Professional Documents
Culture Documents
minor-in-cyber-security
minor-in-cyber-security
minor-in-cyber-security
With an increasing number of users, devices and programs in the modern enterprise, combined with the
increased deluge of data much of which is sensitive or confidential the importance of cybersecurity continues
to grow. The growing volume and sophistication of cyber attackers and attack techniques compound the
problem even further. To equip the students towards the Cyber Security, Minor in Cyber Security program is
designed
● To prepare students with the technical knowledge and skills needed to protect and defend computer
systems and networks.
● To develop Students who can plan, implement, and monitor cyber security mechanisms to help
ensure the protection of information technology assets
Minors: Rules and Regulations
1. Pursuing a major/minor program is a highly individual decision, and should be based on a student's
educational and career goals.
2. Minors must be completed simultaneously with a major degree program. You cannot earn a minor after
you have already earned your bachelor’s degree(s).
3. You need at least one active major in order to pursue a minor.
4. Also be aware that since the minor must be completed with a major, any outstanding minor requirements
will prevent the awarding of the degree for your major. If you ultimately decide to graduate without the
minor, the minor must be removed from your records before your degree can be processed.
5. The Certification for Minor will NOT be issued until the Major degree is successfully completed, even
though all requirements for the Minor have been satisfied.
6. All requirements for the Minor must be completed within a maximum of ONE semester of the completion
of the Major degree but NOT LATER THAN the maximum duration of study of the Major degree
permitted by UGC i.e., not more than N+2 years where ‘N’ is the normal duration of study as per
regulations.
7. If a student drops from a Minor or is NOT able to fulfil all the requirements for the certification of Minor,
within the maximum period of study permitted by UGC, the student will NOT be issued the Certification.
Nevertheless, the transcripts for the completed courses will be issued.
8. Courses offered for a Certification in Minor will be treated on par with the regular courses of a Major in
respect of attendance requirements, assessment and examination requirements.
9. The number of seats for minor in SIDC is limited and subject to availability and academic performance.
10. Register for a Minor any time after 3rd Semester of B.Tech
11. The offering Department scrutinises the credentials of registered students and announces the list of
selected students who fulfil the minimum eligibility criteria for admission into a Minor Certificate
programme.
12. The selected students enrol into the Minor Certificate programme by paying a one-time programme fee
of Rs. 75,000/- that includes the tuition fee, examination fee and fee for transcript and certificate.
13. The student is permitted to register for a maximum of 2 courses per semester, over and above the
maximum credits permitted (26 credits) for a Major degree of study.
14. A minor requires 18-20 credits to be acquired from the courses offered by the Dept. of SIDC.
Eligibility Criteria
A student will be permitted to pursue a Minor, if and only if, he / she fulfils the following criteria:
i. Must have secured a minimum of 7.0 CGPA* at the time of admission to a Minor
ii. There must NOT be any standing arrears / Backlogs.
iii. Must be in the active rolls of the department without any break of study or disciplinary action
pending against the student
iv. Must have NO outstanding fee dues
* CGPA cut off is subject to change based on the demand and competition.
MINOR IN CYBER SECURITY
Credits to
Category Course Code Course Title L T P C
be earned
Fundaments of Computer
Core 18CSC004T 3 0 0 3 3
Science
Core 18CSC005J Malware Analysis 2 0 2 3 3
Total 20
L T P C
Course Code 18CSC004J Course Name Fundaments of Computer Science Course Category C Professional Elective
3 0 0 3
Course Learning Rationale (CLR): The purpose of learning this course is to: Learning Program Learning Outcomes (PO)
CLR-1 : Understand the fundamentals of Computer 1 2 3 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15
CLR-2 : Gain knowledge about networking Lev Exp Exp Desi Indi
Eng Analysi Mo Proj
CLR-3 : Study about Operating System el of ecte ecte
inee
Pro gn
s, dern
Soci
Environ
vidu Co
ect
Life
CLR-4 : Study about new processors of Computer System Thi d d ble & ety al & mm Lon PS
ring Design Too ment & Ethi Mgt. PSO PSO
nkin Prof Atta m Dev & Tea unic g O–
Kno , l Sustaina cs & -1 -2
g icien inm Anal elop Cult m atio Lear 3
Course Learning Outcomes wled Resear Usa bility Fina
(Blo cy ent ysis men ure Wor n ning
At the end of this course, learners will be able to: ge ch ge nce
(CLO): om) (%) (%) t k
CO-1 : Gain knowledge about the Computer Science 2 85 80 - - - 3 - - - - - - - - 3 - -
CO-2 : To present some of the flavor of the Computing Sciences 2 80 75 - - - 3 2 - - - - - - - - 3 -
CO-3 : Study about Operating System 2 85 80 - - - 3 - - - - - - - - 3 - -
CO-4 : To involve you in the kind of thinking done in the Computing Sciences, 2 80 75 - - - 3 1 - - - - - - - - 2 -
Unit – 1
Machine instructions and addressing modes. ALU, data-path and control unit. Instruction pipelining. Memory hierarchy: cache, main memory and secondary storage; I/O interface (interrupt and DMA mode).
Unit-2
Processes, threads, inter process communication, concurrency and synchronization. Deadlock. CPU scheduling. Memory management and virtual memory. File systems.
Unit-3
ER model. Relational model: relational algebra, tuple calculus, SQL. Integrity constraints, normal forms. File organization, indexing (e.g., B and B+ trees). Transactions and concurrency control.
Unit-4
Concept of layering. LAN technologies (Ethernet). Flow and error control techniques, switching. IPv4/IPv6, routers and routing algorithms (distance vector, link state).
Unit-5
TCP/UDP and sockets, congestion control. Application layer protocols (DNS, SMTP, POP, FTP, HTTP). Basics of Wi-Fi. Network security: authentication, basics of public key and private key cryptography, digital
signatures and certificates, firewalls.
Learning DATA COMMUNICATIONS AND NETWORKING (SIE) | 4th Edition Paperback – 1 July 2017 Operating System Principlesby Silberschatz , Galvin , Gagne
Resources by Behrouz A. Forouzan
Learning Assessment
Continuous Learning Assessment (50% weightage)
Bloom’s Final Examination (50% weightage)
CLA – 1 (10%) CLA – 2 (15%) CLA – 3 (15%) CLA – 4 (10%)#
Level of Thinking
Theory Practice Theory Practice Theory Practice Theory Practice Theory Practice
Level 1 Remember 30% 20% 20% 30% 20%
Level 2 Understand 35% 30% 30% 30% 30%
Level 3 Apply 35% 30% 30% 20% 30%
Level 4 Analyze 20% 20% 20% 20%
Level 5 Evaluate
Level 6 Create
Total 100 % 100 % 100 % 100 % 100%
# CLA – 4 can be from any combination of these: Assignments, Seminars, Tech Talks, Mini-Projects, Case-Studies, Self-Study, MOOCs, Certifications, Conf. Paper etc.,
Course Designers
Experts from Industry Experts from Higher Technical Institutions Internal Experts
Expert Member from PricewaterhouseCoopers Pvt Ltd. - Mr. V. Joseph Raymond, SRMIST
L T P C
Course Code 18CSC005J Course Name MALWARE ANALYSIS Course Category C Professional Elective
2 0 2 3
Course Learning Rationale (CLR): The purpose of learning this course is to: Learning Program Learning Outcomes (PO)
CLR-1 : Understand the fundamentals of static and dynamic analysis. 1 2 3 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15
CLR-2 : Gain knowledge about running malware in virtual environment.
CLR-3 : Study about disassembly constructs and its structures. Lev Exp Exp Desi Indi
Eng Analysi Mo Proj
CLR-4 : Study about new processors and file types using the debugging tools. el of ecte ecte
inee
Pro gn
s, dern
Soci
Environ
vidu Co
ect
Life
CLR-5 : Explore popular plug-ins that make writing OLLYDBG easier, allow collaborative reverse engineering Thi d d ble & ety al & mm Lon
ring Design Too ment & Ethi Mgt. PSO PSO PSO
nkin Prof Atta m Dev & Tea unic g
CLR-6 : Understand how to best approach of analyzing various malware threats. g icien inm
Kno
Anal elop
, l
Cult
Sustaina cs
m atio
&
Lear
-1 -2 –3
wled Resear Usa bility Fina
(Blo cy ent ysis men ure Wor n ning
ge ch ge nce
Course Learning Outcomes om) (%) (%) t k
At the end of this course, learners will be able to:
(CLO):
CO-1 : Gain knowledge about the different forms of malware. 2 85 80 - - - 3 - - - - - - - - 3 - -
CO-2 : Set up a safe virtual environment to analyze malware. 2 80 75 - - - 3 2 - - - - - - - - 3 -
CO-3 : Navigate, comment, and modify disassembly. 2 85 80 - - - 3 - - - - - - - - 3 - -
CO-4 : Use code graphing to quickly make sense of cross references and function calls 2 80 75 - - - 3 1 - - - - - - - - 2 -
CO-5 : Use debugger to tackle hostile and obfuscated code. 2 85 75 - - - 3 - - - 2 - - - - - 2
CO-6 : Learn procedures for recognizing and analyzing Windows malware threats quickly and effectively. 2 85 80 - - - 3 - - - - - - - - 3 - -
Unit – 1
Introduction to Malware- What is Malware Analysis? -Why Malware Analysis? -Types of Malware Analysis- Comparing and Classifying Malware- Lab: Simple Notepad, Scripting and Macro Virus.
Unit-2
Basic Static Analysis- Determining the File Type- Fingerprinting Malware- Anti-Virus Scanning- Extracting Strings- Determining File Obfuscation- Inspecting PE Header Information- Lab: Setting up and configuring
Windows and Linux VM.
Unit-3
Dynamic Analysis- System and Network Monitoring- Process Inspection with Process Hacker- System Interaction with Process Monitor- Logging system using Noriben- Capture Network Traffic with Wire shark- Simulating
services with INetSim- Lab: Analyzing Malware Executable.
Unit-4
Advanced Static Analysis- Understanding Computer Basics- Level of Abstraction- Reverse Engineering- X86 Architecture- Main Memory- Instructions- Opcodes and Operands- Registers- Simple Instructions- The Stack-
Conditionals- Branching – REP Instructions. Lab: Perform shell code analysis in x86 architecture.
Unit-5
Advanced Dynamic Analysis- Debugging- OLLYDBG- Loading Malware- OllyDbg Interface- Memory Map- Rebasing- View Threads and Stacks- Executing Code- Breakpoints- Loading DLLs- Tracing- Exception
Handling- Patching- Lab: Analyzing executables using OLLYDBG.
1. Michael Sikorski, Practical Malware Analysis – The Hands–On Guide to Dissecting Malicious 3. Alexey Kleymenov and Amr Thabet, Mastering Malware Analysis: The complete malware
Software, Kindle Edition, No Starch Press; 1 edition (1 February 2012), ISBN: 1593272901. analyst's guide to combating malicious software, APT, cybercrime, and IoT attacks, Kindle Edition,
Learning 564 pages, Published June 6th 2019 by Packt Publishing.
2. . Monnappa K A Learning Malware Analysis: Explore the concepts, tools, and techniques to analyze and
Resources
investigate Windows malware, Packt Publishing; 1st edition (29 June 2018)
Learning Assessment
Continuous Learning Assessment (50% weightage)
Bloom’s Final Examination (50% weightage)
CLA – 1 (10%) CLA – 2 (15%) CLA – 3 (15%) CLA – 4 (10%)#
Level of Thinking
Theory Practice Theory Practice Theory Practice Theory Practice Theory Practice
Level 1 Remember 30% 20% 20% 30% 20%
Level 2 Understand 35% 30% 30% 30% 30%
Level 3 Apply 35% 30% 30% 20% 30%
Level 4 Analyze 20% 20% 20% 20%
Level 5 Evaluate
Level 6 Create
Total 100 % 100 % 100 % 100 % 100%
# CLA – 4 can be from any combination of these: Assignments, Seminars, Tech Talks, Mini-Projects, Case-Studies, Self-Study, MOOCs, Certifications, Conf. Paper etc.,
Course Designers
Experts from Industry Experts from Higher Technical Institutions Internal Experts
Expert Member from PricewaterhouseCoopers Pvt Ltd. - Mr. V. Joseph Raymond, SRMIST
Course Course Course L T P C
18CSC006J Ethical Hacking C Core
Code Name Category 2 0 2 3
Pre-requisite Co-requisite Progressive
Nil Nil Nil
Courses Courses Courses
Course Offering Department Networking and Communications Data Book / Codes/Standards Nil
Course Learning Rationale (CLR): The purpose of learning this course is to: Learning Program Learning Outcomes (PLO)
CLR-1 : ● Understand the core foundations of ethics in regards to computer security 1 2 3 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15
CLR-2 : ● Learn about the hacker mind-set and the history of hackers
Exp Exp Des
Ana Envi
Indi
CLR-3 : ● Understand basic networking and security technologies Lev Eng lysis ron Proj Life
ecte ecte Pro ign Mod Soci vidu Co
el of inee , men ect Lon
●:
CLR-4 Gain a basic understanding of security policy Thin
d d
ring
ble &
Des
ern ety
t & Ethi
al mm
Mgt. g
PS PS PS
CLR-5 : ● Learn about basic system defence infrastructure Prof Attai m Dev Tool & &Te unic O- O- O–
king Kno ign, Sus cs & Lea
icie nme Ana elop Usa Cult am atio 1 2 3
(Blo wle Res tain Fina rnin
ncy nt lysis men ge ure Wor n
om) dge earc abili nce g
Course Learning Outcomes (CLO): At the end of this course, learners will be able to: (%) (%) t k
h ty
Students will learn the underlying principles and techniques associated with the cybersecurity practice known as ethical M M H
CLO-1 : 1 70 80
hacking
CLO-2 : Students will describe the legal and ethical requirements related to ethical hacking. 2 70 80
CLO-3 : Students will examine the tools for conducting ethical hacking. 4 70 80 M M
CLO-4 : Students will plan, organize and perform penetration testing on a simple network. 3 70 80 M M
Students will develop a practical understanding of the current cybersecurity issues and the ways how the errors made by M
CLO-5 : 5 70 80
users, administrators, or programmers can lead to exploitable insecurities
Unit-1 Introduction to hacking Introduction: Hacking, Types of Hacking/Hackers, Cybercrime, Types of cybercrime, Hacker Mind set, Threats, Concept of ethical hacking, , Phases involved in hacking, Role of Ethical Hacking, Common Hacking
Methodologies, Profiles of Hackers, Benefits of Ethical Hacking, Limitations of Ethical Hacking.
Unit-2 Foot Printing & Reconnaissance: Introduction to foot printing, Use of foot printing, Types of foot printing, Understanding the information gathering process, Information on a company website, methodology of the hackers, Tools used for the
reconnaissance phase.
Unit-3 System Hacking: System hacking, Types of System hacking, hacking tools, Computer Hole, Hacking Process, Various methods of password cracking, Remote Password Guessing, Role of eavesdropping, Keystroke Loggers, Types of Keystroke
Loggers, Detection, Prevention and Removal.
Unit-4 Sniffers: Introduction, Sniffer, Types of Sniffer, Protocols Susceptible to Sniffing, Active and Passive Sniffing, ARP Spoofing, ARP Spoofing, ARP Poisoning, DNS Spoofing Techniques, MAC Flooding, Sniffing Countermeasures.
Unit-5 Session Hijacking and Social Engineering: Understanding Session Hijacking, Phases involved in Session, Hijacking, Types of Session Hijacking, and Session Hijacking Tools. Social Engineering, Common Types Of Attacks, Insider Attacks,
Identity Theft, Phishing Attacks, Online Scams, URL Obfuscation, Social-Engineering Countermeasures
Practical:
To learn about hacking tools and skills.
To study about Footprinting and Reconnaissance.
To study about Fingerprinting.
To study about system Hacking. To study about Wireless Hacking.
To learn & study about Sniffing & their tools.
3. The Web Application Hacker's Handbook: Discovering and Exploiting Security Flaws by Dafydd
1. Hacking: The Art of Exploitation by Jon Erickson
Learning Stuttard
2. Gray Hat Hacking, Second Edition: The Ethical Hacker's Handbook by Shon Harris
Resources 4. Nmap Network Scanning: The Official Nmap Project Guide to Network Discovery and Security
Scanning by Gordon Fyodor Lyon
Learning Assessment
Bloom’s Continuous Learning Assessment (60% weightage)
Final Examination (40% weightage)
Level of CLA – 1 (15%) CLA – 2 (15%) CLA – 3 (15%) CLA – 4 (15%)#
Thinking Theory Practice Theory Practice Theory Practice Theory Practice Theory Practice
Remember
Level 1 15% 10% 5% 10%
Level 5 Evaluate
Level 6 Create
Total 100 % 100 % 100 % 100 % 100 % 100 % 100 % 100 % 100 % 100 %
Course Designers
Experts from Industry Experts from Higher Technical Institutions Internal Experts
Mr.Chezhian Ravikumar, Technology Security Associate Manager, Accenture
Dr.M.B Mukesh Krishnan, SRMIST
Security, Chennai.
Course Course Course L T P C
18CSE007J CRYPTOGRAPHY AND NETWORK SECURITY C Core
Code Name Category 2 2 0 3
Pre- Nil Co- Nil Progressiv Nil
requisite requisite e
Courses Courses Courses
Course Offering Department Networking and communications Data Book / Codes/Standards Nil
cryptography Ability
Ab
co
Analysis, Modern Society Environment Individual Project Life toutilize
Problem Design & pl
Design, Tool & & Ethics & Team Communication Mgt. & Long cyberspace
Analysis Development ad
Research Usage Culture Sustainability Work Finance Learning security
in
principles
CLR-2: Describe the various block cipher algorithms and public key Level of Expected Expected re
cryptosystems ThinkingProficiencyAttainment
(Bloom) (%) (%)
3 3
CLR-3: Utilize the principles of hash functions and digital signature 1 2 3 3
1 3 3
CLR-4: Acquire the knowledge on firewall and security applications. 2 3 3
Course Learning 2 3 3 3
At the end of this course, learners will be able to:
UNIT I INTRODUCTION TO SECURITY AND NUMBER THEORY
Outcomes
(CLO): Basics of Security – CIA Triad – Threats, Attacks and Services – Classical Cryptography –symmetric and asymmetric cipher- Substitution – Transposition – Cryptanalysis. Lab 1: Substitution techniques. Number Theory: Groups,
Rings,
CLO-1 : Implement
Fields- the Classical
Modular Arithmetic Encryption
– Euclidean Theorem– Techniques.
Galois Field – Lab 2:Implement Euclid. Prime Numbers – Fermat’s Theorem
3 – Euler’s totient
80 function
70 – Euler's Theorem – Chinese Remainder theorem –Primitive roots-Discrete
Logarithms-
CLO-2 : Lab 3:Implement
Implement theChinese
various Remainder
blockTheorem
cipher algorithms and public key cryptosystems 3 85 75
CLO-3 : Applythe principles of hash functions and digital signature 3 75 70
UNIT II BLOCK CIPHER AND PUBLIC KEY CRYPTOGRAPHY
Block Cipher – Feistel Ciphers – Data Encryption Standard (DES) – DES Structure – Key Generation – Simplified DES – Advanced Encryption Standard80
CLO-4 : Demonstrate the configuration of Firewall and the concepts of WLAN 3 85 (AES) –Lab 4: Implement SDES - Modes of operation. Public Key Cryptosystems –
RSA Algorithm – Lab 5: Implement RSA algorithm - ElGamal Cryptosystems – Diffie-Hellman key exchange – Elliptic curve cryptography Lab 6: Implement Diffie-Hellman Key exchange algorithm.
Security.
CLO-5 : Apply the knowledge gained in various security applications in real-time 3 85 75
problems
UNIT III - V HASH FUNCTIONS AND DIGITAL SIGNATURES
Message authentication requirements- Message Authentication functions -Hash functions-Hash Algorithms: MD5-Lab 7 : Implement MD5 - Secure Hash Algorithm- Lab 8: Implement SHA - Digital signatures: Digital signature
requirements- Digital Signature scheme- Elgamal Digital signature scheme- Schnoor Digital signature scheme- User Authentication protocol- Lab 9: Implement Elgamal Digital signature scheme.
Learning Assessment
Continuous Learning Assessment (50% weightage)
Bloom’s Final Examination (50% weightage)
CLA – 1 (10%) CLA – 2 (15%) CLA – 3 (15%) CLA – 4 (10%)#
Level of Thinking
Theory Practice Theory Practice Theory Practice Theory Practice Theory Practice
Level 1 Remember 30% 30% 20% 20% 20% 20% 30% 30% 20% 20%
Level 2 Understand 35% 35% 30% 30% 30% 30% 30% 30% 30% 30%
Level 3 Apply 35% 35% 30% 30% 30% 30% 20% 20% 30% 30%
Level 4 Analyze 20% 20% 20% 20% 20% 20% 20% 20%
Level 5 Evaluate
Level 6 Create
Total 100 % 100 % 100 % 100 % 100%
Course Designers
Experts from Industry Experts from Higher Technical Institutions Internal Experts
Mr.Chezhian Ravikumar, Technology Security Associate Manager, Accenture Security, Chennai. Ms.G.Sujatha, Department of NWC, Assistant Professor, SRMIST KTR
Course Course Course L T P C
18CSE008J FORENSICS AND INCIDENCE RESPONSE E Elective
Code Name Category 2 0 2 3
Pre-requisite Co-requisite Progressive
Nil Nil Nil
Courses Courses Courses
Course Offering Department Networking and Communications Data Book / Codes/Standards Nil
Course Learning Rationale (CLR): The purpose of learning this course is to: Learning Program Learning Outcomes (PLO)
CLR-1 : Gain knowledge on the basics of procedures for identification, preservation of electronic evidence 1 2 3 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15
CLR-2 : Understand the purpose and usage of various forensic tools Ana Envi
CLR-3 : Gain knowledge on how scientific evidence collection/extraction during investigation Exp Exp Des Indi
Lev Eng lysis ron Proj Life
CLR-4 : Acquire knowledge on file systems and its working ecte ecte Pro ign Mod Soci vidu Co
el of inee , men ect Lon
CLR-5 : Understand the windows and Linux investigation procedures d d ble & ern ety al mm PS PS PS
Thin ring Des t & Ethi Mgt. g
CLR-6 Introduce the report writing guidelines and principles Prof Attai m Dev Tool & &Te unic O- O- O–
king Kno ign, Sus cs & Lea
icie nme Ana elop Usa Cult am atio 1 2 3
(Blo wle Res tain Fina rnin
ncy nt lysis men ge ure Wor n
om) dge earc abili nce g
Course Learning Outcomes (CLO): At the end of this course, learners will be able to: (%) (%) t k
h ty
CLO-1 : Acquire the knowledge on basics of procedures for identification, preservation of electronic evidence 2 80 85 H - - - - - - - - - - - - - -
CLO-2 : Acquire the ability to identify the purpose and usage of various forensic tool 2 75 80 H H - - H - - - - - - - - - -
CLO-3 : Analyze how scientific evidence collection/extraction during investigation 2 85 80 H - - - - - - - - - - - - - -
CLO-4 : Demonstrate the working of file systems and its importance in forensic science. 2 80 75 H - - - - - - - - - - - - - -
CLO-5 : Demonstrate the Windows and Linux investigation procedures 2 75 85 H - - H - - - - - - - - - - -
CLO-6 Incorporate the knowledge on forensic report writing guidelines and principles and to produce the report 2 80 85 H - - - H - - - - - - - - - -
Unit-1
Introduction to Incident-Incident Response-Incident Response Methodology (IRM)- Steps- Pre-incident preparation-IRM: Detection of incidents-IRM: Initial Response-IRM: Formulate a Response Strategy-IRM: Investigate the Incident-IRM: Reporting-
Creating response toolkit – Windows-Volatile Data Collection And Storage-Creating response toolkit – Unix-Volatile Data Collection and Storage
Unit-2
Introduction to ACPO Principles-Introduction to computer Storage Formats-Forensic Duplication-Tools-Forensic Duplicate creation of HDD-Forensic Duplication Tool Requirements-Creating a Forensic Duplicate of a Hard Drive-Evidence Handling-Types of
Evidence- Evidence Handling Procedure- Evidence Handling reports
Unit-3
File Systems: FAT, NTFS - Forensic Analysis of File Systems - Storage Fundamentals: Storage Layer, Hard Drives Evidence Handling: Types of Evidence, Challenges in evidence handling, Overview of evidence handling procedure
Unit-4
Introduction to Investigating Systems- Windows Systems-Where Evidence resides on Windows Systems-Conducting a Windows Investigation -File Auditing-Theft of Information-Handling the departing employee-Investigating Unix Systems-steps - Unix
Investigation-Reviewing pertinent logs-Performing keyword searches-Reviewing relevant files-Identifying unauthorized user accounts/groups-Identifying rogue processes-Checking for unauthorized access points
Unit-5
Investigating Hacker Tools- goals of tool analysis- Static and Dynamic Analysis of Hacker Tools - Types of Forensic Tools-Tasks performed-Tool comparisons-Computer Forensics Software and Hardware Tools-Validating and Testing Computer Forensics
Software-Introduction to Forensic Report Writing-Importance of Reports-Guidelines for Writing Reports
1. Kevin Mandia, Chris Prosise, Incident Response and computer forensics ‖ ,Tata
3. EoghanCasey,"HandbookComputerCrimeInvestigation'sForensicToolsandTechnology",Academic
McGrawHill,2006.
Learning Press, 1st Edition,2001.
2. Bill Nelson, Amelia Philips and Christopher Steuart, ―Guide to computer forensics and
Resources 4. Brian Carrier, ―File System Forensic Analysis‖, Addison-Wesley Professional; 1st edition 2005,
investigations‖, course technology,CengageLearning;4thedition,ISBN:1-435-49883-6,2009
ISBN13: 978-0321268174
Learning Assessment
Bloom’s Continuous Learning Assessment (60% weightage)
Final Examination (40% weightage)
Level of CLA – 1 (15%) CLA – 2 (15%) CLA – 3 (15%) CLA – 4 (15%)#
Thinking Theory Practice Theory Practice Theory Practice Theory Practice Theory Practice
Remember
Level 1 15% 10% 5% 10%
Level 5 Evaluate
Level 6 Create
Total 100 % 100 % 100 % 100 % 100 % 100 % 100 % 100 % 100 % 100 %
# CLA – 4 can be from any combination of these: Assignments, Seminars, Tech Talks, Mini-Projects, Case-Studies, Self-Study, MOOCs, Certifications, Conf. Paper as specified in regulation
Course Designers
Experts from Industry Experts from Higher Technical Institutions Internal Experts
1. Mr.M.Vivekanandan,Nokia 1. Mr.Karthikeyan.C.M.T, Govt College of Engg, Bargur 1. D.Saveetha, SRMIST,KTR
2. Mr.Santhosh Kumar,CTS 2. Mr.Syedthouheed, Reva University, Bangalore
Course 18CSE009T Course Course L T P C
CYBER LAW AND ETHICS E Professional Elective
Code Name Category 3 0 0 3
Learning 1. Investigating Cyber Law and Cyber Ethics: Issues, Impacts and Practices by Alfreda
Resource Dudley (Editor), James Braman (Editor), Giovanni Vincenti (Editor) 3. “Editing for Print and Electronic Media: Trends, Ethics and Laws” by Vivek Sehgal
s 2. “Cyber War: Law and Ethics for Virtual Conflicts” by 0 and Ohlin
Learning Assessment
Continuous Learning Assessment (50% weightage)
Bloom’s Final Examination (50% weightage)
CLA – 1 (10%) CLA – 2 (15%) CLA – 3 (15%) CLA – 4 (10%)#
Level of Thinking
Theory Practice Theory Practice Theory Practice Theory Practice Theory Practice
Level 1 Remember 30% 20% 20% 30% 20%
Level 2 Understand 35% 30% 30% 30% 30%
Level 3 Apply 35% 30% 30% 20% 30%
Level 4 Analyze 20% 20% 20% 20%
Level 5 Evaluate
Level 6 Create
Total 100 % 100 % 100 % 100 % 100%
Course Designers
Experts from Industry Experts from Higher Technical Institutions Internal Experts
Mr.B.Siva Kumar Babu, Consultant, Mine Tree, Chennai Dr.M.B Mukesh Krishnan, SRMIST
Course Course Course L T P C
18CSE010T Secure Coding E Professional Elective
Code Name Category 3 0 0 3
Pre-requisite Co-requisite Progressive
Knowledge of Programming is preferred Nil Nil
Courses Courses Courses
Course Offering Department Networking and Communications Data Book / Codes/Standards Nil
Course Learning Rationale (CLR): The purpose of learning this course is to: Learning Program Learning Outcomes (PLO)
CLR-1 : Produce the need for secure coding and proactive development process 1 2 3 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15
CLR-2 : Demonstrate secure coding practices Ana Envi
Exp Exp Des Indi
CLR-3 : Implement automated tools to analyze and test the code for vulnerabilities Lev Eng lysis ron Proj Life
ecte ecte Pro ign Mod Soci vidu Co
CLR-4 : Analyze input issues related to database and web el of inee , men ect Lon
d d ble & ern ety al mm PS PS PS
CLR-5 : Incorporate fundamental principles of software security engineering Thin ring Des t & Ethi Mgt. g
Prof Attai m Dev Tool & &Te unic O- O- O–
king Kno ign, Sus cs & Lea
icie nme Ana elop Usa Cult am atio 1 2 3
(Blo wle Res tain Fina rnin
ncy nt lysis men ge ure Wor n
Course Learning Outcomes (CLO): At the end of this course, learners will be able to: om) dge earc abili nce g
(%) (%) t k
h ty
CLO-1 : Acquire the knowledge on secured software development and life cycle process 2 75 75 H - - - - - - - - - - - - -
CLO-2 : Design secure software by incorporating security principles and mitigation strategies 3 75 75 ¤- H - M - - - - - - - - - - -
CLO-3 : Analyze vulnerable code in implemented software and describe attack consequences 3 75 75 - M - - H - - - - - - - - - -
CLO-4 : Apply mitigation and implementation practices to construct attack resistant web applications 3 75 75 - H - H - - - - - - - - - - -
CLO-5 : Apply secure design principles for developing attack resistant software applications 3 75 75 H - - M - - - - - - - - - - -
UNIT I - INTRODUCTION
Need for secure systems- Proactive security development process- Security principles to live by and threat modeling, Microsoft Threat Modeling Tool 2014, OWASP’s Software Assurance Maturity Model (OpenSAMM)
5. Michael Howard, David LeBlanc, “Writing Secure Code”, Microsoft Press, 2nd Edition, 2003.
8. David A. Wheeler, “Secure Programming for Linux and Unix HOWTO”
6. Robert C.Seacord, “Secure Coding in C and C++”, Pearson Education, 2nd edition, 2013.
Learning 9. Bryan Sullivan, Vincent Liu, “Web Application Security – A Beginner’s Guide”
7. Julia H. Allen, Sean J. Barnum, Robert J. Ellison, Gary McGraw, Nancy R. Mead, “Software
Resources 10. Ron Ben Natan, “Implementing Database Security and Auditing: A guide for DBAs, Information
Security Engineering: A guide for Project Managers”, Addison-Wesley Professional, 2008.
security administrators and auditors”, Published by Elsevier Inc., 2005
Learning Assessment
Continuous Learning Assessment (50% weightage)
Bloom’s Final Examination (50% weightage)
CLA – 1 (10%) CLA – 2 (15%) CLA – 3 (15%) CLA – 4 (10%)#
Level of Thinking
Theory Practice Theory Practice Theory Practice Theory Practice Theory Practice
Level 1 Remember 30% 20% 20% 30% 20%
Level 2 Understand 35% 30% 30% 30% 30%
Level 3 Apply 35% 30% 30% 20% 30%
Level 4 Analyze 20% 20% 20% 20%
Level 5 Evaluate
Level 6 Create
Total 100 % 100 % 100 % 100 % 100%
Course Designers
Experts from Industry Experts from Higher Technical Institutions Internal Experts
1. Praveen Kumar, Team Lead, Cognizant Technology Solutions. 1. Mr. Savaridassan.P
2. Mr. Joseph Raymond V
Cours Cours Course L T P C
18CSC011L PROJECT C Minor
e e Categor 0 0 12 6
Code Name y
Learning Assessment
Continuous LearningAssessment Assessment tool Review I Review II Review III Total
Weightage 5% 20% 25% 50%
Final Evaluation Assessment tool Project Report Viva Voce * Total
Weightage 20% 30% 50%