IT502 - Information Security.pdf

Full Transcript

Subject Name : Information Security Subject Code : IT 502 Teaching Scheme (Credits and Hours) Teaching scheme Evaluation Scheme Total Mid Sem L T P Total Theory...

Subject Name : Information Security Subject Code : IT 502 Teaching Scheme (Credits and Hours) Teaching scheme Evaluation Scheme Total Mid Sem L T P Total Theory CIA Pract. Total Credit Exam Hrs Hrs Hrs Hrs Hrs Marks Marks Marks Marks Marks 04 00 02 06 5 3 70 30 20 30 150 Learning Objectives:  Learn fundamentals of cryptography and its application to network security.  Understand network security threats, security services, and countermeasures.  Understand vulnerability analysis of network security.  Acquire background on hash functions; authentication; firewalls; intrusion detection techniques.  Gain hands-on experience with programming and simulation techniques for security protocols.  Obtain background for original research in network security, especially wireless network and MANET security.  Understand the tradeoffs and criteria/concerns for security countermeasure development.  Apply methods for authentication, access control, intrusion detection and prevention.  Indentify and mitigate software security vulnerabilities in existing systems. Outline of the Course: Sr. Title of the Unit Minimum No Hours 1 Introduction to Information Security 5 2 Conventional Cryptographic Techniques 10 3 Symmetric and Asymmetric Cryptographic Techniques 10 4 Authentication and Digital Signatures 9 5 Program Security 12 6 Security in Networks 14 Total hours (Theory): 60 Total hours (Lab): 30 Total hours: 90 Detailed Syllabus Sr. Topic Lecture Weight No Hours age(%) 1 Introduction to Information Security : Attacks, Vulnerability, 5 8 Security Goals, Security Services and mechanisms 2 Conventional Cryptographic Techniques : Conventional substitution and transposition ciphers, One-time Pad, Block 10 17 cipher and Stream Cipher, Steganography 3 Symmetric and Asymmetric Cryptographic Techniques : 10 17 DES, AES, RSA algorithms 4 Authentication and Digital Signatures : Use of Cryptography for authentication, Secure Hash function, Key management – 9 15 Kerberos 5 Program Security : Nonmalicious Program errors – Buffer overflow, Incomplete mediation, Time-of-check to Time-of- 12 20 use Errors, Viruses, Trapdoors, Salami attack, Man-in-the- middle attacks, Covert channels 6 Security in Networks : Threats in networks, Network Security Controls – Architecture, Encryption, Content Integrity, Strong Authentication, Access Controls, Wireless Security, 14 23 Honeypots, Traffic flow security, Firewalls – Design and Types of Firewalls, Personal Firewalls, IDS, Email Security – PGP,S/MIME Total 60 100 Instructional Method and Pedagogy:  At the start of course, the course delivery pattern, prerequisite of the subject will be discussed.  Lectures will be conducted with the aid of multi-media projector, black board, OHP etc.  Attendance is compulsory in lecture and laboratory which carries 10 marks in overall evaluation.  One internal exam will be conducted as a part of internal theory evaluation.  Assignments based on the course content will be given to the students for each unit and will be evaluated at regular interval evaluation.  Surprise tests/Quizzes/Seminar/tutorial will be conducted having a share of five marks in the overall internal evaluation.  The course includes a laboratory, where students have an opportunity to build an appreciation for the concepts being taught in lectures.  Experiments shall be performed in the laboratory related to course contents. Learning Outcome: After completion of the course, students should be able to:  Understand and explain the risks faced by computer systems and networks.  Identify and analyze security problems in computer systems and networks.  Explain how standard security mechanisms work.  Develop security mechanisms to protect computer systems and networks.  Write programs that are more secure.  Use cryptography algorithms and protocols to achieve computer security. Reference Books: 1. Security in Computing, Fourth Edition, by Charles P. Pfleeger, Pearson Education 2. Cryptography And Network Security Principles And Practice, Fourth or Fifth Edition, William Stallings, Pearson 3. Modern Cryptography: Theory and Practice, by Wenbo Mao, Prentice Hall. 4. Network Security Essentials: Applications and Standards, by William Stallings. Prentice Hall. List of experiments: Sr. No. Name of Practical 01 Implement Ceaser Cipher 02 Implement Affine Cipher with equation c=3x+12 03 Implement Playfair Cipher with key entered by user. 04 Implement polyalphabetic Cipher 05 Implement AutoKey Cipher 06 Implement Hill Cipher. 07 Implement Rail fence technique 08 Implement Simple Columner Transposition technique 09 Implement Advanced Columner Transposition technique. 10 Implement Simple RSA Algorithm with small numbers. 11 Implement Simplified DES 12 Make a study of one IDS (For ex. Snort)

Use Quizgecko on...
Browser
Browser