minor-in-cyber-security

MINOR DEGREE STRUCTURE
Offered by Department of Networking and Communications

School of Computing
Minor in Cyber Security
With an increasing number of users, devices and programs in the modern enterprise, combined with the
increased deluge of data much of which is sensitive or confidential the importance of cybersecurity continues
to grow. The growing volume and sophistication of cyber attackers and attack techniques compound the
problem even further. To equip the students towards the Cyber Security, Minor in Cyber Security program is
designed
• An academic major is the academic discipline to which an undergraduate student formally

commits. A student who successfully completes all courses required for the major qualifies for
an undergraduate degree.
• Academic minor is an academic discipline outside of the student's academic major in which he or
she takes a small number of classes.
• An academic major or major field refers to a student's primary focus within their degree program
while a minor or minor field refers to his or her secondary focus.
• Minors are optional. You may complete multiple minors or none at all.
• Some students will prepare for their intended career with their major, while pursuing personal
interests with a minor, for example, majoring in CSE while minoring in a foreign
language or performing arts or Economics or Management Studies. Other students may pursue a
minor to provide specific specialization and thus make themselves more attractive to employers.
Why Choose a Minor?

• Adding depth to your studies
• Adding breadth to your studies
• An area of passion
• An alternative to double majoring
Objectives of this minor program
● To prepare students with the technical knowledge and skills needed to protect and defend computer
systems and networks.
● To develop Students who can plan, implement, and monitor cyber security mechanisms to help
ensure the protection of information technology assets
Minors: Rules and Regulations
1. Pursuing a major/minor program is a highly individual decision, and should be based on a student's
educational and career goals.
2. Minors must be completed simultaneously with a major degree program. You cannot earn a minor after
you have already earned your bachelor’s degree(s).
3. You need at least one active major in order to pursue a minor.
4. Also be aware that since the minor must be completed with a major, any outstanding minor requirements
will prevent the awarding of the degree for your major. If you ultimately decide to graduate without the
minor, the minor must be removed from your records before your degree can be processed.
5. The Certification for Minor will NOT be issued until the Major degree is successfully completed, even
though all requirements for the Minor have been satisfied.
6. All requirements for the Minor must be completed within a maximum of ONE semester of the completion
of the Major degree but NOT LATER THAN the maximum duration of study of the Major degree
permitted by UGC i.e., not more than N+2 years where ‘N’ is the normal duration of study as per
regulations.
7. If a student drops from a Minor or is NOT able to fulfil all the requirements for the certification of Minor,
within the maximum period of study permitted by UGC, the student will NOT be issued the Certification.
Nevertheless, the transcripts for the completed courses will be issued.
8. Courses offered for a Certification in Minor will be treated on par with the regular courses of a Major in
respect of attendance requirements, assessment and examination requirements.
9. The number of seats for minor in SIDC is limited and subject to availability and academic performance.
10. Register for a Minor any time after 3rd Semester of B.Tech
11. The offering Department scrutinises the credentials of registered students and announces the list of
selected students who fulfil the minimum eligibility criteria for admission into a Minor Certificate
programme.
12. The selected students enrol into the Minor Certificate programme by paying a one-time programme fee
of Rs. 75,000/- that includes the tuition fee, examination fee and fee for transcript and certificate.
13. The student is permitted to register for a maximum of 2 courses per semester, over and above the
maximum credits permitted (26 credits) for a Major degree of study.
14. A minor requires 18-20 credits to be acquired from the courses offered by the Dept. of SIDC.
Eligibility Criteria
A student will be permitted to pursue a Minor, if and only if, he / she fulfils the following criteria:
i. Must have secured a minimum of 7.0 CGPA* at the time of admission to a Minor
ii. There must NOT be any standing arrears / Backlogs.
iii. Must be in the active rolls of the department without any break of study or disciplinary action
pending against the student
iv. Must have NO outstanding fee dues
* CGPA cut off is subject to change based on the demand and competition.
MINOR IN CYBER SECURITY
Credits to
Category Course Code Course Title L T P C
be earned
Fundaments of Computer
Core 18CSC004T 3 0 0 3 3
Science
Core 18CSC005J Malware Analysis 2 0 2 3 3
Core 18CSC006J Ethical Hacking 2 0 2 3 3
Cryptography and Network

Elective 18CSE007J/ Security / 2 0 2 3 3
18CSE008J Forensics and Incidence
Response
Elective 18CSE009T/ Cyber Law and Ethics / 2 0 0 2 2

18CSE010T Secure Coding
Core 18CSC011L Project 0 0 12 6 6
Total 20
L T P C
Course Code 18CSC004J Course Name Fundaments of Computer Science Course Category C Professional Elective
3 0 0 3
Pre-requisite Courses Nil Co-requisite Courses Nil Progressive Courses Nil

Course Offering Department Networking and Communications Data Book / Codes/Standards Nil
Course Learning Rationale (CLR): The purpose of learning this course is to: Learning Program Learning Outcomes (PO)
CLR-1 : Understand the fundamentals of Computer 1 2 3 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15
CLR-2 : Gain knowledge about networking Lev Exp Exp Desi Indi
Eng Analysi Mo Proj
CLR-3 : Study about Operating System el of ecte ecte
inee
Pro gn
s, dern
Soci
Environ
vidu Co
ect
Life
CLR-4 : Study about new processors of Computer System Thi d d ble & ety al & mm Lon PS
ring Design Too ment & Ethi Mgt. PSO PSO
nkin Prof Atta m Dev & Tea unic g O–
Kno , l Sustaina cs & -1 -2
g icien inm Anal elop Cult m atio Lear 3
Course Learning Outcomes wled Resear Usa bility Fina
(Blo cy ent ysis men ure Wor n ning
At the end of this course, learners will be able to: ge ch ge nce
(CLO): om) (%) (%) t k
CO-1 : Gain knowledge about the Computer Science 2 85 80 - - - 3 - - - - - - - - 3 - -
CO-2 : To present some of the flavor of the Computing Sciences 2 80 75 - - - 3 2 - - - - - - - - 3 -
CO-3 : Study about Operating System 2 85 80 - - - 3 - - - - - - - - 3 - -
CO-4 : To involve you in the kind of thinking done in the Computing Sciences, 2 80 75 - - - 3 1 - - - - - - - - 2 -
Unit – 1
Machine instructions and addressing modes. ALU, data-path and control unit. Instruction pipelining. Memory hierarchy: cache, main memory and secondary storage; I/O interface (interrupt and DMA mode).
Unit-2
Processes, threads, inter process communication, concurrency and synchronization. Deadlock. CPU scheduling. Memory management and virtual memory. File systems.
Unit-3
ER model. Relational model: relational algebra, tuple calculus, SQL. Integrity constraints, normal forms. File organization, indexing (e.g., B and B+ trees). Transactions and concurrency control.
Unit-4
Concept of layering. LAN technologies (Ethernet). Flow and error control techniques, switching. IPv4/IPv6, routers and routing algorithms (distance vector, link state).
Unit-5
TCP/UDP and sockets, congestion control. Application layer protocols (DNS, SMTP, POP, FTP, HTTP). Basics of Wi-Fi. Network security: authentication, basics of public key and private key cryptography, digital
signatures and certificates, firewalls.
Learning DATA COMMUNICATIONS AND NETWORKING (SIE) | 4th Edition Paperback – 1 July 2017 Operating System Principlesby Silberschatz , Galvin , Gagne
Resources by Behrouz A. Forouzan
Learning Assessment
Continuous Learning Assessment (50% weightage)
Bloom’s Final Examination (50% weightage)
CLA – 1 (10%) CLA – 2 (15%) CLA – 3 (15%) CLA – 4 (10%)#
Level of Thinking
Theory Practice Theory Practice Theory Practice Theory Practice Theory Practice
Level 1 Remember 30% 20% 20% 30% 20%
Level 2 Understand 35% 30% 30% 30% 30%
Level 3 Apply 35% 30% 30% 20% 30%
Level 4 Analyze 20% 20% 20% 20%
Level 5 Evaluate
Level 6 Create
Total 100 % 100 % 100 % 100 % 100%
# CLA – 4 can be from any combination of these: Assignments, Seminars, Tech Talks, Mini-Projects, Case-Studies, Self-Study, MOOCs, Certifications, Conf. Paper etc.,
Course Designers
Experts from Industry Experts from Higher Technical Institutions Internal Experts
Expert Member from PricewaterhouseCoopers Pvt Ltd. - Mr. V. Joseph Raymond, SRMIST
L T P C
Course Code 18CSC005J Course Name MALWARE ANALYSIS Course Category C Professional Elective
2 0 2 3
Pre-requisite Courses Nil Co-requisite Courses Nil Progressive Courses Nil

Course Learning Rationale (CLR): The purpose of learning this course is to: Learning Program Learning Outcomes (PO)
CLR-1 : Understand the fundamentals of static and dynamic analysis. 1 2 3 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15
CLR-2 : Gain knowledge about running malware in virtual environment.
CLR-3 : Study about disassembly constructs and its structures. Lev Exp Exp Desi Indi
Eng Analysi Mo Proj
CLR-4 : Study about new processors and file types using the debugging tools. el of ecte ecte
inee
Pro gn
s, dern
Soci
Environ
vidu Co
ect
Life
CLR-5 : Explore popular plug-ins that make writing OLLYDBG easier, allow collaborative reverse engineering Thi d d ble & ety al & mm Lon
ring Design Too ment & Ethi Mgt. PSO PSO PSO
nkin Prof Atta m Dev & Tea unic g
CLR-6 : Understand how to best approach of analyzing various malware threats. g icien inm
Kno
Anal elop
, l
Cult
Sustaina cs
m atio
&
Lear
-1 -2 –3
wled Resear Usa bility Fina
ge ch ge nce
Course Learning Outcomes om) (%) (%) t k
At the end of this course, learners will be able to:
(CLO):
CO-1 : Gain knowledge about the different forms of malware. 2 85 80 - - - 3 - - - - - - - - 3 - -
CO-2 : Set up a safe virtual environment to analyze malware. 2 80 75 - - - 3 2 - - - - - - - - 3 -
CO-3 : Navigate, comment, and modify disassembly. 2 85 80 - - - 3 - - - - - - - - 3 - -
CO-4 : Use code graphing to quickly make sense of cross references and function calls 2 80 75 - - - 3 1 - - - - - - - - 2 -
CO-5 : Use debugger to tackle hostile and obfuscated code. 2 85 75 - - - 3 - - - 2 - - - - - 2
CO-6 : Learn procedures for recognizing and analyzing Windows malware threats quickly and effectively. 2 85 80 - - - 3 - - - - - - - - 3 - -
Unit – 1
Introduction to Malware- What is Malware Analysis? -Why Malware Analysis? -Types of Malware Analysis- Comparing and Classifying Malware- Lab: Simple Notepad, Scripting and Macro Virus.
Unit-2
Basic Static Analysis- Determining the File Type- Fingerprinting Malware- Anti-Virus Scanning- Extracting Strings- Determining File Obfuscation- Inspecting PE Header Information- Lab: Setting up and configuring
Windows and Linux VM.
Unit-3
Dynamic Analysis- System and Network Monitoring- Process Inspection with Process Hacker- System Interaction with Process Monitor- Logging system using Noriben- Capture Network Traffic with Wire shark- Simulating
services with INetSim- Lab: Analyzing Malware Executable.
Unit-4
Advanced Static Analysis- Understanding Computer Basics- Level of Abstraction- Reverse Engineering- X86 Architecture- Main Memory- Instructions- Opcodes and Operands- Registers- Simple Instructions- The Stack-
Conditionals- Branching – REP Instructions. Lab: Perform shell code analysis in x86 architecture.
Unit-5
Advanced Dynamic Analysis- Debugging- OLLYDBG- Loading Malware- OllyDbg Interface- Memory Map- Rebasing- View Threads and Stacks- Executing Code- Breakpoints- Loading DLLs- Tracing- Exception
Handling- Patching- Lab: Analyzing executables using OLLYDBG.
1. Michael Sikorski, Practical Malware Analysis – The Hands–On Guide to Dissecting Malicious 3. Alexey Kleymenov and Amr Thabet, Mastering Malware Analysis: The complete malware
Software, Kindle Edition, No Starch Press; 1 edition (1 February 2012), ISBN: 1593272901. analyst's guide to combating malicious software, APT, cybercrime, and IoT attacks, Kindle Edition,
Learning 564 pages, Published June 6th 2019 by Packt Publishing.
2. . Monnappa K A Learning Malware Analysis: Explore the concepts, tools, and techniques to analyze and
Resources
investigate Windows malware, Packt Publishing; 1st edition (29 June 2018)
Learning Assessment
CLA – 1 (10%) CLA – 2 (15%) CLA – 3 (15%) CLA – 4 (10%)#
Level of Thinking
Level 1 Remember 30% 20% 20% 30% 20%
Level 3 Apply 35% 30% 30% 20% 30%
Level 4 Analyze 20% 20% 20% 20%
Level 5 Evaluate
Level 6 Create
Total 100 % 100 % 100 % 100 % 100%
# CLA – 4 can be from any combination of these: Assignments, Seminars, Tech Talks, Mini-Projects, Case-Studies, Self-Study, MOOCs, Certifications, Conf. Paper etc.,
Course Designers
Expert Member from PricewaterhouseCoopers Pvt Ltd. - Mr. V. Joseph Raymond, SRMIST
Course Course Course L T P C
18CSC006J Ethical Hacking C Core
Code Name Category 2 0 2 3
Pre-requisite Co-requisite Progressive
Nil Nil Nil
Courses Courses Courses
Course Learning Rationale (CLR): The purpose of learning this course is to: Learning Program Learning Outcomes (PLO)
CLR-1 : ● Understand the core foundations of ethics in regards to computer security 1 2 3 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15
CLR-2 : ● Learn about the hacker mind-set and the history of hackers
Exp Exp Des
Ana Envi
Indi
CLR-3 : ● Understand basic networking and security technologies Lev Eng lysis ron Proj Life
ecte ecte Pro ign Mod Soci vidu Co
el of inee , men ect Lon
●:
CLR-4 Gain a basic understanding of security policy Thin
d d
ring
ble &
Des
ern ety
t & Ethi
al mm
Mgt. g
PS PS PS
CLR-5 : ● Learn about basic system defence infrastructure Prof Attai m Dev Tool & &Te unic O- O- O–
king Kno ign, Sus cs & Lea
icie nme Ana elop Usa Cult am atio 1 2 3
(Blo wle Res tain Fina rnin
ncy nt lysis men ge ure Wor n
om) dge earc abili nce g
Course Learning Outcomes (CLO): At the end of this course, learners will be able to: (%) (%) t k
h ty
Students will learn the underlying principles and techniques associated with the cybersecurity practice known as ethical M M H
CLO-1 : 1 70 80
hacking
CLO-2 : Students will describe the legal and ethical requirements related to ethical hacking. 2 70 80
CLO-3 : Students will examine the tools for conducting ethical hacking. 4 70 80 M M
CLO-4 : Students will plan, organize and perform penetration testing on a simple network. 3 70 80 M M
Students will develop a practical understanding of the current cybersecurity issues and the ways how the errors made by M
CLO-5 : 5 70 80
users, administrators, or programmers can lead to exploitable insecurities
Unit-1 Introduction to hacking Introduction: Hacking, Types of Hacking/Hackers, Cybercrime, Types of cybercrime, Hacker Mind set, Threats, Concept of ethical hacking, , Phases involved in hacking, Role of Ethical Hacking, Common Hacking
Methodologies, Profiles of Hackers, Benefits of Ethical Hacking, Limitations of Ethical Hacking.
Unit-2 Foot Printing & Reconnaissance: Introduction to foot printing, Use of foot printing, Types of foot printing, Understanding the information gathering process, Information on a company website, methodology of the hackers, Tools used for the
reconnaissance phase.
Unit-3 System Hacking: System hacking, Types of System hacking, hacking tools, Computer Hole, Hacking Process, Various methods of password cracking, Remote Password Guessing, Role of eavesdropping, Keystroke Loggers, Types of Keystroke
Loggers, Detection, Prevention and Removal.
Unit-4 Sniffers: Introduction, Sniffer, Types of Sniffer, Protocols Susceptible to Sniffing, Active and Passive Sniffing, ARP Spoofing, ARP Spoofing, ARP Poisoning, DNS Spoofing Techniques, MAC Flooding, Sniffing Countermeasures.
Unit-5 Session Hijacking and Social Engineering: Understanding Session Hijacking, Phases involved in Session, Hijacking, Types of Session Hijacking, and Session Hijacking Tools. Social Engineering, Common Types Of Attacks, Insider Attacks,
Identity Theft, Phishing Attacks, Online Scams, URL Obfuscation, Social-Engineering Countermeasures
Practical:
To learn about hacking tools and skills.
To study about Footprinting and Reconnaissance.
To study about Fingerprinting.
To study about system Hacking. To study about Wireless Hacking.
To learn & study about Sniffing & their tools.
3. The Web Application Hacker's Handbook: Discovering and Exploiting Security Flaws by Dafydd
1. Hacking: The Art of Exploitation by Jon Erickson
Learning Stuttard
2. Gray Hat Hacking, Second Edition: The Ethical Hacker's Handbook by Shon Harris
Resources 4. Nmap Network Scanning: The Official Nmap Project Guide to Network Discovery and Security
Scanning by Gordon Fyodor Lyon
Learning Assessment
Bloom’s Continuous Learning Assessment (60% weightage)
Final Examination (40% weightage)
Level of CLA – 1 (15%) CLA – 2 (15%) CLA – 3 (15%) CLA – 4 (15%)#
Thinking Theory Practice Theory Practice Theory Practice Theory Practice Theory Practice
Remember
Level 1 15% 10% 5% 10%

Apply
Level 3 50% 100% 60% 80% 30% 50% 50% 50% 50% 50%
Level 4 Analyze 50% 50% 50% 50% 30% 50%
Level 5 Evaluate
Level 6 Create
Total 100 % 100 % 100 % 100 % 100 % 100 % 100 % 100 % 100 % 100 %
Course Designers
Mr.Chezhian Ravikumar, Technology Security Associate Manager, Accenture
Dr.M.B Mukesh Krishnan, SRMIST
Security, Chennai.
18CSE007J CRYPTOGRAPHY AND NETWORK SECURITY C Core
Pre- Nil Co- Nil Progressiv Nil
requisite requisite e
Course Offering Department Networking and communications Data Book / Codes/Standards Nil
Course Learning The purpose of learning this course is to:

Rationale
Learning Program Learning Outcomes (PLO)
1 2 3 4 5 6 7 8 9 10 11 12 13
Engineering
CLR-1: Acquire fundamental knowledge on the concepts of finite fields, number theory and 1 2 3 Knowledge
cryptography Ability
Ab
co
Analysis, Modern Society Environment Individual Project Life toutilize
Problem Design & pl
Design, Tool & & Ethics & Team Communication Mgt. & Long cyberspace
Analysis Development ad
Research Usage Culture Sustainability Work Finance Learning security
in
principles
CLR-2: Describe the various block cipher algorithms and public key Level of Expected Expected re
cryptosystems ThinkingProficiencyAttainment
(Bloom) (%) (%)
3 3
CLR-3: Utilize the principles of hash functions and digital signature 1 2 3 3
1 3 3
CLR-4: Acquire the knowledge on firewall and security applications. 2 3 3
Course Learning 2 3 3 3
At the end of this course, learners will be able to:
UNIT I INTRODUCTION TO SECURITY AND NUMBER THEORY
Outcomes
(CLO): Basics of Security – CIA Triad – Threats, Attacks and Services – Classical Cryptography –symmetric and asymmetric cipher- Substitution – Transposition – Cryptanalysis. Lab 1: Substitution techniques. Number Theory: Groups,
Rings,
CLO-1 : Implement
Fields- the Classical
Modular Arithmetic Encryption
– Euclidean Theorem– Techniques.
Galois Field – Lab 2:Implement Euclid. Prime Numbers – Fermat’s Theorem
3 – Euler’s totient
80 function
70 – Euler's Theorem – Chinese Remainder theorem –Primitive roots-Discrete
Logarithms-
CLO-2 : Lab 3:Implement
Implement theChinese
various Remainder
blockTheorem
cipher algorithms and public key cryptosystems 3 85 75
CLO-3 : Applythe principles of hash functions and digital signature 3 75 70
UNIT II BLOCK CIPHER AND PUBLIC KEY CRYPTOGRAPHY
Block Cipher – Feistel Ciphers – Data Encryption Standard (DES) – DES Structure – Key Generation – Simplified DES – Advanced Encryption Standard80
CLO-4 : Demonstrate the configuration of Firewall and the concepts of WLAN 3 85 (AES) –Lab 4: Implement SDES - Modes of operation. Public Key Cryptosystems –
RSA Algorithm – Lab 5: Implement RSA algorithm - ElGamal Cryptosystems – Diffie-Hellman key exchange – Elliptic curve cryptography Lab 6: Implement Diffie-Hellman Key exchange algorithm.
Security.
CLO-5 : Apply the knowledge gained in various security applications in real-time 3 85 75
problems
UNIT III - V HASH FUNCTIONS AND DIGITAL SIGNATURES
Message authentication requirements- Message Authentication functions -Hash functions-Hash Algorithms: MD5-Lab 7 : Implement MD5 - Secure Hash Algorithm- Lab 8: Implement SHA - Digital signatures: Digital signature
requirements- Digital Signature scheme- Elgamal Digital signature scheme- Schnoor Digital signature scheme- User Authentication protocol- Lab 9: Implement Elgamal Digital signature scheme.
UNIT IV - INTRODUCTION TO NETWORK SECURITY

Networking Devices(Layer1,2,3)- Different types of network layer attacks - Lab 10: Discussions on network layer attacks - Introduction to Firewall– Firewall Generations – Lab 11: Firewall configurations - Intrusion Detection
System – Types of IDS – Intrusion Prevention System – Wireless LAN – Wireless LAN Security – Network Access Control and Cloud Security Lab 12: Discussions on IDS.
UNIT V SECURITY APPLICATIONS

Digital Certificate – Key Management – Kerberos – Key Agreement and Distribution – PKI –E-Mail Security – PGP – S/MIME – Lab 13: Discussions on E-mail security - IP security – IPSEC protocol suite – functionalities – Transport mode –
Authentication Header – Introduction to Encapsulation Security Payload - Virtual Private Network (VPN) – Lab 14: Discussions on VPN - Web Security – Secure Socket Layer (SSL) –Transport Layer Security – Secure Electronic Transaction
(SET) –Lab 15: SSL
1. William Stallings, “Cryptography and Network Security”, 3. Charles Pfleeger,” Security in Computing”, Prentice Hall, 4 th Edition, ISBN-10: 0132390779, ISBN-13: 978- 01323907744, 2006. Earl
Le
3rd Edition, Pearson Education, 2003. Gose, Richard Johnsonbaugh, Steve Jost, “Pattern Recognition and Image Analysis”, Prentice Hall of India Private Ltd., New Delhi –
ar
2. Charlie Kaufman, Radia Perlman, Mike Speciner, 110 001, 1999.
nin
“Network Security”, Prentice Hall,2 nd edition, ISBN-
g
10: 0130460192, ISBN-13: 978-0130460196, 2002.
Re
sou
rce
s
Learning Assessment
CLA – 1 (10%) CLA – 2 (15%) CLA – 3 (15%) CLA – 4 (10%)#
Level of Thinking
Level 1 Remember 30% 30% 20% 20% 20% 20% 30% 30% 20% 20%
Level 2 Understand 35% 35% 30% 30% 30% 30% 30% 30% 30% 30%
Level 3 Apply 35% 35% 30% 30% 30% 30% 20% 20% 30% 30%
Level 4 Analyze 20% 20% 20% 20% 20% 20% 20% 20%
Level 5 Evaluate
Level 6 Create
Total 100 % 100 % 100 % 100 % 100%
Course Designers
Mr.Chezhian Ravikumar, Technology Security Associate Manager, Accenture Security, Chennai. Ms.G.Sujatha, Department of NWC, Assistant Professor, SRMIST KTR
18CSE008J FORENSICS AND INCIDENCE RESPONSE E Elective
Nil Nil Nil
CLR-1 : Gain knowledge on the basics of procedures for identification, preservation of electronic evidence 1 2 3 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15
CLR-2 : Understand the purpose and usage of various forensic tools Ana Envi
CLR-3 : Gain knowledge on how scientific evidence collection/extraction during investigation Exp Exp Des Indi
Lev Eng lysis ron Proj Life
CLR-4 : Acquire knowledge on file systems and its working ecte ecte Pro ign Mod Soci vidu Co
el of inee , men ect Lon
CLR-5 : Understand the windows and Linux investigation procedures d d ble & ern ety al mm PS PS PS
Thin ring Des t & Ethi Mgt. g
CLR-6 Introduce the report writing guidelines and principles Prof Attai m Dev Tool & &Te unic O- O- O–
om) dge earc abili nce g
Course Learning Outcomes (CLO): At the end of this course, learners will be able to: (%) (%) t k
h ty
CLO-1 : Acquire the knowledge on basics of procedures for identification, preservation of electronic evidence 2 80 85 H - - - - - - - - - - - - - -
CLO-2 : Acquire the ability to identify the purpose and usage of various forensic tool 2 75 80 H H - - H - - - - - - - - - -
CLO-3 : Analyze how scientific evidence collection/extraction during investigation 2 85 80 H - - - - - - - - - - - - - -
CLO-4 : Demonstrate the working of file systems and its importance in forensic science. 2 80 75 H - - - - - - - - - - - - - -
CLO-5 : Demonstrate the Windows and Linux investigation procedures 2 75 85 H - - H - - - - - - - - - - -
CLO-6 Incorporate the knowledge on forensic report writing guidelines and principles and to produce the report 2 80 85 H - - - H - - - - - - - - - -
Unit-1
Introduction to Incident-Incident Response-Incident Response Methodology (IRM)- Steps- Pre-incident preparation-IRM: Detection of incidents-IRM: Initial Response-IRM: Formulate a Response Strategy-IRM: Investigate the Incident-IRM: Reporting-
Creating response toolkit – Windows-Volatile Data Collection And Storage-Creating response toolkit – Unix-Volatile Data Collection and Storage
Unit-2
Introduction to ACPO Principles-Introduction to computer Storage Formats-Forensic Duplication-Tools-Forensic Duplicate creation of HDD-Forensic Duplication Tool Requirements-Creating a Forensic Duplicate of a Hard Drive-Evidence Handling-Types of
Evidence- Evidence Handling Procedure- Evidence Handling reports
Unit-3
File Systems: FAT, NTFS - Forensic Analysis of File Systems - Storage Fundamentals: Storage Layer, Hard Drives Evidence Handling: Types of Evidence, Challenges in evidence handling, Overview of evidence handling procedure
Unit-4
Introduction to Investigating Systems- Windows Systems-Where Evidence resides on Windows Systems-Conducting a Windows Investigation -File Auditing-Theft of Information-Handling the departing employee-Investigating Unix Systems-steps - Unix
Investigation-Reviewing pertinent logs-Performing keyword searches-Reviewing relevant files-Identifying unauthorized user accounts/groups-Identifying rogue processes-Checking for unauthorized access points
Unit-5
Investigating Hacker Tools- goals of tool analysis- Static and Dynamic Analysis of Hacker Tools - Types of Forensic Tools-Tasks performed-Tool comparisons-Computer Forensics Software and Hardware Tools-Validating and Testing Computer Forensics
Software-Introduction to Forensic Report Writing-Importance of Reports-Guidelines for Writing Reports
1. Kevin Mandia, Chris Prosise, Incident Response and computer forensics ‖ ,Tata
3. EoghanCasey,"HandbookComputerCrimeInvestigation'sForensicToolsandTechnology",Academic
McGrawHill,2006.
Learning Press, 1st Edition,2001.
2. Bill Nelson, Amelia Philips and Christopher Steuart, ―Guide to computer forensics and
Resources 4. Brian Carrier, ―File System Forensic Analysis‖, Addison-Wesley Professional; 1st edition 2005,
investigations‖, course technology,CengageLearning;4thedition,ISBN:1-435-49883-6,2009
ISBN13: 978-0321268174
Learning Assessment
Bloom’s Continuous Learning Assessment (60% weightage)
Final Examination (40% weightage)
Level of CLA – 1 (15%) CLA – 2 (15%) CLA – 3 (15%) CLA – 4 (15%)#
Thinking Theory Practice Theory Practice Theory Practice Theory Practice Theory Practice
Remember
Level 1 15% 10% 5% 10%

Apply
Level 3 50% 100% 60% 80% 30% 50% 50% 50% 50% 50%
Level 4 Analyze 50% 50% 50% 50% 30% 50%
Level 5 Evaluate
Level 6 Create
Total 100 % 100 % 100 % 100 % 100 % 100 % 100 % 100 % 100 % 100 %
# CLA – 4 can be from any combination of these: Assignments, Seminars, Tech Talks, Mini-Projects, Case-Studies, Self-Study, MOOCs, Certifications, Conf. Paper as specified in regulation
Course Designers
1. Mr.M.Vivekanandan,Nokia 1. Mr.Karthikeyan.C.M.T, Govt College of Engg, Bargur 1. D.Saveetha, SRMIST,KTR
2. Mr.Santhosh Kumar,CTS 2. Mr.Syedthouheed, Reva University, Bangalore
Course 18CSE009T Course Course L T P C
CYBER LAW AND ETHICS E Professional Elective

Nil Nil Nil
Course Learning Rationale

The purpose of learning this course is to: Learning Program Learning Outcomes (PLO)
(CLR):
CLR-1 : Understand the basics of cyber law and cyber security 1 2 3 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15
CLR-2 : familiarize the issues those are specific to amendment rights
CLR-3 : Become aware on copyright issues in software’s Env
Lev Exp Exp Desi Indi
Engi Anal Mod iron Proj
CLR-4 : Understand the Cyber-crimes and Cyber Frauds el of ecte ecte
neer
Pro gn
ysis, ern
Soci
men
vidu Co
ect
Life
CLR-5 : Understand the Legal Framework Thi d d ble & ety al & mm Lon
ing Desi Too t & Ethi Mgt. PSO PSO PSO
nkin Prof Atta m Dev & Tea unic g
CLR-6 : To understand ethical laws of computer for different countries g icien inm
Kno
Anal elop
gn, l
Cult
Sust cs
m atio
&
Lear
-1 -2 –3
wled Rese Usa aina Fina
ge arch ge bilit nce
Course Learning Outcomes om) (%) (%) t k
At the end of this course, learners will be able to: y
(CLO):
CLO-1 : Gain in-depth knowledge on information on cyber security and issues specific to amendment rights 3 80 70 M M H
CLO-2 : Apply the knowledge on copyright issues within software packages 3 85 75
CLO-3 : Comprehend ethical laws of computer for various countries 3 75 70 M M
CLO-4 : Defines the Cyber-crimes and frauds 3 85 80 M M
CLO-5 : Apply the knowledge of Legal framework 3 85 75 M
CLO-6 : Construct the secured environment 3 80 70 M M H
Unit-1: Introduction to Cyber Law

Evolution of computer technology, emergence of cyber space. Cyber Jurisprudence, Jurisprudence and law, Doctrinal approach, Consensual approach, Real Approach, Cyber Ethics, Cyber Jurisdiction, Hierarchy of courts, Civil and criminal jurisdictions,
Cyberspace-Web space, Web hosting and web Development agreement, Legal and Technological Significance of domain Names, Internet as a tool for global access.
Unit-2: Information Technology Act
Overview of IT Act, 2000, Amendments and Limitations of IT Act, Digital Signatures, Cryptographic Algorithm, Public Cryptography, Private Cryptography, Electronic Governance, Legal Recognition of Electronic Records, Legal Recognition of Digital
Signature, Certifying Authorities, Cyber Crime and Offences, Network Service Providers Liability, Cyber Regulations Appellate Tribunal, Penalties and Adjudication.
Unit-3: Cyber Law and Related Legislation
Patent Law, Trademark Law, Copyright, Software – Copyright or Patented, Domain Names and Copyright disputes, Electronic Data Base and its Protection, IT Act and Civil Procedure Code, IT Act and Criminal Procedural Code, Relevant Sections of Indian
Evidence Act, Relevant Sections of Bankers Book Evidence Act, Relevant Sections of Indian Penal Code, Relevant Sections of Reserve Bank of India Act, Law Relating To Employees And Internet, Alternative Dispute Resolution , Online Dispute Resolution
(ODR).
Unit-4: Electronic Business and Legal Issues
Evolution and development in E-commerce, paper vs paper less contracts E-Commerce models- B2B, B2C, E security. Business, taxation, electronic payments, supply chain, EDI, E-markets, Emerging Trend.
Unit-5: Cyber Ethics
The Importance of Cyber Law, Significance of cyber Ethics, Need for Cyber regulations and Ethics. Ethics in Information society, Introduction to Artificial Intelligence Ethics: Ethical Issues in AI and core Principles, Introduction to Block chain Ethics.
Learning 1. Investigating Cyber Law and Cyber Ethics: Issues, Impacts and Practices by Alfreda
Resource Dudley (Editor), James Braman (Editor), Giovanni Vincenti (Editor) 3. “Editing for Print and Electronic Media: Trends, Ethics and Laws” by Vivek Sehgal
s 2. “Cyber War: Law and Ethics for Virtual Conflicts” by 0 and Ohlin
Learning Assessment
CLA – 1 (10%) CLA – 2 (15%) CLA – 3 (15%) CLA – 4 (10%)#
Level of Thinking
Level 1 Remember 30% 20% 20% 30% 20%
Level 3 Apply 35% 30% 30% 20% 30%
Level 4 Analyze 20% 20% 20% 20%
Level 5 Evaluate
Level 6 Create
Total 100 % 100 % 100 % 100 % 100%
Course Designers
Mr.B.Siva Kumar Babu, Consultant, Mine Tree, Chennai Dr.M.B Mukesh Krishnan, SRMIST
18CSE010T Secure Coding E Professional Elective
Knowledge of Programming is preferred Nil Nil
CLR-1 : Produce the need for secure coding and proactive development process 1 2 3 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15
CLR-2 : Demonstrate secure coding practices Ana Envi
Exp Exp Des Indi
CLR-3 : Implement automated tools to analyze and test the code for vulnerabilities Lev Eng lysis ron Proj Life
ecte ecte Pro ign Mod Soci vidu Co
CLR-4 : Analyze input issues related to database and web el of inee , men ect Lon
d d ble & ern ety al mm PS PS PS
CLR-5 : Incorporate fundamental principles of software security engineering Thin ring Des t & Ethi Mgt. g
Prof Attai m Dev Tool & &Te unic O- O- O–
Course Learning Outcomes (CLO): At the end of this course, learners will be able to: om) dge earc abili nce g
(%) (%) t k
h ty
CLO-1 : Acquire the knowledge on secured software development and life cycle process 2 75 75 H - - - - - - - - - - - - -
CLO-2 : Design secure software by incorporating security principles and mitigation strategies 3 75 75 ¤- H - M - - - - - - - - - - -
CLO-3 : Analyze vulnerable code in implemented software and describe attack consequences 3 75 75 - M - - H - - - - - - - - - -
CLO-4 : Apply mitigation and implementation practices to construct attack resistant web applications 3 75 75 - H - H - - - - - - - - - - -
CLO-5 : Apply secure design principles for developing attack resistant software applications 3 75 75 H - - M - - - - - - - - - - -
UNIT I - INTRODUCTION
Need for secure systems- Proactive security development process- Security principles to live by and threat modeling, Microsoft Threat Modeling Tool 2014, OWASP’s Software Assurance Maturity Model (OpenSAMM)
UNIT II - SECURE CODING IN C

Character strings- String manipulation errors – String Vulnerabilities and exploits –Mitigation strategies for strings- Pointers – Mitigation strategies in pointer based vulnerabilities – Buffer Overflow based vulnerabilities.
UNIT III - SECURE CODING IN C++ AND JAVA)

Dynamic memory management- Common errors in dynamic memory management- Memory managers- Double –free vulnerabilities –Integer security-Mitigation strategies, Tools to check code for common programming errors - Static code checkers, Runtime
code checkers.
UNIT IV - DATABASE AND WEB SPECIFIC INPUT ISSUES

Quoting the Input – Use of stored procedures- SQL injection – Anatomy of the vulnerability, Building SQL statements securely-XSS related attacks and remedies, Web Server and Database Attacks and Countermeasures.
UNIT V – SOFTWARE SECURITY ENGINEERING

Requirements engineering for secure software: Misuse and abuse cases-SQUARE process model- Software security practices and knowledge for architecture and design.
5. Michael Howard, David LeBlanc, “Writing Secure Code”, Microsoft Press, 2nd Edition, 2003.
8. David A. Wheeler, “Secure Programming for Linux and Unix HOWTO”
6. Robert C.Seacord, “Secure Coding in C and C++”, Pearson Education, 2nd edition, 2013.
Learning 9. Bryan Sullivan, Vincent Liu, “Web Application Security – A Beginner’s Guide”
7. Julia H. Allen, Sean J. Barnum, Robert J. Ellison, Gary McGraw, Nancy R. Mead, “Software
Resources 10. Ron Ben Natan, “Implementing Database Security and Auditing: A guide for DBAs, Information
Security Engineering: A guide for Project Managers”, Addison-Wesley Professional, 2008.
security administrators and auditors”, Published by Elsevier Inc., 2005
Learning Assessment
CLA – 1 (10%) CLA – 2 (15%) CLA – 3 (15%) CLA – 4 (10%)#
Level of Thinking
Level 1 Remember 30% 20% 20% 30% 20%
Level 3 Apply 35% 30% 30% 20% 30%
Level 4 Analyze 20% 20% 20% 20%
Level 5 Evaluate
Level 6 Create
Total 100 % 100 % 100 % 100 % 100%
Course Designers
1. Praveen Kumar, Team Lead, Cognizant Technology Solutions. 1. Mr. Savaridassan.P
2. Mr. Joseph Raymond V
Cours Cours Course L T P C
18CSC011L PROJECT C Minor
e e Categor 0 0 12 6
Code Name y
Pre- Co- Progressive

Nil Nil Nil
requisite requisite Courses
Courses Courses
Learning Program Learning Outcomes (PLO)

Course Learning Rationale The purpose of learning this course is to: 1 2 3 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15
(CLR):
L E E E P D A M S E E I C P L P P P
CLR-1 : To prepare the student to gain major design and or research experience as applicable to the profession
e x x n r e n o o n t n o r i S S S
CLR-2 : Carry out the projects within multiple design constraints and engineering writing g o s a d c v h d m o f O O O
v p p
CLR-3 : Incorporate multidisciplinary components e e e i b i l e i i i i m j e - - –
l c c n l g y r e r c v u e L 1 2 3
o t t e e n s n t o s i n c o
f e e e m & i T y n d i t n
Course Learning Outcomes (CLO): Gain confidence to carry out supervisory, managerial, and design roles in an industrial context T d d r A D s o & m u c M g
or research environment h P A i n e , o C e a a g L
i r t n a v D l u n l t t e
n o t g l e e U l t & i . a
k f a K y l s s t & T o & r
i i i n s o i a u S e n F n
n c n o i p g g r u a i i
g i m w s m n e e s m n n
( e e l e , t W a g
B n n e n R a o n
l c t d t e i r c
o y ( g s n k e
o ( % e e a
m % ) a b
) ) r i
c l
h i
t
y
CLO-1 : 100 80 85 H - - - - - - H - - - - - - -
Students will be able to design a cyber security Project
Learning Assessment
Continuous LearningAssessment Assessment tool Review I Review II Review III Total
Weightage 5% 20% 25% 50%
Final Evaluation Assessment tool Project Report Viva Voce * Total
Weightage 20% 30% 50%

minor-in-cyber-security

Uploaded by

Copyright:

Available Formats

You might also like

minor-in-cyber-security

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

minor-in-cyber-security

Uploaded by

Copyright:

Available Formats

MINOR DEGREE STRUCTURE

Offered by Department of Networking and Communications

• An academic major is the academic discipline to which an undergraduate student formally

Why Choose a Minor?

Objectives of this minor program

Core 18CSC006J Ethical Hacking 2 0 2 3 3

Cryptography and Network

Elective 18CSE009T/ Cyber Law and Ethics / 2 0 0 2 2

Core 18CSC011L Project 0 0 12 6 6

Pre-requisite Courses Nil Co-requisite Courses Nil Progressive Courses Nil

Pre-requisite Courses Nil Co-requisite Courses Nil Progressive Courses Nil

Level 2 Understand 35% 30% 20% 15% 10%

Level 4 Analyze 50% 50% 50% 50% 30% 50%

Course Learning The purpose of learning this course is to:

UNIT IV - INTRODUCTION TO NETWORK SECURITY

UNIT V SECURITY APPLICATIONS

Level 2 Understand 35% 30% 20% 15% 10%

Level 4 Analyze 50% 50% 50% 50% 30% 50%

Pre-requisite Co-requisite Progressive

Course Learning Rationale

Unit-1: Introduction to Cyber Law

UNIT II - SECURE CODING IN C

UNIT III - SECURE CODING IN C++ AND JAVA)

UNIT IV - DATABASE AND WEB SPECIFIC INPUT ISSUES

UNIT V – SOFTWARE SECURITY ENGINEERING

Pre- Co- Progressive

Learning Program Learning Outcomes (PLO)

You might also like