B.Tech.

Minor in Cyber Security - III year I semester syllabus (2021-22)

Year/Semester Theory Laboratory Total

(3 Hours, 1.5 Credits
Credits)
III - I Semester Principles of Information Security Principles of 4.5
(3 Credits, 3 Hours) Information Security
Lab
III - II Semester Foundations of Cyber Security -- 4
(4 Credits, 4 Hours)
IV - I Semester (Either online through MOOCS or (The corresponding 4.5
off-line Class) Lab)
Ethical Hacking Ethical Hacking Lab
OR OR
Digital Forensics Digital Forensics Lab
(3 Credits, 3 Hours)
IV - II Semester Any one of the following subjects: 3
(3 Credits, 3 Hours) --
1. Security Incident & Response
Management
2. Mobile Security
3. IoT Security
4. Blockchain Technologies
5. Authentication Techniques
Cloud Security
IV-II Semester Mini Project -- 2
Total Credits 18
 PRINCIPLES OF INFORMATION SECURITY

B.Tech. Cyber Security (Minor) III Year I Sem. L T P C

3 0 0 3

Prerequisites
1. A Course on “Mathematics”.

Objectives
1. To understand the fundamentals of Computer Networks.
2. To understand the fundamentals of Cryptography.
3. To understand various Symmetric and Asymmetric encryption algorithms.
4. To understand Mathematics of Cryptography, IDS and Firewalls.
5. To apply algorithms used for message Integrity and Authentication.
Outcomes
1. Demonstrate the knowledge of Computer Networks, Cryptography, Information security concepts and
applications.
2. Ability to apply security principles in system design.

UNIT - I
Introduction to Computer Networks, Network hardware, Network software, OSI and TCP/IP Reference models, Security
attacks, Security Services and Mechanisms.

UNIT - II
Integer Arithmetic, Modular Arithmetic, Traditional Symmetric Key Ciphers, Data Encryption Standard (DES), Advanced
Encryption Standard (AES).

UNIT - III
Mathematics of Cryptography: Primes, Primality Testing, Factorization, Chinese Remainder Theorem, Asymmetric
Cryptography: Introduction, RSA Cryptosystem, Rabin Cryptosystem,
Elliptic Curve Cryptosystem,

UNIT - IV
Message Integrity and Message Authentication: Message Authentication Code (MAC), SHA-512 - Digital Signatures.

UNIT - V
Security at the Application Layer: PGP and S/MIME. Security at Transport Layer: SSL and TLS. - Principles of IDS and
Firewalls.

TEXT BOOKS:
1. Computer Networks, Andrew S Tanenbaum, David. j. Wetherall, 5th Edition. Pearson Education/PHI.
2. Cryptography & Network Security by Behrouz A. Forouzan. Special Indian Edition, TMH.

REFERENCE BOOK:
1. Network Security Essentials (Applications and Standards), William Stallings Pearson Education.
 PRINCIPLES OF INFORMATION SECURITY LAB

B B.Tech. Cyber Security (Minor) III Year I Sem. L T P C

0 0 3 1.5

Prerequisites
A Course on “Mathematics

Objectives
1. To apply algorithms on various Symmetric and Asymmetric encryption algorithms.
2. To demonstrate IDS Tools
3. To apply algorithms used for message Integrity and Authentication

Lab Exercises
1. Write a program to perform encryption and decryption using the followingsubstitution ciphers.
2. Caeser cipher
3. Play fair cipher
4. Hill Cipher
5. Write a program to implement the DES algorithm.
6. Write a program to implement RSA algorithm.
7. Calculate the message digest of a text using the SHA-1 algorithm.
8. Working with sniffers for monitoring network communication (Wireshark).
9. Configuring S/MIME for email communication.
10. Using Snort, perform real time traffic analysis and packet logging.

TEXT BOOKS:
1. “Cryptography and Network Security” by William Stallings 3rd Edition, PearsonEducation.
2. “Applied Cryptography” by Bruce Schneier.

REFERENCE BOOK:
1. Cryptography and Network Security by Behrouz A. Forouzan.
 FOUNDATIONS OF CYBER SECURITY
L T P C
4 0 0 4
Pre-requisites:
 Knowledge in information security and applied cryptography.
 Knowledge in Operating Systems.

Course Objectives:
1. To introduce security attacks.
2. To get an exposure to malwares.
3. To gain knowledge on Intrusion detection & prevention systems.

Course Outcomes: Students will learn the fundamental concepts required in the field of cyber security.

UNIT - I
Overview: Computer Security Concepts, Threats, Attacks, and Assets, Security Functional
Requirements, Fundamental Security Design Principles, Attack Surfaces and Attack Trees, Computer
Security Strategy.
Access Control: Access Control Principles, Subjects, Objects, and Access Rights, Discretionary Access
Control, Example: UNIX File Access Control, Role-Based Access Control, Attribute-Based Access
Control, Identity, Credential, and Access Management, Trust Frameworks, Case Study: RBAC System
for a Bank.

UNIT - II
Malicious Software: Types of Malicious Software (Malware), Advanced Persistent Threat,
Propagation—Infected Content—Viruses, Propagation—Vulnerability Exploit—Worms, Propagation—
Social Engineering—Spam E-Mail,Trojans , Payload—System Corruption, Payload—Attack Agent—
Zombie, Bots, Payload—Information Theft—Keyloggers, Phishing, Spyware, Payload—Stealthing—
Backdoors, Rootkits, Counter measures .
Denial-of-Service Attacks: Denial-of-Service Attacks, Flooding Attacks, Distributed Denial-of-Service
Attacks, Application-Based Bandwidth Attacks, Reflector and Amplifier Attacks, Defenses Against
Denial-of-Service Attacks, Responding to a Denial-of-Service Attack.
Buffer Overflow: Stack Overflows, Defending Against Buffer Overflows, Other Forms of Overflow
Attacks.

UNIT - III
Intrusion Detection: Intruders, Intrusion Detection, Analysis Approaches, Host-Based Intrusion
Detection, Network-Based Intrusion Detection, Distributed or Hybrid Intrusion Detection, Intrusion
Detection Exchange Format, Honeypots, Example System: Snort.
Firewalls and Intrusion Prevention Systems: The Need for Firewalls, Firewall Characteristics and
Access Policy, Types of Firewalls, Firewall Basing, Firewall Location and Configurations, Intrusion
Prevention Systems, Example: Unified Threat Management Products.

UNIT - IV
Software Security: Software Security Issues, Handling Program Input, Writing Safe Program Code,
Interacting with the Operating System and Other Programs, Handling Program Output.
Physical and Infrastructure Security: Overview, Physical Security Threats, Physical Security Prevention
and Mitigation Measures, Recovery from Physical Security Breaches, Example: A Corporate Physical
Security Policy, Integration of Physical and Logical Security.

UNIT - V
Human Resources Security: Security Awareness, Training, and Education, Employment Practices and
Policies, E-Mail and Internet Use Policies, Computer Security Incident Response Teams.
Legal and Ethical Aspects: Cybercrime and Computer Crime, Intellectual Property, Privacy, Ethical
Issues.

TEXT BOOK:
1. William Stallings, “Computer Security: Principles and Practice”, Prentice Hall. Prentice Hall; 2014.

REFERENCE BOOKS:
1. Ankit Fadia, “The ethical hacking guide to corporate security”, McMillan India.
2. G. McGraw, “Software Security: Building Security In”, Addison Wesley, 2006.