UNIT I
Introduction to Network Security, Computer Securit y and Cyber Security. Security
Terminologies and Principle, Security Threats, Types of attacks (Operating System, application
level, Shrink Wrap code, Misconfiguration attacks etc.). Introduction to Intrusion, Terminologies,
Intrusion Detection System (IDS), Types of Intrusion Detection Systems, System Integrity
Verifiers (SIVS).Indication of Intrusion: System Indications, File System Indications Network
Indications. Intrusion Detection Tools ,Post attack IDS Measures & Evading IDS Systems.
Penetration Testing, Categories of security assessments, Vulnerability Assessment, Types of
Penetration Testing. Risk Management.
UNIT II
Cryptography, Classical Cryptographic Techniques, Encryption, Decryption, Code Breaking:
Methodologies, Cryptanalysis, Cryptography Attacks, Brute-Force Attack, Use of Cryptography.
Public key cryptography, Principles of Public key Cryptosystems, Cryptographic Algorithms
RSA, Data Encryption Standard (DES), RC4, RC5, RC6, Blowfish, Key Management, Diffie-
Hellman key exchange, elliptic curve cryptography.
UNIT III
Hash Functions, One-way Hash Functions, SHA (Secure Hash Algorithm), Authentication
Requirements, Authentication Functions, Kerberos. Message Authentication codes ,Message
Digest Functions, MD5, SSL (Secure Sockets Layer), SSH (Secure Shell), Algorithms and
Security, Disk Encryption, Government Access to Keys (GAK) Digital Signature: Analysis,
Components, Method, Applications, Standard, Algorithm: Signature Generation/Verification,
ECDSA, EIgamal Signature Scheme, Digital
Certificates.
UNIT IV
Trojans and Backdoors: Overt and Covert Channels, Working, Types (Remote Access
Trojans, Data-Sending Trojans, Destructive Trojans, Trojans, Proxy Trojans, FTP Trojans,
Security Software Disablers).
Viruses and Worms: Characteristics, Working, Infection Phase, Attack Phase. Sniffers:
Definition, spoofing, Sniffing, Vulnerable Protocols, Types.
Phishing: Methods, Process, Attacks Types (Man-in-the-Middle Attacks, URL Obfuscation
Attacks, Hidden Attacks, Client-side Vulnerabilities, Deceptive Phishing, Malware-Based
Phishing, DNSBased Phishing, Content-Injection Phishing, Search Engine Phishing).
Web Application Security- Secured authentication mechanism, secured session
management, Cross-site Scripting, SQL Injection and other vulnerabilities
Denial-of Service Attacks: Types of Attacks (Smurf Attack, Buffer Overflow Attack,
Ping of Death Attack, Teardrop Attack, SYN Attack, SYN Flooding), DDoS
Attack(Distributed DoS Attack.), Session Hijacking, Spoofing v Hijacking, TCP/IP
hijacking, CAPTCHA Protection
UNIT V
IP Security, Web Security, Firewalls: Types, Operation, Design Principles, Trusted Systems.
Computer Forensics, Need, Objectives,Stages & Steps of Forensic Investigation in Tracking
Cyber Criminals, Incident Handling. Hacking, Classes of Hacker (Black hats, grey hats, white
hats, suicide hackers), Footprinting, Scanning (Types-Port, Network, Vulnerability), E-Mail
Spiders, Overview of System Hacking Cycle.
List of Experiments:
1. Footprinting using footprinting tools(Open Source & Free)(ex-nslookup, ARIN, Whois, Google
Earth etc..)
2. Scanning for vulnerabilities using (Angry IP, HPing2, IPScanner, Global Network
Inventory Scanner, Net Tools Suite Pack.)
3. NetBIOS Enumeration Using NetView Tool, Nbtstat Enumeration Tool (Open Source).
4. Steganography using tools: Tool: Merge Streams, Image Hide, Stealth Files, Blindside,
STools, Steghide, Steganos, Pretty Good Envelop, Stegdetect,.
5. Steganalysis - Stego Watch- Stego Detection Tool, StegSpy.
6. How to Detect Trojans by using – Netstat, fPort, TCPView, CurrPorts Tool, Process
Viewer.
7. Lan Scanner using look@LAN, wireshark.
8. Understanding DoS Attack Tools- Jolt2 , Bubonic.c, Land and LaTierra, Targa,
Nemesy Blast, Panther2, Crazy Pinger, Some Trouble, UDP Flood, FSMax.
Suggested Reading:
1. William Stallings, “Cryptography and Network Security: Principles and Practice”
Pearson
2. Charlie Kaufman, Radia Perlman, Mike Speciner, Michael Speciner, “ Network
Security -
Private communication in a public world” TMH
3. Fourozon, “Cryptography & Network Security” TMH
4. Joseph Migga Kizza, Computer Network Security, , Springer International Edition
5. Atul Kahate,”Cryptography and Network Security” Mc Graw Hill
6. Carl Endorf, Eugene Schultz, Jim Mellander “INTRUSION DETECTION &
PREVENSION” TMH
7. Neal, Krawetz, Introduction to Network Security,Cengage Learning
Introduction to Network Security, Computer Securit y and Cyber Security. Security
Terminologies and Principle, Security Threats, Types of attacks (Operating System, application
level, Shrink Wrap code, Misconfiguration attacks etc.). Introduction to Intrusion, Terminologies,
Intrusion Detection System (IDS), Types of Intrusion Detection Systems, System Integrity
Verifiers (SIVS).Indication of Intrusion: System Indications, File System Indications Network
Indications. Intrusion Detection Tools ,Post attack IDS Measures & Evading IDS Systems.
Penetration Testing, Categories of security assessments, Vulnerability Assessment, Types of
Penetration Testing. Risk Management.
UNIT II
Cryptography, Classical Cryptographic Techniques, Encryption, Decryption, Code Breaking:
Methodologies, Cryptanalysis, Cryptography Attacks, Brute-Force Attack, Use of Cryptography.
Public key cryptography, Principles of Public key Cryptosystems, Cryptographic Algorithms
RSA, Data Encryption Standard (DES), RC4, RC5, RC6, Blowfish, Key Management, Diffie-
Hellman key exchange, elliptic curve cryptography.
UNIT III
Hash Functions, One-way Hash Functions, SHA (Secure Hash Algorithm), Authentication
Requirements, Authentication Functions, Kerberos. Message Authentication codes ,Message
Digest Functions, MD5, SSL (Secure Sockets Layer), SSH (Secure Shell), Algorithms and
Security, Disk Encryption, Government Access to Keys (GAK) Digital Signature: Analysis,
Components, Method, Applications, Standard, Algorithm: Signature Generation/Verification,
ECDSA, EIgamal Signature Scheme, Digital
Certificates.
UNIT IV
Trojans and Backdoors: Overt and Covert Channels, Working, Types (Remote Access
Trojans, Data-Sending Trojans, Destructive Trojans, Trojans, Proxy Trojans, FTP Trojans,
Security Software Disablers).
Viruses and Worms: Characteristics, Working, Infection Phase, Attack Phase. Sniffers:
Definition, spoofing, Sniffing, Vulnerable Protocols, Types.
Phishing: Methods, Process, Attacks Types (Man-in-the-Middle Attacks, URL Obfuscation
Attacks, Hidden Attacks, Client-side Vulnerabilities, Deceptive Phishing, Malware-Based
Phishing, DNSBased Phishing, Content-Injection Phishing, Search Engine Phishing).
Web Application Security- Secured authentication mechanism, secured session
management, Cross-site Scripting, SQL Injection and other vulnerabilities
Denial-of Service Attacks: Types of Attacks (Smurf Attack, Buffer Overflow Attack,
Ping of Death Attack, Teardrop Attack, SYN Attack, SYN Flooding), DDoS
Attack(Distributed DoS Attack.), Session Hijacking, Spoofing v Hijacking, TCP/IP
hijacking, CAPTCHA Protection
UNIT V
IP Security, Web Security, Firewalls: Types, Operation, Design Principles, Trusted Systems.
Computer Forensics, Need, Objectives,Stages & Steps of Forensic Investigation in Tracking
Cyber Criminals, Incident Handling. Hacking, Classes of Hacker (Black hats, grey hats, white
hats, suicide hackers), Footprinting, Scanning (Types-Port, Network, Vulnerability), E-Mail
Spiders, Overview of System Hacking Cycle.
List of Experiments:
1. Footprinting using footprinting tools(Open Source & Free)(ex-nslookup, ARIN, Whois, Google
Earth etc..)
2. Scanning for vulnerabilities using (Angry IP, HPing2, IPScanner, Global Network
Inventory Scanner, Net Tools Suite Pack.)
3. NetBIOS Enumeration Using NetView Tool, Nbtstat Enumeration Tool (Open Source).
4. Steganography using tools: Tool: Merge Streams, Image Hide, Stealth Files, Blindside,
STools, Steghide, Steganos, Pretty Good Envelop, Stegdetect,.
5. Steganalysis - Stego Watch- Stego Detection Tool, StegSpy.
6. How to Detect Trojans by using – Netstat, fPort, TCPView, CurrPorts Tool, Process
Viewer.
7. Lan Scanner using look@LAN, wireshark.
8. Understanding DoS Attack Tools- Jolt2 , Bubonic.c, Land and LaTierra, Targa,
Nemesy Blast, Panther2, Crazy Pinger, Some Trouble, UDP Flood, FSMax.
Suggested Reading:
1. William Stallings, “Cryptography and Network Security: Principles and Practice”
Pearson
2. Charlie Kaufman, Radia Perlman, Mike Speciner, Michael Speciner, “ Network
Security -
Private communication in a public world” TMH
3. Fourozon, “Cryptography & Network Security” TMH
4. Joseph Migga Kizza, Computer Network Security, , Springer International Edition
5. Atul Kahate,”Cryptography and Network Security” Mc Graw Hill
6. Carl Endorf, Eugene Schultz, Jim Mellander “INTRUSION DETECTION &
PREVENSION” TMH
7. Neal, Krawetz, Introduction to Network Security,Cengage Learning
No comments:
Post a Comment