Download JNTUK M.Tech R19 CSE M.Tech Cyber Security Course Structure And Syllabus

FirstRanker.com

JAWAHARLAL NEHRU TECHNOLOGICAL UNIVERSITY KAKINADA

KAKINADA – 533 003, Andhra Pradesh, India

--- Content provided by​ FirstRanker.com ---

DEPARTMENT OF COMPUTER SCIENCE & ENGINEERING

COURSE STRUCTURE & SYLLABUS M.Tech CSE for CYBER SECURITY PROGRAMME

(Applicable for batches admitted from 2019-2020)

--- Content provided by​ FirstRanker.com ---

JAWAHARLAL NEHRU TECHNOLOGICAL UNIVERSITY KAKINADA

FirstRanker.com

I- SEMESTER

*Student has to choose any one audit course listed below.

II- SEMESTER

III-SEMESTER

#Students going for Industrial Project/Thesis will complete these courses through MOOCs.

M. Tech. (CSE) IV SEMESTER

Open Electives offered by the Department of CSE for other Departments Students

--- Content provided by‌ FirstRanker.com ---

1. Python Programming
2. Principles of Cyber Security
3. Internet of Things
4. Artificial Intelligence and Machine Learning

*Student has to choose any one audit course listed below.

Audit Course 1 & 2:

1. English for Research Paper Writing

--- Content provided by FirstRanker.com ---

2. Disaster Management
3. Sanskrit for Technical Knowledge
4. Value Education
5. Constitution of India
6. Pedagogy Studies

--- Content provided by‍ FirstRanker.com ---

7. Stress Management by Yoga
8. Personality Development through Life Enlightenment Skills

I Year - I Semester

Principles of Cyber Security (MTCY1101)

Course Objectives:

• To learn threats and risks within context of the cyber security architecture.
• Student should learn and Identify security tools and hardening techniques.

--- Content provided by‍ FirstRanker.com ---

• To learn types of incidents including categories, responses and timelines for response.

Course Outcomes: At the end of the course, student will be able to

• Apply cyber security architecture principles.
• Describe risk management processes and practices.
• Appraise cyber security incidents to apply appropriate response

--- Content provided by FirstRanker.com ---

• Distinguish system and application security threats and vulnerabilities.
• Identify security tools and hardening techniques

UNIT-I: Introduction to Cyber security- Cyber security objectives, Cyber security roles, Differences between Information Security & Cyber security, Cyber security Principles- Confidentiality, integrity, &availability Authentication & non- repudiation.

UNIT-II: Information Security (IS) within Lifecycle Management-Lifecycle management landscape, Security architecture processes, Security architecture tools, Intermediate lifecycle management concepts, Risks & Vulnerabilities-Basics of risk management, Operational threat environments, Classes of attacks.

UNIT-III: Incident Response- Incident categories, Incident response Incident recovery, and Operational security protection: Digital and data assets, ports and protocols, Protection technologies, Identity and access Management, configuration management.

--- Content provided by FirstRanker.com ---

UNIT-IV: Threat Detection and Evaluation (DE): Monitoring- Vulnerability Management, Security Logs and Alerts, Monitoring Tools and Appliances. Analysis- Network traffic Analysis, packet capture and analysis

UNIT-V: Introduction to backdoor System and security-Introduction to metasploit, Backdoor, demilitarized zone(DMZ),Digital Signature, Brief study on Harding of operating system.

Text Books:

1. NASSCOM: Security Analyst Student Hand Book Dec 2015.
2. Information Security Management Principles Updated Edition by David Alexander, Amanda Finch, David Sutton Published by BCS, June 2013.

--- Content provided by⁠ FirstRanker.com ---

Reference Books:

1. CSX- cyber security fundamentals 2 nd edition, Published by ISACA, Cyber security, Network Security, Data Governance Security.

I Year - I Semester

Advanced Data Structures (MTCY1102)

Course Objective:

• The student should be able to choose appropriate data structures, understand the ADT/libraries, and use it to design algorithms for a specific problem
• Students should be able to understand the necessary mathematical abstraction to solve problems

--- Content provided by FirstRanker.com ---

• To familiarize students with advanced paradigms and data structure used to solve algorithmic problems
• Student should be able to come up with analysis of efficiency and proofs of correctness

Course Outcomes:

• Explain the Collision Resolution Techniques in Hashing and implement symbol table using hashing techniques
• Develop and analyze algorithms for red-black trees, B-trees and Splay trees.

--- Content provided by‌ FirstRanker.com ---

• Develop algorithms for text processing applications.
• Identify suitable data structures and develop algorithms for computational geometry problems.

UNIT-I: Dictionaries-Definition, Dictionary Abstract Data Type, and Implementation of Dictionaries. Hashing: Review of Hashing, Hash Function, Collision Resolution Techniques in Hashing, Separate Chaining, Open Addressing, Linear Probing, Quadratic Probing, Double Hashing, Rehashing, Extendible Hashing.

UNIT-II: Skip Lists- Need for Randomizing Data Structures and Algorithms, Search and Update Operations on Skip Lists, Probabilistic Analysis of Skip Lists, Deterministic Skip Lists

UNIT-III: Trees-Binary Search Trees, AVL Trees, Red Black Trees, 2-3 Trees, B-Trees, Splay Trees

--- Content provided by⁠ FirstRanker.com ---

UNIT-IV: Text Processing: Sting Operations, Brute-Force Pattern Matching, The Boyer- Moore Algorithm, The Knuth-Morris-Pratt Algorithm, Standard Tries, Compressed Tries, Suffix Tries, The Huffman Coding Algorithm, The Longest Common Subsequence Problem (LCS), Applying Dynamic Programming to the LCS Problem

UNIT-V: Computational Geometry: One Dimensional Range Searching, Two Dimensional Range Searching, Constructing a Priority Search Tree, Searching a Priority Search Tree, Priority Range Trees, Quad-trees, k-D Trees. Recent Trends in Hashing, Trees, and various computational geometry methods for efficiently solving the new evolving problem

Text Books:

1. Data Structures: A Pseudo-code Approach, 2/e, Richard F.Gilberg, Behrouz A.Forouzon, Cengage
2. Data Structures, Algorithms and Applications in java, 2/e, Sartaj Sahni, University Press

--- Content provided by FirstRanker.com ---

Reference Books:

1. Mark Allen Weiss, Data Structures and Algorithm Analysis in C++, 2nd Edition, Pearson, 2004.
2. M T Goodrich, Roberto Tamassia, Algorithm Design, John Wiley, 2002.

I Year - I Semester

Cryptanalysis ( MTCY1103)

Course Objectives:

• To understand the importance of cryptanalysis in our increasingly computer-driven world.

--- Content provided by‍ FirstRanker.com ---

• To understand the fundamentals of Cryptography
• To understand the Lattice- based cryptanalysis and elliptic curves and pairings
• To understand birthday- based algorithms for functions and attacks on stream ciphers
• To apply the techniques for secure transactions in real world applications

Course Outcomes: At the end of the course, student will be able to

--- Content provided by⁠ FirstRanker.com ---

• Ability to apply cryptanalysis in system design to protect it from various attacks.
• Ability to identify and investigate vulnerabilities and security threats and the mechanisms to counter them.
• Ability to analyze security of cryptographic algorithm against brute force attacks, birthday attacks.

UNIT-I: A bird's eye view of modern Cryptography: Preliminaries, Defining Security in Cryptography Mono-alphabetic Ciphers: Using Direct Standard Alphabets, The Caesar Cipher, Modular arithmetic, Direct Standard alphabets, Mono-alphabets based on linear transformation. Poly-alphabetic Substitution: Poly-alphabetic ciphers, Recognition of poly-alphabetic ciphers, Determination of number of alphabets, Solution of individual alphabets if standard, Poly- alphabetic ciphers with a mixed plain sequence, Matching alphabets, Reduction of a poly- alphabetic cipher to a mono-alphabetic ciphers with mixed cipher sequences.

UNIT-II: Transposition- Columnar transposition, Solution of transpositions with Completely filled rectangles, Incompletely filled rectangles, Solution of incompletely filled rectangles - Probable word method, Incompletely filled rectangles general case, Repetitions between messages; identical length messages. Sieve algorithms: Introductory example: Eratosthenes's sieve, Sieving for smooth composites

--- Content provided by FirstRanker.com ---

UNIT-III: Brute force Cryptanalysis- Introductory example: Dictionary attacks, Brute force and the DES Algorithm, Brute force as a security mechanism, Brute force steps in advanced cryptanalysis, Brute force and parallel computers. The birthday paradox: Sorting or not?: Introductory example: Birthday attacks on modes of operation, Analysis of birthday paradox bounds, Finding collisions, Application to discrete logarithms in generic groups.

UNIT-IV: Birthday- based algorithms for functions- Algorithmic aspects, Analysis of random functions, Number-theoretic applications, A direct cryptographic application in the context of block wise security, Collisions in hash functions. Attacks on stream ciphers: LFSR- based key stream generator, Correlation attacks, Noisy LFSR model, Algebraic attacks, Extension to some non- linear shift registers, the cube attack.

UNIT-V: Lattice-based cryptanalysis- Direct attacks using lattice reduction, Coppersmith's small roots attacks. Elliptic curves and pairings: Introduction to elliptic curves, The Weil pairing, the elliptic curve factoring method.

Text Books:

1. Elementary Cryptanalysis A Mathematical Approach by Abraham Sinkov, The mathematical Association of America (lnc).
2. Algorithmic Cryptanalysis” by Antoine joux, CRC Press’

Reference Books:

--- Content provided by⁠ FirstRanker.com ---

1. Algebraic Cryptanalysis, Bard Gregory, Springer, 2009
2. Cryptanalysis of Number Theoretic Ciphers, Sameul S. Wag staff, Champan & Hall/CRC.
3. Cryptanalysis: A Study of Cipher and Their Solution, Helen F. Gaines,1989

I Year - I Semester

Cyber Crime Investigation and Digital Forensics ( MTCY1103)

Course Objectives:

• Able to identify security risks and take preventive steps

--- Content provided by FirstRanker.com ---

• To understand the forensics fundamentals.
• To understand the evidence capturing process.
• To understand the preservation of digital evidence.

Course Outcomes: At the end of the course, student will be able to

• Acquire the definition of computer forensics fundamentals.

--- Content provided by FirstRanker.com ---

• Describe the types of computer forensics technology
• Analyze various computer forensics systems.
• Illustrate the methods for data recovery, evidence collection and data seizure.
• Summarize duplication and preservation of digital evidence.

UNIT– I: Introduction: Introduction and Overview of Cyber Crime, Nature and Scope of Cyber Crime, Types of Cyber Crime: Social Engineering, Categories of Cyber Crime, Property Cyber Crime.

--- Content provided by‍ FirstRanker.com ---

UNIT–II: Cyber Crime Issues: Unauthorized Access to Computers, Computer Intrusions, White collar Crimes, Viruses and Malicious Code, Internet Hacking and Cracking, Virus Attacks, Pornography, Software Piracy, Intellectual Property, Mail Bombs, Exploitation ,Stalking and Obscenity in Internet, Digital laws and legislation, Law Enforcement Rules and Responses.

UNIT-III: Investigation: Introduction to Cyber Crime Investigation, Investigation Tools, e-Discovery, Digital Evidence Collection, Evidence Preservation, E-Mail Investigation, E-Mail Tracking, IP Tracking, E-Mail Recovery, Hands on Case Studies. Encryption and Decryption Methods, Search and Seizure of Computers, Recovering Deleted Evidences, Password Cracking.

UNIT-IV: Digital Forensics: Introduction to Digital Forensics, Forensic Software and Hardware, Analysis and Advanced Tools, Forensic Technology and Practices, Forensic Ballistics and Photography, Face, Iris and Fingerprint Recognition, Audio Video Analysis, Windows System Forensics, Linux System Forensics, Network Forensics.

UNIT-V: Role of CRET-In Cyber Security: Computer Security Incident Response (Reactive) – Computer Security Incident Prevention (Proactive) – Security Quality Management Services, CERT-In Security Guidelines- Web server, database server, Intrusion Detection system, Routers, Standard alone system, networked System, IT Security polices for government and critical sector organizations.

Textbook:

1. Nihad A. Hassan, “Digital Forensics Basics: A Practical Guide Using Windows OS Paperback", February 26, 2019.

Reference Books:

--- Content provided by⁠ FirstRanker.com ---

1. Nelson Phillips and EnfingerSteuart, “Computer Forensics and Investigations", Cengage Learning, New Delhi, 2009.
2. Kevin Mandia, Chris Prosise, Matt Pepe, “Incident Response and Computer Forensics“, Tata McGraw-Hill, New Delhi, 2006.
3. Robert M Slade," Software Forensics", Tata McGraw - Hill, New Delhi, 2005

Web Reference:

1. CERT-In Guidelines-http://www.cert-in.org.in/

--- Content provided by⁠ FirstRanker.com ---

I Year - I Semester

Operating System Security ( MTCY1103)

--- Content provided by‌ FirstRanker.com ---

Course Objectives:

• Students will learn and apply basic concepts and methodologies of System Administration and Security by building from the ground up a miniature corporate network.
• To know some basic security measures to take in system administration.
• To prepare for possible disasters, including an understanding of backup and restoration of file systems.

Course Outcomes: At the end of the course, student will be able to

--- Content provided by⁠ FirstRanker.com ---

• Explain the overview of operating system
• Demonstrate the Access control matrix, access control list and Lampson's access matrix
• Identify the Encryption Techniques, Authentication and Password Security issues
• Identify the Encryption Techniques and apply the real time applications
• Know the role and responsibilities of a system administrator and Create and administer user accounts on both a Linux and Windows platform

--- Content provided by​ FirstRanker.com ---

UNIT–I: Overview of Operating Systems-Introduction, Computer system organization and architecture, Operating system structure and operations, Process Management, Memory Management, file systems management Protection and security, Scheduling Algorithms, Inter-process Communication(TB1)

UNIT-II: Operating Systems Protection: Protection Goals, Protection Threats, Access Control Matrix, Access Control Lists(ACL's), Capability Lists(C-lists), Protection systems, Lampson's access matrix, mandatory protection systems, Reference monitor, Secure operating system definition(TB2)

UNIT-III: Operating System Security-Security Goals, Security Threats, Security Attacks- Trojan Horses, Viruses and Worms, Buffer Overflow attacks and Techniques, Formal Aspects of Security, Encryption- Attacks on Cryptographic Systems, Encryption Techniques, Authentication and Password Security, Intrusion detection, malware defences, UNIX and Windows security(TB2)

UNIT-IV: System Administration: Security Basics, Securing the Server Itself, Maintenance and Recovery, Monitoring and Audit, Introduction to Linux Systems, Configuration Management, Log Auditing and Vulnerability Assessment.(TB3)

UNIT-V: Linux Networking: Networking Technologies: DHCP, DNS, NFS/ISCSI, SMTP, SNMP, LAMP, Firewall/IDS/SSH, Securing Linux. Case Studies: Security and Protection-MULTICS, UNIX, LINUX and Windows, Windows and Linux Coexisting.(TB4)

--- Content provided by‌ FirstRanker.com ---

Text Books:

1. Operating System Concepts, 9th Edition, Abraham Silberschatz, Peter Baer Galvin, Greg Gagne, Wiley Publication, 2008

--- Content provided by⁠ FirstRanker.com ---

2. Operating Systems: A Concept-Based Approach, 3rd Edition, Dhananjay M. Dhamdhere, McGraw-Hill, 2015
3. Windows Server 2003 Security, A Technical Reference, Roberta Bragg, Addisson-Wesley
4. Linux Administration Handbook, Second Edition, Evi Nemeth, Garth Snyder, Trent R. Hein. Prentice Hall

Reference Books:

1. An Introduction to Operating Systems: Concepts and practice, 4th Edition, Promod Chandra P Bhat, Prentice Hall of India, 2014.

--- Content provided by‍ FirstRanker.com ---

2. Operating System: Internals and Design Principles, 7th Edition, William Stalling, Prentice Hall, 2014
3. Linux System Administration, Tom Adelstein and Bill Lubanovic, First Edition, O'Reilly Media, Inc.

I Year - I Semester

Firewall and VPN Security (MTCY1103)

Course Objectives:

• Identify and assess current and anticipated security risks and vulnerabilities
• Develop a network security plan and policies

--- Content provided by‍ FirstRanker.com ---

• Establish a VPN to allow IPSec remote access traffic
• Monitor, evaluate and test security conditions and environment
• Develop critical situation contingency plans and disaster recovery plan
• Implement/test contingency and backup plans and coordinate with stakeholders
• Monitor, report and resolve security problems

--- Content provided by FirstRanker.com ---

Course Outcomes: At the end of the course, student will be able to

• To show the fundamental knowledge of Firewalls and it types
• Construct a VPN to allow Remote Access, Hashing, connections with Cryptography and VPN Authorization
• Elaborate the knowledge of depths of Firewalls, Interpreting firewall logs, alerts, Intrusion and Detection
• Infer the design of Control Systems of SCAD, DCS, PLC's and ICS's

--- Content provided by FirstRanker.com ---

• Evaluate the SCADA protocols like RTU, TCP/IP, DNP3, OPC,DA/HAD

UNIT-I: Firewall Fundamentals: Introduction, Types of Firewalls, Ingress and Egress Filtering, Types of Filtering, Network Address Translation (NAT), Application Proxy, Circuit Proxy, Content Filtering, Software versus Hardware Firewalls, IPv4 versus IPv6 Firewalls, Dual-Homed and Triple-Homed Firewalls, Placement of Firewalls.

UNIT-II: VPN Fundamentals: VPN Deployment Models and Architecture, Edge Router, Corporate Firewall, VPN Appliance, Remote Access, Site-to-Site, Host-to-Host, Extranet Access, Tunnel versus Transport Mode, The Relationship Between Encryption and VPNs, Establishing VPN Connections with Cryptography, Digital Certificates, VPN Authorization.

UNIT-III: Exploring the Depths of Firewalls: Firewall Rules, Authentication and Authorization, Monitoring and Logging, Understanding and Interpreting Firewall Logs and Alerts, Intrusion Detection, Limitations of Firewalls, Downside of Encryption with Firewalls, Firewall Enhancements, and Management Interfaces.

UNIT– IV: Overview of Industrial Control Systems: Overview of SCADA, DCS, and PLCs, ICS Operation, Key ICS Components, Control Components, Network Components, SCADA Systems, Distributed Control Systems, Programmable Logic Controllers, Industrial Sectors and Their Interdependencies.

--- Content provided by‍ FirstRanker.com ---

UNIT– V: SCADA Protocols: Modbus RTU, Modbus TCP/IP, DNP3, DNP3 TCP/IP, OPC, DA/HAD, SCADA protocol fuzzing, Finding Vulnerabilities in HMI: software- Buffer Overflows, Shell code. Previous attacks Analysis- Stuxnet, Duqu.

Text Books:

--- Content provided by‌ FirstRanker.com ---

1. Michael Stewart “Network Security, Firewalls, and VPNs” Jones & Bartlett Learning September 2010.
2. T. Macaulay and B. L. Singer, Cyber security for Industrial Control Systems: SCADA, DCS, PLC, HMI, and SIS, Auerbach Publication

Reference Books:

1. J. Lopez, R. Setola, and S. Wolthusen, Critical Infrastructure Protection Information Infrastructure Models, Analysis, and Defense, Springer-Verlag Berlin Heidelberg, 2012.
2. Robert Radvanovsky and Jacob Brodsky, editors. Handbook of SCADA/Control Systems Security. CRC Press, 2013.

--- Content provided by​ FirstRanker.com ---

3. A.W. Colombo, T. Bangemann, S. Karnouskos, S. Delsing, P. Stluka, R. Harrison, et al. Industrial cloud-based cyber-physical systems Springer International Publishing, 2014.
4. D. Bailey, Practical SCADA for Industry. Burlington, MA: Newnes, 2003.

I Year - I Semester

Database and Web Application Security (MTCY1104)

Course Objectives:

• To acquire knowledge on standard algorithms used to provide confidentiality, integrity and authenticity.
• To design security applications in the field of Information technology.

--- Content provided by⁠ FirstRanker.com ---

• To understand the fundamentals of database design, DB security and SQL extensions to security.
• To learn the basic concepts of Penetration testing.

Course Outcomes: At the end of the course, student will be able to

• Explain threats, vulnerabilities and breaches to design database
• Discuss Relational Data Model and concurrency controls and locking, SQL extensions to security

--- Content provided by‍ FirstRanker.com ---

• Demonstrate the Browser security principles.
• How to provide software centric security and mobile web browser security in real time applications
• Construct the penetrating testing workflows with examples.

UNIT-I: Database security-Introduction includes threats, vulnerabilities and breaches, Basics of database design, DB security, concepts, approaches and challenges, types of access controls, Oracle VPD. Discretionary and Mandatory access control-Principles, applications and poly instantiation, Database inference problem, types of inference attacks, distributed database, security levels, SQL-injection: types and advanced concepts

UNIT–II: Relational Data Model-Security in relational data model, concurrency controls and locking, SQL extensions to security (oracle as an example), System R concepts, Context and control based access control, Hippocratic databases, Database watermarking Database intrusion, secure data outsourcing.

--- Content provided by‌ FirstRanker.com ---

UNIT-III: Web application security-Basic principles and concepts, Authentication

This download link is referred from the post: JNTU Kakinada (JNTUK) M.Tech R20-R19-R18 Syllabus And Course Structure