Download M.E Cyber Security

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

page
1
page
2
page
3
page
4
page
5
page
6
page
7
page
8
page
9
page
10
page
11
page
12
page
13
page
14
page
15
page
16
page
17
page
18
page
19
page
20
page
21
page
22
Document related concepts
no text concepts found
Transcript 
NOORUL ISLAM CENTRE FOR HIGHER EDUCATION
NOORUL ISLAM UNIVERSITY, KUMARACOIL
M.E. CYBER SECURITY
CURRICULUM & SYLLABI
SEMESTER – I
SL.
SUBJECT
NO.
CODE
SUBJECT
L
T
P
C
Theory
1.
MA1508
Mathematical Foundations of Cyber Security
3
1
0
4
2.
CY1501
Applied Cryptography
3
0
0
3
3.
CS1502
Advanced Data Structures and Algorithms
3
0
0
3
4.
CY1502
Cyber Security Threats
3
0
0
3
5.
CY1503
Advanced Operating System and its Security
3
0
0
3
6.
XX15E1
Elective I
3
0
0
3
Operating System and Data Structures Lab
0
1
2
2
18
2
2
21
Practical
7.
CY1571
Total
MA1508
MATHEMATICAL FOUNDATIONS OF CYBER SECURITY
3 1 0 4
UNIT I NUMBER THEORY- Introduction - Divisibility - Greatest common divisor
- Prime numbers - Fundamental theorem of arithmetic - Mersenne primes - Fermat
numbers - Euclidean algorithm Fermat’s theorem - Euler totient function - Euler’s
theoerem. Congruences: Definition - Basic properties of congruences - Residue classes
(excluding proof of theorems) - Chinese remainder theorem.
UNIT I I
ALGEBRAIC STRUCTURES - Groups – Cyclic groups, Cosets,
Modulo groups - Primitive roots - Discrete logarithms. Rings – Sub rings, ideals and
quotient rings, Fields (Simple Examples) – Lattice, Lattice as Algebraic system, sub
lattices.
UNIT III
PROBABILITY THEORY - Introduction – Concepts of Probability Conditional Probability - Baye’s Theorem - Random Variables – discrete and
continuous-Expectation-MGF
UNIT IV
STOCHASTIC PROCESSES - Classification – Stationary random
processes – Ergodic process – Markov process- Markov Chain
Unit V
SIMULATION - Discrete Event Simulation – Stochastic Simulation Monte Carlo Simulation – Generation of Random Numbers using Congruent method –
Applications to Queueing systems.
L: 45 + T: 15, TOTAL: 60 PERIODS
REFERENCES:
1. Kenneth H.Rosen, ‘Discrete Mathematics and its Applications’, McGraw Hill,
2006.
2. Joseph A. Gallian, ‘’Contemporary Abstract Algebra’, Narosa, 1998.
3. Sheldon M Ross, “Introduction to Probability Models”, Academic Press, 2003.
4. Peebles Jr., P.Z., “Probability, Random Variables and Random Signal
Principles”, McGraw-Hill Inc..2002.
5. J.K. Sharma, “ Operations Research “ Macmillan, 2003.
CY1501
APPLIED CRYPTOGRAPHY
3 0 0 3
UNIT I
INTRODUCTION: Cryptography and modern cryptography – The
setting of private-key encryption – Historical ciphers and their cryptanalysis – Basic
principles of modern cryptography – Services, Mechanisms and Attacks – OSI security
architecture.
UNIT II
SYMMETRIC TECHNIQUES: Definition – Substitution ciphers –
Transposition ciphers - Stream and block ciphers - A5, RC4 .Characteristics of good
ciphers - SDES- Data Encryption Standard (DES) – International Data Encryption
Algorithm – Advanced Encryption Standard – Block cipher modes of operation –
Confidentiality using symmetric encryption.
UNIT III
ASYMMETRIC TECHNIQUES: Principles of Public Key
Cryptosystems – The RSA Algorithm – Key Management – Diffie Hellman Key
Exchange – Elliptic Curve Cryptography – over reals, prime fields and binary fields,
Applications, Practical considerations. Cryptography in Embedded Hardware.
UNIT IV
DATA AUTHENTICATION: Authentication requirements –
Authentication functions – Message Authentication Codes (MAC) – Hash functions –
Security of hash functions and MACs. MD5 Message Digest Algorithm – Secure Hash
Algorithm (SHA) –RIPMED160 – HMAC.
UNIT V
DIGITAL SIGNATURES AND CRYPTOGRAPHY TOOLS: Digital
Signatures - Authentication Protocols - Digital Signature Standard (DSS). Cryptography
Tools: TrueCrypt- AxCrypt. Cryptography-Case Studies.
TOTAL: 45 PERIODS
REFERENCES:
1. Bernard Menezes, “Network Security and Cryptography”, Cengage Learning, New
Delhi, 2010.
2. William Stallings, “Cryptography and Network Security, Prentice Hall, New Delhi,
2006.
3. Wenbo Mao, “Modern Cryptography – Theory and Practice”, Pearson Education,
New Delhi, 2006.
4. Jonathan Katz, Yehuda Lindell, “Introduction to Modern Cryptography”, Chapman &
Hall/CRC, New York, 2007.
5. Bruce Schneier, “Applied Cryptography”, John Wiley & Sons, New York, 2004.
6. http://www.truecrypt.org/docs/tutorial.
7. http://www.darknessgate.com/index.php/security-tutorials/using-encryptiontools/axcrypt/.
CS1502
ADVANCED DATA STRUCTURES AND ALGORITHMS
30 0 3
AIM
To provide an in-depth knowledge in problem solving techniques and data
structures with C++.
OBJECTIVE

To learn the systematic way of solving problems

To understand the different methods of organizing large amounts of data

To learn to program in C++

To efficiently implement the different data structures

To efficiently implement solutions for specific problems
UNIT I
INTRODUCTION
8
Basic concepts of OOPs – Templates – Algorithm Analysis – ADT - List (Singly, Doubly
and Circular) Implementation - Array, Pointer, Cursor Implementation
UNIT II
BASIC DATA STRUCTURES
11
Stacks and Queues – ADT, Implementation and Applications - Trees – General, Binary,
Binary Search, Expression Search, AVL, Splay, B-Trees – Implementations - Tree
Traversals.
UNIT III
ADVANCED DATA STRUCTURES
10
Set – Implementation – Basic operations on set – Priority Queue – Implementation Graphs – Directed Graphs – Shortest Path Problem - Undirected Graph - Spanning Trees
– Graph Traversals
UNIT IV
MEMORY MANAGEMENT
7
Issues - Managing Equal Sized Blocks - Garbage Collection Algorithms for Equal Sized
Blocks - Storage Allocation for Objects with Mixed Sizes - Buddy Systems - Storage
Compaction
UNIT V
SEARCHING, SORTING AND DESIGN TECHNIQUES
9
Searching Techniques, Sorting – Internal Sorting – Bubble Sort, Insertion Sort, Quick
Sort, Heap Sort, Bin Sort, Radix Sort – External Sorting – Merge Sort, Multi-way Merge
Sort, Polyphase Sorting - Design Techniques - Divide and Conquer - Dynamic
Programming - Greedy Algorithm – Backtracking - Local Search Algorithms
TOTAL: 45 PERIODS
REFERNCES
1. Mark Allen Weiss, “Data Structures and Algorithm Analysis in C++”, Pearson
Education, 2002.
2. Aho, Hopcroft, Ullman, “Data Structures and Algorithms”, Pearson Education,
2002
3. Horowitz, Sahni, Rajasekaran, “Computer Algorithms”, Galgotia, 2000
4. Tanenbaum A.S., Langram Y, Augestien M.J., ”Data Structures using C & C++”,
Prentice Hall of India, 2002
CY1502
CYBER SECURITY THREATS
3 0 0 3
UNIT I
CYBER SECURITY THREATS: Introduction and Overview of Cyber
Crime, Nature and Scope of Cyber Crime, Types of Cyber Crime: Social Engineering,
Categories of Cyber Crime, Property Cyber Crime.
UNIT II
SECURITY THREATS: Introduction: Security threats - Sources of
security threats- Motives - Target Assets and vulnerabilities – Consequences of threatsE-mail threats - Web-threats - Intruders and Hackers, Insider threats.
UNIT III
NETWORK THREATS: Active/Passive – Interference – Interception –
Impersonation – Worms – Virus – Spam’s – Ad ware - Spy ware – Trojans and covert
channels – Backdoors – Bots – IP Spoofing - ARP spoofing - Session Hijacking Sabotage-Internal treats- Environmental threats - Threats to Server security.
UNIT IV
SECURITY ELEMENTS: Authorization and Authentication - Types,
policies and techniques – Security certification - Security monitoring and Auditing Security Requirements Specifications - Security Polices and Procedures, Firewalls, IDS,
Log Files, Honey Pots
UNIT V
THREAT MANAGEMENT AND CRITICAL INFRASTRUCTURE
PROTECTION: Security Threat Management: Risk Assessment - Forensic Analysis Security threat correlation – Threat awareness - Vulnerability sources and assessmentVulnerability assessment tools - Threat identification - Threat Analysis - Threat
Modeling - Model for Information Security Planning, Critical Infrastructure Protection.
TOTAL: 45 PERIODS
REFERENCES:
1. Bernadette H Schell, Clemens Martin, “Cyber Crime”, ABC-CLIO Inc, California,
2004.
2. Joseph M Kizza, “Computer Network Security”, Springer Verlag, 2005.
3. Swiderski, Frank and Syndex, “Threat Modeling”, Microsoft Press, 2004.
4. William Stallings and Lawrie Brown, “Computer Security: Principles and Practice”,
Prentice Hall, 2008.
5. Thomas Calabres and Tom Calabrese, “Information Security Intelligence:
Cryptographic Principles & Application”, Thomson Delmar Learning, 2004.
CY1503
ADVANCED OPERATING SYSTEM AND ITS SECURITY 3 0 0 3
UNIT I
INTRODUCTION: Operating System concepts – Functions – Structure
of Operating system – Types of Operating System.
UNIT II
PROCESS MANAGEMENT: Introduction to processes – Process
Scheduling - Threads-CPU Scheduling objectives, criteria – Types of scheduling
algorithms – Performance comparison – Inter process Communications- Synchronization
– Semaphores – Dead lock Prevention, Recovery, Detection and Avoidance
UNIT III
MEMORY MANAGEMENT: Single contiguous allocation – Partitioned
allocation – Paging – Virtual memory concepts – Swapping – Demand paging – Page
Replacement Algorithms – Segmentation.
UNIT IV
DEVICE AND FILE MANAGEMENT: Principles of I/O hardware –
I/O software – Disks – Disk Scheduling Algorithms--File Systems - Files and
Directories- File System Implementation - Allocation Methods, File Recovery.
UNIT V
SECURITY ISSUES: Protection in General Purpose Operating Systems:
protected objects and methods of protection – memory and address protection – control
of access to general objects – file protection Mechanisms – user authentication Designing Trusted Operating Systems
TOTAL: 45 PERIODS
REFERENCES:
1. Silberschatz A, Galvin P, Gagne G, "Operating Systems Concepts", John Wiley &
Sons, Singapore, 2006.
2. Michael Palmer, Guide to Operating Systems Security”, Course Technology –
Cengage Learning, New Delhi, 2008
3. Charles P. Pleeger, "Security in Computing", Prentice Hall, New Delhi, 2009
4. Deitel H M, “Operating Systems ", PHI/ Pearson Education, New Delhi, 2004.
CY1571 OPERATING SYSTEM AND DATA STRUCTURES LAB
1.
2.
3.
4.
5.
6.
7.
8.
9.
Implementation of Stack and Infix to postfix conversion.
Implementation of Queue, Circular Queue, De queue and Priority Queue.
Implementation of Linked list and Double Linked List.
Implementation of Binary Tree, Traversal Techniques and BST.
Implementation of Prim’s algorithm.
Implementation of Sort using Divide Conquer Method.
Implementation of Quick, Bubble, Radix and Heap Sort.
Implementation of Linear and Binary search.
Implement the following CPU Scheduling Algorithms.
a. i) FCFS
ii) Round Robin
iii) Shortest Job First.
10. Implement Best fit, First Fit Algorithm for Memory Management.
11. Implement FIFO page Replacement Algorithm.
12. Implement LRU page Replacement Algorithm.
13. Implement the creation of Shared memory Segment.
14. Implement File Locking.
TOTAL: 45 PERIODS
REFERENCES:
1.
Silberschatz, Galvin, Gagne “ Operating System Concepts” Sixth Edition, 2003
2.
Mark Allen Weiss, “Data Structures and Algorithm Analysis in C++”, Pearson
Education, 2002.
3.
K.R Venugopal, Rajkumar Buyya, T. Ravishankar, “Mastering C++”, TMH 2003.
NOORUL ISLAM CENTRE FOR HIGHER EDUCATION
NOORUL ISLAM UNIVERSITY, KUMARACOIL
M.E. CYBER SECURITY
CURRICULUM & SYLLABI
SEMESTER – II
SL.
SUBJECT
NO.
CODE
SUBJECT
L
T
P
C
3
0
0
3
3
0
0
3
Theory
1.
CY1504
2.
CY1505
Cybercrime Investigations and Digital
Forensics
Database Design and Security
3.
CY1506
Distributed Systems Security
3
0
0
3
4.
CY1507
Advanced Network Security
3
0
0
3
5.
CY1508
Cyber Law and Security Policies
3
0
0
3
6.
XX15E2
Elective II
3
0
0
3
CY1572
Database and Cyber Security Lab
0
1
2
2
18
1
2
20
Practical
7.
Total
CY1504
CYBERCRIME INVESTIGATIONS AND DIGITAL FORENSICS
3 0 0 3
UNIT I
INTRODUCTION: Introduction and Overview of Cyber Crime, Digital
laws and legislation, Law Enforcement Roles and Responses, Social engineering, Policies
followed in cybercrime investigations.
UNIT II
CYBER CRIME ISSUES: Unauthorized Access to Computers,
Computer Intrusions, White collar Crimes, Viruses and Malicious Code, Internet Hacking
and Cracking, Virus Attacks, Pornography, Software Piracy, Intellectual Property, Mail
Bombs, Exploitation ,Stalking and Obscenity in Internet.
UNIT III
INVESTIGATION: Introduction to Cyber Crime Investigation,
Investigation Tools, e Discovery, Digital Evidence Collection, Evidence Preservation, EMail Investigation, E-Mail Tracking, IP Tracking, E-Mail Recovery, Hands on Case
Studies. Encryption and Decryption Methods, Search and Seizure of Computers,
Recovering Deleted Evidences, Password Cracking.
UNIT IV
DIGITAL FORENSICS: Introduction to Digital Forensics, Forensic
Software and Hardware, Analysis and Advanced Tools, Forensic Technology and
Practices, Forensic Ballistics and Photography, Face, Iris and Fingerprint Recognition,
Audio Video Analysis.
UNIT V
OPERATING SYSTEM FORENSICS: Windows System Forensics,
Linux System Forensics, MAC system forensics, Mobile Phone OS Forensics: Android,
BADA, IOS, Windows OS, BlackBerry, Symbian, Network Forensics.
TOTAL: 45 PERIODS
REFERENCES:
1. Nelson Phillips and Enfinger Steuart, “Computer Forensics and Investigations”,
Cengage Learning, New Delhi, 2009.
2. Kevin Mandia, Chris Prosise, Matt Pepe, “Incident Response and Computer Forensics
“, Tata McGraw -Hill, New Delhi, 2006.
3. Robert M Slade,” Software Forensics”, Tata McGraw - Hill, New Delhi, 2005.
4. Bernadette H Schell, Clemens Martin, “Cybercrime”, ABC – CLIO Inc, California,
2004.
5. ”Understanding Forensics in IT “, NIIT Ltd, 2005.
CY1505
DATABASE DESIGN AND SECURITY
3 0 0 3
UNIT I
INTRODUCTION: Data models, structure of relational databases,
component of management system – DDL, DML, database languages, SQL standard,
database users and administrators.
UNIT II
RELATIONAL DBMS: Design issues - basic normal forms and
additional normal forms, Transforming E-R diagram to relations, Integrity constraints,
Query processing and optimization.
UNIT III
TRANSACTION PROCESSING: Transaction concept, concurrent
execution, isolation, testing for serializability, Concurrency control, lock based - timestamp based - validation based protocols, multi-version schemes, deadlock handling.
UNIT IV
DATABASE SECURITY: Introduction to database security, security
models, physical and logical security, security requirements, reliability and integrity,
sensitive data, inference, multilevel databases and multilevel security, access controlmandatory and discretionary , security architecture, issues.
UNIT V
SECURITY ISSUES: Application access, security and authorization,
authorization in SQL, encryption and authentication, secure replication mechanisms,
Audit- logon/logoff, sources, usage and errors, changes, external audit system
architecture, archive and secure auditing information.
TOTAL: 45 PERIODS
REFERENCES:
1. Abraham Silberschatz, Hanry F Korth, Sudarshan S, “Database Systems Concepts”,
McGraw Hill, 2007.
2. Ron Ben Natan, “Implementing database security and auditing”, Elsevier
publications, 2005.
3. Hassan A. Afyduni, “Database Security and Auditing”, Course Technology –
Cengage Learning, NewDelhi, 2009.
4. Raghu Ramakrishnan, "Database Management Systems", McGraw Hill/ Third
Edition,2003
5. Ramez Elmasri, Shamkant B. Navathe , “Fundamentals of Database System” Addison
Wesley, New Delhi/Fourth Edition 2004
6. M. Gertz, and S. Jajodia, Handbook of Database Security- Application and Trends,
2008, Springer.
CY1506
DISTRIBUTED SYSTEMS SECURITY
3 0 0 3
UNIT I
INTRODUCTION: Distributed Systems, Distributed Systems Security.
Security in Engineering: Secure Development Lifecycle Processes - A Typical Security
Engineering Process – Security Engineering Guidelines and Resources. Common
Security Issues and Technologies: Security Issues, Common Security Techniques.
UNIT II
HOST-LEVEL THREATS AND VULNERABILITIES: Transient
code Vulnerabilities - Resident Code Vulnerabilities - Malware: Trojan Horse – Spyware
- Worms/Viruses – Eavesdropping – Job Faults. Infrastructure-Level Threats and
Vulnerabilities: Network-Level Threats and Vulnerabilities - Grid Computing Threats
and Vulnerabilities – Storage Threats and Vulnerabilities – Overview of Infrastructure
Threats and Vulnerabilities.
UNIT III
APPLICATION-LEVEL THREATS AND VULNERABILITIES:
Application-Layer Vulnerabilities –Injection Vulnerabilities - Cross-Site Scripting (XSS)
- Improper Session Management - Improper Error Handling - Improper Use of
Cryptography - Insecure Configuration Issues - Denial of Service - Canonical
Representation Flaws - Overflow Issues. Service-Level Threats and Vulnerabilities: SOA
and Role of Standards - Service-Level Security Requirements - Service-Level Threats
and Vulnerabilities - Service-Level Attacks - Services Threat Profile.
UNIT IV.
HOST-LEVEL SOLUTIONS: Sandboxing – Virtualization - Resource
Management - Proof-Carrying Code -Memory Firewall – Antimalware. InfrastructureLevel Solutions: Network-Level Solutions - Grid-Level Solutions - Storage-Level
Solutions. Application-Level Solutions: Application-Level Security Solutions. Cloud
Computing- Security Threats.
UNIT V
SERVICE-LEVEL SOLUTIONS: Services Security Policy - SOA
Security Standards Stack – Standards in Depth - Deployment Architectures for SOA
Security - Managing Service-Level Threats - Compliance in Financial Services - SOX
Compliance - SOX Security Solutions – Multilevel Policy-Driven Solution Architecture Case Study: Grid - The Financial Application – Security Requirements Analysis. Future
Directions - Cloud Computing Security – Security Appliances - User centric Identity
Management - Identity-Based Encryption (IBE) - Virtualization in Host Security.
TOTAL: 45 PERIODS
REFERENCES:
1.
Abhijit Belapurakar, Anirban Chakrabarti and et al., “Distributed Systems Security:
Issues. Processes and solutions”, Wiley, Ltd., Publication, 2009.
2.
Abhijit Belapurkar, Anirban Chakrabarti, Harigopal Ponnapalli, Niranjan
Varadarajan, Srinivas Padmanabhuni and Srikanth Sundarrajan, “Distributed
Systems Security: Issues, Processes and Solutions”, Wiley publications, 2009.
3.
Rachid Guerraoui and Franck Petit, “Stabilization, Safety, and Security of
Distributed Systems”, Springer, 2010.
CY1507
ADVANCED NETWORK SECURITY
3 0 0 3
UNIT I
IP & WEB SECURITY: IP security: Overview - Architecture –
Authentication Header - Encapsulating Security Payload - Key management – Web
security: Web security considerations – Secure Socket Layer and Transport Layer
Security – Secure electronic transaction – Web issues
UNIT II
ELECTRONIC MAIL SECURITY: Store and forward – Security
services for e-mail – Establishing keys – Privacy – Authentication of the Source –
Message Integrity – Non-repudiation – Proof of submission and delivery - Pretty Good
Privacy – Secure/Multipurpose Internet Mail Extension.
UNIT III
WIRELESS SECURITY: - Kinds of security breaches - Eavesdropping Communication Jamming - RF interference - Covert wireless channels - DOS attack –
Spoofing - Theft of services - Traffic Analysis - Cryptographic threats - Wireless security
Standards.
UNIT IV
BLUETOOTH SECURITY: Basic specifications – Pico nets – Bluetooth
security architecture – Scatter nets – Security at the baseband layer and link layer –
Frequency hopping – Security manager – Authentication – Encryption – Threats to
Bluetooth security.
UNIT V
SYSTEM SECURITY: Intruders – Intrusion detection – Password
management – Malicious software: Viruses and related threats – virus countermeasures –
Firewalls: Firewall design principles – Firewall configurations – Trusted systems
TOTAL: 45 PERIODS
REFERENCES:
1.
Charles P. Fleeger, "Security in Computing", Prentice Hall, New Delhi, 2009
2.
Behrouz A.Forouzan, “Cryptography & Network Security”, Tata McGraw Hill,
India, New Delhi, 2009.
3.
William Stallings, “Cryptography and Network Security, Prentice Hall, New Delhi,
2006.
4.
Chalie Kaufman, Radia Perlman, Mike Speciner, “Network Security: Private
Communication in a Public Network”, Pearson Education, New Delhi, 2004.
5.
Neal Krawetz, “Introduction to Network Security”, Thomson Learning, Boston,
2007.
6.
Nichols and Lekka, “Wireless Security-Models, Threats and Solutions”, Tata
McGraw – Hill, New Delhi, 2006.
7.
Merritt Maxim and David Pollino,”Wireless Security”, Osborne/McGraw Hill, New
Delhi, 2005.
8.
William Stallings, “Cryptography and Network Security - Principles and practices,
Prentice Hall, New Delhi, 2006.
CY1508
CYBER LAW AND SECURITY POLICIES
3 0 0 3
UNIT I
INTRODUCTION TO COMPUTER SECURITY: Definition, Threats
to security, National Security policies, Information Protection and Access Controls,
Computer security efforts, Standards, Computer Security mandates and legislation,
Privacy considerations, International security activity.
UNIT II
SECURE SYSTEM PLANNING: Administration, Introduction to the
orange book, Security policy requirements, accountability, assurance and documentation
requirements, Network Security, The Red book and Government network evaluations.
UNIT III
LAWS AND ETHICS: IT Act 2000, IT Act 2008(Amendment),
Controller of Certifying Authorities, Digital Evidence Controls, Evidence Handling
Procedures, Basics of Indian Evidence Act, IPC and CrPC , Electronic Communication
Privacy ACT, Legal Policies.
UNIT IV
INFORMATION SECURITY:
Fundamentals-Responsibilities of
Employer(s), /Employees- Information classification- Information handling- Tools of
Information Security- Information processing-secure program administration.
UNIT V
ORGANIZATIONAL AND HUMAN SECURITY: Adoption of
Information Security Management Standards, Human Factors in Security- Role of
Information Security professionals.
TOTAL: 45 PERIODS
REFERENCES:
1.
Pavan Duggal,” Cyber Laws”, “Mobile law”.
2.
Thomas R. Peltier, “Information Security policies and procedures: A Practitioner’s
Reference”, 2nd Edition Prentice Hall, 2004.
3.
Kenneth J. Knapp, “Cyber Security and Global Information Assurance: Threat
Analysis and Response Solutions”, IGI Global, 2009.
4.
Thomas R Peltier, Justin Peltier and John Blackley, ”Information Security
Fundamentals”, 2nd Edition, Prentice Hall, 1996
5.
Jonathan Rosenoer, “Cyber law: the Law of the Internet”, Springer-verlag, 1997.
6.
S.V. Joga Rao, “Law of Cyber crimes and Information Technology Law”2007.
7.
Vivek Sood, “Cyber crimes Electronics Evidence and Investigations”2010.
8.
Vimlendu Tayal, “ Cyber Law Cyber crime Internet and E Commerce” 2011.
9.
M K Sharma, “Cyber Warfare and power of Unseen” 2011.
10. Aparna Viswanathan, “Cyber Law Indian and International Perspective” 2012.
CY1572
DATABASE AND CYBER SECURITY LAB
1. Creating a database for an application using DDL.
2. Setting up of integrity constraints.
3. Data manipulation using DML queries.
4. Use Rollback, commit, save point, grant and revoke commands.
5. Creation, deletion and modification of users and implementing authentication
mechanisms for different users.
6. Designing and implementing password policies.
7. Implementation of Substitution and Transposition ciphers
8. Implementation of Data Encryption Standard
9. Implementation of International Data Encryption Algorithm
10. Implementation of Advanced Encryption Standard
11. Implementation of RSA Algorithm
12. Implementation of Diffie-Hellman Key Exchange
13. Implementation of Message Authentication Codes
14. Implementation of Hash functions
15. Implementation of Digital Signature Standard
16. Hiding of confidential information within Image
TOTAL: 45 PERIODS
NOORUL ISLAM CENTRE FOR HIGHER EDUCATION
NOORUL ISLAM UNIVERSITY, KUMARACOIL
M.E. CYBER SECURITY
CURRICULUM & SYLLABI
SEMESTER – III
SL.
SUBJECT
NO.
CODE
SUBJECT
L
T
P
C
THEORY
1.
XX15E3
Elective III
3
0
0
3
2.
XX15E4
Elective IV
3
0
0
3
3.
XX15E5
Elective V
3
0
0
3
PRACTICAL
4.
CY1573
Cyber Crime Investigations Lab
0
1
2
2
5.
CY15P1
Project Work Phase - I
0
0
12
6
9
1
14
17
Total
NOORUL ISLAM CENTRE FOR HIGHER EDUCATION
NOORUL ISLAM UNIVERSITY, KUMARACOIL
M.E. CYBER SECURITY
CURRICULUM & SYLLABI
SEMESTER – IV
SL.
No.
SUBJECT
SUBJECT
L
T
P
Project Work Phase-II
0
0
36 18
0
0
36
CODE
C
PRACTICAL
1
CY15P5
TOTAL
18
NOORUL ISLAM CENTRE FOR HIGHER EDUCATION
NOORUL ISLAM UNIVERSITY, KUMARACOIL
M.E. CYBER SECURITY
LIST OF ELECTIVES
1.
CY15A1
Ethical Hacking
3
0
0
3
2.
CY15A2
Digital Watermarking and Steganography
3
0
0
3
3.
CY15A3
Biometric Security
3
0
0
3
4.
CY15A4
Intrusion Detection and Prevention System
3
0
0
3
5.
CY15A5
Forensics and Incident Response
3
0
0
3
6.
CY15A6
Pattern Recognition
3
0
0
3
7.
CY15A7
Biometric Image Processing
3
0
0
3
CY15A1
ETHICAL HACKING
3 0 0 3
UNIT I
ETHICAL HACKING OVERVIEW: Introduction - Certified Ethical
Hackers – Network and Computer Attacks – Ethical Hacking Plan – Hacking
Methodology. Legal Issues and Law Enforcement.
UNIT II
FOOTPRINTING AND SOCIAL ENGINEERING: Foot printing
Tools – Conducting Competitive Intelligence - DNS Zone Transfers – Introduction to
Social Engineering – Performing Social Engineering Attacks - Social Engineering
Countermeasures.
UNIT III
SERVICE SCANNING: Introduction to Port Scanning – Types of Port
Scan – Port Scanning Tools - Conducting Ping Sweeps - Shell Scripting. Enumeration:
Introduction - Enumerating Windows, Symbian, Java OS, Android and NetWare
Operating Systems.
UNIT IV
HACKING NETWORKS: Hacking Web Servers: Web Application –
Web Application Vulnerabilities – Tools for Web Attackers and Security Testers.
Hacking Wireless Network- Wireless Technology – Wireless Network Standards –
Authentication – War driving – Wireless Hacking – Protecting Networks with Security
Devices.
UNIT V
HACKING OPERATING SYSTEMS: Windows: Vulnerabilities –
Choosing Tools – Information Gathering – RPC – Null Sessions – Share Permissions –
Hardcore Vulnerability Exploitation. Linux: Vulnerabilities – Information Gathering –
Unconnected Services - .rhosts and hosts.equiv Files – NFS – File Permissions – Buffer
Overflow. Hacking Applications: Messaging Systems – Web Applications – Mobile
Applications - Databases - Reporting Results.
TOTAL: 45 PERIODS
REFERENCES:
1.
Michael T. Simpson, “Ethical Hacking and Network Defense”, Cengage Learning,
New Delhi, 2010.
2.
Kevin Beaver, “Hacking for Dummies”, Wiley Publication, India, 2007.
3.
Ankit Fadia, “Unofficial Guide to Ethical Hacking”, Macmillan Company, New
Delhi, 2001.
CY15A2
DIGITAL WATERMARKING AND STEGANOGRAPHY 3 0 0 3
UNIT I
WATERMARKING MODELS & MESSAGE CODING: IntroductionInformation Hiding, Steganography and Watermarking – History of watermarking –
Importance of digital watermarking – Applications – Properties – Evaluating
watermarking systems. Notation – Communications – Communication based models –
Geometric models – Mapping messages into message vectors – Error correction coding –
Detecting multi-symbol watermarks
UNIT II
WATERMARKING WITH SIDE INFORMATION & ANALYZING
ERRORS: Informed Embedding – Informed Coding – Structured dirty-paper codes Message errors – False positive errors – False negative errors – ROC curves – Effect of
whitening on error rates.
UNIT III
PERCEPTUAL MODELS: Evaluating perceptual impact – General
form of a perceptual model – Examples of perceptual models – Robust watermarking
approaches Redundant Embedding, Spread Spectrum Coding, Embedding in
Perceptually significant coefficients. Watermark Security & Authentication: Security
requirements – Watermark security and cryptography – Attacks – Exact authentication –
Selective authentication – Localization – Restoration.
UNIT IV
INTRODUCTION TO DIGITAL STEGANOGRAPHY:Types of
Steganography, Technical Steganography, Linguistic Steganography, Digital
Steganography, Applications of Steganography, Cover Communication, One-Time Pad
Communication, Embedding Security and Imperceptibility, Examples of Steganographic
Software, S-Tools, StegoDos, EzStego, Jsteg-Jpeg.
UNIT V
STEGANOGRAPHY COMMUNICATION: Notation and terminology
– Information-theoretic foundations of steganography – Practical steganographic methods
– Minimizing the embedding impact – Steganalysis
TOTAL: 45 PERIODS
REFERENCES:
1. Ingemar J. Cox, Matthew L. Miller, Jeffrey A. Bloom, Jessica Fridrich, Ton Kalker,
“Digital Watermarking and Steganography”, Margan Kaufmann Publishers, New
York, 2008.
2. Ingemar J. Cox, Matthew L. Miller, Jeffrey A. Bloom, “Digital Watermarking”,
Margan Kaufmann Publishers, New York, 2003.
3. Michael Arnold, Martin Schmucker, Stephen D. Wolthusen, “Techniques and
Applications of Digital Watermarking and Contest Protection”, Artech House,
London, 2003.
4. Juergen Seits, “Digital Watermarking for Digital Media”, IDEA Group Publisher,
New York, 2005.
5. Peter Wayner, “Disappearing Cryptography – Information Hiding: Steganography &
Watermarking”, Morgan Kaufmann Publishers, New York, 2002.
CY15A3
BIOMETRIC SECURITY
3 0 0 3
UNIT I
INTRODUCTION: Biometric fundamentals – Biometric technologies –
Biometrics Vs traditional techniques – Characteristics of a good biometric system –
Benefits of biometrics – Key biometric processes: verification, identification and
biometric matching – Performance measures in biometric systems: FAR, FRR, FTE
rate, EER and ATV rate.
UNIT II
PHYSIOLOGICAL BIOMETRICS : Leading technologies : Fingerscan – Facial-scan – Iris-scan – Voice-scan – components, working principles, competing
technologies, strengths and weaknesses – Other physiological biometrics : Hand-scan,
Retina-scan –
components, working principles, competing technologies, strengths
and weaknesses – Automated fingerprint identification systems.
UNIT III
BEHAVIOURAL BIOMETRICS: Leading technologies: Signature-scan
– Keystroke scan – components, working principles, strengths and weaknesses.
UNIT IV
BIOMETRIC APPLICATIONS: Categorizing biometric applications –
application areas: criminal and citizen identification, surveillance, PC/network access, ecommerce and retail/ATM – costs to deploy – other issues in deployment
UNIT V
PRIVACY AND STANDARDS IN BIOMETRICS: Assessing the
Privacy Risks of Biometrics – Designing Privacy-Sympathetic Biometric Systems – Need
for standards – different biometric standards.
TOTAL: 45 PERIODS
REFERENCES:
1. Samir Nanavati, Michael Thieme, Raj Nanavati, “Biometrics – Identity Verification
in a Networked World”, Wiley-dreamtech India Pvt Ltd, New Delhi, 2003
2. Paul Reid, “Biometrics for Network Security”, Pearson Education, New Delhi, 2004.
3. John R Vacca, “Biometric Technologies and Verification Systems”, Elsevier Inc,
2007.
4. Anil K Jain, Patrick Flynn, Arun A Ross, “Handbook of Biometrics”, Springer, 2008.
CY15A4
INTRUSION DETECTION AND PREVENTION SYSTEM
3 0 0 3
UNIT I
INTRODUCTION: Understanding Intrusion Detection – Intrusion
Detection and Prevention basics – IDS and IPS analysis schemes, Attacks, Detection
approaches –Misuse detection – anomaly detection – specification based detection –
hybrid detection
UNIT II
THEORETICAL FOUNDATIONS OF DETECTION: Taxonomy of
anomaly detection system – fuzzy logic – Bayes theory – Artificial Neural networks –
Support vector machine – Evolutionary computation – Association rules – Clustering
UNIT III
ARCHITECTURE AND IMPLEMENTATION:
Distributed – Cooperative Intrusion Detection - Tiered architecture.
Centralized
–
UNIT IV
JUSTIFYING INTRUSION DETECTION: Intrusion detection in
security – Threat Briefing – Quantifying risk – Return on Investment (ROI)
UNIT V
APPLICATIONS AND TOOLS: Tool Selection and Acquisition
Process - Bro Intrusion Detection – Prelude Intrusion Detection - Cisco Security IDS Snorts Intrusion Detection – NFR security. Legal Issues and Organizations Standards:
Law Enforcement / Criminal Prosecutions – Standard of Due Care – Evidentiary Issues,
Organizations and Standardizations.
TOTAL: 45 PERIODS
REFERENCES:
1.
Ali A. Ghorbani, Wei Lu, “Network Intrusion Detection and Prevention: Concepts
and Techniques”, Springer, 2010.
2.
Carl Enrolf, Eugene Schultz, Jim Mellander, “Intrusion detection and Prevention”,
McGraw Hill, 2004
3.
Paul E. Proctor, “The Practical Intrusion Detection Handbook “, Prentice Hall,
2001.
4.
Ankit Fadia and Mnu Zacharia, “Intrusion Alert”, Vikas Publishing house Pvt., Ltd,
2007.
5.
Earl Carter, Jonathan Hogue, “Intrusion Prevention Fundamentals”, Pearson
Education, 2006.
CY15A5
FORENSICS AND INCIDENT RESPONSE
3 0 0 3
UNIT I
INCIDENT AND INCIDENT RESPONSE: Introduction to Incident Incident Response Methodology – Steps - Activities in Initial Response
Phase after detection of an incident
UNIT II
INITIAL RESPONSE AND FORENSIC DUPLICATION: Initial
Response & Volatile Data Collection from Windows system. Initial Response & Volatile
Data Collection from UNIX s ystem. Forensic Duplication: Forensic duplication:
Forensic Duplicates as Admissible Evidence, Forensic Duplication Tool Requirements,
Creating a Forensic Duplicate/Qualified Forensic Duplicate of a Hard Drive
UNIT III
STORAGE AND EVIDENCE HANDLING: File Systems: FAT, NTFS
- Forensic Analysis of File Systems - Storage Fundamentals: Storage Layer, Hard Drives
Evidence Handling: Types of Evidence, Challenges in evidence handling, Overview of
evidence handling procedure
UNIT IV
NETWORK FORENSICS: Collecting Network Based Evidence Investigating Routers - Network Protocols - Email Tracing - Internet Fraud
UNIT V
SYSTEMS INVESTIGATION AND ETHICAL ISSUES:
Data
Analysis Techniques - Investigating Live Systems (Windows &Unix) Investigating Hacker Tools - Ethical Issues - Cybercrime
TOTAL: 45 PERIODS
REFERENCES:
1.
Kevin Mandia, Chris Prosise, “Incident Response and computer forensics”, Tata
McGrawHill, 2006.
2.
Peter Stephenson, "Investigating Computer Crime: A Handbook for Corporate
Investigations", Sept 1999
3.
Eoghan Casey, "Handbook Computer Crime Investigation's Forensic Tools and
Technology", Academic Press, 1st Edition, 2001
4.
Skoudis. E., Perlman. R. Counter Hack: A Step-by-Step Guide to Computer
Attacks and Effective Defenses. Prentice Hall Professional Technical Reference.
2001.
5.
Norbert Zaenglein, "Disk Detective: Secret You Must Know to Recover
Information From a Computer", Paladin Press, 2000
6.
Bill Nelson,Amelia Philips and Christopher Steuart, “Guide to computer
forensics and investigations”, course technology,4thedition,ISBN: 1-435-49883-6
CY15A6
PATTERN RECOGNITION
3 0 0 3
UNIT I
INTRODUCTION: Basic Concepts of Pattern Recognition- Fundamental
problems in Pattern Recognition System Design- Design Concepts and Methodologies –
Examples of Automatic Pattern Recognition Systems
UNIT II
PATTERN CLASSIFICATION BY DISTANCE FUNCTIONS:
Minimum Distance Pattern Classification – Cluster Seeking – Unsupervised Pattern
Recognition
UNIT III
PATTERN CLASSIFICATION BY LIKELIHOOD FUNCTIONS:
Introduction – Pattern Classification as a Statistical Decision Problem – Bayes Classifier
for Normal Patterns- Nonparametric decision making
UNIT IV
PATTERN PREPROCESSING AND FEATURE SELECTION:
Similarity and Distance – Clustering Transformations and Feature Ordering – Clustering
in Feature Selection – Feature selection through Divergence Maximization – Binary
Feature Selection
UNIT V
CASE STUDIES IN PATTERN RECOGNITION: Clustering –
Artificial Neural Networks – Image Analysis
TOTAL: 45 PERIODS
REFERENCES:
1. Earl Gose, Richard Johnsonbaugh and Steve Jost,”Pattern Recognition and Image
Analysis”, Prentice Hall, New Delhi, 2005.
2. Earl Gose Richard Johnsonbaugh Steve Jost, “Pattern Recognition and Image
Analysis”, Prentice Hall, Inc, 2002.
3. Wolff D D Parsons M L, “Pattern Recognition Approach to Data Interpretation”,
Plenum Press, 1983.
4. Julius T. Tou and Rafael C. Gonzalez, "Pattern Recognition Principles”, Addison
Wesley, New Delhi
CY15A7
BIOMETRIC IMAGE PROCESSING
3 0 0 3
UNIT I
FUNDAMENTALS: Digital Image representation - Fundamental steps in
Image Processing - Elements of Digital Image Processing Systems - Sampling and
Quantization - Basic relationships between pixels - Imaging Geometry - Transformation
Technology - The Fourier Transform, The Hadamard Transform, The Discrete Cosine
Transform.
UNIT II
IMAGE PROCESSING METHODS: Image Enhancement: The Spatial
Domain Methods, The Frequency Domain Methods - Image Segmentation: Pixel
Classification by Thresholding, Histogram Techniques, Smoothing and Thresholding Gradient Based Segmentation: Gradient Image, Boundary Tracking, Laplacian Edge
Detection.
UNIT III
FINGERPRINT BIOMETRICS: Fingerprint Patterns, Fingerprint
Features, Fingerprint Image, width between two ridges - Fingerprint Image Processing Minutiae Determination - Fingerprint Matching: Fingerprint Classification, Matching
policies.
UNIT IV
FACE RECOGNITION: Detection and Location of Faces: StatisticsBased method, Knowledge-Based method - Feature Extraction and Face Recognition:
Gray value Based method, Geometry Feature Based method, Neural Networks method.
UNIT V
IRIS BIOMETRICS: Iris System Architecture, Definitions and Notations
- Iris Recognition: Iris location, Doubly Dimensionless Projection, Iris code, Comparison
- Coordinate System: Head Tilting Problem, Basic Eye Model - Searching Algorithm Texture Energy Feature. Fusion in Biometrics: Introduction to Multibiometrics Information Fusion in Biometrics - Issues in Designing a Multibiometric System Sources of Multiple Evidence - Levels of Fusion in Biometrics - Sensor level , Feature
level, Rank level, Decision level fusion - Score level Fusion.
TOTAL: 45 PERIODS
REFERENCES:
1.
David D. Zhang, “Automated Biometrics: Technologies and Systems”, Kluwer
Academic Publishers, New Delhi, 2000.
2.
Rafael C.Gonzalez, Richard E.Woods, Steven L.Eddins, “Digital Image
Processing”, Pearson Education, New Delhi, 2009.
3.
Arun A. Ross, Karthik Nandakumar, A.K.Jain, “Handbook of Multibiometrics”,
Springer, New Delhi, 2006.
Related documents
TODAY’S TECHNOLOGY CAN CHANGE IN THE BLINK OF AN EYE.
TODAY’S TECHNOLOGY CAN CHANGE IN THE BLINK OF AN EYE.
SECURITY IN THE BALTIC SEA REGION 1. Lecture
SECURITY IN THE BALTIC SEA REGION 1. Lecture
Uniqua Consulting Gmbh - Data Mining Analyst
Uniqua Consulting Gmbh - Data Mining Analyst
NOTE: Your selected records (to a maximum of 500
NOTE: Your selected records (to a maximum of 500
FORENSICS Computer Forensics
FORENSICS Computer Forensics
Customer markets
Customer markets
Data Mining BS/MS Project
Data Mining BS/MS Project
Introduction - Computer Science
Introduction - Computer Science
A. Explain the nature of marketing plans. B. Explain the role
A. Explain the nature of marketing plans. B. Explain the role
Data Mining
Data Mining
Artificial Intelligence for Cyber Security (AICS)
Artificial Intelligence for Cyber Security (AICS)
Question: What does Data Sharing literature have in common and
Question: What does Data Sharing literature have in common and