SYLLABUS:Grading System 2013-14 (IT- 801) – Information Security

Grading System 2013-14

IT- 801 – Information Security

Branch : Information Technology, VIII Semester

Course: Information Security

Unit I:

 Basic of Cryptography, secret key cryptography, Types of attack, Substitution ciphers,

Transposition ciphers, block ciphers and steam ciphers, Confusion and Diffusion, Data encryption

standard, round function, modes of operation, cryptanalysis, brute force attack, Security Goals

(Confidentiality, Integrity, Availability).

Unit II:

 Public key Cryptography, Modulo arithmetic, Greatest common divisor, Euclidean

algorithm, RSA algorithm, hash function, attack on collision resistance, Diffie hellman key

exchange, Digital signature standard, elliptic curve cryptography.

Unit III:

 Authentication: One way Authentication, password based, certificate based, Mutual

Authentication ,shared secret based, Asymmetric based, Authentication and key agreement,

centralized Authentication, eavesdropping, Kerberos, IP security overview:- security association &

Encapsulating security payload ,tunnel and transfer modes, internet key exchange protocol, Secure

Socket Layer(SSL), Transport Layer Security (TLS).

Unit IV: 

Software vulnerabilities: Phishing Attacks, buffer overflow vulnerability, Format String

attack, Cross Site Scripting, SQL injection Attacks, Email security:- Security services of E-mail

,Establishing keys, Privacy ,Authentication of the source, Message integrity ,Non-Repudiation,

Viruses, Worms, Malware.

Unit V:

 Web Issue: Introduction, Uniform Resource Locator/uniform resource identify, HTTP,

Cookies, Web security problem, Penetration Testing, Firewalls:- functionality, Polices and Access

Control, Packet filters, Application level gateway, Encrypted tunnel, Security architecture,

Introduction to intrusion detection system.

References:-

Bernard Menezes, “ Network Security and Cryptography”, CENGAGE Learning.
Charlie Kaufman, “ Network Security”, PHI.
Forouzan, “Cryptography & Network Security”, TMH
Randy Weaver, “ Network Infrastructure Security”, Cengage Learning.
Atual Kahate, “ Cryptography and Network Security”, TMH.
William Stalling, “ Cryptography and Network security”, Pearson.

List of Experiment:-

1. Study of Network Security fundamentals - Ethical Hacking, Social Engineering practices.
2.  System threat attacks - Denial of Services.
3.  Sniffing and Spoofing.
4.  Web Based Password Capturing.
5.  Virus and Trojans.
6.  Anti-Intrusion Technique – Honey pot.
7.  Symmetric Encryption Scheme – RC4.
8.  Block Cipher – S-DES, 3-DES.
9.  Asymmetric Encryption Scheme – RSA.
10.  IP based Authentication.