syllabus outline for computer science & …€¦ · web view2020/05/01 · introduction to...

Syllabus outline for Computer Science & Engineering (Hons.) with Specialization in

Cyber Forensics & Internet Security

PREAMBLEEducation plays enormously significant role in building of a nation. There are quite a large number of educational institutions, engaged in imparting education in our country. Majority of them have entered recently into semester system to match with international educational pattern. However, our present education system is churning out youth who have to compete locally, regionally, nationally as well as globally. The present alarming situation necessitates transformation and/or redesigning of system, not only by introducing innovations but developing “learner-centric approach.

Majority of Indian higher education institutions have been following the system, which obstructs the flexibility for the students to study the subjects/courses of their choice and their mobility to different institutions. There is need to allow the flexibility in education system, so that students depending upon their interests can choose inter-disciplinary, intra-disciplinary and skill-based courses. This can only be possible when choice based credit system (CBCS), an internationally acknowledged system, is adopted. The choice based credit system not only offers opportunities and avenues to learn core subjects but also explore additional avenues of learning beyond the core subjects for holistic development of an individual. The CBCS will undoubtedly facilitate benchmarking of our courses with best international academic practices.

Advantages of the choice based credit system:

• Shift in focus from the teacher-centric to student-centric education.

• Student may undertake as many credits as they can cope with (without repeating all courses in a given semester if they fail in one/more courses).

• CBCS allows students to choose inter-disciplinary, intra-disciplinary courses, skill oriented papers (even from other disciplines according to their learning needs, interests and aptitude) and more flexibility for students.

• CBCS makes education broad-based and at par with global standards. One can take credits by combining unique combinations.

• CBCS offers flexibility for students to study at different times and at different institutions to complete one course (ease mobility of students). Credits earned at one institution can be transferred to another institution.

CHOICE BASED CREDIT SYSTEMThe Indian Higher Education Institutions have been moving from the conventional annual system to semester system. Currently many of the institutions have already introduced the Choice Based Credit System. The semester system accelerates the teaching-learning process and enables vertical and horizontal mobility in learning. The credit based semester system provides flexibility in designing curriculum and assigning credits based on the course content and hours of teaching. The Choice Based Credit System provides a ‘cafeteria’ type approach in which the students can take courses of their choice, learn at their own pace, undergo additional courses to acquire more than the required credits and adopt an interdisciplinary approach to learning.

PROGRAMME EDUCATIONAL OBJECTIVES

This scheme and courses are related to four-year Computer Science & Engineering programme with following Programme Educational Objectives (PEO).

1. Graduates of the program will have successful technical and professional careers in industry, academia, govt. and entrepreneurship.

2. Graduates of the program will hold strong professional ethics with good team skills and communication

3. Graduates of the program will engage in lifelong learning to acquire new knowledge in an evolving technological landscape.

TYPES OF COURSES

1. Courses are the subjects that comprise the Computer Engineering Programme.

2. A course may be designed to comprise lectures, tutorials, laboratory work, fieldwork, outreach activities, project work, vocational training, viva, seminars, term papers, assignments, presentations, self-study etc. or a combination of some of these components.

3. The learning outcomes of each course will be defined before the start of a semester.

4. Following are the course types:

i. Core Course (CC): This is a course, which is to be compulsorily studied by a student as a core requirement to complete the requirement of B.Tech in Computer Science &Engineering.

ii. Elective Course: An elective course is a course, which can be chosen from a pool of courses. It is intended to support the discipline of study by providing an expanded scope, enabling exposure to another discipline/domain and nurturing a student’s proficiency and skill. An elective may be of following types:

a) Discipline Specific Elective (DE): It is an elective course that adds proficiency to the students in the discipline.

b) Generic Elective (GE): It is an elective course taken from other engineering disciplines and enhances the generic proficiency and interdisciplinary perspective of students.

iii. Obligatory Courses:

a) Mandatory Courses (MC): It can be taken from among a pool of foundation courses, which aim at value-based education. They may provide hands-on training to improve competencies and skills or provide education on human, societal, environmental and national values.

b) Dissertation/Project/Training/Internship (PTI):Course designed to acquire special/advanced knowledge, such as supplement study/support study to a project work, and a candidate studies such a course on his own with an advisory support by a teacher/faculty member is called dissertation/project

c) Humanities, Social Sciences & Management (HSM): It is an elective course taken from non-engineering disciplines (humanities, social sciences and management) that broadens the perspective of an engineering student.

Syllabus outline for Computer Science & Engineering (Hons.) with Specialization in Cyber Forensics & Internet Security

1

d) Basic Science Courses (BSC): It is based upon content that leads to fundamental knowledge enhancement in sciences, and basic engineering principles.

e) NPTEL (NPT): Online MOOC courses are based on the respective year’s offered courses.

f) General Studies Courses (GSC): Course designed to encourage and enrich the students for the technical and professional exams

5. Each credit course contributes certain credits to the programme. A course can be offered either as a full course (4 credits) or as a half course (2 credits). A full course is conducted with 3 hours of lectures and either 1 hour of tutorial or 2 hours of practical work per week. A half course is conducted with 2 hours of lectures. There are also some exceptional electives with 3 credits and 1 credit.

Definition of Credit: -

1 Hr. Lecture (L) per week 1 Credit

1 Hr. Tutorial (T) per week 1 Credit

1 Hr. Practical (P) per week

Or

2 Hr. Practical (Lab)/week

0.5 Credits

Or

1 Credit

6. A project work/dissertation is considered as a special course involving application of the knowledge gained during the course of study in exploring, analyzing and solving complex problems in real life applications. A candidate completes such a course with an advisory support by a faculty member.

7. Mandatory Courses may be offered. They do not carry credits but aim at expanding knowledge or bridging deficiency in knowledge or skill.

8. A course may have pre-requisite course(s) that are given in the Semester-wise Course Allocation scheme.

9. A student can opt for a course only if he/she has successfully passed its pre- requisite(s).10. A student has to register for all courses before the start of a semester.11. Program codes: The codes for various undergraduate programmes are as follows:

i. Civil Engineering: CE

ii. Computer Science &Engineering: CS

iii. Electronics and Communication Engineering: EC

iv. Electrical Engineering: EE

v. Mechanical Engineering: ME

12. Departmental Course Codes: The codes for departmental core courses and discipline-specific electives are specific to each discipline. The first two characters are derived from departmental codes listed above. The third character is ‘C’ for core courses and ‘D’ for discipline-specific courses and ‘PT’ forDissertation/Project/Training/Internship. This is followed by a digit sequence number:

i. CSCyyy: Core Course


2

ii. CSDyyy: Discipline-Specific Elective Course

iii. CSPTyyy: Dissertation/Project/Training/Internship

13. Common Elective Course Codes: All disciplines will follow a common code as shown below. The 3-digit sequence number ‘yyy’ is taken from the respective tables of different types of courses.

i. HSMyyy: Humanities, Social Sciences& Management Course

ii. BSCyyy: Basic Science Course

iii. MCyyy: Mandatory Course

iv. GSCyyy: General Studies Courses

14. General Electives: A student may take a course under the category of General Elective (GE) offered by any other Department of the Institute under the categories of Core Course (CC) and Discipline Specific Electives (DE). However, such options shall be offered to a student as per prescribed guidelines of the Institute.

15. General Electives: A student may take a course under the category of General Elective (GE) offered by any other Department of the Institute under the categories of Core Course (CC) and Discipline Specific Electives (DE). However, such options shall be offered to a student as per prescribed guidelines of the Institute.

16. The opting of a course by the student will depend upon the requisites for that course and with the consent of the course advisor.

PROGRAM OUTCOMESI. At the completion of the B.Tech. Computer Science &Engineering Program, a student will

achieve the following outcomes:

II. Gain an ability to apply the knowledge of mathematics, science, Engineering fundamentals and computer engineering in solving complex engineering problems.

III. Acquire the ability to survey the literature, conduct experiments, interpret data and analyze complex engineering problems.

IV. Acquire the ability to design a system, its components and processes to meet requirements with due regard to social, economic and environmental considerations.

V. Acquire the ability to apply research based knowledge and methods to investigate complex engineering problems with focus on computer engineering.

VI. Acquire the ability to select existing tools, techniques and resources and create new ones to model complex engineering problems and activities.

VII. Understand the responsibilities of an engineering profession towards society, economy, health, safety and legal issues.

VIII. Understand a computer engineer’s role in enhancing sustainable development.

IX. Demonstrate professional ethics and responsibilities with utmost integrity at all times

X. Acquire the ability to contribute effectively as members or leaders of diverse and multidisciplinary teams.


3

XI. Communicate effectively among professional and with society through reports, presentations, documentations and instructions.

XII. Engage in lifelong learning in ever evolving landscape of computer science and engineering.


4

SCHEME – SEMESTER WISE COURSE ALLOCATION

First Semester SyllabusSl No.

TypeSubject Code Topic L T P

Credit Points

1 BSC BSC--- Physics 3 1 3 5.52 BSC BSC--- Mathematics-1 3 1 0 43 GE EEC101 Basic Electrical Engineering 3 0 2 4

4 GE MEC101 Engineering Graphics & Design 1 0 4 3

5 GE ECC101 Basic Electronics Engineering 2 0 0 2

6 GSC GSC101 ESP & SDP-I 0 1 0 1

Total 19.5

## Students will undergo a mandatory induction program

Suggestive Choice Based Subjects

Sl No.


Credit

Points

1BSC BSC00

1 Physics - Semiconductor physics 3 1 3 5.5

2BSC

BSC002Physics - Introduction to Electromagnetic Theory 3 1 3 5.5

3 BSC BSC003 Physics - Introduction to Mechanics 3 1 3 5.5

4BSC

BSC004Physics - Quantum Mechanics for Engineers 3 1 3 5.5

5 BSC BSC005 Physics - Oscillation, Waves and Optics 3 1 3 5.56 BSC BSC006 Chemistry 3 1 3 5.5

7BSC BSC00

7Mathematics - Calculus and Vector Calculus 3 1 0 4

8BSC

BSC008Mathematics –Calculus & Differential Equation 3 1 0 4

9 BSC BSC009 Mathematics – Statistics and Probability 3 0 0 3

Sl No.


Credit

Points

Theory10 BSC BSC010 Mathematics - Discrete Mathematics 3 0 0 3

11BSC

BSC011Mathematics - Numerical Methods & Probability Theory 3 1 0 4

12BSC

BSC012Mathematics –Transform Calculus, Numerical Methods & Complex Analysis 3 1 0 4

13BSC

BSC013Mathematics - Probability, Statistics & Stochastic Process 3 1 0 4


1

Second Semester SyllabusSl No.


Credit

Points

1 BSC BSC--- Chemistry 3 1 3 5.52 BSC BSC--- Mathematics-2 3 1 0 43 CC CSC201 Programming for Problem Solving 3 0 2 4

4 GE MEC202 Workshop/Manufacturing Practices 1 0 4 3

5 HSM HSM001 English 2 0 2 3

6 GSC GSC202 ESP & SDP - II 0 2 0 2

7 PTI INT201 Inter/Intra Institutional Activity 0 0 6 38 NPT NPT## (NPTEL) - - - 1

Total 25.5

## (NPT201)NPTEL courses are based on the respective year’s offered courses


Sl No.

Type Subject

CodeTopic L T P

Credit

Points

1 BSC BSC001 Physics - Semiconductor Physics 3 1 3 5.5

2BSC

BSC002Physics - Introduction to Electromagnetic Theory 3 1 3 5.5

3 BSC BSC003 Physics - Introduction to Mechanics 3 1 3 5.5

4BSC

BSC004Physics - Quantum Mechanics for Engineers 3 1 3 5.5

5 BSC BSC005 Physics - Oscillation, Waves and Optics 3 1 3 5.56 BSC BSC006 Chemistry 3 1 3 5.5

7BSC BSC00

7Mathematics - Calculus and Vector Calculus 3 1 0 4

8BSC BSC00

8Mathematics – Advanced Calculus & Differential Equation 3 1 0 4

9 BSC BSC00 Mathematics – Statistics and Probability 3 0 0 3

Sl No.

Type Subject

CodeTopic L T P

Credit

Points

9 Theory

11BSC BSC01

2Mathematics –Transform Calculus, Numerical Methods & Complex Analysis 3 1 0 4

12BSC BSC01

3Mathematics - Probability, Statistics & Stochastic Process 3 1 0 4


1

Third Semester SyllabusSl No.


Credit

Points

1 BSC BSC--- Mathematics-3 3 0 0 3

2 CC CSC302

Object Oriented Programming using C++ 3 0 2 4

3 CC CSC303 Data Structure & Algorithms 3 0 2 4

4 DE ------ Discipline Specific Elective 1 0 3 2.55 GE ------ Generic Elective - - - 46 NPT NPT## (NPTEL) - - - 1

7 GSC GSC303 ESP & SDP - III 0 2 0 2

8 HSM HSM--- Humanities 3 0 0 3Total 23.5

##(NPT301) NPTEL courses are based on the respective year’s offered coursesSuggestive Choice Based Subjects

Sl No

TypeSubject Code Topic

L T PCredi

t Point

s

3 BSC BSC009

Mathematics – Applied Statistics and Probability Theory 3 0 0 3

4 BSC BSC010 Mathematics - Discrete Mathematics 3 0 0 3

5 BSCBSC011

Mathematics - Numerical Methods & Probability Theory 3 1 0 4

6 BSCBSC012

Mathematics –Transform Calculus, Numerical Methods & Complex Analysis 3 1 0 4

7 BSCBSC013

Mathematics - Probability, Statistics & Stochastic Process 3 1 0 4

8 GE ECC407 Analog Circuits 3 0 2 4

9 GE ECC306

Digital System Design& Computer Organization 3 0 2 4

10 HSM HSM004 Industrial Psychology 3 0 0 311 HSM HSM013 Values and Ethics in Profession 3 0 0 312 HSM HSM014 E Commerce 3 0 0 313 DE CSD301 Introduction to Python Programming 1 0 2 2

Sl No

TypeSubject Code Topic

L T PCredi

t Point

s

14 DE CSD302 Introduction to Android Programming 1 0 2 2


1

Fourth Semester SyllabusSl No.

Type Subject Code Topic L T P

Credit Point

s

1 BSC BSC--- Mathematics-4 3 0 0 3

2 CC CSC404 Formal Language & Automata Theory 3 0 0 3

3 CC CSC405 Object Oriented Methodology using Java 3 0 2 4

4 CC CSC406 Design & Analysis of Algorithms 3 0 2 4

5 CC CSC407 Software Engineering 3 0 2 4

6 HSM HSM--- Humanities 3 0 0 3

7 GSC GSC404 ESP & SDP - IV 0 2 0 2

8 NPT NPT## (NPTEL) - - - 19 PTI INT502 Internship Industrial Training 0 0 6 3

Total 27

## (NPT401)NPTEL courses are based on the respective year’s offered course


Sl No.


Credit

Points

1 BSC BSC016

Mathematics - Numerical Methods & Operation Research

3 0 0 3

2 BSC BSC016 Operation Research 3 0 0 33 BSC BSC018 Statistics for Data Analysis 3 0 0 34 BSC BSC019 Graph Theory 3 0 0 35 BSC BSC020 Statistical Inference 3 0 0 3

6 HSM HSM006 Economics for Engineers 3 0 0 3

7 HSM HSM008 Principle of Management 3 0 0 3

8 HSM HSM009 Total Quality Management 3 0 0 3

Fifth Semester SyllabusSl No.


Credit

Points

1 CC CSC508 Data Base Management System 3 0 2 42 CC IS501 Introduction to Cryptography 3 0 0 33 CC CSC510 Operating System 3 0 2 44 GE ------ Generic Elective - - - 45 DE ------ Discipline Specific Elective - - - 36 GSC GSC505 ESP & SDP - V 0 2 0 27 NPT NPT## (NPTEL) - - - 18 BSC BSC Mathematics-5 3 0 0 39 MC MC001 Environmental Science 0 0 0 0

Total 24

##(NPT501) NPTEL courses are based on the respective year’s offered course


Sl No.


Credit

Points

1 DE CSD503 Programming with Ruby on Rails 2 0 2 32 DE CSD504 Advanced Programming with Python 2 0 2 33 DE IS502 Introduction to Cyber Security 2 0 2 34 GE ECC510 Digital Signal Processing 3 0 2 4

5 GE ECC406 Analog &Digital Communication 3 0 2 4

5BSC BSC01

0 Mathematics - Discrete Mathematics3 0 0 3

6 BSC BSC017 Operations Research 3 0 0 37 BSC BSC018 Statistics for Data Analysis 3 0 0 3

Sixth Semester SyllabusSl No.


Credit

Points

1 CC IS603 Digital Forensics 3 0 0 3

2 CC CSC612 Data Communication & Networking 3 0 2 4

3 DE* ----- Discipline Specific Elective 3 0 2 4

4 GE/DE ----- Discipline Specific Elective/Generic Elective 3 0 2 4

5 DE** ----- Discipline Specific Elective - - - 3

6 GE/DE ------ Discipline Specific Elective/Generic Elective - - - 3

7 GSC GSC606 ESP & SDP - VI 0 1 0 1

8 NPT NPT## (NPTEL) - - - 19 MC MC002 Disaster Management 0 0 0 0

Total 23

##(NPT601)NPTEL courses are based on the respective year’s offered course

#Students will undergo project/training/internship in the industry / research organization / reputed Institute during the vacation


Sl No.


Credit Points

1 DE* IS604 Cyber Laws& IPR 3 0 0 3

2 DE* CSD607 Web Technology 3 0 2 4

3. DE* IS605 Applied Cryptography 3 0 2 4

4. DE** IS606 Intrusion Detection and Prevention System 3 0 2 4

5. DE** CSD713 Internet of Things using Raspberry Pi 1 0 4 3

6. DE** CSD503 Programming with Ruby on Rails 1 0 4 3

7. GE ECC408 Microprocessor & Microcontrollers 3 0 2 4

Seventh Semester SyllabusSl No.


Credit

Points

1 HSM HSM Humanities - - - 3

2 DE* ----- Discipline Specific Elective 3 0 2 4

3 DE** ----- Discipline Specific Elective 3 0 0 3

4 DE/BSC - - - 3

5 GSC GSC707 ESP & SDP - VII 0 1 0 1

7 PTI INT502 Internship Industrial Training 0 0 6 3Total 17

## NPTEL courses are based on the respective year’s offered course

#Students will undergo project/training/internship in the industry / research organization / reputed Institute during the vacation


Sl No.


Credit

Points

1. DE* CC807 Cloud Architecture & Security 3 0 0 3

2. DE* IS707 Security Identity & Risk Management 3 0 0 3

3. DE** CSD711 E-Commerce 3 0 0 3

4. DE** CSD609 Artificial Intelligence 3 0 2 4

6. DE** CSD606 Big Data &Data Analytics 3 0 2 4

7. BSC BSC013 Mathematics - Graph Theory 3 0 0 3

8. HSM HSM010 Professional Practice, Law & Ethics 3 0 0 3

9. HSMHSM011

Human Resource Development and Organizational Behavior 3 0 0 3

10. HSM HSM003 Organizational Behavior 3 0 0 311.

HSM HSM006 Economics for Engineers 3 0 0 3

Eighth Semester SyllabusSl No.


Credit Points

1 DE* ----- Discipline Specific Elective 3 0 0 32 DE** ----- Discipline Specific Elective 3 0 0 33 DE/GE -----… Generic Elective 3 0 0 4

4 GSC GSC808 ESP & SDP - VIII 0 1 0 1

5 PTI INT801 Internship Industrial Training/Project 0 0 8 4Total 14


Sl No.

TypeSubject

Code Topic L T PCredi

t Point

s

1 DE* IS808 Cyber Crime Investigation and Digital Forensics 3 0 0 3

2. DE* IS809 Quantum Cryptography 3 0 0 33. DE** IS810 Ethical Hacking 3 0 0 34. DE** CSD821 Distributed System 3 0 0 35. GE ECC510 Digital Signal Processing 3 0 0 36. GE ECD019 Speech & Audio Processing 3 0 0 3

DETAILED SYLLABUS OF CYBER FORENSICS & INFORMATION SECURITY

TITLE OF COURSE: INTRODUCTION TO CRYPTOGRAPHY

COURSE CODE: IS501

L-T-P SCHEME: 3-0-0

COURSE CREDITS: 3

Introduction:With the growth of the Internet, the need for secured data transmission increased manifold. In fact itbecame a pre-condition to the usage of the Internet for business transaction. Therefore security is amajor concern in the Internet World.

Objectives:We will study security from multiple perspectives. We will consider a variety of security policies,authentication before access, integrity of information, and confidentiality of information. The coursewill focus on the models, the tools, and the techniques for enforcement of security policies, with someemphasis on the use of cryptography. And because today’s implementation approaches are typicallyflawed, we will also address the penetration and disruption of information systems in the context ofoperating systems and networks.

Learning Outcomes:Knowledge:1. You will understand the basic security services e.g. Authentication, Access Control,Confidentiality, Integrity, and Non repudiation)2. You will understand the concepts of risk, threats, vulnerabilities and attack.3. You will know the important ethical and legal issues to consider in computer security.4. You will know the goals of end-to-end data security.5. You will understand the role of random numbers and prime numbers in security.You will learn standard symmetric encryption algorithms6. You will learn the architecture for public and private key cryptography and how public keyInfrastructure (PKI) supports network security.7. You will learn the methods of digital signature and encryption.8. You will learn key management and how key exchange protocols work.9. You will learn security protocols at different layers of Network layer heirachy.10. You will learn futuristic cryptographic techniques like Eliptic Curve and quantum cryptography.11. You will learn the concept of trusted computing.12. You will learn the Web security Protocol.

Course Contents:

Unit 1: Attacks on Computers & Computer Security: Introduction, Need for Security, Securityapproaches, Principles of Security, Types of attack.


1

Unit 2: : Cryptography: Concepts & TechniquesIntroduction, Plaintext & Cipher text, Substitution Techniques, Transposition Techniques, Encryption& Decryption, Symmetric & Asymmetric key Cryptography, Key Range & Key Size

Unit 3: Symmetric Key Algorithm Introduction, Algorithm types & Modes: Overview of SymmetricKey Cryptography, DES(Data Encryption Standard) algorithm, IDEA(International Data EncryptionAlgorithm) algorithm, RC5(Rivest Cipher 5) algorithm.

Unit 4: Asymmetric Key Algorithm, Digital Signature and RSA Introduction: Overview ofAsymmetric key Cryptography, RSA algorithm, Symmetric & Asymmetric key Cryptographytogether, Digital Signature, Basic concepts of Message Digest and Hash Function (Algorithms onMessage Digest and Hash function not required).

Unit 5: Internet Security Protocols: User Authentication Basic Concepts, SSL protocol,Authentication Basics, Password, Authentication Token, Certificate based Authentication, BiometricAuthentication

Unit 6 : Electronic Mail Security :Basics of mail security, Pretty Good Privacy, S/MIME.

Unit 7 : Firewall: Introduction, Types of firewall, Firewall Configurations, DMZ Network

Text Books:1. “Cryptography and Network Security”, William Stallings, 2nd Edition, Pearson Education Asia2. “Network Security private communication in a public world”, C. Kaufman, R. Perlman and M.Speciner, Pearson3. Cryptography & Network Security: AtulKahate, TMH.

Reference :

1. “Network Security Essentials: Applications and Standards” by William Stallings, Pearson

2. “Designing Network Security”, MerikeKaeo, 2nd Edition, Pearson Books

3. “Building Internet Firewalls”, Elizabeth D. Zwicky, Simon Cooper, D. Brent Chapman, 2nd

Edition, Oreilly

4. “Practical Unix & Internet Security”, SimsonGarfinkel, Gene Spafford, Alan Schwartz, 3rd Edition,

Oreilly.

TITLE OF COURSE: INTRODUCTION TO CYBER SECURITY

COURSE CODE: IS501

L-T-P SCHEME: 3-0-0

COURSE CREDITS: 3Objective: Cyber Security imparts knowledge about the body of technologies, processes and practices designed to protect networks, computers, programs and data from attack, damage or unauthorized access.

Pre-requisites: Required Knowledge of any Operating System, Networking and Digital Security Issues


2

Learning Outcomes:

- Able to identify security risks and take preventive steps - Investigate cybercrime and collect evidences - Able to use knowledge of forensic tools and software

Course Contents:

Unit 1: Introduction to Cyber Security

Overview of Cyber Security, Internet Governance – Challenges and Constraints, Cyber Threats:- Cyber Warfare-Cyber Crime-Cyber terrorism-Cyber Espionage, Need for a Comprehensive Cyber Security Policy, Need for a Nodal Authority, Need for an International convention on Cyberspace.

Unit 2: Cyber Security Vulnerabilities and Cyber Security Safeguards

Cyber Security Vulnerabilities-Overview, vulnerabilities in software, System administration, Complex Network Architectures, Open Access to Organizational Data, Weak Authentication, Unprotected Broadband communications, Poor Cyber Security Awareness. Cyber Security Safeguards- Overview, Access control, Audit, Authentication, Biometrics, Cryptography, Deception, Denial of Service Filters, Ethical Hacking, Firewalls, Intrusion Detection Systems, Response, Scanning, Security policy, Threat Management.

Unit 3: Securing Web Application, Services and Servers

Introduction, Basic security for HTTP Applications and Services, Basic Security for SOAP Services, Identity Management and Web Services, Authorization Patterns, Security Considerations, Challenges.

Unit 4: Intrusion Detection and Prevention

Intrusion, Physical Theft, Abuse of Privileges, Unauthorized Access by Outsider, Malware infection, Intrusion detection and Prevention Techniques, Anti-Malware software, Network based Intrusion detection Systems, Network based Intrusion Prevention Systems, Host based Intrusion prevention Systems, Security Information Management, Network Session Analysis, System Integrity Validation.

Unit 5: Cryptography and Network Security

Introduction to Cryptography, Symmetric key Cryptography, Asymmetric key Cryptography, Message Authentication, Digital Signatures, Applications of Cryptography. Overview of Firewalls- Types of Firewalls, User Management, VPN Security Security Protocols: - security at the Application Layer- PGP and S/MIME, Security at Transport Layer- SSL and TLS, Security at Network Layer-IPSec.

Unit 6: Cyberspace and the Law

Introduction, Cyber Security Regulations, Roles of International Law, the state and Private Sector in Cyberspace, Cyber Security Standards. The INDIAN Cyberspace, National Cyber Security Policy 2013.

Unit 7: Cyber Forensics

Introduction to Cyber Forensics, Handling Preliminary Investigations, Controlling an Investigation, Conducting disk-based analysis, Investigating Information-hiding, Scrutinizing E-mail, Validating E-mail header information, Tracing Internet access, Tracing memory in real-time.

Books:

1. Guide to Computer Forensics and Investigations, Fourth Edition by Bill Nelson, Amelia Phillips, Christopher Steuart

2. Windows Forensic Analysis Toolkit: Advanced Analysis Techniques for Windows 8 by Harlan Carvey


3

3. Digital Forensics with Open Source Tools by Cory Altheide, Harlan Carvey

TITLE OF COURSE: CYBER CRIME INVESTIGATION AND DIGITAL FORENSICS

COURSE CODE: IS808

L-T-P: 3-0-0

CREDITS: 3

Pre-requisite: Knowledge of information technology fundamentals (computer hardware, operating systems, applications and networking) is required.

Introduction:

This course provides an introduction to the methodology and procedures associated with digital forensic analysis in a network environment. Students will develop an understanding of the fundamentals associated with the topologies, protocols, and applications required to conduct forensic analysis in a network environment. Students will learn about the importance of network forensic principles, legal considerations, digital evidence controls, and documentation of forensic procedures. This course will incorporate demonstrations and laboratory exercises to reinforce practical applications of course instruction and will require an independent research paper related to the course topic.

Course Outcomes (CO):Upon successful completion of this course you will understand: How to look for evidence in both wired and wireless networks Perform end to end forensic investigations Collect evidence from log files Understand the importance of time synchronization How to use typical forensic investigation tools Follow a scientific approach to investigate network security events and incidents

Course Contents:Module 1:

1. Introduction to Network Forensics and Investigating Logs2. Network Traffic Investigations

Module 2:1. Web Attack Investigations2. Router Forensics

Module 3:1. Denial of Service Investigations


4

2. Internet Crime Investigations3. Email Crime Investigations

Module 4:1. Wireless Attack Investigations2. PDA Forensics

Module 5:1. iPod and iPhone Forensics2. Blackberry Forensics

Module 6:1. Corporate Espionage Investigations2. Trademark and Copyright Investigations3. Investigating Sex Related Activities

Text Books

1. Handbook of Digital Forensics and Investigations, Eoghan Casey ed., Elsevier Academic Press, ISBN 13: 978-0-12-374267-4

2. Hacking Expose Network Security Secrets & Solutions, 2nd Edition, Joel Scambray, Stuart McClure, and George Kurtz, McGraw-Hill, 2001

References1. Applied Cryptography, Bruce Schneier, 2nd Edition, Wiley & Sons, 19962. Firewalls and Internet Security, Repelling the Wily Hacker, William R. Cheswick, and

Steven M. Bellovin, Addison-Wesley, 1994

TITLE OF COURSE: DIGITAL FORENSICS

COURSE CODE: IS603

L-T-P: 3-0-0

CREDITS: 3

Pre-requisite: • Familiar with Operating System Internals

• Familiar with TCP/IP Protocol Suite and Its Implementations (i.e. BSD, Linux)

• Basic Knowledge of network security

• Basics of mobile computing

Introduction:


5

Aim of this course is to teach deep understanding of security issues and digital forensics & incident response. In addition, this course also provides the students with specialist knowledge and experience of various digital forensics techniques and incident response.

Course Outcomes (CO):

Upon completion of this course, the students will be able to:

Understanding of various digital forensics techniques and its usage for the potential countermeasures or incident response.

Demonstrate a critical evaluation and use of digital forensics technique to do incident response with an independent project.

Course Contents:Unit 1: Forensics Overview: Computer Forensics Fundamentals, Benefits of Computer Forensics, Computer Crimes, Computer Forensics Evidence and the Courts, Legal Concerns and Privacy IssuesUnit 2:Forensics Process: Forensics Investigation Process, Securing the Evidence and Crime Scene, Chain of Custody, Law Enforcement Methodologies, Forensics Evidence, Evidence Sources. Evidence Duplication, Preservation, Handling, and Security, Forensics Soundness, Order of Volatility of Evidence, Collection of Evidence on a Live System, Court Admissibility of VolatileEvidenceUnit 3:Acquisition and Duplication: Sterilizing Evidence Media, Acquiring Forensics Images, Acquiring Live Volatile Data, Data Analysis, Metadata Extraction, File System Analysis, Performing Searches, Recovering Deleted, Encrypted, and Hidden files, Internet Forensics,

Reconstructing Past Internet Activities and Events, E-mail Analysis, Messenger Analysis: AOL,Yahoo, MSN, and ChatsUnit 4: Mobile Device Forensics: Evidence in Cell Phone, PDA, Blackberry, iPhone, iPod, and MP3. Evidence in CD, DVD, Tape Drive, USB, Flash Memory, Digital Camera, Court Testimony,Testifying in Court, Expert Witness Testimony, Evidence Admissibility

Text Books

1. Jason Luttgens, Matthew Pepe, Kevin Mandia, Incident Response & Computer Forensics, McGraw-Hill Osborne Media, 3 rd edition , 2014.

2. Keith J. Jones, Richard Bejtlich, Curtis W. Rose, Real Digital Forensics: Computer Security and Incident Response, Paperback – Import, 2005.


6

References

1. John Sammons, The Basics of Digital Forensics: The Primer for Getting Started in Digital Forensics Paperback, February 24, 2012.

2. Hacking Exposed: Network Security Secrets & Solutions, Stuart McClure, Joel Scambray and George Kurtz, McGraw-Hill, 2005.

TITLE OF COURSE: ETHICAL HACKING

COURSE CODE: IS810

L-T-P SCHEME: 3-0-0

COURSE CREDITS: 3

Introduction: This course introduces the concept of Ethical Hacking Gives the students the opportunity to learnabout different tools and techniques in Ethical

hacking Understand ethics behind hacking and vulnerability disclosure

Course Objectives : Introduces the concepts of Ethical Hacking and gives the students the opportunity to

learnabout different tools and techniques in Ethical hacking and security and practically applysome of the tools.

Learning Outcomes :

After completion of course, students would be able to: Understand the core concepts related to malware, hardware and software vulnerabilities and their causes Understand ethics behind hacking and vulnerability disclosure Appreciate the Cyber Laws and impact of hacking Exploit the vulnerabilities related to computer system and networks using state of the art

tools and technologies

Course Contents:

Unit 1:

Introduction to Ethical Disclosure: Ethics of Ethical Hacking, Ethical

Hacking and the legal system, Proper and Ethical Disclosure

Unit 2:

Penetration Testing and Tools: Using Metasploit, Using BackTrackLiveCD


7

Linux Distribution

Unit 3:

Vulnerability Analysis: Passive Analysis, Advanced Static Analysis with IDA

Pro, Advanced Reverse Engineering

Unit 4:

Client-side browser exploits, Exploiting Windows Access Control Model for

Local Elevation Privilege, Intelligent Fuzzing with Sulley, From Vulnerability to

Exploit

Unit 5:

Malware Analysis: Collecting Malware and Initial Analysis, Hacking Malware

Unit 6:

Case study of vulnerability of cloud platforms and mobile platforms & devices.

References:

1. Shon Harris, Allen Harper, Chris Eagle and Jonathan Ness, Gray Hat Hacking: The Ethical

Hackers' Handbook, TMH Edition

2. Jon Erickson, Hacking: The Art of Exploitation, SPD

TITLE OF COURSE: SECURITY IDENTITY & RISK MANAGEMENT

COURSE CODE: IS707

L-T-P: 3-0-0

CREDITS: 3



• Basic Knowledge of network security

Introduction:

To understand and development of concepts required for risk-based planning and risk management of computer and information systems.


After completion of this course, students will be able to learn:


8

The cognitive skills and ability to identify, analyze and articulate the importance of managing IS-related risk and security issues in organizations, and the relationship between these and the achievement of business value from IS/IT investments

The cognitive skills and ability to identify, analyze, synthesize and evaluate the costs of not appropriately identifying and managing risk and security concerns in projects and organizations, resulting in IS/IT failures, dysfunctional systems, and systems which fail to deliver value to key stakeholders

The cognitive skills and practical ability to develop and document IS/IT risk and security management plans that detail contingency planning strategies and practices

The cognitive skills and ability to identify, analyze, synthesize and articulate the major theories and concepts associated with IS failure and the management of IS risk, including factors argued to lead to unsatisfactory outcomes with respect to IS/IT and InformationSecurity.

Course Contents:Unit 1:An Introduction to Risk Management: Introduction to the Theories of Risk Management; The Changing Environment; The Art of Managing Risks.Unit 2:The Threat Assessment Process: Threat Assessment and its Input to Risk Assessment; Threat Assessment Method; Example Threat Assessment.Unit 3:Vulnerability Issues: Operating System Vulnerabilities; Application Vulnerabilities; Public Domain or Commercial Off-the-Shelf Software; Connectivity and Dependence; Vulnerability assessment for natural disaster, technological hazards, and terrorist threats; implications for emergency response, vulnerability of critical infrastructures.Unit 4:The Risk Process: What is Risk Assessment? Risk Analysis; Who is Responsible?Unit 5:Tools and Types of Risk Assessment: Qualitative and Quantitative risk Assessment; Policies, Procedures, Plans, and Processes of Risk Management; Tools and Techniques; Integrated Risk Management; Future Directions: The Future of the Risk Management.

Text Books

1. Malcolm Harkins, Managing Risk and Information Security, Apress, 2012.

2. Daniel Minoli, Information Technology Risk Management in Enterprise Environments, Wiley, 2009.

References

1. Andy Jones, Debi Ashenden ,Risk Management for Computer Security: Protecting Your Network & Information Assets, , 1st Edition, Butterworth-heinemann, Elsevier, 2005.


9

2. Andreas Von Grebmer, Information and IT Risk Management in a Nutshell: A pragmatic approach to Information Security, 2008, Books On Demand Gmbh.

TITLE OF COURSE: INTRUSION DETECTION AND PREVENTION SYSTEM

COURSE CODE: IS606

L-T-P: 3-0-2

CREDITS: 4



• Basic Knowledge and Skills in Discrete Mathematics

Introduction:

The objective of this course is to provide an in depth introduction to the science and art of intrusion detection. The course covers methodologies, techniques, and tools for monitoring events in computer system or network, with the objective of preventing and detecting unwanted process activity and recovering from malicious behavior.

Course Outcomes (CO): Gain Understanding of Basic Issues, Concepts, Principles, and Techniques in Intrusion

Detection.

– Vulnerability, exploit

– Intrusion

– Intrusion detection

– Intrusion response Be Able to Evaluate Intrusion Detection Systems for Particular Security Requirements

– Root privilege compromise should be detected in real-time

– False positive rate should be less than 1%

Course Contents:Unit 1: Intrusions Almost always come from network Almost always against host Network Based Attacks Passive: eavesdropping, unauthorized access


10

Active: break-in, modification, deletion, forgery of confidential information, denial-of-service attackBasic Security Concepts Confidentiality, integrity, identity, anonymity, availability Vulnerability and exploit of vulnerabilityUnit 2:Host Based Intrusion Detection Pro & consNetwork Based Intrusion Detection

Pro & consMisuse Detection

Efficient Lower false positive rate Only effective against known attacks

Anomaly Detection Could potentially detect unknown attacks High false positive rate

Unit 3: Intrusion Detection Techniques Static and Dynamic Checking of Programs Large-Scale (Internet-wide) Distributed Intrusion Detection Early Sensing Alert Correlation Complex Attack Scenario Analysis

Unit 4: Intrusion Tracing IP Spoofing Stepping Stones Reflector Zombie

Intrusion Response Blocking? Rate limiting?

Unit 5: Advanced Topics Countermeasures against intrusion detection Survivable systems Forensics Virus, worms, Trojan horse

Text Books1. Roberto Di Pietro, Luigi V. Mancini, Intrusion Detection System, Springer ,2008


11

References

1. Anderson, Ross (2001). Security Engineering: A Guide to Building Dependable Distributed Systems. New York: John Wiley & Sons. pp. 387–388. ISBN 978-0-471-38922-4.

2. Anderson, James P., "Computer Security Threat Monitoring and Surveillance," Washing, PA, James P. Anderson Co., 1980.

TITLE OF COURSE: QUANTUM CRYPTOGRAPHY

COURSE CODE: IS809

L-T-P: 3-0-2

CREDITS: 4

Objectives:

The Quantum Cryptography is a one-quarter course which focuses on the principles and ideas of the new paradigm for storing and manipulating information using quantum mechanical systems. Both the quantum cryptography are important for national security. The former can be employed to time-efficiently break commonly used Internet public-key encryption methods, such as the RSA code. Quantum cryptography is a reality of today, with commercially-produced and marketed systems, while a quantum computer may well be a reality of tomorrow.

Learning Outcomes:

The objective of this course is to provide the students an introduction to quantum computation. Much of the background material related to the algebra of complex vector spaces and quantum mechanics is covered within the course.

Unit -I Introduction to Quantum Computation:

Quantum bits, Bloch sphere representation of a qubit, multiple qubits.

Unit-II Background Mathematics and Physics:

Hilber space, Probabilities and measurements, entanglement, density operators and correlation, basics of quantum mechanics, Measurements in bases other than computational basis.

Unit -III Quantum Circuits:

single qubit gates, multiple qubit gates, design of quantum circuits.

Unit -IV Quantum Information and Cryptography:

Comparison between classical and quantum information theory. Bell states. Quantum teleportation. Quantum Cryptography, no cloning theorem. Quantum Algorithms: Classical computation on quantum computers. Relationship between quantum and classical complexity classes. Deutsch’s algorithm, Deutsch’s-Jozsa algorithm, Shor factorization, Grover search.


12

Unit -V Noise and error correction:

Graph states and codes, Quantum error correction,fault-tolerant computation.

Text Books:

1. Nielsen M. A., Quantum Computation and Quantum Information, Cambridge University Press. 2002

2. Benenti G., Casati G. and Strini G., Principles of Quantum Computation and Information, Vol. I: Basic Concepts, Vol II: Basic Tools and Special Topics, World Scientific. 2004

3. Pittenger A. O., An Introduction to Quantum Computing Algorithms 2000

TITLE OF COURSE: APPLIED CRYPTOGRAPHY

COURSE CODE: IS605

L-T-P: 3-0-2

CREDITS: 4

Pre-requisite: Network security, number series, basic cryptography, crypto analysis

Introduction:

Cryptographic protocols are fundamental techniques for building secure systems, even against powerful attackers. Traditionally, cryptography is concerned with communication channels that lets Alice and Bob send messages, (e.g., “Let’s meet by the bridge at 5pm!”) while preventing an eavesdropper Eve from observing the message or tampering with the contents. Cryptography is already widely deployed, for example the TLS protocol is used every time you visit your bank’s website and see a green “padlock” symbol in your browser. Cryptography can also be used for much more than just secure channels. An emerging trend is the use of “computation over encrypted data.” For example, how can we perform a query over encrypted database?


At the end of the course, the students will achieve the following:1. A strong grasp of the basic concepts underlying classical and modern cryptography, and the

fundamentals.2. Understand how security is defined and proven at the cryptographic level.3. Understand common attacks and how to prevent them.4. Gain the ability to apply appropriate cryptographic techniques to a security engineering (and

management) problem at hand.

Course Contents:

Unit-1:


13

Public key crypto: RSA, El Gamal, Digital signatures, Key management and distribution, digital certificates PKI, identity based encryption.

Unit -2:

Identification and authentication, zero knowledge protocols, KerberosElectronic mail security, PGP.

Unit -3:

Web and transport level security, SSH, TLS/SSL IP security, wireless network security, Anonymous communication, Tor Crypto-currencies, Bitcoin.

Unit -4:

Hardware–based security, side channel attacks, Physically Unclonable Function, Trusted Platform Module, Quantum safe cryptography Cloud security.

Text Books

1. “Cryptography and Network Security: Principles and Practice” (6th Edition) by William Stallings.

References

1. “The Handbook of Applied Cryptography” by Menezes, van Oorschot, and Vanstone.

TITLE OF COURSE: CYBER LAW & IPR

COURSE CODE: IS604

L-T-P: 3-0-0

CREDITS: 3 Objective: To enhance the understanding of problems arising out of online transactions and provoke them to find solutions. To clarify the Intellectual Property issues in the cyber space and


14

the growth and development of the law in this regard. To educate about the regulation of cyber space at national and international level.

Course Outcomes (CO):1. Students identify and analyze statutory, regulatory, constitutional, and organizational laws that affect the information technology professional.2. Students locate and apply case law and common law to current legal dilemmas in the technology field.3. Students apply diverse viewpoints to ethical dilemmas in the information technology field and recommend appropriate actions.Pre-requisite: Basic Knowledge of Computer, InternetCourse Content:Unit-I: Intellectual Property Rights-Concepts and EvolutionIntroduction to Intellectual Property Rights, Evolution of Intellectual Property LawsStandards and Concepts in Intellectual Property, Conventions and Treaties Relating to Global Administration of Intellectual Property Rights, Protection and Classification Regional Conventions and Treaties, Organization, Jurisdiction enforcement and Administration of IPRs, IPRs and Information Technology IPRs and Bio- technology, IPRs and Traditional Knowledge, Management of Intellectual Property Rights, Law of Intellectual Property and Ethical Issues, Knowledge Driven Economy and IPR, Intellectual Property Rights in India and abroad.

Unit -II: Law of Patents, Copyright and TrademarksIntroduction ,Evolution of patent Law, Scope and Purpose, Classification of Patents, Patent Law in India: Patent Act of 1970, The Patents (Amendments) Act, 2002, Patent Office and Authorities, Grant of Patent, Right and Obligation of a Patentee, Infringement of Patents, Offenses and penalties, Patents and other commercial Law, Patents – International Law, Patents Law- Emerging Trends, Social Implication of Patents.Introduction to Copyrights as forms of Intellectual Property, Copyright Law in India (Copyright Act of 1957) - meaning, Form of Copyright and Ownership Assignment/License, Registration and terms of Copyright, Copyright infringement , Offences, Remedies and Enforcement, Broad casting Organization and performers, Copyright – International Law, Introduction to trademarks, Trademarks – forms of Intellectual Property, Law of trade Marks in India (trademark act of 1999)-meaning, registration and Authorities, Right conferred by Registration and use of Trademarks, Infringement of Trademarks and passing off, Offences, remedies and enforcement, Trademarks –International Law

Unit -III: Law of Designs, geographical Indications and other Intellectual PropertyIntroduction to designs – Industrial Designs, Design Laws in India: Designs Act of 2000, Registration of Design, Owners Rights, Piracy of Designs, Offence, Remedies and Enforcement, Designs- International Law, Introduction to Geographical Indication, Law of Geographical Indication in India: Geographical Indication of Goods (Registration and Protection) Act, 1999, Register of Geographical Indication, Infringement of Registered Geographical Indication Offence, Remedies and EnforcementThe Semiconductor Integrated Circuit Lay Out design Act, 2000, The protection of Plant varieties and Farmers rights Act, 2001, Law Relating to Diversity


15

Unit -IV: Introduction to Cyber Law & Information Technology Act, 2000Evolution of Computer Technology, Emergence of Cyberspace, Cyber Jurisprudence, Jurisprudence and Law, Doctrinal Approach, Consensual Approach, Real Approach, Cyber Ethics, Cyber- Jurisdiction, Hierarchy of Courts, Civil and Criminal Jurisdictions, Cyberspace –Web space (WWW), Web Hosting and Web Development Agreements (specimen), Domain Names, Internet as a Tool for Global Access, Overview of IT Act, 2000, Amendments and Limitations of IT Act, Digital Signatures, Cryptography, Cryptographic Algorithm, Public Cryptography, Private Cryptography, Electronic Governance, Legal Recognition of Electronic Records, Legal Recognition of Digital Signature, Certifying authorities, Cyber Crime and Offences, Network Service Provider Liability, Cyber Regulation Appellate tribunal, Penalties and Adjudication

Unit-V: Cyber law issues and related legislationPatent Laws, Trademark law, Copyright, Software –copyright or patented, Domain Name and Copyright disputes, Electronic Database and its Protection, IT Act and Civil procedure Code, IT Act and Criminal procedure Code, Relevant Sections of Indian Evidence Act, Relevant Sections of Bankers Book Evidence Act, Relevant Section of Indian penal Code, Relevant Section of Reserve Bank of India Act, Law Relating to Employees and Internet, Alternative Dispute resolution, Online Dispute Resolution (ODR)

Books:1. Law and practice of intellectual property in India by Vikas Vashishth2. Intellectual property by A.Kalank3. Intellectual property- patents,copyrights,trade marks and allied rights by Cornish W R 4. Patents ,copyrights, trade marks and design by B L Wadhera5. Intellectual property law by P Narayana6. Patents ,copyrights, trade marks and design by Rajeev Jain


16

syllabus outline for computer science & …€¦ · web view2020/05/01 · introduction to...

Documents