IS73 Information Security

Evangeline D
 STUDY MATERIALS
Text Books:
• William Stallings, “Cryptography and Network
Security principles and practices” 4th Edition PHI.
(Units 1 and 2)
• Charlie Kaufman et. al , Network Security, 2nd
Edition PHI.
• Michael Gregg, “Building your own Security LAB,
A field Guide for Network Testing” Wiley India
2012. (Units 3, 4 and 5)
 Course Outcomes
Course Outcomes (COs):
At the end of the course, students will be able to-
• Describe and Design Symmetric cipher model, cryptography
algorithms and their techniques. (PO-3) (PSO-1)
• Describe the most widely used encryption techniques. (PO-2, 3)
(PSO-2)
• Identify, Scan and Solve the problems in the live systems. (PO-2, 5)
(PSO-1)
• Explain the importance of automated tools for network security.
(PO-4, 6) (PSO-2)
• Explain intrusion detection methods and prevention techniques.
(PO-2) (PSO-1)
 Syllabus (Brief)
• Unit I (Symmetric Ciphers, Block Cipher and Data
Encryption Standard)
• Unit 2 (Public Key algorithms, Hash and MAC
Algorithms)
• Unit 3 (Passive Information Gathering, Detecting Live
systems, Enumerating Systems)
• Unit 4 (Automated Attack and Penetration Tools,
Defeating Malware, Malicious Software, Firewalls)
• Unit 5 (Securing Wireless Systems, Intrusion Detection)
 Unit 1 (In detail)
Symmetric Ciphers: Symmetric cipher model,
cryptography, cryptanalysis, Substitution
techniques, Transposition Techniques. Block
Ciphers and the Data Encryption Standard:
Simplified DES, Block Cipher Principles, DES,
Strength of DES, Differential and Linear
Cryptanalysis, Block Cipher Design Principles,
Block Cipher modes of operation.
 Introduction to Information Security

• X.800 Security Architecture for OSI

• 5 categories of services : Authentication,
Access Control, Data Confidentiality, Data
Integrity, Non-repudiation
• Authentication – Authentic parties should
communicate; No interference by third parties
• Peer entity authentication and data origin
authentication
 Introduction to Information Security

• Peer entity – Provides confidence in identity of

entities concerned
• Data origin - Provides confidence that source
of received data is as claimed
• Access Control : Limiting or controlling access
to host systems and applications
• Confidentiality : Protection of transmitted data
from unauthorized disclosure
 Introduction to Information Security
• Four types of Data Confidentiality
• Connection Confidentiality - Protection of all user data
on connection
• Connectionless Confidentiality – Protection of all user
data in a single data block
• Selective Field Confidentiality – Confidentiality of
selected fields within user data on connection or in
single data block
• Traffic flow Confidentiality – Protection of information
derived from observation of traffic flows
 Introduction to Information Security

• Data Integrity – Assurance that data is

received as sent
• Connection Integrity with Recovery
• Connection Integrity without Recovery
• Selective – Field Connection Integrity
• Connectionless Integrity
• Selective – Field Connectionless Integrity
 Introduction to Information Security

• Non-repudiation : Protection against denial by

one of the entities involved in a
communication
• Origin (Non-repudiation) and Destination
(Non-repudiation)
 Security Attacks
• Active Attacks • Passive Attacks
(Attempts to alter (Attempts to learn or
system resources or make use of
affect their operation) information from the
• Masquerade system but does not
• Replay affect system resources)
• Modification of • Release of message
messages contents
• Denial of Service • Traffic analysis