eligibility criteria for admission to the course to be B.Tech ...

U.O.No. 7797/2014/Admn Dated, Calicut University.P.O, 11.08.2014

Muhammed S

Deputy Registrar

Forwarded / By Order

Section Officer

File Ref.No.42471/GA - IV - E2/2013/CU

UNIVERSITY OF CALICUT

Abstract

Faculty of Engineering - Board of Studies in Engineering(PG) - Syllabus - M.Tech Course in Information Security- with effect

from 2014 admission - Approved - Sanctioned - Orders issued.

G & A - IV - E

Read:-1. U.O. No. 4126/2014/Admn dated 25-04-2014

2. Item No. 1(a) of the Minutes of the meeting of the Board of Studies in Engineering(PG) held on 19-06-2014.

3. Item No. 2 of the minutes of the meeting of the Faculty of Engineering held on 25-06-2014.

ORDER

Vide paper read as 1st above, an Expert Committee was constituted to frame the syllbus for M.Tech Programme in

Information Security in tune with the M.Tech Regulations -2010 of this University.

Vide paper read as 2nd above, the Board of Studies in Engineering (PG) at its meeting held on 19-06-2014, resolved to

approve the syllabus of M.Tech Programme in Information Security, submitted by the Expert Committee, fixing the Eligibility

Criteria to the Programme to be B.Tech Degree in Computer Science and Engineering / Information Technology or Equivalent.

The meeting of the Faculty of Engineering held on 25-06-2014, vide item No. 2 of its minutes, resolved to approve the minutes

of the meeting of the Board of Studies in Engineering(PG) held on 19-06-2014.

Considering the exigency of implementing the syllabi, the Hon'ble Vice Chancellor, after having examined the matter in

detail, has accorded sanction to implement the syllabus for M.Tech Programme in Information Security, subject to ratification

by the Academic Council.

Sanction has therefore been accorded for implementing the syllabus of M.Tech Course in Information Security with

eligibility criteria for admission to the course to be B.Tech Degree in Computer Science and

Engineering / Information Technology or Equivalent, subject to ratification by the Academic Council

Orders are issued accordingly.

( Syllabus is appended)

To

Principals of all affiliated Engineering Colleges

Copy to : - PS to VC/PA to PVC/ PA to Registrar/PA to CE/ DR/AR M.Tech/ CDC / Dean, Faculty of Engineering/

Chairman, BS in Engineering/ PRO/Enquiry Section/SA( to upload in the University website)

Syllabi & Scheme

for M.Tech Course in

INFORMATION SECURITY

of Calicut University

Page No: 1

Scheme of M.Tech. Programme in INFORMATION SECURITY

FIRST SEMESTER

Sl. No.

Course Code Name of the Subject Hours/Week

Inte

rnal

E

valu

atio

nn

En

d S

em

Tot

al

Sem

este

r E

nd

Exa

m

Du

rati

on

Cre

dit

s

L T P

1 CIS 14 101 Advanced Mathematical Structures(Same as MCS 10 101) 3 1 0 100 100 200 3 4

2 CIS 14 102 Trusted Operating System Design 3 1 0 100 100 200 3 4

3 CIS 14 103 Access Control and Authentication System

3 1 0 100 100 200 3 4

4 CIS 14 104 Risk Management and Security 3 1 0 100 100 200 3 4 5 CIS 14 105 Elective-I 3 1 0 100 100 200 3 4 6 CIS 14 106 (P) Seminar 0 0 2 100 0 100 - 2

7 CIS 14 107 (P) Operating System and Security Lab 0 0 2 100 0 100 - 2

Total 15 5 4 700 500 1200 - 24

Elective-I

CIS 14 105 (A) Database Design and Security CIS 14 105 (B) Secure Software Engineering CIS 14 105 (C) Game Theory (Same as MCS 10 105 (C))

L – Lecture, T- Tutorial, P – Practical

Page No: 2


SECOND SEMESTER

Sl. No.

Course Code Name of the Subject Hours/Week

Inte

rnal

E

valu

atio

nn

En

d S

em

Tot

al

Sem

este

r E

nd

Exa

m

Du

rati

on

Cre

dit

s

L T P 1 CIS 14 201 Advanced Cryptography 3 1 0 100 100 200 3 4 2 CIS 14 202 Network Security 3 1 0 100 100 200 3 4 3 CIS 14 203 Secure Network Protocol 3 1 0 100 100 200 3 4 4 CIS 14 204 Elective-II 3 1 0 100 100 200 3 4 5 CIS 14 205 Elective-III 3 1 0 100 100 200 3 4 6 CIS 14 206 (P) Seminar 0 0 2 100 0 100 - 2

7 CIS 14 207 (P) Computer Network and Security Lab/Mini Project

0 0 2 100 0 100 - 2

Total 15 5 4 700 500 1200 - 24 Elective-II

CIS 14 204 (A) Security Assessment and Verification CIS 14 204 (B) Cyber Law and Security Policies CIS 14 204 (C) Algorithms and Complexity

Elective-III

CIS 14 205 (A) Advanced Networking Technologies (Same as MCS 10 205 (A)) CIS 14 205 (B) Secure E-Commerce CIS 14 205 (C) Biometric Security

L – Lecture, T- Tutorial, P – Practical

Page No: 3


THIRD SEMESTER

Sl. No.

Course Code Name of the Subject

Hours/Week

Inte

rnal

E

valu

atio

nn

En

d S

em

Tot

al

Sem

este

r E

nd

E

xam

Du

rati

on

Cre

dit

s

L T P

1 CIS 14 301 Elective-IV 3 1 0 100 100 200 3 4 2 CIS 14 302 Elective-V 3 1 0 100 100 200 3 4 3 CIS 14 303 (P) Industrial Training 0 0 0 50 0 50 - 1

4 CIS 14 304 (P) Master Research Project Phase - I

0 0 22 Guide 50

Guide 100

300 - 6 EC# 50

EC# 100

Total 6 2 22 350 400 750 - 15

Elective-IV

CIS 14 301 (A) PKI and Trust Management CIS 14 301 (B) Cloud Computing CIS 14 301 (C) High Speed Networks (Same as MCS 10 302 (A))

Elective-V

CIS 14 302 (A) Security Threats CIS 14 302 (B) Cyber Crime Investigation and Digital Forensics CIS 14 302 (C) Financial Mathematics

L – Lecture, T- Tutorial, P – Practical # EC - Evaluation Committee

Page No: 4


FOURTH SEMESTER*

Sl. No.

Course Code Name of the Subject

Hours/Week

Inte

rnal

E

valu

atio

nn

En

d S

em

Tot

al

Cre

dit

s

L T P Guide EC#

Ext. Guide

Viva Voce

1 CIS 14 401 (P) Master Research Project Phase - II

- - 30 150 150 150 150 600 12

Total - - 30 150 150 150 150 600 12Grand Total 3750 75

* The students have to undertake the departmental work assigned by HOD

# EC - Evaluation Committee

Page No: 5

FIRST SEMESTER

CIS 14 101: ADVANCED MATHEMATICAL STRUCTURES

Module I Stochastic Processes: Renewal Processes- Reward and Cost Models, Poisson Process, Point Process Regenerative Processes, Renewal Theorems Module II Markov Models: Discrete Time Markov Chain- Transition Probabilities Communication Classes- Irreducible Chains. Continuous Markov Chain- Pure Jump Continuous- Time Chains, Regular Chains, Birth and Death Process. Semi-Markov Processes. Module III Single Class and Multi class Queuing Networks: Simple Markovian queues- M/G/1 queue – Open Queuing Networks Closed Queuing Networks- Mean Value Analysis- Multi- class traffic Model- Service Time distributions- BCMP Networks- Priority Systems. Module IV Time delays and blocking in queuing Networks- Time delays in single server queue- time delays in networks of queues- Types of Blocking – Two finite queues in a closed network- aggregating Markovian States References

1. Ronald W. Wolff, “Stochastic Modeling and Theory of Queues”, Prentice- Hall International Inc 1989.

2. Peter G Harrison and Naresh M Patel, “Performance Modeling of Communication Networks and Computer Architectures”, Addison – Wesley, 1992

3. Gary N Higginbottom, “Performance Evaluation of Communication Networks”, Artech House, 1998

4. Anurag Kumar, D. Manjunath and Joy Kuri, “Communication Networking: An Analytical Approach”, Morgan Kaufman Publ. 2004

5. D. Bertsekas and R. Gallager, “Data Networks”, Prentice- Hall of India 2001 6. Ross K W, “Multiservice Loss Models for Broadband Telecommunication Networks”, Springer-

Verlag, 1995 7. Warland J, “An Introduction to Queuing Networks”, Prentice- Hall ,1988 8. Cinlar E, “Introduction to Stochastic Processes”, Prentice- Hall , 1975 9. Karlin S and Taylor H, “A first Course in Corse in Stochastic Processes”, 2nd Edition Academic

Press, 1975

Modules Hours I 9 II 10 III 10 IV 10

Tutorial 13 Total 52

Page No: 6

Internal Continuous Assessment: 100 marks Internal continuous assessment is in the form of periodical tests, assignments, seminars or a combination of all whichever suits best. There will be a minimum of two tests per subject. The assessment details are to be announced to the students, right at the beginning of the semester by the teacher. End Semester Examination: 100 marks Question Pattern Answer any five questions by choosing at least one question from each module.

Module I Module II Module III Module IVQuestion 1 : 20 marks Question 2 : 20 marks

Question 3 : 20 marks Question 4 : 20 marks



Page No: 7

CIS 14 102: TRUSTED OPERATING SYSTEM DESIGN Module I Introduction- Introduction, hardware interface, operating system interface. design problems. Operating System design techniques. Implementing processes - The system call interface, system initialiIation, process switching, system call interrupt handling, program error interrupts, d isk driver system. implementing waiting, flow of control through OS, signaling and interrupts, event table managers, process implementation. Parallel systems- Parallel hardware, OS for two processor systems, race conditions with shared processes, atomic actions, multiprocessor OS, threads. Module II Interprocess communication patterns-competing and co-operating, problems, race conditions and atomic actions, new message passing system calls. IPC pattern: mutual exclusion, signaling and rendezvous models, producer-consumer and client server models. Deadlocks- Conditions for deadlock, dealing with deadlocks, two-phase locking, message variations, synchronization, semaphores, Design techniques- some example design techniques. Memory management- levels of memory management, linking and loading process, memory management design, dynamic memory allocation, keeping track allocation of blocks, multiprogramming issues, memory protection, memory management system calls. Module III Virtual memory- Fragmentation and compaction, dealing with fragmentation- paging, swapping, overlay, page replacement- global and local page replacement algorithms, thrashing and load control, dealing with large page tables, sharing memory, design techniques- examples of multiplexing and late binding. I/O devices - devices and controllers, terminal devices, communication devices, disk devices, disk controllers, SCSI interfaces, tape devices, CD-devices. I/O subsystems- I/O system software, disk device driver access strategies, modeling disks, unification of files and device, generalized disk device drivers, disk caching. File systems- File abstraction, naming, file system objects and operations. - case study in Windows NT and Linux Module IV Protection in General Purpose Operating Systems: protected objects and methods of protection – memory and address protection – control of access to general objects – file protection Mechanisms – user authentication - Designing Trusted Operating Systems. Test Book

1. Charles Crowley, “Operating Systems- A Design Oriented Approach”, TMH, 1998 2. Charles P. Pfleeger, "Security in Computing", Prentice Hall, New Delhi, 2009

References

1. Silberschatz and Galvin. “Operating system concepts”. Addison Wesley, 1998 2. Tanenbaum Andrew S. “Modern Operating System”. Eaglewood Cliffs, PHI, 1992



Page No: 8

3. Gary J. Nutt. “Operating systems - A Modern Perspective”. Second edition. Addison Wesley, 2000.

4. W. Stallings, “Operating systems- Internals and design principles”, 4 th Ed. PHI, 2002 Internal Continuous Assessment: 100 marks Internal continuous assessment is in the form of periodical tests, assignments, seminars or a combination of all whichever suits best. There will be a minimum of two tests per subject. The assessment details are to be announced to the students, right at the beginning of the semester by the teacher. End Semester Examination: 100 marks Question Pattern Answer any five questions by choosing at least one question from each module.





Page No: 9

CIS 14 103: ACCESS CONTROL AND AUTHENTICATION SYSTEM Module I Access control – Introduction - Attenuation of privileges – Trust and Assurance – Confinement problem - Security design principles– Identity Management models – local –Network - federal – global web identity – XNS approach for global Web identity - Centralized enterprise level Identity Management. Module II Elements of trust paradigms in computing – Third party approach to identity trust – Kerberos - Explicit third party authentication paradigm – PKI approach to trust establishment – Attribute certificates – Generalized web of trust models – Biometric Authentications. Module III Mandatory access control - Comparing information flow in BLP and BIBA models – Combining the BLP and BIBA models – Chinese wall problem. Discretionary access control and Access matrix model – definitions – Safety problem – The take grant protection model – Schematic protection model – SPM rules and operations – Attenuating– Applications Module IV Role based access control – Hierarchical Access Control - Mapping of a mandatory policy to RABC – Mapping discretionary control to RBAC – RBAC flow analysis – Separation of Duty in RBAC – RBAC consistency properties - The privileges perspective of separation of duties – Functional specification for RBAC . Text Books

1. Messoud Benantar, “Access Control Systems: Security, Identity Management and Trust Models”, Springer, 2009.

2. Elena Ferrari and M. Tamer A-zsu, “Access Control in Data Management Systems”, Morgan & Claypool Publishers, 2010.

3. John Berger,” Biometrics for Network Security”, Prentice Hall, 2004. Internal Continuous Assessment: 100 marks Internal continuous assessment is in the form of periodical tests, assignments, seminars or a combination of all whichever suits best. There will be a minimum of two tests per subject. The assessment details are to be announced to the students, right at the beginning of the semester by the teacher. End Semester Examination: 100 marks



Page No: 10

Question Pattern Answer any five questions by choosing at least one question from each module.





Page No: 11

CIS 14 104 : RISK MANAGEMENT AND SECURITY

Module I Essentials of computer security - Sources of security threats – Intruders, Viruses, Worms and related threats - Threat identification - Threat analysis - Vulnerability identification and Assessment - Components of Computer Security - Physical security – System access control - Goals of Security - Efforts to secure computer networks – Ethical issues in Computer Security- Operational issues, Human issues. Module II Intrusion Detection System (IDS) – Types and challenges – Intrusion prevention system (IPS) – Firewalls - Design Principles, Scanning, filtering and blocking. Vulnerabilities – Sources of vulnerabilities, Vulnerability identification and Assessment, Cyber crime and Hackers, Viruses and content filtering - Security Assessment, Analysis and Assurance – Computer network security protocol and standards - Security Policies – Integrity policies – confidentiality policies - Security models - Access Control Matrix Model, Take-Grant Protection Model. Module – III Security Monitoring and Auditing - Assurance and Trust, Need for Assurance, Role of Requirements in Assurance, Audit Assurance in Software Development Phases, Building Secure and Trusted Systems - Designing an Auditing System, Implementation Considerations, Auditing to Detect Violations of a security Policy, Auditing Mechanisms, Audit Browsing. Module –IV Risk management and security planning – Risk management Process Overview- Cost-Benefit Analysis, Risk Analysis, Laws and Customs, Human Issues, Organizational issues - Information system Risk analysis – System approach to risk management, Threat assessment, Assets and safeguards, modes of risk analysis – Effective risk analysis, Qualitative Risk analysis, Value analysis References

1. Matt Bishop, “Computer Security: Art and Science”, Addison-Wesley Professional, 2003. 2. Joseph M.Kizza, “Computer Network security”, Springer, 2005 3. Matt Bishop, “Introduction to Computer Security”, Addison-Wesley Professional, 2005. 4. Thomas R.Peltier, “Information Security Risk Analysis”, CRC Press, 2001. 5. C.A.Roper, “Risk management for Security professional”, Elsevier, 1999.

Internal Continuous Assessment: 100 marks Internal continuous assessment is in the form of periodical tests, assignments, seminars or a combination of all whichever suits best. There will be a minimum of two tests per subject. The assessment details are to be announced to the students, right at the beginning of the semester by the teacher. End Semester Examination: 100 marks



Page No: 12






Page No: 13

CIS 14 105 (A): DATABASE DESIGN AND SECURITY

Module I Database System concepts and applications. Data modeling using Entity-Relationship model. Record Storage and File organization. Module II The relational Data Model. Relational constraints and the Relational Algebra. SQL. ER to Relational mapping. Module III Database Design Theory and Methodology- Functional Dependencies and Normalization for Relational Databases. Object Oriented Database concepts. Object Relational and Extended Relational Database Systems. Data warehousing and Data Mining. Module IV Introduction to database security, security models, physical and logical security, security requirements, reliability and integrity, sensitive data, inference, multilevel databases and multilevel security, access control- mandatory and discretionary , security architecture, issues. Text Books

1. Ramez Elmasri, Shamkant B. Navathe , “Fundamentals of Database System” Addison Wesley, New Delhi/Third/Fourth Edition

2. Ron Ben Natan, “Implementing database security and auditing”, Elsevier publications, 2005. 3. Hassan A. Afyduni, “Database Security and Auditing”, Course Technology – Cengage Learning,

NewDelhi, 2009. References

1. Abraham Silberschatz, Hanry F Korth, Sudarshan S, “Database Systems Concepts”, McGraw Hill, 2003.

2. Raghu Ramakrishnan, "Database Management Systems", McGraw Hill/ Third Edition, 2003 3. M. Gertz, and S. Jajodia, “Handbook of Database Security- Application and Trends”, 2008,

Springer. Internal Continuous Assessment: 100 marks Internal continuous assessment is in the form of periodical tests, assignments, seminars or a combination of all whichever suits best. There will be a minimum of two tests per subject. The assessment details are to be announced to the students, right at the beginning of the semester by the teacher. End Semester Examination: 100 marks



Page No: 14






Page No: 15

CIS 14 105 (B): SECURE SOFTWARE ENGINEERING

Module I Problem, Process, and Product - Problems of software practitioners – approach through software reliability engineering- experience with SRE – SRE process – defining the product – Testing acquired software – reliability concepts- software and hardware reliability. Implementing Operational Profiles -Developing, identifying, crating, reviewing the operation – concurrence rate – occurrence probabilities- applying operation profiles Module II Engineering “Just Right” Reliability - Defining “failure” for the product - Choosing a common measure for all associated systems. - Setting system failure intensity objectives -Determining user needs for reliability and availability., overall reliability and availability objectives, common failure intensity objective., developed software failure intensity objectives. - Engineering software reliability strategies. Preparing for Test - Preparing test cases. - Planning number of new test cases for current release.-Allocating new test cases. - Distributing new test cases among new operations - Detailing test cases. - Preparing test procedures Module III Executing Test - Planning and allocating test time for the current release. - Invoking test- identifying Identifying failures - Analyzing test output for deviations. – Determining which deviations are failures. Establishing when failures occurred. Guiding Test - Tracking reliability growth - Estimating failure intensity. - Using failure intensity patterns to guide test - Certifying reliability. Deploying SRE - Core material - Persuading your boss, your coworkers, and stakeholders. - Executing the deployment - Using a consultant. Module IV Using UML for Security - UML diagrams for security requirement - security business process- physical security - security critical interaction - security state. Analyzing Model - Notation - formal semantics - security analysis - important security opportunities. Model based security engineering with UML - UML sec profile- Design principles for secure systems - Applying security patterns. Applications - Secure channel. Text Books

1. John Musa D, “Software Reliability Engineering”, 2nd Edition, Tata McGraw-Hill, 2005 2. Jan Jürjens, “Secure Systems Development with UML”, Springer; 2004

Internal Continuous Assessment: 100 marks Internal continuous assessment is in the form of periodical tests, assignments, seminars or a combination of all whichever suits best. There will be a minimum of two tests per subject. The assessment details are to be announced to the students, right at the beginning of the semester by the teacher.


Tutorial 9 Total 52

Page No: 16

End Semester Examination: 100 marks Question Pattern Answer any five questions by choosing at least one question from each module.





Page No: 17

CIS 14 105 (C): GAME THEORY

Module-I Introduction to Non Co-operative Game Theory: Extensive Form Games, Strategic Form Games, Pure Strategy Nash Equilibrium Module-II Non co-operative Game Theory (in detail), Mixed Strategies, Existence of Nash Equilibrium, Computation of Nash Equilibrium, Two Player Zero-Sum Games, Bayesian Games Module-III Mechanism Design: An Introduction, Dominant Strategy Implementation of Mechanisms, Vickrey-Clorke-Groves Mechanisms, Bayesian Implementation of Mechanisms, Revenue Equivalence Theorem, Design of Optimal Mechanisms Module-IV Cooperative Game Theory, Correlated Strategies, Correlated Equilibria, The Two Person Bargaining Problem, Games in Coalitional Form, The Core Shapley Value, Other Solution Concepts for Co-operative Games. References

1. Roger B. Myerson, “Game Theory: Analysis of Conflict”. Harvard University Press, September 1997.

2. Andreu Mas-Colell, Michael D. Whinston, and Jerry R. Green. “Microeconomic Theory”. Oxford University Press, New York, 1995.

3. Martin J. Osborne, Ariel Rubinstein. “A Course in Game Theory”. The MIT Press, Aug 1994. 4. Philip D. Straffin, Jr. “Game Theory and Strategy”, The Mathematical Association of America,

January 1993. 5. Ken Binmore, “Fun and Games : A Text On Game Theory”, D. C. Heath & Company, 1992. 6. Paul Klemperer, “Auctions: Theory and Practice”, The Toulouse Lectures in Economics, Princeton

University Press, 2004. Internal Continuous Assessment: 100 marks Internal continuous assessment is in the form of periodical tests, assignments, seminars or a combination of all whichever suits best. There will be a minimum of two tests per subject. The assessment details are to be announced to the students, right at the beginning of the semester by the teacher. End Semester Examination: 100 marks



Page No: 18






Page No: 19

CIS 14 106 (P): SEMINAR

[Hours/Week: 2]

Objective: To assess the debating capability of the student to present a technical topic. In addition, to impart training to students to face audience and present their ideas and thus creating in them self esteem and courage that are essential for engineers.

Individual students are required to choose a topic of their interest from Information Security related topics preferably from outside the M.Tech syllabus and give a seminar on that topic about 30 minutes. A committee consisting of at least three faculty members (preferably specialized in Information Security) shall assess the presentation of the seminar and award marks to the students. Each student shall submit two copies of a write up of his/her seminar topic. One copy shall be returned to the student after duly certifying it by the chairperson of the assessing committee and the other will be kept in the departmental library. Internal continuous assessment marks are awarded based on the relevance of the topic, presentation skill, quality of the report and participation. Internal Continuous Assessment: 100 marks

Regularity and Class Work - 30 Marks

Record - 20 Marks

Tests, Viva - 50 Marks

Page No: 20

CIS 14 107 (P): Operating System and Security Lab

1. Write programs using the following system calls of Linux/Unix operating system: fork, exec, getpid, exit, wait, close.

2. Write programs using the I/O system calls of Linux/Unix operating system (open, read, write) 3. Implementation of Memory and Address Protection 4. Implementation of Access Control List 5. Write Shell Scripting using grep, sed & awk. 6. Setting of File Permissions and Protections. 7. Setting up the local security policy.

Internal Continuous Assessment: 100 marks Regularity & Class work - 30 marks Record - 20 marks Tests, Viva - 50 marks

Page No: 21

SECOND SEMESTER

CIS 14 201: ADVANCED CRYPTOGRAPHY

Module I Cryptography and modern cryptography – The setting of private-key encryption – Historical ciphers and their cryptanalysis – Basic principles of modern cryptography – Services, Mechanisms and Attacks – OSI security architecture - Foundations of Cryptology. Module II Definition – Substitution ciphers – Transposition ciphers - Stream and block ciphers. Characteristics of good ciphers - Data Encryption Standard (DES) – International Data Encryption Algorithm – Advanced Encryption Standard – Block cipher modes of operation – Confidentiality using symmetric encryption. Module III Introduction to Number Theory - Prime Numbers - Fermat's and Euler's Theorems - The Chinese Remainder Theorem - Principles of Public Key Cryptosystems – The RSA Algorithm – Key Management – Diffie Hellman Key Exchange – Elliptic Curve Cryptography. Module IV Authentication requirements – Authentication functions – Message Authentication Codes (MAC) – Hash functions – Security of hash functions and MACs. MD5 Message Digest Algorithm – Secure Hash Algorithm (SHA) –HMAC – Digital Signatures - Authentication Protocols - Digital Signature Standard (DSS). References

1. Bernard Menezes, “Network Security and Cryptography”, Cengage Learning, New Delhi, 2010. 2. Ingemar J.Cox, Matthew L.Miller, Jeffrey A.Bloom, Jessica Fridrich, Ton Kalker, “Digital

Watermarking and Steganography”, Morgan Kaufmann Publishers, New York, 2008. 3. William Stallings, “Cryptography and Network Security, Prentice Hall, New Delhi, 2006. 4. Wenbo Mao, “Modern Cryptography – Theory and Practice”, Pearson Education, New Delhi, 2006. 5. Jonathan Katz, Yehuda Lindell, “Introduction to Modern Cryptography”, Chapman & Hall/CRC,

New York, 2007. 6. Bruce Schneier, “Applied Cryptography”, John Wiley & Sons, New York, 2004. 7. Atul Kahate, “Cryptography and Network Security”, Tata McGrew Hill, 2003. 8. Jorg Roth, “Complexity Theory & Cryptology – An Introduction to Crypto-complexity”, Springer -

2005



Page No: 22






Page No: 23

CIS 14 202: NETWORK SECURITY

Module I Introduction to Security in Networks – Characteristics of Networks – Intrusion – Kinds of security breaches – Plan of attack - Points of vulnerability – Methods of defense – Control measures – Effectiveness of controls. Transport Level Security – Web Security Issues – SSL – TLS – HTTPS - SSH Module II E-Mail Security – PGP – S/MIME – IP Security - Firewalls design principles – Trusted systems – Electronic payment protocols. Module III Wireless Fundamentals: Wireless Hardware- Wireless Network Protocols- Wireless Programming WEP Security. Wireless Cellular Technologies – concepts – Wireless reality – Security essentials – Information classification standards - Wireless Threats: Cracking WEP - Hacking Techniques- Wireless Attacks – Airborne Viruses. Module IV Standards and Policy Solutions – Network Solutions – Software Solutions – Physical Hardware Security- Wireless Security – Securing WLAN – Virtual Private Networks – Intrusion Detection System – Wireless Public Key infrastructure. Tools – Auditing tools – Pocket PC hacking – wireless hack walkthrough. References

1. Russel Dean Vines, “Wireless Security Essentials:Defending Mobile from Data Piracy”, JW&S, 1 2. Cyrus, Peikari and Seth Fogie, “Maximum Wireless Security”, SAMS Publishing 2002. 3. Yi-Bing Lin & Imrich Chlamtac, “Wireless and Mobile Networks Architectures”, JW Sons, 2001. 4. Raj Pandya, “Mobile and Personal Communication systems and services”, PHI, 2001. 5. Tara M. Swaminathan & Charles R. Eldon, “Wireless Security and Privacy- Best Practices &

Design Techniques”, AW, 2002. 6. Bruce Potter and Bob Fleck, “802.11 Security”, O’Reilly Publications, 2002. 7. Burkhardt, “Pervasive Computing”, Pearson Education, India Edition, 2007. 8. J. Schiller, “Mobile Communication”, Pearson Education, India Edition, 2002.




Page No: 24






Page No: 25

CIS 14 203: SECURE NETWORK PROTOCOL

Module I OSI: ISO Layer Protocols:-Application Layer Protocols-TCP/IP, HTTP, SHTTP, LDAP, MIME, - POP& POP3-RMON-SNTP-SNMP. Presentation Layer Protocols-Light Weight Presentation Protocol Session layer protocols –RPC protocols-transport layer protocols- ITOT,RDP,RUDP,TALI,TCP/UDP, compressed TCP. Network layer Protocols – routingprotocols-border gateway protocol-exterior gateway protocol-internet protocol IPv4- IPv6- Internet Message Control Protocol- IRDP- Transport Layer Security-TSL-SSL-DTLS Module II Data Link layer Protocol – ARP – In ARP – IPCP – IPv6CP – RARP – SLIP .Wide Area and Network Protocols- ATM protocols – Broadband Protocols – Point to Point Protocols – Other WAN Protocols- security issues. Module III Local Area Network and LAN Protocols – ETHERNET Protocols – VLAN protocols – Wireless LAN Protocols – Metropolitan Area Network Protocol – Storage Area Network and SAN Protocols-FDMA, WIFI and WIMAX Protocols- security issues. Mobile IP – Mobile Support Protocol for IPv4 and IPv6 – Resource Reservation Protocol. Multi-casting Protocol – VGMP – IGMP – MSDP. Module IV Network Security and Technologies and Protocols – AAA Protocols – Tunneling Protocols – Secured Routing Protocols – GRE- Generic Routing Encapsulation – IPSEC – Security architecture for IP – IPSECAH – Authentication Header – ESP – IKE – ISAKMP and Key management Protocol. IEEE 802.11 - Structure of 802.11 MAC – WEP- Problems with WEP – Attacks and Risk- Station security – Access point Security – Gate way Security – Authentication and Encryption. Text Books

1. Jawin, “Networks Protocols Handbook”, Jawin Technologies Inc., 2005. 2. Ralph Oppliger “SSL and TSL: Theory and Practice”, Arttech House, 2009.

References

1. Bruce Potter and Bob Fleck, “802.11 Security”, O’Reilly Publications, 2002. 2. Lawrence Harte, “Introduction to WCDMA”, Althos Publishing, 2004. 3. Lawrence Harte, “Introduction to WIMAX”, Althos Publishing, 2005.



Page No: 26






Page No: 27

CIS 14 204 (A): SECURITY ASSESSMENT AND VERIFICATION

Module I Evolution of information security, information assets, security standards, organizational impacts, security certifications, elements of information security program, need for security assessment, security assessment process. Module II Security assessment planning – Business drivers, scope definition, consultant’s perspective, Client’s perspective, Development of project plan. Initial information gathering – Initial preparation, analysis of gathered information. Module III Business process evaluation, Technology evaluation, Risk analysis, Risk mitigation. Security Risk assessment project management, Security risk assessment approaches and methods. Module IV Information security standards, information security Legislation, formal security verification, security verification with SSL. Text Books

1. Sudhanshu Kairab, “A practical guide to security assessments”, CRC press, 2005. 2. Douglas J.Landoll, “A Security risk assessment Handbook”, Auerbach publications, 2006








Page No: 28

CIS 14 204 (B): CYBER LAW AND SECURITY POLICIES

Module I Introduction to Computer Security: Definition, Threats to security, Government requirements, Information Protection and Access Controls, Computer security efforts, Standards, Computer Security mandates and legislation, Privacy considerations, International security activity. Module II Secure System Planning and administration, Introduction to the orange book, Security policy requirements, accountability, assurance and documentation requirements, Network Security, The Red book and Government network evaluations. Module III Information security policies and procedures: Corporate policies- Tier 1, Tier 2 and Tier3 policies - process management-planning and preparation-developing policies-asset classification policy-developing standards. Module IV Information security: fundamentals-Employee responsibilities- information classification-Information handling- Tools of information security- Information processing-secure program administration.Organizational and Human Security: Adoption of Information Security Management Standards, Human Factors in Security- Role of information security professionals. References

1. Debby Russell and Sr. G.T Gangemi, "Computer Security Basics (Paperback)”, 2nd Edition, O’ Reilly Media, 2006.

2. Thomas R. Peltier, “Information Security policies and procedures: A Practitioner’s Reference”, 2nd Edition Prentice Hall, 2004.

3. Kenneth J. Knapp, “Cyber Security and Global Information Assurance: Threat Analysis and Response Solutions”, IGI Global, 2009.

4. Thomas R Peltier, Justin Peltier and John blackley, ”Information Security Fundamentals”, 2nd Edition, Prentice Hall, 1996

5. Jonathan Rosenoer, “Cyber law: the Law of the Internet”, Springer-verlag, 1997.




Page No: 29






Page No: 30

CIS 14 204 (C): ALGORITHMS AND COMPLEXITY

Module I Analysis: RAM model – Notations, Recurrence analysis - Master's theorem and its proof - Amortized analysis - Advanced Data Structures: B-Trees, Binomial Heaps, Fibonacci Heaps, Disjoint Sets, Union by Rank and Path Compression Module II Graph Algorithms and complexity: Matroid Theory, All-Pairs Shortest Paths, Maximum Flow and Bipartite Matching. Module III Randomized Algorithms : Finger Printing, Pattern Matching, Graph Problems, Algebraic Methods, Probabilistic Primality Testing, De-Randomization Module IV Complexity classes - NP-Hard and NP-complete Problems - Cook's theorem NP completeness reductions. Approximation algorithms – Polynomial Time and Fully Polynomial time Approximation Schemes. Probabilistic Complexity Classes, Probabilistic Proof Theory and Certificates. References

1. Dexter Kozen, “The Design and Analysis of Algorithms”, Springer, 1992. 2. T. H. Cormen, C. E. Leiserson, R. L. Rivest, “Introduction to Algorithms”, Prentice Hall India,

1990. 3. S. Basse, “Computer Algorithms: Introduction to Design and Analysis”, Addison Wesley, 1998. 4. U. Manber, “Introduction to Algorithms: A creative approach”, Addison Wesley, 1989. 5. V. Aho, J. E. Hopcraft, J. D. Ullman, “The design and Analysis of Computer Algorithms”, Addison

Wesley, 1974. 6. R. Motwani and P. Raghavan, “Randomized Algorithms”, Cambrdige University Press, 1995. 7. C. H. Papadimitriou, “Computational Complexity”, Addison Wesley, 1994 8. Leonard Adleman, “Two theorems on random polynomial time”. In Proceedings of the 19th IEEE

Symposium on Foundations of Computer Science, pages 75–83, 1978. 9. J. Gill. “Computational complexity of probabilistic Turing machines”. SIAM Journal of

Computing, 6:675–695, 1977. 10. C. Lautemann, “BPP and the Polynomial Hierarchy”. Information Processing Letters, 17:215–217,

1983. 11. M. Sipser, “A complexity theoretic appraoch to randomness”, In Proceedings of the 15th ACM

Symposium on Theory of Computing, pages 330–335, 1983. 12. L.G. Valiant and V.V. Vazirani, “NP is as easy as detecting unique solutions”, Theoretical

Computer Science, 47:85–93, 1986.



Page No: 31

Internal Continuous Assessment: 100 marks

Internal continuous assessment is in the form of periodical tests, assignments, seminars or a combination of all whichever suits best. There will be a minimum of two tests per subject. The assessment details are to be announced to the students, right at the beginning of the semester by the teacher. End Semester Examination: 100 marks Question Pattern Answer any five questions by choosing at least one question from each module.

Module I Module II Module III Module IV





Page No: 32

CIS 14 205 (A): ADVANCED NETWORKING TECHNOLOGIES

Module I Troubleshooting and Management – Host Configuration, Connectivity, Testing Path Characteristics, Packet Capture, Device Discovery and Mapping – Troubleshooting Strategies – Components – Bridges, Routers and Switches – Network OS – Novel Netware, Linux, Windows 2000 and Macintosh OS. Module II IP next generation – Addressing, Configuration, Security, QOS - VOIP- Issues in VOIP – Distributed Computing and Embedded System – Ubiquitous Computing - VPN.- Understanding Storage Networking – Storage Networking Architecture – The Storage in Storage Networking, The Network in Storage Networking, Basic Software for Storage Networking – SAN Implementation Strategies. Module III WDM – WDM Network Design – Control And Management – IP Over WDM – Photonic Packet Switching. Module IV Monitoring and Control – SNMP, V2 & V3 - RMON and RMON2 – SMI – RMON & v2 Standard – ATM RMON Standard – Monitoring Internet. References

1. John D. Sloan , ”Network Troubleshooting”, Aug’2001 – O’Reilly. 2. Radic Perlman, “Interconnections: Bridges, Routers, Switches and Internetworking Protocols “ ,

Second Edition, Addison Wesley professional, 1999. 3. Andrew S. Tanenbaum, “Modern operating system“, Pearson Education 4. Silvano gai,” Internetworking IPV6 with CISCO Routers” , McGraw– Hill computer

communication series. 5. Tom clark,” Designing Storage Area Network: A practical reference for implementing fiber channel

and IP SAN’s ”, Second Edition, Addison Wesley professional ,2003. 6. Richard M Barker Paul Massiglia – John Wiley & Sons inc, “Storage Area Network Essentials: A

complete guide to understanding and implementing SANS“, 2001.




Page No: 33






Page No: 34

CIS 14 205 (B): SECURE E-COMMERCE

Module I Introduction to E-Commerce – Network and E-Commerce – Types of E-Commerce – E- Commerce Business Models: B2C, B2B, C2C, P2P and M-commerce business models – E- Commerce Payment systems: Types of payment system – Credit card E-Commerce transactions – B2C E-Commerce Digital payment systems – B2B payment system. Module II Security and Encryption: E-Commerce Security Environment – Security threats in E-Commerce environment – Policies, Procedures and Laws. Module III Inter-organizational trust in E-Commerce: Need – Trading partner trust – Perceived benefits and risks of E-Commerce – Technology trust mechanism in E-Commerce – Perspectives of organizational, economic and political theories of inter-organizational trust – Conceptual model of inter-organizational trust in E-Commerce participation. Module IV Introduction to trusted computing platform: Overview – Usage Scenarios – Key components of trusted platform – Trust mechanisms in a trusted platform. Trusted platforms for organizations and individuals – Trust models and the E-Commerce domain. References

1. Kenneth C. Laudon and Carol Guercio Trave, “E-Commerce Business Technology Society”, Pearson Education, 2005.

2. Pauline Ratnasingam, “Inter-Organizational Trust for Business-to-Business E- Commerce”, IRM Press, 2005.

3. Siani Pearson, et al, “Trusted Computing Platforms: TCPA Technology in Context” , Prentice Hall PTR, 2002.




Page No: 35






Page No: 36

CIS 14 205 (C): BIOMETRIC SECURITY

Module I Biometrics- Introduction- benefits of biometrics over traditional authentication systems –benefits of biometrics in identification systems-selecting a biometric for a system –Applications – Key biometric terms and processes - biometric matching methods -Accuracy in biometric systems. Module II Physiological Biometric Technologies: Fingerprints - Technical description –characteristics - Competing technologies - strengths – weaknesses – deployment - Facial scan – Technical description - characteristics - weaknesses-deployment - Iris scan - Technical description – characteristics - strengths – weaknesses – deployment - Retina vascular pattern – Technical description – characteristics - strengths – weaknesses – employment - Hand scan – Technical description-characteristics - strengths – weaknesses deployment – DNA biometrics. Module III Behavioral Biometric Technologies: Handprint Biometrics - DNA Biometrics - signature and handwriting technology - Technical description – classification - keyboard / keystroke dynamics - Voice – data acquisition - feature extraction - characteristics - strengths – weaknesses- deployment. Module IV Multi biometrics: Multi biometrics and multi factor biometrics - two-factor authentication with passwords - tickets and tokens – executive decision - implementation Plan. References

1. Samir Nanavathi, Michel Thieme, and Raj Nanavathi, “Biometrics -Identity verification in a network”, Wiley Eastern, 2002.

2. John Chirillo and Scott Blaul,” Implementing Biometric Security”, Wiley Eastern Publications, 2005.

3. John Berger,” Biometrics for Network Security”, Prentice Hall, 2004.




Page No: 37





Page No: 38

CIS 14 206 (P): SEMINAR

[Hours/Week: 2]

Objective: To assess the debating capability of the student to present a technical topic. In addition, to impart training to students to face audience and present their ideas and thus creating in them self esteem and courage that are essential for engineers.

Individual students are required to choose a topic of their interest from Information Security related topics preferably from outside the M.Tech syllabus and give a seminar on that topic about 30 minutes. A committee consisting of at least three faculty members (preferably specialized in Information Security) shall assess the presentation of the seminar and award marks to the students. Each student shall submit two copies of a write up of his/her seminar topic. One copy shall be returned to the student after duly certifying it by the chairperson of the assessing committee and the other will be kept in the departmental library. Internal continuous assessment marks are awarded based on the relevance of the topic, presentation skill, quality of the report and participation. Internal Continuous Assessment: 100 marks Regularity and Class Work - 30 Marks

Record - 20 Marks

Tests, Viva - 50 Marks

Page No: 39

CIS 14 207 (P): Computer Network and Security Lab

1. Client-Server Design using Socket programming in C/C++/Java,

2. Design of Web Proxy with Caching/Filtering features,

3. Working with Sniffers for monitoring network communication (Ethereal) on DNS, HTTP, HTTP

with Authentication, DHCP, TCP, UDP, IP

4. Using open SSL for web server - browser communication

5. Using IP TABLES on Linux and setting the filtering rules

6. Configuring S/MIME for e-mail communication

7. DNS Sec Implementation

8. IPSec Implementation

9. Using NMAP for ports monitoring

10. PGP (Gnu PG) Implementation

Internal Continuous Assessment: 100 marks

Regularity & Class work - 30 marks

Record - 20 marks

Tests, Viva - 50 marks

Page No: 40

THIRD SEMESTER

CIS 14 301 (A): PKI AND TRUST MANAGEMENT Module I Overview of PKI technology Basic Security Concepts, PKI Entities, Related Technologies. Work Performed by Certificate Authorities Attack on CA. PKI standards General PKIX Standardization Requirements. Digital Certificates and SSL. Module II PKI design issues PKI structure, Inter-domain, revocation, policy. PKI standards. Architecture for PKI – baseline requirements for global PKI, components – crypto primitive, cryptographic, long term, protocol security, secure protocol, security policy. Module III Implementing secure web services requirements, implementation and deployment, implementation cost, performance. Managing PKI, requesting, obtaining, using and revoking a certificate, case studies. Module IV Trust management challenges, taxonomy framework, architecture, system components, system setting and operations. Text Book

1. John R. Vacca, “Public Key Infrastructure”, Auerbach publications, New york, 2004. References

1. JeanMarc Seigneur, Adam Slagell, “Collaborative Computer Security and Trust Management”, Information Science Reference, New York(IGI Global), 2010.

2. Klaus Schmeh, “Cryptography and Public Key Infrastructure on the Internet”, Allied Publishers, 2004.

3. Carlisle Adams, Steve Lloyd, “Understanding PKI: Concepts, Standards, and Deployment Considerations”, AddisonWesley, 2003.

4. Kapil Raina, “PKI Security Solutions for the Enterprise”, Wiley, 2003. 5. Brian Komar, "Windows Server 2008 PKI and Certificate Security", Microsoft Press, 2008. 6. W. Mao, “Modern Cryptography: Theory & Practice”, Pearson Education, 2004.




Page No: 41






Page No: 42

CIS 14 301 (B): CLOUD COMPUTING

Module I Technologies for Network-Based System – System Models for Distributed and Cloud Computing – NIST Cloud Computing Reference Architecture. Cloud Models: Characteristics – Cloud Services – Cloud models (IaaS, PaaS, SaaS) – Public vs Private Cloud –Cloud Solutions - Cloud ecosystem – Service management – Computing on demand. Module II Basics of Virtualization - Types of Virtualization - Implementation Levels of Virtualization - Virtualization Structures - Tools and Mechanisms - Virtualization of CPU, Memory, I/O Devices - Virtual Clusters and Resource management – Virtualization for Data-center Automation. Module III Architectural Design of Compute and Storage Clouds – Layered Cloud Architecture Development – Design Challenges - Inter Cloud Resource Management – Resource Provisioning and Platform Deployment – Global Exchange of Cloud Resources. Module IV Parallel and Distributed Programming Paradigms – MapReduce – Mapping Applications - Programming Support - Google App Engine, Amazon AWS - Cloud Software Environments -Eucalyptus, Open Nebula, OpenStack, Aneka, CloudSim. Security Overview – Cloud Security Challenges and Risks – Software-as-a-Service Security – Security Governance – Risk Management – Security Monitoring – Security Architecture Design – Data Security – Application Security – Virtual Machine Security - Identity Management and Access Control – Autonomic Security. References

1. Kai Hwang, Geoffrey C Fox, Jack G Dongarra, “Distributed and Cloud Computing, From Parallel Processing to the Internet of Things”, Morgan Kaufmann Publishers, 2012.

2. John W.Rittinghouse and James F.Ransome, “Cloud Computing: Implementation, Management, and Security”, CRC Press, 2010.

3. Toby Velte, Anthony Velte, Robert, “Cloud Computing, A Practical Approach”, TMH, 2009. 4. Kumar Saurabh, “Cloud Computing – insights into New-Era Infrastructure”, Wiley India, 2011. 5. George Reese, “Cloud Application Architectures: Building App Infrastructure in the Cloud”

O'Reilly 6. James E. Smith, Ravi Nair, “Virtual Machines: Versatile Platforms for Systems and Processes”,

Elsevier/Morgan Kaufmann, 2005. 7. Katarina Stanoevska-Slabeva, Thomas Wozniak, Santi Ristol, “Grid and Cloud Computing – A

Business Perspective on Technology and Applications”, Springer. 8. Ronald L. Krutz, Russell Dean Vines, “Cloud Security – A comprehensive Guide to Secure Cloud

Computing”, Wiley – India, 2010. 9. Rajkumar Buyya, Christian, S.Thamarai Selvi, ‘Mastering Cloud Computing”, TMGH,2013.



Page No: 43






Page No: 44

CIS 14 301 (C): HIGH SPEED NETWORKS

Module I Frame Relay Networks – Asynchronous transfer mode – ATM Protocol Architecture, ATM logical Connection, ATM Cell – ATM Service Categories – AAL. High Speed LAN’s: Fast Ethernet, Gigabit Ethernet, Fibre Channel – Wireless LAN’s. Queuing Analysis- Queuing Models – Single Server Queues – Effects of Congestion – Congestion Control – Traffic Management – Congestion Control in Packet Switching Networks –Frame Relay Congestion Control. Module II TCP Flow control – TCP Congestion Control – Retransmission – Timer Management –Exponential RTO back off – KARN’s Algorithm – Window management – Performance of TCP over ATM. Traffic and Congestion control in ATM – Requirements – Attributes– Traffic Management Frame work, Traffic Control – ABR traffic Management – ABR rate control, RM cell formats, ABR Capacity allocations – GFR traffic management. Module III Integrated Services Architecture – Approach, Components, Services- Queuing Discipline, FQ, PS, BRFQ, GPS, WFQ – Random Early Detection, Differentiated Services. Module IV RSVP – Goals & Characteristics, Data Flow, RSVP operations, Protocol Mechanisms –Multiprotocol Label Switching – Operations, Label Stacking, Protocol details – RTP –Protocol Architecture, Data Transfer Protocol, RTCP. References

1. William Stallings, “High Speed Networks and Internet”, Pearson Education, Second Edition, 2002. 2. Warland & Pravin Varaiya, ‘High Performance Communication Networks”, Jean Harcourt Asia

Pvt. Ltd., II Edition, 2001. 3. Irvan Pepelnjk, Jim Guichard and Jeff Apcar, “MPLS and VPN architecture”, Cisco Press, Volume

1 and 2, 2003. Internal Continuous Assessment: 100 marks Internal continuous assessment is in the form of periodical tests, assignments, seminars or a combination of all whichever suits best. There will be a minimum of two tests per subject. The assessment details are to be announced to the students, right at the beginning of the semester by the teacher. End Semester Examination: 100 marks

Modules Hours I 9II 10 III 10IV 10

Tutorial 13Total 52

Page No: 45






Page No: 46

CIS 14 302 (A): SECURITY THREATS

Module I Introduction: Security threats - Sources of security threats- Motives - Target Assets and vulnerabilities – Consequences of threats- E-mail threats - Web-threats - Intruders and Hackers, Insider threats, Cyber crimes. Module II Network Threats: Active/ Passive – Interference – Interception – Impersonation – Worms – Virus – Spam’s – Ad ware - Spy ware – Trojans and covert channels – Backdoors – Bots - IP Spoofing - ARP spoofing - Session Hijacking - Sabotage-Internal treats- Environmental threats - Threats to Server security. Module III Security Threat Management: Risk Assessment - Forensic Analysis - Security threat correlation – Threat awareness - Vulnerability sources and assessment- Vulnerability assessment tools - Threat identification - Threat Analysis - Threat Modeling - Model for Information Security Planning. Module IV Security Elements: Authorization and Authentication - types, policies and techniques - Security certification - Security monitoring and Auditing - Security Requirements Specifications - Security Policies and Procedures, Firewalls, IDS, Log Files, Honey Pots. Human factors – Security awareness, training, Email and Internet use policies. References

1. Joseph M Kizza, “Computer Network Security”, Springer Verlag, 2005 2. Swiderski, Frank and Syndex, “Threat Modeling”, Microsoft Press, 2004. 3. William Stallings and Lawrie Brown, “Computer Security: Principles and Practice”, Prentice Hall,

2008. 4. Thomas Calabres and Tom Calabrese, “Information Security Intelligence: Cryptographic Principles

& Application”, Thomson Delmar Learning, 2004. Internal Continuous Assessment: 100 marks Internal continuous assessment is in the form of periodical tests, assignments, seminars or a combination of all whichever suits best. There will be a minimum of two tests per subject. The assessment details are to be announced to the students, right at the beginning of the semester by the teacher. End Semester Examination: 100 marks Question Pattern Answer any five questions by choosing at least one question from each module.



Page No: 47






Page No: 48

CIS 14 302 (B): CYBERCRIME INVESTIGATION AND DIGITAL FORENSICS

Module I Introduction and Overview of Cyber Crime, Nature and Scope of Cyber Crime, Types of Cyber Crime: Social Engineering, Categories of Cyber Crime, Property Cyber Crime. Module II Unauthorized Access to Computers, Computer Intrusions, White collar Crimes, Viruses and Malicious Code, Internet Hacking and Cracking, Virus Attacks, Pornography, Software Piracy, Intellectual Property, Mail Bombs, Exploitation ,Stalking and Obscenity in Internet, Digital laws and legislation, Law Enforcement Roles and Responses. Module III Introduction to Cyber Crime Investigation, Investigation Tools, eDiscovery, Digital Evidence Collection, Evidence Preservation, E-Mail Investigation, E-Mail Tracking, IP Tracking, E-Mail Recovery, Hands on Case Studies. Encryption and Decryption Methods, Search and Seizure of Computers, Recovering Deleted Evidences, Password Cracking. Module IV Introduction to Digital Forensics, Forensic Software and Hardware, Analysis and Advanced Tools, Forensic Technology and Practices, Forensic Ballistics and Photography, Face, Iris and Fingerprint Recognition, Audio Video Analysis, Windows System Forensics, Linux System Forensics, Network Forensics Text Books

1. Bernadette H Schell, Clemens Martin, “Cybercrime”, ABC – CLIO Inc, California, 2004. 2. Nelson Phillips and Enfinger Steuart, “Computer Forensics and Investigations”, Cengage Learning,

New Delhi, 2009. References

1. Kevin Mandia, Chris Prosise, Matt Pepe, “Incident Response and Computer Forensics “, Tata McGraw -Hill, New Delhi, 2006.

2. Robert M Slade,” Software Forensics”, Tata McGraw - Hill, New Delhi, 2005.




Page No: 49






Page No: 50

CIS 14 302 (C): FINANCIAL MATHEMATICS

Module I Introduction to Financial Management - The Role of Financial Management - Business, Tax, and Financial Environments - Valuation - Time Value of Money - Valuation of Long-Term Securities - Risk and Return Module II Tools of Financial Analysis and Planning - Financial Statement Analysis - Funds Analysis, Cash-Flow Analysis, and Financial Planning - Working Capital Management - Overview of Working Capital Management - Cash and Marketable Securities Management - Accounts Receivable and Inventory Management - Short-Term Financing Module III Investment in Capital Assets - Capital Budgeting and Estimating Cash Flows - Capital Budgeting Techniques - Risk and Managerial Options in Capital Budgeting - The Cost of Capital, Capital Structure, and Dividend Policy - Required Returns and the Cost of Capital - Operating and Financial Leverage - Capital Structure Determination - Dividend Policy Module IV Intermediate and Long-Term Financing - The Capital Market - Long-Term Debt, preferred Stock, and Common Stock - Term Loans and Leases. Special Areas of Financial Management - Convertibles, Exchangeables, and Warrants - Mergers and Other Forms of Corporate Restructuring - International Financial Management References

1. James C. Van Horne and John M. Wachowicz, “Fundamentals of Financial Management”, 11th Edition, ISBN: 81-203-2016-6.

2. Chandra, “Fundamentals of Financial Management”, Tata McGraw Hill, 2008. 3. J.VanHorne and John Wachowicz, “Fundamentals of financial Management”, Pearson, 2008. 4. Eugene F. Brigham and Joel F. Houston, “Fundamentals of Financial Management”, South –

western cengage learning, 2009.




Page No: 51






Page No: 52

CIS 14 303 (P): INDUSTRIAL TRAINING

Hours/Week: 30 (During the period of training)

Objective: To enable the student to correlate theory and industrial practice. The students have to arrange and undergo an industrial training of minimum two weeks in an industry preferably dealing with Security Auditing during the semester break between semester 2 and semester 3 and complete within 15 calendar days from the start of semester 3. The students are required to submit a report of the training undergone and present the contents of the report before the evaluation committee. Evaluation committee will award the marks of end semester based on training quality, contents of the report and presentation. End semester Examination: Marks 50

Page No: 53

CIS 14 304 (P): MASTER RESEARCH PROJECT PHASE - I

[Hours/Week: 22] Objective: To improve the professional competency and research aptitude by touching the areas which otherwise not covered by theory or laboratory classes. The project work aims to develop the work practice in students to apply theoretical and practical tools/techniques to solve real life problems related to industry and current research. The project work can be a design project/experimental project and/or computer simulation project on any of the topics in Information Security and its allied areas. The project work is allotted individually on different topics. The students shall be encouraged to do their project work in the parent institute itself. If found essential, they may be permitted to continue their project outside the parent institute, subject to the conditions of M.Tech regulations. Department will constitute an Evaluation Committee to review the project work. The Evaluation committee consists of at least three faculty members of which internal guide and another expert in the specified area of the project shall be two essential members. The student is required to undertake the master research project Phase - I during the third semester and the same is continued in the 4th semester (Phase - II). Phase 1 consist of preliminary thesis work, two reviews of the work and the submission of preliminary report. First review would highlight the topic, objectives, methodology and expected results. Second review evaluates the progress of the work, preliminary report and scope of the work, which is to be completed in the 4th semester. The Evaluation committee consists of at least three faculty members of which internal guide and another expert in the specified area of the project shall be two essential members. Internal Continuous Assessment

Review Guide Evaluation Committee First 50 50

Second 100 100 Total 150 150

Page No: 54

FOURTH SEMESTER

CIS 14 401 (P): MASTERS RESEARCH PROJECT PHASE – II

[Hours/Week: 30]

Objective: To improve the professional competency and research aptitude by touching the areas which otherwise not covered by theory or laboratory classes. The project work aims to develop the work practice in students to apply theoretical and practical tools/techniques to solve real life problems related to industry and current research. Master Research project phase - II is a continuation of project phase - I started in the third semester. There would be two reviews in the fourth semester, first in the middle of the semester and the second at the end of the semester. First review is to evaluate the progress of the work, presentation and discussion. Second review would be a pre-submission presentation before the evaluation committee to assess the quality and quantum of the work done. This would be a pre-qualifying exercise for the students for getting approval by the departmental committee for the submission of the thesis. At least one technical paper is to be prepared for possible publication in journal or conferences. The technical paper is to be submitted along with the thesis. The final evaluation of the project will be external evaluation. Internal Continuous Assessment

Review Guide Evaluation Committee First 50 50

Second 100 100 Total 150 150

End Semester Examination Project Evaluation by external examiner : 150 marks

Viva Voce by external and internal examiners : 150 marks

eligibility criteria for admission to the course to be B.Tech ...

Documents

Transcript of eligibility criteria for admission to the course to be B.Tech ...