobile devices.
Text book
1. Computer Forensics and Investigations- Bill Nelson, Amelia Phillips, Frank Enfinger, Christofer
Steuart , Second Indian Reprint 2009, Cengage Learning India Private Limited.
2. Digital Evidence and Computer Crime – Eoghan Casey, Edition 3, Academic Press,2011
Page No.: 11 3. Computer Forensics and Cyber Crime : An Introduction – Marjie Britz, Edition 2, Prentice Hall,
2008
References
1. Practical guide to Computer Forensics- David Benton and Frank Grindstaff , 2006, Book Surge
Publishing, 2006
2. Computer Evidence: Collection & Preservation- Christopher L.T Brown Charles River Media
publishing, Edition 1, 2005
3. Computer Investigation ( Forensics, the Science of crime-solving) – Elizabeth Bauchner, Mason
Crest Publishers, 2005
4. Real Digital Forensics- Keith J. Jones, Richard Bejtlich and Curtis W. Rose, Addison-Wesley
publishers, 2005
5. Forensic Computer Crime Investigation (International Forensic Science and Investigation)Thomas A. Johnson, CRC Press, 2005.
Internal Continuous Assessment: 100 marks
Internal continuous assessment is in the form of periodical tests, assignments, seminars or a combination
of all whichever suits best. There will be a minimum of two tests per subject. The assessment details are
to be announced to the students, right at the beginning of the semester by the teacher.
End Semester Examination: 100 marks
Question Pattern
Answer any five questions by choosing at least one question from each Module.
Module I
Question 1 : 20 marks
Question 2 : 20 marks
Module II
Question 3 : 20 marks
Question 4 : 20 marks
Module III
Question 5 : 20 marks
Question 6 : 20 marks
Page No.: 12 Module IV
Question 7 : 20 marks
Question 8 : 20 marks
CIC 14 105 (A): ACCESS CONTROL AND AUTHENTICATION
SYSTEM
Module I
Modules
I
II
III
IV
Tutorial
Total
Hours
10
10
10
9
13
52
Access control – Introduction - Attenuation of privileges – Trust and Assurance – Confinement problem
- Security design principles– Identity Management models – local –Network - federal – global web
identity – XNS approach for global Web identity - Centralized enterprise level Identity Management.
Module II
Elements of trust paradigms in computing – Third party approach to identity trust – Kerberos Explicit third party authentication paradigm – PKI approach to trust establishment – Attribute
certificates – Generalized web of trust models – Biometric Authentications.
Module III
Mandatory access control - Comparing information flow in BLP and BIBA models – Combining the
BLP and BIBA models – Chinese wall problem. Discretionary access control and Access matrix model
– definitions – Safety problem – The take grant protection model – Schematic protection model – SPM
rules and operations – Attenuating– Applications
Module IV
Role based access control – Hierarchical Access Control - Mapping of a mandatory policy to RABC –
Mapping discretionary control to RBAC – RBAC flow analysis – Separation of Duty in RBAC – RBAC
consistency properties - The privileges perspective of separation of duties – Functional specification for
RBAC .
Text Books
1. Messoud Benantar, “Access Control Systems: Security, Identity Management and Trust
Models”, Springer, 2009.
2. Elena Ferrari and M. Tamer A-zsu, “Access Control in Data Management Systems”, Morgan &
Claypool Publishers, 2010.
3. John Berger,” Biometrics for Network Security”, Prentice Hall, 2004.
Internal Continuous Assessment: 100 marks
Internal continuous assessment is in the form of periodical tests, assignments, seminars or a combination
of all whichever suits best. There will be a minimum of two tests per subject. The assessment details are
to be announced to the students, right at the beginning of the semester by the teacher.
End Semester Examination: 100 marks
Question Pattern
Answer any five questions by choosing at least one question from each Module.
Page No.: 13 Module I
Module II
Module III
Module IV
Question 1 : 20 marks
Question 2 : 20 marks
Question 3 : 20 marks
Question 4 : 20 marks
Question 5 : 20 marks
Question 6 : 20 marks
Question 7 : 20 marks
Question 8 : 20 marks
Page No.: 14 CIC 14 105 (B): FILE SYSTEM FORENSIC ANALYSIS
Module I
Modules
I
II
III
IV
Tutorial
Total
Hours
10
10
9
10
13
52
Digital investigation foundation- Digital investigations and evidence, Digital crime scene investigation
process, Data analysis, overview of toolkits, Computer foundations- Data organizations, booting
process, Hard disk technology, Hard disk data acquisition- introduction, reading the source data, writing
the output data, a case study.
Module II
Volume Analysis- introduction, background, analysis basics, PC based partitions- DOS partitions,
Analysis considerations, Apple partitions, removable media, Server based partitions- BSD partitions,
Sun Solaris slices, GPT partitions, Multiple disk volumes- RAID, Disk Spanning. File system analysisWhat is a file system, File system, Content, Metadata, File name, Application, Application-level search
techniques, Specific file systems, FAT concepts and analysis- Introduction, File system category,
Content, Metadata, File name, The big picture, File recovery, determining the type, Consistency check.
FAT data structure- Boot sector, FAT 32 FS info, FAT, Directory entries, Long file name directory
entries.
Module III
NTFS concepts- Introduction, Everything is a file, MFT concepts, MFT entry attribute concepts, Other
attribute concepts, Indexes, Analysis tools, NTFS Analysis- File system category, Content category,
Metadata category, File name category, The big picture, File recovery, determining the type, Consistency
check. NTFS data structure- Basic concepts, Standard file attributes, Index attributes and data structures,
File system metadata files.
Module IV
Ext2 and Ext3 concepts- File system category, Content, Metadata, File name, The big picture, File,
determining the type, Consistency check. Ext2 and Ext3 data structures-Super block, group descriptor
tables, Block bitmap, Inodes, Extended attributes, Directory Entry, Symbolic Link, Hash trees, Journal
data structures, UFS1 and UFS2 concepts and analysis- Introduction, File system category, Content,
Metadata, File name, The big picture, File recovery, determining the type, Consistency check, UFS1 and
UFS2 data structures- UFS1 superblock, UFS2 superblock, Cylinder group summary, UFS1 group
descriptor, UFS2 group descriptor, Block and fragment bitmaps, UFS1 Inodes, UFS2 Inodes, UFS2
Extended attributes, Directory entries.
Textbooks
1. File System Forensic Analysis – Brian Carrier, Addison Wesley, 2005
2. Digital Evidence and Computer Crime- Casey, Eoghan , edition 2, Academic Press, 2004.
3. Computer Forensics- Kruse, Warren and Jay Heiser, Addison Wesley, 2002.
References
1. Guide to Computer Forensics and Investigations- Bill Nelson, Amelia Phillips, Frank Enfinger,
Chris Steuart, Thomson Course Technology, 2004
2. Forensic Discovery – Dan Farmer &Wietse Venema, Addison Wesley, 2005
Page No.: 15 3. Incident Response and Computer Forensics- Mandia, Kevin, Chris Prosise, Matt Pepe, MH,
2003.
4. A Fast File System for UNIX-McKusick, William N. Joy, Samuel J. Leffler, Robert S. Fabry,
ACM Transactions on Computer Systems, August 1984, pp 181-197.
5. The Common Vulnerabilities and Exposures database, entry CVE-2000-0666.
Internal Continuous Assessment: 100 marks
Internal continuous assessment is in the form of periodical tests, assignments, seminars or a combination
of all whichever suits best. There will be a minimum of two tests per subject. The assessment details are
to be announced to the students, right at the beginning of the semester by the teacher.
End Semester Examination: 100 marks
Question Pattern
Answer any five questions by choosing at least one question from each Module.
Module I
Module II
Module III
Module IV
Question 1 : 20 marks
Question 2 : 20 marks
Question 3 : 20 marks
Question 4 : 20 marks
Question 5 : 20 marks
Question 6 : 20 marks
Question 7 : 20 marks
Question 8 : 20 marks
Page No.: 16 CIC 14 105 (C): BIOMETRIC IMAGE PROCESSING
Module I
Modules
I
II
III
IV
Tutorial
Total
Hours
10
10
9
10
13
52
Fundamentals: Digital Image representation - Fundamental steps in Image Processing - Elements of
Digital Image Processing Systems - Sampling and Quantization - Basic relationships between pixels Imaging Geometry - Transformation Technology - The Fourier Transform, The Hadamard Transform,
The Discrete Cosine Transform.
Module II
Image Processing Methods: Image Enhancement: The Spatial Domain Methods, The Frequency Domain
Methods - Image Segmentation: Pixel Classification by Thresholding, Histogram Techniques,
Smoothing and Thresholding - Gradient Based Segmentation: Gradient Image, Boundary Tracking,
Laplacian Edge Detection. Fingerprint Biometrics: Fingerprint Patterns, Fingerprint Features,
Fingerprint Image, width between two ridges - Fingerprint Image Processing - Minutiae Determination
- Fingerprint Matching: Fingerprint Classification, Matching policies.
Module III
Face Recognition: Detection and Location of Faces: Statistics-Based method, Knowledge-Based method
- Feature Extraction and Face Recognition: Gray value Based method, Geometry Feature Based method,
Neural Networks method.
Module IV
Iris Biometrics: Iris System Architecture, Definitions and Notations - Iris Recognition: Iris location,
Doubly Dimensionless Projection, Iris code, Comparison - Coordinate System: Head Tilting Problem,
Basic Eye Model, Searching Algorithm - Texture Energy Feature. Fusion In Biometrics: Introduction to
Multibiometrics - Information Fusion in Biometrics - Issues in Designing a Multibiometric System Sources of Multiple Evidence - Levels of Fusion in Biometrics - Sensor level, Feature level, Rank level,
Decision level fusion - Score level Fusion.
References
1. David D. Zhang, “Automated Biometrics: Technologies and Systems”, Kluwer Academic
Publishers, New Delhi, 2000.
2. Rafael C.Gonzalez, Richard E.Woods, Steven L.Eddins, “Digital Image Processing”, Pearson
Education, New Delhi, 2009
3. Arun A. Ross , Karthik Nandakumar, A.K.Jain, “Handbook of Multibiometrics”, Springer, New
Delhi, 2006
Internal Continuous Assessment: 100 marks
Internal continuous assessment is in the form of periodical tests, assignments, seminars or a combination
of all whichever suits best. There will be a minimum of two tests per subject. The assessment details are
to be announced to the students, right at the beginning of the semester by the teacher.
End Semester Examination: 100 marks
Page No.: 17 Question Pattern
Answer any five questions by choosing at least one question from each Module.
Module I
Module II
Module III
Module IV
Question 1 : 20 marks
Question 2 : 20 marks
Question 3 : 20 marks
Question 4 : 20 marks
Question 5 : 20 marks
Question 6 : 20 marks
Question 7 : 20 marks
Question 8 : 20 marks
Page No.: 18 CIC 14 105 (D): PATTERN RECOGNITION
Module I
Modules
I
II
III
IV
Tutorial
Total
Hours
10
10
10
9
13
52
Introduction: Basic Concepts of Pattern Recognition- Fundamental problems in Pattern Recognition
System Design- Design Concepts and Methodologies – Examples of Automatic Pattern Recognition
Systems
Module II
Pattern Classification By Distance Functions: Minimum Distance Pattern Classification – Cluster
Seeking – Unsupervised Pattern Recognition. Pattern Classification By Likelihood Functions:
Introduction – Pattern Classification as a Statistical Decision Problem – Bayes Classifier for Normal
Patterns- Nonparametric decision making
Module III
Pattern Preprocessing And Feature Selection: Similarity and Distance – Clustering Transformations and
Feature Ordering – Clustering in Feature Selection – Feature selection through Divergence
Maximization – Binary Feature Selection.
Module IV
Case Studies In Pattern Recognition: Clustering – Artificial Neural Networks – Image Analysis
References
1. Earl Gose, Richard Johnsonbaugh and Steve Jost,”Pattern Recognition and Image Analysis”,
Prentice Hall, New Delhi, 2005.
2. Earl Gose Richard Johnsonbaugh Steve Jost, “Pattern Recognition And Image Analysis”,
Prentice Hall, Inc, 2002
3. Wolff D D Parsons M L, “Pattern Recognition Approach To Data Interpretation”, Plenum Press,
1983.
4. Julius T. Tou and Rafael C. Gonzalez, "Pattern Recognition Principles”, Addison Wesley, New
Delhi, 1974
Internal Continuous Assessment: 100 marks
Internal continuous assessment is in the form of periodical tests, assignments, seminars or a combination
of all whichever suits best. There will be a minimum of two tests per subject. The assessment details are
to be announced to the students, right at the beginning of the semester by the teacher.
End Semester Examination: 100 marks
Question Pattern
Answer any five questions by choosing at least one question from each Module.
Page No.: 19 Module I
Module II
Module III
Module IV
Question 1 : 20 marks
Question 2 : 20 marks
Question 3 : 20 marks
Question 4 : 20 marks
Question 5 : 20 marks
Question 6 : 20 marks
Question 7 : 20 marks
Question 8 : 20 marks
Page No.: 20 CIC 14 106 (P): SEMINAR
[Hours/Week: 2]
Objective: To assess the debating capability of the student to present a technical topic. In addition, to
impart training to students to face audience and present their ideas and thus creating in them self esteem
and courage that are essential for engineers.
Individual students are required to choose a topic of their interest from Information Security related
topics preferably from outside the M.Tech syllabus and give a seminar on that topic about 30 minutes.
A committee consisting of at least three faculty members (preferably specialized in Information
Security) shall assess the presentation of the seminar and award marks to the students. Each student shall
submit two copies of a write up of his/her seminar topic. One copy shall be returned to the student after
duly certifying it by the chairperson of the assessing committee and the other will be kept in the
departmental library. Internal continuous assessment marks are awarded based on the relevance of the
topic, presentation skill, quality of the report and participation.
Internal Continuous Assessment: 100 marks
Regularity and Class Work
-
30 Marks
Report
-
20 Marks
Tests, Viva
-
50 Marks
Page No.: 21 CIC 14 107 (P): OPERATING SYSTEM AND SECURITY LAB
1. Write programs using the following system calls of Linux/Unix operating system: fork, exec,
getpid, exit, wait, close.
2. Write programs using the I/O system calls of Linux/Unix operating system (open, read, write)
3. Implementation of Memory and Address Protection
4. Implementation of Access Control List
5. Write Shell Scripting using grep, sed & awk.
6. Setting of File Permissions and Protections.
7. Setting up the local security policy.
Internal Continuous Assessment: 100 marks
Regularity & Class work
-
30 marks
Report
-
20 marks
Tests, Viva
-
50 marks
Page No.: 22 SECOND SEMESTER
CIC 14 201: DATABASE DESIGN AND SECURITY
Module I
Modules
I
II
III
IV
Tutorial
Total
Hours
9
10
10
10
13
52
Database System concepts and applications. Data modeling using Entity-Relationship model. Record
Storage and File organization.
Module II
The relational Data Model. Relational constraints and the Relational Algebra. SQL. ER to Relational
mapping.
Module III
Database Design Theory and Methodology- Functional Dependencies and Normalization for
Relational Databases. Object Oriented Database concepts. Object Relational and Extended Relational
Database Systems. Data warehousing and Data Mining.
Module IV
Introduction to database security, security models, physical and logical security, security requirements,
reliability and integrity, sensitive data, inference, multilevel databases and multilevel security, access
control- mandatory and discretionary , security architecture, issues.
Text Books
1. Ramez Elmasri, Shamkant B. Navathe , “Fundamentals of Database System” Addison Wesley,
New Delhi/Third/Fourth Edition
2. Ron Ben Natan, “Implementing database security and auditing”, Elsevier publications, 2005.
3. Hassan A. Afyduni, “Database Security and Auditing”, Course Technology – Cengage Learning,
NewDelhi, 2009.
References
1. Abraham Silberschatz, Hanry F Korth, Sudarshan S, “Database Systems Concepts”, McGraw
Hill, 2003.
2. Raghu Ramakrishnan, "Database Management Systems", McGraw Hill/ Third Edition, 2003
3. M. Gertz, and S. Jajodia, “Handbook of Database Security- Application and Trends”, 2008,
Springer.
Internal Continuous Assessment: 100 marks
Internal continuous assessment is in the form of periodical tests, assignments, seminars or a combination
of all whichever suits best. There will be a minimum of two tests per subject. The assessment details are
to be announced to the students, right at the beginning of the semester by the teacher.
End Semester Examination: 100 marks
Question Pattern
Page No.: 23 Answer any five questions by choosing at least one question from each Module.
Module I
Question 1 : 20 marks
Question 2 : 20 marks
Module II
Question 3 : 20 marks
Question 4 : 20 marks
Module III
Question 5 : 20 marks
Question 6 : 20 marks
Page No.: 24 Module IV
Question 7 : 20 marks
Question 8 : 20 marks
CIC 14 202: NETWORK SECURITY
Module I
Modules
I
II
III
IV
Tutorial
Total
Hours
9
10
10
10
13
52
Introduction to Security in Networks – Characteristics of Networks – Intrusion – Kinds of security
breaches – Plan of attack - Points of vulnerability – Methods of defense – Control measures –
Effectiveness of controls. Transport Level Security – Web Security Issues – SSL – TLS – HTTPS - SSH
Module II
E-Mail Security – PGP – S/MIME – IP Security - Firewalls design principles – Trusted systems –
Electronic payment protocols.
Module III
Wireless Fundamentals: Wireless Hardware- Wireless Network Protocols- Wireless Programming WEP
Security. Wireless Cellular Technologies – concepts – Wireless reality – Security essentials –
Information classification standards - Wireless Threats: Cracking WEP - Hacking Techniques- Wireless
Attacks – Airborne Viruses.
Module IV
Standards and Policy Solutions – Network Solutions – Software Solutions – Physical Hardware SecurityWireless Security – Securing WLAN – Virtual Private Networks – Intrusion Detection System –
Wireless Public Key infrastructure. Tools – Auditing tools – Pocket PC hacking – wireless hack
walkthrough.
References
1. Russel Dean Vines, “Wireless Security Essentials:Defending Mobile from Data Piracy”, JW&S,
1
2. Cyrus, Peikari and Seth Fogie, “Maximum Wireless Security”, SAMS Publishing 2002.
3. Yi-Bing Lin & Imrich Chlamtac, “Wireless and Mobile Networks Architectures”, JW Sons,
2001.
4. Raj Pandya, “Mobile and Personal Communication systems and services”, PHI, 2001.
5. Tara M. Swaminathan & Charles R. Eldon, “Wireless Security and Privacy- Best Practices &
Design Techniques”, AW, 2002.
6. Bruce Potter and Bob Fleck, “802.11 Security”, O’Reilly Publications, 2002.
7. Burkhardt, “Pervasive Computing”, Pearson Education, India Edition, 2007.
8. J. Schiller, “Mobile Communication”, Pearson Education, India Edition, 2002.
Internal Continuous Assessment: 100 marks
Internal continuous assessment is in the form of periodical tests, assignments, seminars or a combination
of all whichever suits best. There will be a minimum of two tests per subject. The assessment details are
to be announced to the students, right at the beginning of the semester by the teacher.
End Semester Examination: 100 marks
Question Pattern
Page No.: 25 Answer any five questions by choosing at least one question from each Module.
Module I
Question 1 : 20 marks
Question 2 : 20 marks
Module II
Question 3 : 20 marks
Question 4 : 20 marks
Module III
Question 5 : 20 marks
Question 6 : 20 marks
Page No.: 26 Module IV
Question 7 : 20 marks
Question 8 : 20 marks
CIC 14 203: CYBER LAW AND SECURITY POLICIES
Module I
Modules
I
II
III
IV
Tutorial
Total
Hours
9
10
10
10
13
52
Introduction to Computer Security: Definition, Threats to security, Government requirements,
Information Protection and Access Controls, Computer security efforts, Standards, Computer Security
mandates and legislation, Privacy considerations, International security activity.
Module II
Secure System Planning and administration, Introduction to the orange book, Security policy
requirements, accountability, assurance and documentation requirements, Network Security, The Red
book and Government network evaluations.
Module III
Information security policies and procedures: Corporate policies- Tier 1, Tier 2 and Tier3 policies process management-planning and preparation-developing policies-asset classification policydeveloping standards.
Module IV
Information security: fundamentals-Employee responsibilities- information classification-Information
handlingTools
of
information
securityInformation
processing-secure
program
administration.Organizational and Human Security: Adoption of Information Security Management
Standards, Human Factors in Security- Role of information security professionals.
References
1. Debby Russell and Sr. G.T Gangemi, "Computer Security Basics (Paperback)”, 2nd Edition, O’
Reilly Media, 2006.
2. Thomas R. Peltier, “Information Security policies and procedures: A Practitioner’s Reference”,
2nd Edition Prentice Hall, 2004.
3. Kenneth J. Knapp, “Cyber Security and Global Information Assurance: Threat Analysis and
Response Solutions”, IGI Global, 2009.
4. Thomas R Peltier, Justin Peltier and John blackley, ”Information Security Fundamentals”, 2nd
Edition, Prentice Hall, 1996
5. Jonathan Rosenoer, “Cyber law: the Law of the Internet”, Springer-verlag, 1997.
Internal Continuous Assessment: 100 marks
Internal continuous assessment is in the form of periodical tests, assignments, seminars or a combination
of all whichever suits best. There will be a minimum of two tests per subject. The assessment details are
to be announced to the students, right at the beginning of the semester by the teacher.
End Semester Examination: 100 marks
Question Pattern
Answer any five questions by choosing at least one question from each Module.
Page No.: 27 Module I
Module II
Module III
Module IV
Question 1 : 20 marks
Question 2 : 20 marks
Question 3 : 20 marks
Question 4 : 20 marks
Question 5 : 20 marks
Question 6 : 20 marks
Question 7 : 20 marks
Question 8 : 20 marks
Page No.: 28 CIC 14 204 (A): ADVANCED CRYPTOGRAPHY
Module I
Modules
I
II
III
IV
Tutorial
Total
Hours
9
10
10
10
13
52
Cryptography and modern cryptography – The setting of private-key encryption – Historical ciphers
and their cryptanalysis – Basic principles of modern cryptography – Services, Mechanisms and Attacks
– OSI security architecture - Foundations of Cryptology.
Module II
Definition – Substitution ciphers – Transposition ciphers - Stream and block ciphers. Characteristics of
good ciphers - Data Encryption Standard (DES) – International Data Encryption Algorithm – Advanced
Encryption Standard – Block cipher modes of operation – Confidentiality using symmetric encryption.
Module III
Introduction to Number Theory - Prime Numbers - Fermat's and Euler's Theorems - The Chinese
Remainder Theorem - Principles of Public Key Cryptosystems – The RSA Algorithm – Key
Management – Diffie Hellman Key Exchange – Elliptic Curve Cryptography.
Module IV
Authentication requirements – Authentication functions – Message Authentication Codes (MAC) – Hash
functions – Security of hash functions and MACs. MD5 Message Digest Algorithm – Secure Hash
Algorithm (SHA) –HMAC – Digital Signatures - Authentication Protocols - Digital Signature Standard
(DSS).
References
1. Bernard Menezes, “Network Security and Cryptography”, Cengage Learning, New Delhi, 2010.
2. Ingemar J.Cox, Matthew L.Miller, Jeffrey A.Bloom, Jessica Fridrich, Ton Kalker, “Digital
Watermarking and Steganography”, Morgan Kaufmann Publishers, New York, 2008.
3. William Stallings, “Cryptography and Network Security, Prentice Hall, New Delhi, 2006.
4. Wenbo Mao, “Modern Cryptography – Theory and Practice”, Pearson Education, New Delhi,
2006.
5. Jonathan Katz, Yehuda Lindell, “Introduction to Modern Cryptography”, Chapman & Hall/CRC,
New York, 2007.
6. Bruce Schneier, “Applied Cryptography”, John Wiley & Sons, New York, 2004.
7. Atul Kahate, “Cryptography and Network Security”, Tata McGrew Hill, 2003.
8. Jorg Roth, “Complexity Theory & Cryptology – An Introduction to Cryptocomplexity”, Springer
- 2005
Internal Continuous Assessment: 100 marks
Internal continuous assessment is in the form of periodical tests, assignments, seminars or a combination
of all whichever suits best. There will be a minimum of two tests per subject. The assessment details are
to be announced to the students, right at the beginning of the semester by the teacher.
End Semester Examination: 100 marks
Page No.: 29 Question Pattern
Answer any five questions by choosing at least one question from each Module.
Module I
Module II
Module III
Module IV
Question 1 : 20 marks
Question 2 : 20 marks
Question 3 : 20 marks
Question 4 : 20 marks
Question 5 : 20 marks
Question 6 : 20 marks
Question 7 : 20 marks
Question 8 : 20 marks
Page No.: 30 CIC 14 204 (B): ETHICAL HACKING AND NETWORK
DEFENSE
Module I
Modules
I
II
III
IV
Tutorial
Total
Hours
9
10
10
10
13
52
Introduction - Certified Ethical Hackers – Network and Computer Attacks – Ethical Hacking Plan –
Hacking Methodology. Footprinting Tools – Conducting Competitive Intelligence - DNS Zone
Transfers – Introduction to Social Engineering – Performing Social Engineering Attacks - Social
Engineering Countermeasures.
Module II
Introduction to Port Scanning – Types of Port Scan – Port Scanning Tools - Conducting Ping Sweeps Shell Scripting. Enumeration: Introduction - Enumerating Windows, Symbian, Java OS, Android and
NetWare Operating Systems.
Module III
Hacking Web Servers: Web Application – Web Application Vulnerabilities – Tools for Web Attackers
and Security Testers. Hacking Wireless Network: Wireless Technology – Wireless Network Standards
– Authentication – Wardriving – Wireless Hacking – Protecting Networks with Security Devices.
Module IV
Windows: Vulnerabilities – Choosing Tools – Information Gathering – RPC – Null Sessions – Share
Permissions – Hardcore Vulnerability Exploitation. Linux: Vulnerabilities – Information Gathering –
Unconnected Services - .rhosts and hosts.equiv Files – NFS – File Permissions – Buffer Overflow.
Messaging Systems – Web Applications – Mobile Applications - Databases - Reporting Results.
References
1. Michael T. Simpson, “Ethical Hacking and Network Defense”, Cengage Learning, New Delhi,
2010.
2. Kevin Beaver, “Hacking for Dummies”, Wiley Publication, India, 2007.
3. Ankit Fadia, “Unofficial Guide to Ethical Hacking”, Macmillan Company, New Delhi, 2001.
Internal Continuous Assessment: 100 marks
Internal continuous assessment is in the form of periodical tests, assignments, seminars or a combination
of all whichever suits best. There will be a minimum of two tests per subject. The assessment details are
to be announced to the students, right at the beginning of the semester by the teacher.
End Semester Examination: 100 marks
Question Pattern
Answer any five questions by choosing at least one question from each Module.
Page No.: 31 Module I
Module II
Module III
Module IV
Question 1 : 20 marks
Question 2 : 20 marks
Question 3 : 20 marks
Question 4 : 20 marks
Question 5 : 20 marks
Question 6 : 20 marks
Question 7 : 20 marks
Question 8 : 20 marks
Page No.: 32 CIC 14 204 (C): ALGORITHMS AND COMPLEXITY
Module I
Modules
I
II
III
IV
Tutorial
Total
Hours
10
9
10
10
13
52
Analysis: RAM model – Notations, Recurrence analysis - Master's theorem and its proof - Amortized
analysis - Advanced Data Structures: B-Trees, Binomial Heaps, Fibonacci Heaps, Disjoint Sets, Union
by Rank and Path Compression
Module II
Graph Algorithms and complexity: Matroid Theory, All-Pairs Shortest Paths, Maximum Flow and
Bipartite Matching.
Module III
Randomized Algorithms : Finger Printing, Pattern Matching, Graph Problems, Algebraic Methods,
Probabilistic Primality Testing, De-Randomization
Module IV
Complexity classes - NP-Hard and NP-complete Problems - Cook's theorem NP completeness
reductions. Approximation algorithms – Polynomial Time and Fully Polynomial time Approximation
Schemes. Probabilistic Complexity Classes, Probabilistic Proof Theory and Certificates.
References
1. Dexter Kozen, “The Design and Analysis of Algorithms”, Springer, 1992.
2. T. H. Cormen, C. E. Leiserson, R. L. Rivest, “Introduction to Algorithms”, Prentice Hall India,
1990.
3. S. Basse, “Computer Algorithms: Introduction to Design and Analysis”, Addison Wesley, 1998.
4. U. Manber, “Introduction to Algorithms: A creative approach”, Addison Wesley, 1989.
5. V. Aho, J. E. Hopcraft, J. D. Ullman, “The design and Analysis of Computer Algorithms”,
Addison Wesley, 1974.
6. R. Motwani and P. Raghavan, “Randomized Algorithms”, Cambrdige University Press, 1995.
7. C. H. Papadimitriou, “Computational Complexity”, Addison Wesley, 1994
8. Leonard Adleman, “Two theorems on random polynomial time”. In Proceedings of the 19th
IEEE Symposium on Foundations of Computer Science, pages 75–83, 1978.
9. J. Gill. “Computational complexity of probabilistic Turing machines”. SIAM Journal of
Computing, 6:675–695, 1977.
10. C. Lautemann, “BPP and the Polynomial Hierarchy”. Information Processing Letters, 17:215–
217, 1983.
11. M. Sipser, “A complexity theoretic appraoch to randomness”, In Proceedings of the 15th ACM
Symposium on Theory of Computing, pages 330–335, 1983.
12. L.G. Valiant and V.V. Vazirani, “NP is as easy as detecting unique solutions”, Theoretical
Computer Science, 47:85–93, 1986.
Internal Continuous Assessment: 100 marks
Page No.: 33 Internal continuous assessment is in the form of periodical tests, assignments, seminars or a combination
of all whichever suits best. There will be a minimum of two tests per subject. The assessment details are
to be announced to the students, right at the beginning of the semester by the teacher.
End Semester Examination: 100 marks
Question Pattern
Answer any five questions by choosing at least one question from each Module.
Module I
Module II
Module III
Module IV
Question 1 : 20 marks
Question 2 : 20 marks
Question 3 : 20 marks
Question 4 : 20 marks
Question 5 : 20 marks
Question 6 : 20 marks
Question 7 : 20 marks
Question 8 : 20 marks
Page No.: 34 CIC 14 205 (A): RISK MANAGEMENT AND SECURITY
Module I
Modules
I
II
III
IV
Tutorial
Total
Hours
9
10
10
10
13
52
Essentials of computer security - Sources of security threats – Intruders, Viruses, Worms and related
threats - Threat identification - Threat analysis - Vulnerability identification and Assessment Components of Computer Security - Physical security – System access control - Goals of Security Efforts to secure computer networks – Ethical issues in Computer Security- Operational issues, Human
issues.
Module II
Intrusion Detection System (IDS) – Types and challenges – Intrusion prevention system (IPS) –
Firewalls - Design Principles, Scanning, filtering and blocking. Vulnerabilities – Sources of
vulnerabilities, Vulnerability identification and Assessment, Cyber-crime and Hackers, Viruses and
content filtering - Security Assessment, Analysis and Assurance – Computer network security protocol
and standards - Security Policies – Integrity policies – confidentiality policies - Security models - Access
Control Matrix Model, Take-Grant Protection Model.
Module – III
Security Monitoring and Auditing - Assurance and Trust, Need for Assurance, Role of Requirements in
Assurance, Audit Assurance in Software Development Phases, Building Secure and Trusted Systems Designing an Auditing System, Implementation Considerations, Auditing to Detect Violations of a
security Policy, Auditing Mechanisms, Audit Browsing.
Module –IV
Risk management and security planning – Risk management Process Overview- Cost-Benefit Analysis,
Risk Analysis, Laws and Customs, Human Issues, Organizational issues - Information system Risk
analysis – System approach to risk management, Threat assessment, Assets and safeguards, modes of
risk analysis – Effective risk analysis, Qualitative Risk analysis, Value analysis
References
1.
2.
3.
4.
5.
Matt Bishop, “Computer Security: Art and Science”, Addison-Wesley Professional, 2003.
Joseph M.Kizza, “Computer Network security”, Springer, 2005
Matt Bishop, “Introduction to Computer Security”, Addison-Wesley Professional, 2005.
Thomas R.Peltier, “Information Security Risk Analysis”, CRC Press, 2001.
C.A.Roper, “Risk management for Security professional”, Elsevier, 1999.
Internal Continuous Assessment: 100 marks
Internal continuous assessment is in the form of periodical tests, assignments, seminars or a combination
of all whichever suits best. There will be a minimum of two tests per subject. The assessment details are
to be announced to the students, right at the beginning of the semester by the teacher.
End Semester Examination: 100 marks
Page No.: 35 Question Pattern
Answer any five questions by choosing at least one question from each Module.
Module I
Module II
Module III
Module IV
Question 1 : 20 marks
Question 2 : 20 marks
Question 3 : 20 marks
Question 4 : 20 marks
Question 5 : 20 marks
Question 6 : 20 marks
Question 7 : 20 marks
Question 8 : 20 marks
Page No.: 36 CIC 14 205 (B): WINDOWS AND LINUX FORENSIC
ANALYSIS
Module I
Modules
I
II
III
IV
Tutorial
Total
Hours
10
10
9
10
13
52
Windows Forensic Analysis- Live Response: Data Collection- Introduction , Live Response- Locard’s
Exchange Principle, Order of Volatility ,When to Perform Live Response ,What Data to Collect- System
Time, Logged-on Users, Open Files, Network Information, Network Connections, Process Information,
Process-to-Port Mapping, Process Memory, Network Status, Nonvolatile Information, Live-Response
Methodologies, Live Response: Data Analysis- Data Analysis, Agile Analysis, Windows Memory
Analysis-Collecting Process Memory, Dumping Physical Memory, Alternative Approaches for
Dumping Physical Memory, Analyzing a Physical Memory Dump.
Module II
Registry Analysis- Inside the Registry, Registry Analysis- RegRipper, System Information, Autostart
Locations, USB Removable Storage Devices, Mounted Devices, Portable Devices, Finding Users,
Tracking User Activity, Redirection, Virtualization, Deleted Registry Keys, File Analysis- Log Files,
Event Logs, Other Log files, Recycle Bin, XP System Restore Points, Vista Volume Shadow Copy
Service, Prefetch and Shortcut files, File Metadata, File Signature Analysis, NTFS Alternate Data
Streams, Alternative Methods of Analysis, Executable File Analysis- Static Analysis, Dynamic
Analysis.
Module III
Rootkits, Rootkit Detection-Live Detection, GMER, Helios, MS Strider GhostBuster, F-Secure
BlackLight, Sophos Anti-Rootkit, Postmortem Detection, Prevention, Case studies, Performing Analysis
on a Budget-Documenting Your Analysis, Tools-Acquiring Images, Image Analysis, File Analysis,
Network Tools, Search Utilities.
Module IV
Linux Forensic Analysis- Live Response Data Collection- Prepare the Target Media, Format the Drive,
Gather Volatile Information, Acquiring the Image, Initial Triage and Live Response: Data Analysis- Log
Analysis, Keyword Searches, User Activity, Network Connections, Running Processes, Open File
Handlers, The Hacking Top Ten, Reconnaissance Tools, The /Proc File System- Introduction , Process
Ids. File Analysis- The Linux Boot Process, System and Security Configuration Files- Users, Groups,
and Privileges, Cron Jobs, Log Files, Identifying Other Files of Interest- . SUID and SGID Root Files,
Recently Modified/Accessed/Created Files, Modified System Files, Out -of-Place inodes, Hidden Files
and Hiding Places, Malware- Introduction, Viruses, Storms on the Horizon, Scanning the Target
Directory
Textbooks
1. Unix and Linux Forensic Analysis DVD ToolKit - Chris Pogue, Cory Altheide, Todd Haverkos,
Syngress Inc. , 2008
2. Windows Forensic Analysis DVD Toolkit- Harlan Carvey, Edition 2, Syngress Inc. , 2009
Page No.: 37 References
1. Windows Registry Forensics: Advanced Digital Forensic Analysis of the Windows Registry Harlan Carvey, Syngress Inc, Feb 2011
2. File System Forensic Analysis- Brian Carrier, Addison Wesley, Edition 1, 2005
3. Handbook of Digital Forensics and Investigation- Eoghan Casey, Academic Press, 2009
4. Digital Forensics with Open Source Tools- Cory Altheide, Harlan Carvey, Syngress Inc, IstEd,
April 2011
Internal Continuous Assessment: 100 marks
Internal continuous assessment is in the form of periodical tests, assignments, seminars or a combination
of all whichever suits best. There will be a minimum of two tests per subject. The assessment details are
to be announced to the students, right at the beginning of the semester by the teacher.
End Semester Examination: 100 marks
Question Pattern
Answer any five questions by choosing at least one question from each Module.
Module I
Module II
Module III
Module IV
Question 1 : 20 marks
Question 2 : 20 marks
Question 3 : 20 marks
Question 4 : 20 marks
Question 5 : 20 marks
Question 6 : 20 marks
Question 7 : 20 marks
Question 8 : 20 marks
Page No.: 38 CIC 14 205 (C): BIOMETRIC SECURITY
Module I
Modules
I
II
III
IV
Tutorial
Total
Hours
9
10
10
10
13
52
Biometrics- Introduction- benefits of biometrics over traditional authentication systems –benefits of
biometrics in identification systems-selecting a biometric for a system –Applications – Key biometric
terms and processes - biometric matching methods -Accuracy in biometric systems.
Module II
Physiological Biometric Technologies: Fingerprints - Technical description –characteristics Competing technologies - strengths – weaknesses – deployment - Facial scan – Technical description characteristics - weaknesses-deployment - Iris scan - Technical description – characteristics - strengths
– weaknesses – deployment - Retina vascular pattern – Technical description – characteristics - strengths
– weaknesses – employment - Hand scan – Technical description-characteristics - strengths –
weaknesses deployment – DNA biometrics.
Module III
Behavioral Biometric Technologies: Handprint Biometrics - DNA Biometrics - signature and
handwriting technology - Technical description – classification - keyboard / keystroke dynamics - Voice
– data acquisition - feature extraction - characteristics - strengths – weaknesses- deployment.
Module IV
Multi biometrics: Multi biometrics and multi factor biometrics - two-factor authentication with
passwords - tickets and tokens – executive decision - implementation Plan.
References
1. Samir Nanavathi, Michel Thieme, and Raj Nanavathi, “Biometrics -Identity verification in a
network”, Wiley Eastern, 2002.
2. John Chirillo and Scott Blaul,” Implementing Biometric Security”, Wiley Eastern Publications,
2005.
3. John Berger,” Biometrics for Network Security”, Prentice Hall, 2004.
Internal Continuous Assessment: 100 marks
Internal continuous assessment is in the form of periodical tests, assignments, seminars or a combination
of all whichever suits best. There will be a minimum of two tests per subject. The assessment details are
to be announced to the students, right at the beginning of the semester by the teacher.
End Semester Examination: 100 marks
Question Pattern
Answer any five questions by choosing at least one question from each Module.
Page No.: 39 Module I
Module II
Module III
Module IV
Question 1 : 20 marks
Question 2 : 20 marks
Question 3 : 20 marks
Question 4 : 20 marks
Question 5 : 20 marks
Question 6 : 20 marks
Question 7 : 20 marks
Question 8 : 20 marks
Page No.: 40 CIC 14 205 (D): SPEECH PROCESSING
Module I
Modules
I
II
III
IV
Tutorial
Total
Hours
9
10
10
10
13
52
Speech Signal Modelling: Speech signal characteristics and classifications - Speech production
mechanism - Acoustic Theory of speech production - Source – Filter model - Lossless Tube Models Digital Model of speech signals
Module II
Speech Signal Analysis: Time domain Analysis for speech processing – Short time energy and
magnitude - short time average zero crossing - Speech vs silence discrimination - Pitch period estimation
using autocorrelation - Short time Fourier analysis- Definition and properties - Design of digital filter
banks - Pitch detection - analysis by synthesis
Module III
Speech Coding: Linear predictive coding - principle - solution of LPC equation - Cholesky
decomposition method - Durbin's method - Lattice formulation - Frequency domain coding – Model
based coding – LPC residual coding
Module IV
Speech Recognition: Template training method - Hidden Markov Model - Gaussian Mixture model connected word recognition - Speaker identification/Verification.
References
1. Rabiner L R and Schaffer R W, "Digital Processing of Speech Signals", Prentice -Hall, Englewod
- Clitts, New Jersey, 1986.
2. Rebner L R K and Juang B H, "Fundamentals of Speech Recognition", Pearson Education, First
Indian reprint 2003.
3. Kondoz, "Digital Speech", John Wiley and Sons Ltd., 1994.
4. Thomas F Quatieri, “Discrete Time Speech Signal Processing”, Pearson Education, 2002.
5. John R Deller, John Hansen and Proakis J G, ” Discrete Time Processing of Speech Signals”,
IEEE Press, 1999.
Internal Continuous Assessment: 100 marks
Internal continuous assessment is in the form of periodical tests, assignments, seminars or a combination
of all whichever suits best. There will be a minimum of two tests per subject. The assessment details are
to be announced to the students, right at the beginning of the semester by the teacher.
End Semester Examination: 100 marks
Question Pattern
Answer any five questions by choosing at least one question from each Module.
Page No.: 41 Module I
Module II
Module III
Module IV
Question 1 : 20 marks
Question 2 : 20 marks
Question 3 : 20 marks
Question 4 : 20 marks
Question 5 : 20 marks
Question 6 : 20 marks
Question 7 : 20 marks
Question 8 : 20 marks
Page No.: 42 CIC 14 206 (P): SEMINAR
[Hours/Week: 2]
Objective: To assess the debating capability of the student to present a technical topic. In addition, to
impart training to students to face audience and present their ideas and thus creating in them self-esteem
and courage that are essential for engineers.
Individual students are required to choose a topic of their interest from Information Security related
topics preferably from outside the M.Tech syllabus and give a seminar on that topic about 30 minutes.
A committee consisting of at least three faculty members (preferably specialized in Information
Security) shall assess the presentation of the seminar and award marks to the students. Each student shall
submit two copies of a write up of his/her seminar topic. One copy shall be returned to the student after
duly certifying it by the chairperson of the assessing committee and the other will be kept in the
departmental library. Internal continuous assessment marks are awarded based on the relevance of the
topic, presentation skill, quality of the report and participation.
Internal Continuous Assessment: 100 marks
Regularity and Class Work
-
30 Marks
Report
-
20 Marks
Tests, Viva
-
50 Marks
Page No.: 43 CIC 14 207 (P): DATABASE SECURITY LABORATORY
1. Creating a database for an application using DDL.
2. Setting up of integrity constraints.
3. Data manipulation using DML queries.
4. Use Rollback, commit, savepoint, grant and revoke commands.
5. Creation, deletion and modification of users and implementing authentication mechanisms for
different users.
6. Designing and implementing password policies.
7. Creating, assigning and revoking user roles.
8. Implementing a Virtual private database.
9. Auditing database activities with Oracle.
10. Security auditing.
Page No.: 44 THIRD SEMESTER
CIC 14 301 (A): DIGITAL WATERMARKING AND
STEGANOGRAPHY
Modules
I
II
III
IV
Tutorial
Total
Hours
10
10
9
10
13
52
Module I
Introduction: Information Hiding, Steganography and Watermarking – History of watermarking –
Importance of digital watermarking – Applications – Properties – Evaluating watermarking systems.
Watermarking Models & Message Coding: Notation – Communications – Communication based models
– Geometric models – Mapping messages into message vectors – Error correction coding – Detecting
multi-symbol watermarks.
Module II
Watermarking With Side Information & Analyzing Errors: Informed Embedding – Informed Coding –
Structured dirty-paper codes - Message errors – False positive errors – False negative errors – ROC
curves – Effect of whitening on error rates.
Module III
Perceptual Models: Evaluating perceptual impact – General form of a perceptual model – Examples of
perceptual models – Robust watermarking approaches - Redundant Embedding, Spread Spectrum
Coding, Embedding in Perceptually significant coefficients.
Module IV
Watermark Security & Authentication: Security requirements – Watermark security and cryptography –
Attacks – Exact authentication – Selective authentication – Localization – Restoration. Steganography:
Steganography communication – Notation and terminology – Information-theoretic foundations of
steganography – Practical steganographic methods – Minimizing the embedding impact – Steganalysis
References
1. Ingemar J. Cox, Matthew L. Miller, Jeffrey A. Bloom, Jessica Fridrich, Ton Kalker, “Digital
Watermarking and Steganography”, Margan Kaufmann Publishers, New York, 2008.
2. Ingemar J. Cox, Matthew L. Miller, Jeffrey A. Bloom, “Digital Watermarking”, Margan
Kaufmann Publishers, New York, 2003.
3. Michael Arnold, Martin Schmucker, Stephen D. Wolthusen, “Techniques and Applications of
Digital Watermarking and Contest Protection”, Artech House, London, 2003.
4. Juergen Seits, “Digital Watermarking for Digital Media”, IDEA Group Publisher, New York,
2005.
5. Peter Wayner, “Disappearing Cryptography – Information Hiding: Steganography &
Watermarking”, Morgan Kaufmann Publishers, New York, 2002.
Internal Continuous Assessment: 100 marks
Internal continuous assessment is in the form of periodical tests, assignments, seminars or a combination
of all whichever suits best. There will be a minimum of two tests per subject. The assessment details are
to be announced to the students, right at the beginning of the semester by the teacher.
Page No.: 45 End Semester Examination: 100 marks
Question Pattern
Answer any five questions by choosing at least one question from each Module.
Module I
Module II
Module III
Module IV
Question 1 : 20 marks
Question 2 : 20 marks
Question 3 : 20 marks
Question 4 : 20 marks
Question 5 : 20 marks
Question 6 : 20 marks
Question 7 : 20 marks
Question 8 : 20 marks
Page No.: 46 CIC 14 301 (B): PKI AND TRUST MANAGEMENT
Module I
Modules
I
II
III
IV
Tutorial
Total
Hours
10
10
10
9
13
52
Overview of PKI technology Basic Security Concepts, PKI Entities, Related Technologies. Work
Performed by Certificate Authorities Attack on CA. PKI standards General PKIX Standardization
Requirements. Digital Certificates and SSL.
Module II
PKI design issues PKI structure, Inter-domain, revocation, policy. PKI standards. Architecture for PKI
– baseline requirements for global PKI, components – crypto primitive, cryptographic, long term,
protocol security, secure protocol, security policy.
Module III
Implementing secure web services requirements, implementation and deployment, implementation cost,
performance. Managing PKI, requesting, obtaining, using and revoking a certificate, case studies.
Module IV
Trust management challenges, taxonomy framework, architecture, system components, system setting
and operations.
Text Book
1. John R. Vacca, “Public Key Infrastructure”, Auerbach publications, New york, 2004.
References
1. JeanMarc Seigneur, Adam Slagell, “Collaborative Computer Security and Trust Management”,
Information Science Reference, New York(IGI Global), 2010.
2. Klaus Schmeh, “Cryptography and Public Key Infrastructure on the Internet”, Allied Publishers,
2004.
3. Carlisle Adams, Steve Lloyd, “Understanding PKI: Concepts, Standards, and Deployment
Considerations”, AddisonWesley, 2003.
4. Kapil Raina, “PKI Security Solutions for the Enterprise”, Wiley, 2003.
5. Brian Komar, "Windows Server 2008 PKI and Certificate Security", Microsoft Press, 2008.
6. W. Mao, “Modern Cryptography: Theory & Practice”, Pearson Education, 2004.
Internal Continuous Assessment: 100 marks
Internal continuous assessment is in the form of periodical tests, assignments, seminars or a combination
of all whichever suits best. There will be a minimum of two tests per subject. The assessment details are
to be announced to the students, right at the beginning of the semester by the teacher.
End Semester Examination: 100 marks
Question Pattern
Page No.: 47 Answer any five questions by choosing at least one question from each Module.
Module I
Question 1 : 20 marks
Question 2 : 20 marks
Module II
Question 3 : 20 marks
Question 4 : 20 marks
Module III
Question 5 : 20 marks
Question 6 : 20 marks
Page No.: 48 Module IV
Question 7 : 20 marks
Question 8 : 20 marks
CIC 14 301 (C): ARTIFICIAL INTELLIGENCE
Module I
Modules
I
II
III
IV
Tutorial
Total
Hours
9
10
10
10
13
52
Introduction: Artificial Intelligence– History –The state of art- Intelligent Agents – Structure –
Environment. Search Strategies: Breadth-first search- Uniform cost search- Depth-first search- Depthlimited search- Iterative deepening search- Bidirectional search- Heuristic search techniquesComparing search strategies.
Module II
Knowledge And Reasoning: Representation – Logic – Propositional logic – Using predicate logic, using
rules - Forward and backward chaining–Strong and weak slot fillers. Planning: Overview - An example
domain- Components- Goal Stack planning- Non-linear planning- Hierarchical planning-Reactive
systems.
Module III
Uncertainty: Non-monotonic reasoning- Logics- Implementation- Probability and Bayes theoremCertainty factors- Bayesian networks- Dempster- Shafer theory. Natural Language Processing: Phases Syntactic Processing-Semantic Analysis-Discourse and Pragmatic Processing.
Module IV
Learning: Introduction- Learning by Taking Advice- Learning in problem solving- Inductive learningLearning decision trees-Explanation-based learning-Formal learning-Learning in Neural and Belief
Networks. Expert Systems: Features – Characteristics-Architecture-Basic Activities-Stages in
development - Structure of a knowledge base – Probability based Expert Systems - Tools.
References
1. Stuart Russell and Peter Norvig, “Artificial Intelligence – A Modern Approach”, Prentice Hall
of India, Second Edition, New Delhi, 2008.
2. Elaine Rich and Kevin Knight, “Artificial Intelligence”, Tata McGraw Hill Publishing Company,
New Delhi, 2005.
3. Dan W Patterson, “Introduction to AI and Expert Systems”, Prentice Hall of India, New Delhi,
2006.
4. Eugene Charniak, Drew McDermott, “Introduction to Artificial Intelligence”, Pearson
Education, New Delhi, 2006.
5. Nils J Nilsson, “Principles of Artificial Intelligence”, Narosa Publishing House, New Delhi,
2005.
6. N P Padhy, “Artificial Intelligence and Intelligence Systems”, Oxford University Press, 2006
Internal Continuous Assessment: 100 marks
Internal continuous assessment is in the form of periodical tests, assignments, seminars or a combination
of all whichever suits best. There will be a minimum of two tests per subject. The assessment details are
to be announced to the students, right at the beginning of the semester by the teacher.
Page No.: 49 End Semester Examination: 100 marks
Question Pattern
Answer any five questions by choosing at least one question from each Module.
Module I
Question 1 : 20 marks
Question 2 : 20 marks
Module II
Question 3 : 20 marks
Question 4 : 20 marks
Module III
Question 5 : 20 marks
Question 6 : 20 marks
Page No.: 50 Module IV
Question 7 : 20 marks
Question 8 : 20 marks
CIC 14 302 (A): MOBILE FORENSICS
Module I
Modules
I
II
III
IV
Tutorial
Total
Hours
9
10
10
10
13
52
Overview of wireless technologies and security: Personal Area Networks, Wireless Local Area
Networks, Metropolitan Area Networks, Wide Area Networks. Wireless threats, vulnerabilities and
security: Wireless LANs, War Driving, War Chalking, War Flying, Common Wi-fi security
recommendations, PDA Security, Cell Phones and Security, Wireless DoS attacks, GPS Jamming,
Identity theft.
Module II
CIA triad in mobile phones-Voice, SMS and Identification data interception in GSM: Introduction,
practical setup and tools, implementation- Software and Hardware Mobile phone tricks: Netmonitor,
GSM network service codes, mobile phone codes, catalog tricks and AT command set- SMS security
issues.
Module III
Crime and mobile phones, evidences, forensic procedures, files present in SIM card, device data,
external memory dump, evidences in memory card, operators systems- Android forensics: Procedures
for handling an android device, imaging android USB mass storage devices, logical and physical
techniques.
Module IV
Digital forensics: Introduction – Evidential potential of digital devices: closed vs. open systems,
evaluating digital evidence potential- Device handling: seizure issues, device identification, networked
devices and contamination.
References
1. Gregory Kipper, “Wireless Crime and Forensic Investigation”, Auerbach Publications, 2007.
2. Iosif I. Androulidakis, “ Mobile phone security and forensics: A practical approach”, Springer
publications, 2012.
3. Andrew Hoog, “ Android Forensics: Investigation, Analysis and Mobile Security for Google
Android”, Elsevier publications, 2011.
4. Angus M.Marshall, “ Digital forensics: Digital evidence in criminal investigation”, John – Wiley
and Sons, 2008.
Internal Continuous Assessment: 100 marks
Internal continuous assessment is in the form of periodical tests, assignments, seminars or a combination
of all whichever suits best. There will be a minimum of two tests per subject. The assessment details are
to be announced to the students, right at the beginning of the semester by the teacher.
End Semester Examination: 100 marks
Question Pattern
Page No.: 51 Answer any five questions by choosing at least one question from each Module.
Module I
Question 1 : 20 marks
Question 2 : 20 marks
Module II
Question 3 : 20 marks
Question 4 : 20 marks
Module III
Question 5 : 20 marks
Question 6 : 20 marks
Page No.: 52 Module IV
Question 7 : 20 marks
Question 8 : 20 marks
CIC 14 302 (B): SECURITY THREATS
Module I
Modules
I
II
III
IV
Tutorial
Total
Hours
9
10
10
10
13
52
Introduction: Security threats - Sources of security threats- Motives - Target Assets and vulnerabilities
– Consequences of threats- E-mail threats - Web-threats - Intruders and Hackers, Insider threats, Cybercrimes.
Module II
Network Threats: Active/ Passive – Interference – Interception – Impersonation – Worms – Virus –
Spam’s – Ad ware - Spy ware – Trojans and covert channels – Backdoors – Bots - IP Spoofing - ARP
spoofing - Session Hijacking - Sabotage-Internal treats- Environmental threats - Threats to Server
security.
Module III
Security Threat Management: Risk Assessment - Forensic Analysis - Security threat correlation – Threat
awareness - Vulnerability sources and assessment- Vulnerability assessment tools - Threat identification
- Threat Analysis - Threat Modeling - Model for Information Security Planning.
Module IV
Security Elements: Authorization and Authentication - types, policies and techniques - Security
certification - Security monitoring and Auditing - Security Requirements Specifications - Security
Policies and Procedures, Firewalls, IDS, Log Files, Honey Pots. Human factors – Security awareness,
training, Email and Internet use policies.
References
1. Joseph M Kizza, “Computer Network Security”, Springer Verlag, 2005
2. Swiderski, Frank and Syndex, “Threat Modeling”, Microsoft Press, 2004.
3. William Stallings and Lawrie Brown, “Computer Security: Principles and Practice”, Prentice
Hall, 2008.
4. Thomas Calabres and Tom Calabrese, “Information Security Intelligence: Cryptographic
Principles & Application”, Thomson Delmar Learning, 2004.
Internal Continuous Assessment: 100 marks
Internal continuous assessment is in the form of periodical tests, assignments, seminars or a combination
of all whichever suits best. There will be a minimum of two tests per subject. The assessment details are
to be announced to the students, right at the beginning of the semester by the teacher.
End Semester Examination: 100 marks
Question Pattern
Answer any five questions by choosing at least one question from each Module.
Page No.: 53 Module I
Question 1 : 20 marks
Question 2 : 20 marks
Module II
Question 3 : 20 marks
Question 4 : 20 marks
Module III
Question 5 : 20 marks
Question 6 : 20 marks
Page No.: 54 Module IV
Question 7 : 20 marks
Question 8 : 20 marks
Modules
I
II
III
IV
Tutorial
Total
CIC 14 302 (C): DATA MINING
Module I
Hours
9
10
10
10
13
52
Introduction: Motivation – Data Mining Functionalities – Classification on data mining systems – Task
Primitives – Major Issues - Data Preprocessing.
Module II
Data Warehouse And Olap: Data warehouse – Multidimensional data model – Data Warehouse
architecture – OLAP Technology – Data Cube Computation.
Module III
Association Analysis: Basic Concepts – Frequent Item set mining methods - Types of association rules.
Classification: Introduction – Statistics and Probability - Decision Tree Induction – Bayesian
Classification – Classification by Back propagation – Rule Based Classification – Support Vector
Machines.
Module IV
Cluster Analysis: Partitioning methods – Hierarchical Methods – Density based methods - Neural
Network Based Methods. Advanced Topics: Introduction to spatial data mining – Text Mining – Web
Mining.
References
1.
2.
3.
4.
Jaiwei Han, Micheline Kamber, “Data Mining: Concepts and Techniques”, Elsevier, 2006.
Rajan Chattamvelli, “Data Mining Methods”, Narosa, 2009.
Pang-Ning Tan, Michael Steinbach, "Introduction to Data Mining", Addison Wesley, 2006.
Margaret Dunham, “Data Mining: Introductory and Advanced Topics”, Pearson Education, New
Delhi, 2007.
5. Alex Berson, “Data Warehousing, Data Mining and OLAP,” Tata Mc Graw Hill , 2004
Internal Continuous Assessment: 100 marks
Internal continuous assessment is in the form of periodical tests, assignments, seminars or a combination
of all whichever suits best. There will be a minimum of two tests per subject. The assessment details are
to be announced to the students, right at the beginning of the semester by the teacher.
End Semester Examination: 100 marks
Question Pattern
Answer any five questions by choosing at least one question from each Module.
Module I
Question 1 : 20 marks
Question 2 : 20 marks
Module II
Question 3 : 20 marks
Question 4 : 20 marks
Module III
Question 5 : 20 marks
Question 6 : 20 marks
Page No.: 55 Module IV
Question 7 : 20 marks
Question 8 : 20 marks
CIC 14 303 (P): INDUSTRIAL TRAINING
Hours/Week: 30 (During the period of training)
Objective: To enable the student to correlate theory and industrial practice.
The students have to arrange and undergo an industrial training of minimum two weeks in an industry
preferably dealing with Security Auditing during the semester break between semester 2 and semester 3
and complete within 15 calendar days from the start of semester 3. The students are required to submit
a report of the training undergone and present the contents of the report before the evaluation committee.
Evaluation committee will award the marks of end semester based on training quality, contents of the
report and presentation.
End semester Examination: Marks 50
Page No.: 56 CIC 14 304 (P): MASTER RESEARCH PROJECT PHASE - I
[Hours/Week: 22]
Objective: To improve the professional competency and research aptitude by touching the areas which
otherwise not covered by theory or laboratory classes. The project work aims to develop the work
practice in students to apply theoretical and practical tools/techniques to solve real life problems related
to industry and current research.
The project work can be a design project/experimental project and/or computer simulation project on
any of the topics in Information Security and its allied areas. The project work is allotted individually
on different topics. The students shall be encouraged to do their project work in the parent institute itself.
If found essential, they may be permitted to continue their project outside the parent institute, subject to
the conditions of M.Tech regulations. Department will constitute an Evaluation Committee to review
the project work. The Evaluation committee consists of at least three faculty members of which internal
guide and another expert in the specified area of the project shall be two essential members.
The student is required to undertake the master research project Phase - I during the third semester and
the same is continued in the 4th semester (Phase - II). Phase 1 consist of preliminary thesis work, two
reviews of the work and the submission of preliminary report. First review would highlight the topic,
objectives, methodology and expected results. Second review evaluates the progress of the work,
preliminary report and scope of the work, which is to be completed in the 4th semester. The Evaluation
committee consists of at least three faculty members of which internal guide and another expert in the
specified area of the project shall be two essential members.
Internal Continuous Assessment
Review
First
Second
Total
Guide
50
100
150
Page No.: 57 Evaluation Committee
50
100
150
FOURTH SEMESTER
CIC 14 401 (P): MASTERS RESEARCH PROJECT PHASE – II
[Hours/Week: 30]
Objective: To improve the professional competency and research aptitude by touching the areas which
otherwise not covered by theory or laboratory classes. The project work aims to develop the work
practice in students to apply theoretical and practical tools/techniques to solve real life problems related
to industry and current research.
Master Research project phase - II is a continuation of project phase - I started in the third semester.
There would be two reviews in the fourth semester, first in the middle of the semester and the second at
the end of the semester. First review is to evaluate the progress of the work, presentation and discussion.
Second review would be a pre-submission presentation before the evaluation committee to assess the
quality and quantum of the work done. This would be a pre-qualifying exercise for the students for
getting approval by the departmental committee for the submission of the thesis. At least one technical
paper is to be prepared for possible publication in journal or conferences. The technical paper is to be
submitted along with the thesis. The final evaluation of the project will be external evaluation.
Internal Continuous Assessment
Review
First
Second
Total
Guide
50
100
150
Evaluation Committee
50
100
150
End Semester Examination
Project Evaluation by external examiner
:
150 marks
Viva Voce by external and internal examiners
:
150 marks
Page No.: 58