TAGS:- RGPV COMPUTER SCIENCE ELECTIVE SUBJECT SYLLABIS I RGPV COMPUTER SCIENCE 7TH SEM ELECTIVE 2 SYLLABUS I RGPV CSE NETWORK AND WEB SECURITY SYLLABUS I RGPV CSE 7201 SYLLABUS I RGPV CSE 7TH SEM ELECTIVE SUBJECT SYLLABUS I RGPV CSE 7TH SEN 7202 SYLLABUS
RGPV COMPUTER SCIENCE NETWORK AND WEB SECURITY (CS-7201)
UNIT I
Introduction to Network Security, Computer Securit y and Cyber Security.Security Terminologies and Principle, Security Threats, Types of attacks (Operating System, application level, Shrink Wrap code, Misconfiguration attacks etc.).Introduction to Intrusion, Terminologies, Intrusion Detection System (IDS), Types of Intrusion Detection Systems, System Integrity Verifiers (SIVS).Indication of Intrusion: System Indications,File System Indications Network Indications. Intrusion Detection Tools ,Post attack IDS Measures & Evading IDS Systems. Penetration Testing, Categories of security assessments, Vulnerability Assessment, Types of Penetration Testing. Risk Management.
Introduction to Network Security, Computer Securit y and Cyber Security.Security Terminologies and Principle, Security Threats, Types of attacks (Operating System, application level, Shrink Wrap code, Misconfiguration attacks etc.).Introduction to Intrusion, Terminologies, Intrusion Detection System (IDS), Types of Intrusion Detection Systems, System Integrity Verifiers (SIVS).Indication of Intrusion: System Indications,File System Indications Network Indications. Intrusion Detection Tools ,Post attack IDS Measures & Evading IDS Systems. Penetration Testing, Categories of security assessments, Vulnerability Assessment, Types of Penetration Testing. Risk Management.
UNIT II
Cryptography, Classical Cryptographic Techniques, Encryption, Decryption, Code Breaking:
Methodologies, Cryptanalysis, Cryptography Attacks, Brute-Force Attack,Use of Cryptography.Public key cryptography, Principles of Public key Cryptosystems, Cryptographic Algorithms RSA,Data Encryption Standard (DES), RC4, RC5, RC6, Blowfish, Key Management, Diffie-Hellman key exchange, elliptic curve cryptography.
UNIT III
Hash Functions, One-way Hash Functions, SHA (Secure Hash Algorithm), Authentication
Requirements, Authentication Functions, Kerberos. Message Authentication codes ,Message Digest Functions, MD5, SSL (Secure Sockets Layer), SSH (Secure Shell), Algorithms and Security, Disk Encryption, Government Access to Keys (GAK) Digital Signature: Analysis, Components, Method, Applications, Standard, Algorithm: Signature Generation/Verification, ECDSA, EIgamal Signature Scheme, Digital Certificates.
Hash Functions, One-way Hash Functions, SHA (Secure Hash Algorithm), Authentication
Requirements, Authentication Functions, Kerberos. Message Authentication codes ,Message Digest Functions, MD5, SSL (Secure Sockets Layer), SSH (Secure Shell), Algorithms and Security, Disk Encryption, Government Access to Keys (GAK) Digital Signature: Analysis, Components, Method, Applications, Standard, Algorithm: Signature Generation/Verification, ECDSA, EIgamal Signature Scheme, Digital Certificates.
UNIT IV
Trojans and Backdoors: Overt and Covert Channels,Working, Types (Remote Access Trojans,Data-Sending Trojans, Destructive Trojans, Trojans, Proxy Trojans, FTP Trojans, Security Software Disablers).Viruses and Worms: Characteristics, Working, Infection Phase, Attack Phase. Sniffers: Definition,spoofing, Sniffing, Vulnerable Protocols, Types.Phishing: Methods, Process, Attacks Types (Man-in-the-Middle Attacks, URL Obfuscation Attacks, Hidden Attacks, Client-side Vulnerabilities, Deceptive Phishing, Malware-Based Phishing, DNSBased Phishing, Content-Injection Phishing, Search Engine Phishing).Web Application Security- Secured authentication mechanism, secured session management,Cross-site Scripting, SQL Injection and other vulnerabilitiesDenial-of Service Attacks: Types of Attacks (Smurf Attack, Buffer Overflow Attack, Ping of Death Attack, Teardrop Attack, SYN Attack, SYN Flooding), DDoS Attack(Distributed Do Attack.), Session Hijacking, Spoofing v Hijacking, TCP/IP hijacking, CAPTCHA Protection
UNIT V
IP Security, Web Security, Firewalls: Types, Operation, Design Principles, Trusted Systems.
Computer Forensics, Need, Objectives,Stages & Steps of Forensic Investigation in Tracking Cyber Criminals, Incident Handling.Hacking, Classes of Hacker (Black hats, grey hats, white hats, suicide hackers), Footprinting,Scanning (Types-Port, Network, Vulnerability), E-Mail Spiders, Overview of System Hacking Cycle.
List of Experiments:
1. Footprinting using footprinting tools(Open Source & Free)(ex-nslookup, ARIN, Whois,
Google Earth etc..)
2. Scanning for vulnerabilities using (Angry IP, HPing2, IPScanner, Global Network Inventory
Scanner, Net Tools Suite Pack.)
3. NetBIOS Enumeration Using NetView Tool, Nbtstat Enumeration Tool (Open Source).
4. Steganography using tools: Tool: Merge Streams, Image Hide, Stealth Files, Blindside, S Tools,Steghide, Steganos, Pretty Good Envelop, Stegdetect,.
5. Steganalysis - Stego Watch- Stego Detection Tool, StegSpy.
6. How to Detect Trojans by using – Netstat, fPort, TCPView, CurrPorts Tool, Process Viewer.
7. Lan Scanner using look@LAN, wireshark.
8. Understanding DoS Attack Tools- Jolt2 , Bubonic.c, Land and LaTierra, Targa,Nemesy Blast, Panther2, Crazy Pinger, SomeTrouble, UDP Flood, FSMax.
Suggested Reading:
1. William Stallings, “Cryptography and Network Security: Principles and Practice” Pearson
2. Charlie Kaufman, Radia Perlman, Mike Speciner, Michael Speciner, “ Network Security -
Private communication in a public world” TMH
3. Fourozon, “Cryptography & Network Security” TMH
4. Joseph Migga Kizza, Computer Network Security, , Springer International Edition
5. Atul Kahate,”Cryptography and Network Security” Mc Graw Hill
6.Carl Endorf, Eugene Schultz,Jim Mellander “INTRUSION DETECTION & PREVENSION” TMH
7. Neal, Krawetz, Introduction to Network Security,Cengage Learning
No comments:
Post a Comment