Rajiv Gandhi Technological University, Bhopal (MP)
B.E. (CS) Computer Science and Engineering Seventh 7th SEMESTER
CS 7201 Network & Web Security
Revised Syllabus and Scheme of Examination Effective from July 2007
UNIT I Introduction to Network Security, Computer Securit y and Cyber Security. Security Terminologies and Principle, Security Threats, Types of attacks (Operating System, application level, Shrink Wrap code, Misconfiguration attacks etc.). Introduction to Intrusion, Terminologies, Intrusion Detection System (IDS), Types of Intrusion Detection Systems, System Integrity Verifiers (SIVS).Indication of Intrusion: System Indications, File System Indications Network Indications. Intrusion Detection Tools ,Post attack IDS Measures & Evading IDS Systems. Penetration Testing, Categories of security assessments, Vulnerability Assessment, Types of Penetration Testing. Risk Management.
UNIT II Cryptography, Classical Cryptographic Techniques, Encryption, Decryption, Code Breaking: Methodologies, Cryptanalysis, Cryptography Attacks, Brute-Force Attack, Use of Cryptography. Public key cryptography, Principles of Public key Cryptosystems, Cryptographic Algorithms RSA, Data Encryption Standard (DES), RC4, RC5, RC6, Blowfish, Key Management, Diffie-Hellman key exchange, elliptic curve cryptography.
UNIT III Hash Functions, One-way Hash Functions, SHA (Secure Hash Algorithm), Authentication Requirements, Authentication Functions, Kerberos. Message Authentication codes ,Message Digest Functions, MD5, SSL (Secure Sockets Layer), SSH (Secure Shell), Algorithms and Security, Disk Encryption, Government Access to Keys (GAK) Digital Signature: Analysis, Components, Method, Applications, Standard, Algorithm: Signature Generation/Verification, ECDSA, EIgamal Signature Scheme, Digital Certificates.
UNIT IV Trojans and Backdoors: Overt and Covert Channels, Working, Types (Remote Access Trojans, Data-Sending Trojans, Destructive Trojans, Trojans, Proxy Trojans, FTP Trojans, Security Software Disablers). Viruses and Worms: Characteristics, Working, Infection Phase, Attack Phase. Sniffers: Definition,
spoofing, Sniffing, Vulnerable Protocols, Types. Phishing: Methods, Process, Attacks Types (Man-in-the-Middle Attacks, URL Obfuscation Attacks, , Hidden Attacks, Client-side Vulnerabilities, Deceptive Phishing, Malware-Based Phishing, DNSBased Phishing, Content-Injection Phishing, Search Engine Phishing). Web Application Security- Secured authentication mechanism, secured session management, Cross-site Scripting, SQL Injection and other vulnerabilitiesDenial-of Service Attacks: Types of Attacks (Smurf Attack, Buffer Overflow Attack, Ping of Death Attack, Teardrop Attack, SYN Attack, SYN Flooding), DDoS Attack(Distributed DoS Attack.), Session Hijacking, Spoofing v Hijacking, TCP/IP hijacking, CAPTCHA Protection
UNIT V IP Security, Web Security, Firewalls: Types, Operation, Design Principles, Trusted Systems. Computer Forensics, Need, Objectives,Stages & Steps of Forensic Investigation in Tracking Cyber Criminals, Incident Handling. Hacking, Classes of Hacker (Black hats, grey hats, white hats, suicide hackers), Footprinting, Scanning (Types-Port, Network, Vulnerability), E-Mail Spiders, Overview of System Hacking Cycle.
ConversionConversion EmoticonEmoticon