Syllabus - M.Tech Course - Information Security and

File Ref.No.42471/GA - IV - E2/2013/CU

UNIVERSITY OF CALICUT Abstract Faculty of Engineering - Board of Studies in Engineering(PG) - Syllabus - M.Tech Course - Information Security and Cyber Forensics - with effect from 2014 admission - Approved - Sanctioned - Orders issued. G & A - IV - E U.O.No. 7799/2014/Admn

Dated, Calicut University.P.O, 11.08.2014

Read:-1. U.O. No. 4126/2014/Admn dated 25-04-2014 2. Item No. 1(b) of the Minutes of the meeting of the Board of Studies in Engineering(PG) held on 19-06-2014. 3. Item No. 2 of the minutes of the meeting of the Faculty of Engineering held on 25-06-2014. ORDER Vide paper read as 1st above, an Expert Committee was constituted to frame the syllabus for M.Tech Programme in Information Security and Cyber Forensics in tune with the M.Tech Regulation -2010 of this University. Vide paper read as 2nd above, the Board of Studies in Engineering (PG) at its meeting held on 19-06-2014, resolved to approve the Syllabus of M.Tech Programme in Information Security and Cyber Forensics, submitted by the Expert Committee, fixing the Eligibility Criteria for the admission the the Course to be B.Tech Degree in Computer Science and Engineering / Information Technology or Equivalent. The meeting of the Faculty of Engineering held on 25-06-2014, vide item No. 2 of its minutes, resolved to approve the minutes of the meeting of the Board of Studies in Engineering(PG) held on 19-06-2014. Considering the exigency of the matter, Hon'ble Vice Chancellor, after having examined the matter in detail has accorded sanction to implement the syllabus for M.Tech Programme in Information Security and Cyber Forensics, subject to ratification by the Academic Council. Sanction has therefore been accorded for implementing the syllabus of M.Tech Course in Information Security and Cyber Forensics with eligibility criteria for admission to the course to be B.Tech Degree in Computer Science and Engineering / Information Technology or Equivalent, subject to ratification by the Academic Council Orders are issued accordingly. ( Syllabus appended.)

Muhammed S Deputy Registrar To Principals of all affiliated Engineering Colleges Copy to : - PS to VC/PA to PVC/ PA to Registrar/PA to CE/ DR/AR M.Tech/ CDC / Dean, Faculty of Engineering/ Chairman, BS in Engineering/ PRO/ Enquiry Section/SA( to upload in the University website) Forwarded / By Order

Section Officer

Syllabi & Scheme

for M.Tech Course in

INFORMATION SECURITY AND CYBER FORENSICS

of Calicut University

Scheme of M.Tech. Programme in INFORMATION SECURITY and CYBER FORENSICS

Credits

T

P

Semester End Exam Duration

CIC 14 101

2

CIC 14 102

3 4 5

CIC 14 103 CIC 14 104 CIC 14 105 CIC 14 106 (P) CIC 14 107 (P)

7

L 3

1

0

100

100

200

3

4

3

1

0

100

100

200

3

4

3 3 3

1 1 1

0 0 0

100 100 100

100 100 100

200 200 200

3 3 3

4 4 4

Seminar

0

0

2

100

0

100

-

2

Operating System and Security Lab

0

0

2

100

0

100

-

2

15

5

4

700

500

1200

-

24

Hours/Week Course Code

1

6

Total

Sl. No.

Internal Evaluationn End Sem

FIRST SEMESTER

Name of the Subject

Advanced Mathematical Structures (Same as MCS 10 101) Computer Architecture and Security Analysis Trusted Operating System Design Cyber Forensics Basics Elective-I

Total Elective-I

CIC 14 105 (A) Access Control and Authentication System CIC 14 105 (B) File System Forensic Analysis CIC 14 105 (C) Biometric Image Processing CIC 14 105 (D) Pattern Recognition L – Lecture, T- Tutorial, P – Practical

Page No.: 1 

 

Scheme of M.Tech. Programme in INFORMATION SECURITY and CYBER FORENSICS

6 7

Database Design and Security Network Security Cyber Law and Security Policies Elective-II Elective-III

L 3 3 3 3 3

T 1 1 1 1 1

P 0 0 0 0 0

100 100 100 100 100

100 100 100 100 100

200 200 200 200 200

3 3 3 3 3

4 4 4 4 4

Seminar

0

0

2

100

0

100

-

2

Database Security Laboratory

0

0

2

100

0

100

-

2

15

5

4

700

500

1200

-

24

Hours/Week Course Code

CIC 14 201 CIC 14 202 CIC 14 203 CIC 14 204 CIC 14 205 CIC 14 206 (P) CIC 14 207 (P)

Name of the Subject

Total Elective-II CIC 14 204 (A) Advanced Cryptography CIC 14 204 (B) Ethical Hacking and Network Defense CIC 14 204 (C) Algorithms and Complexity Elective-III CIC 14 205 (A) Risk Management and Security CIC 14 205 (B) Windows and Linux Forensic Analysis CIC 14 205 (C) Biometric Security CIC 14 205 (D) Speech Processing L – Lecture, T- Tutorial, P – Practical

Page No.: 2 

 

Semester End Exam Duration Credits

Total

1 2 3 4 5

End Sem

Sl. No.

Internal Evaluationn

SECOND SEMESTER

Scheme of M.Tech. Programme in INFORMATION SECURITY and CYBER FORENSICS

4

CIC 14 304 (P) 

L

T

P

Elective-IV Elective-V

3 3

1 1

0 0

100 100

Industrial Training

0

0

0

50

Master Research Phase - I Total

Project

Guide 50 0

0

EC# 50 6

2

Elective-IV CIC 14 301 (A) Digital Watermarking and Steganography CIC 14 301 (B) PKI and Trust Management CIC 14 301 (C) Artificial Intelligence Elective-V CIC 14 302 (A) Mobile Forensics CIC 14 302 (B) Security Threats CIC 14 302 (C) Data Mining L – Lecture, T- Tutorial, P – Practical # EC - Evaluation Committee

Page No.: 3 

 

22 22

350

100 100 0

200 200 50

3 3 -

300

-

6

750

-

15

Guide 100 EC# 100 400

Credits

Semester End Exam Duration

3

CIC 14 301  CIC 14 302  CIC 14 303 (P) 

Name of the Subject

Total

1 2

Course Code

End Sem

Hours/Week Sl. No.

Internal Evaluationn

THIRD SEMESTER

4 4 1

Scheme of M.Tech. Programme in INFORMATION SECURITY and CYBER FORENSICS

CIC 14 401 (P)

Guide

EC#

Ext. Guide

Viva Voce

30

150

150

150

150

600

12

30

150

150

150

150

600 3750

12 75

Name of the Subject L

1

Credits

Course Code

Total

Sl. No.

T

Master Research Project Phase - II Total Grand Total

P

* The students have to undertake the departmental work assigned by HOD # EC - Evaluation Committee

  Page No.: 4 

 

End Sem

Hours/Week

Internal Evaluationn

FOURTH SEMESTER*

FIRST SEMESTER CIC 14 101: ADVANCED MATHEMATICAL STRUCTURES Module I

Modules I II III IV Tutorial Total

Hours 9 10 10 10 13 52

Stochastic Processes: Renewal Processes- Reward and Cost Models, Poisson Process, Point Process Regenerative Processes, Renewal Theorems Module II Markov Models: Discrete Time Markov Chain- Transition Probabilities Communication ClassesIrreducible Chains. Continuous Markov Chain- Pure Jump Continuous- Time Chains, Regular Chains, Birth and Death Process. Semi-Markov Processes. Module III Single Class and Multi class Queuing Networks: Simple Markovian queues- M/G/1 queue – Open Queuing Networks Closed Queuing Networks- Mean Value Analysis- Multi- class traffic ModelService Time distributions- BCMP Networks- Priority Systems. Module IV Time delays and blocking in queuing Networks- Time delays in single server queue- time delays in networks of queues- Types of Blocking – Two finite queues in a closed network- aggregating Markovian States References 1. Ronald W. Wolff, “Stochastic Modeling and Theory of Queues”, Prentice- Hall International Inc 1989. 2. Peter G Harrison and Naresh M Patel, “Performance Modeling of Communication Networks and Computer Architectures”, Addison – Wesley, 1992 3. Gary N Higginbottom, “Performance Evaluation of Communication Networks”, Artech House, 1998 4. Anurag Kumar, D. Manjunath and Joy Kuri, “Communication Networking: An Analytical Approach”, Morgan Kaufman Publ. 2004 5. D. Bertsekas and R. Gallager, “Data Networks”, Prentice- Hall of India 2001 6. Ross K W, “Multiservice Loss Models for Broadband Telecommunication Networks”, SpringerVerlag, 1995 7. Warland J, “An Introduction to Queuing Networks”, Prentice- Hall ,1988 8. Cinlar E, “Introduction to Stochastic Processes”, Prentice- Hall , 1975 9. Karlin S and Taylor H, “A first Course in Corse in Stochastic Processes”, 2nd Edition Academic Press, 1975 Internal Continuous Assessment: 100 marks Internal continuous assessment is in the form of periodical tests, assignments, seminars or a combination of all whichever suits best. There will be a minimum of two tests per subject. The assessment details are to be announced to the students, right at the beginning of the semester by the teacher. Page No.: 5 

 

End Semester Examination: 100 marks Question Pattern Answer any five questions by choosing at least one question from each Module. Module I Question 1 : 20 marks Question 2 : 20 marks

Module II Question 3 : 20 marks Question 4 : 20 marks

Module III Question 5 : 20 marks Question 6 : 20 marks

Page No.: 6 

 

Module IV Question 7 : 20 marks Question 8 : 20 marks

CIC 14 102: COMPUTER ARCHITECTURE AND SECURITY ANALYSIS Module I

Modules I II III IV Tutorial Total

Hours 10 9 10 10 13 52

Register Transfer language – Register, Bus and Memory Transfers - Arithmetic Logic and Shift Micro operations. Instruction codes – Instructions – Timing and Control. Instruction Cycle– Input, output and Interrupt. Instruction Formats – Addressing Modes- Program Control – Control Memory Module II Basic Concepts – Memory Hierarchy – Main Memory – Cache and Virtual Memory Concepts – Input / Output Interface – Direct memory Access – I/O Processor. Module III Parallelism- pipelining- pipeline hazards. Memory interleaving - Parallel computer architecture classifications. Introduction to CISC and RISC Processors. Basic components of Security: Confidentiality, Integrity, Availability, Threats. Security policies, types , role of trust, types of access control Module IV Authentication - Basics, Passwords: attacking, countering, password ageing Biometrics. Confinement Problem - Introduction, isolation: virtual machines, sandboxes, covert channels, detection analysis, mitigation. References 1. Morris Mano M, “Computer System and Architecture”, Pearson Education, New Delhi, Third edition, 2004. 2. D. Patterson and J. Hennessy, “Computer Organization and Design: The Hardware/Software Interface”, Morgan Kaufmann Publishers, Inc., Third edition, 2002. 3. Kai Hwang and Briggs F.A., “Computer Architecture and Parallel Processing”, McGraw Hill International Edition, New Delhi, 2007. 4. Matt Bishop, “Computer Security”, Pearson Education, New Delhi, 2003. 5. Michael E Whitman and Herbert J Mattord, “Principles of Information Security”, Vikas Publishing House, New Delhi, 2003 6. Micki Krause, Harold F. Tipton, “ Handbook of Information Security Management”, Vol 1-3 CRC Press LLC, 2004 Internal Continuous Assessment: 100 marks Internal continuous assessment is in the form of periodical tests, assignments, seminars or a combination of all whichever suits best. There will be a minimum of two tests per subject. The assessment details are to be announced to the students, right at the beginning of the semester by the teacher. End Semester Examination: 100 marks Question Pattern Page No.: 7 

 

Answer any five questions by choosing at least one question from each Module. Module I

Module II

Module III

Module IV

Question 1 : 20 marks Question 2 : 20 marks

Question 3 : 20 marks Question 4 : 20 marks

Question 5 : 20 marks Question 6 : 20 marks

Question 7 : 20 marks Question 8 : 20 marks

Page No.: 8 

 

CIC 14 103: TRUSTED OPERATING SYSTEM DESIGN Module I

Modules I II III IV Tutorial Total

Hours 10 9 10 10 13 52

Introduction- Introduction, hardware interface, operating system interface. design problems. Operating System design techniques. Implementing processes - The system call interface, system initialiIation, process switching, system call interrupt handling, program error interrupts, d isk driver system. implementing waiting, flow of control through OS, signaling and interrupts, event table managers, process implementation. Parallel systems- Parallel hardware, OS for two processor systems, race conditions with shared processes, atomic actions, multiprocessor OS, threads. Module II Interprocess communication patterns-competing and co-operating, problems, race conditions and atomic actions, new message passing system calls. IPC pattern: mutual exclusion, signaling and rendezvous models, producer-consumer and client server models. Deadlocks- Conditions for deadlock, dealing with deadlocks, two-phase locking, message variations, synchronization, semaphores, Design techniques- some example design techniques. Memory management- levels of memory management, linking and loading process, memory management design, dynamic memory allocation, keeping track allocation of blocks, multiprogramming issues, memory protection, memory management system calls. Module III Virtual memory- Fragmentation and compaction, dealing with fragmentation- paging, swapping, overlay, page replacement- global and local page replacement algorithms, thrashing and load control, dealing with large page tables, sharing memory, design techniques- examples of multiplexing and late binding. I/O devices - devices and controllers, terminal devices, communication devices, disk devices, disk controllers, SCSI interfaces, tape devices, CD-devices. I/O subsystems- I/O system software, disk device driver access strategies, modeling disks, unification of files and device, generalized disk device drivers, disk caching. File systems- File abstraction, naming, file system objects and operations. - case study in Windows NT and Linux Module IV Protection in General Purpose Operating Systems: protected objects and methods of protection – memory and address protection – control of access to general objects – file protection Mechanisms – user authentication - Designing Trusted Operating Systems. Test Book 1. Charles Crowley, “Operating Systems- A Design Oriented Approach”, TMH, 1998 2. Charles P. Pleeger, "Security in Computing", Prentice Hall, New Delhi, 2009 References 1. Silberschatz and Galvin. “Operating system concepts”. Addison Wesley, 1998 2. Tanenbaum Andrew S. “Modern Operating System”. Eaglewood Cliffs, PHI, 1992 3. Gary J. Nutt. “Operating systems - A Modern Perspective”. Second edition. Addison Wesley, 2000. Page No.: 9 

 

4. W. Stallings, “Operating systems- Internals and design principles”, 4 th Ed. PHI, 2002 Internal Continuous Assessment: 100 marks Internal continuous assessment is in the form of periodical tests, assignments, seminars or a combination of all whichever suits best. There will be a minimum of two tests per subject. The assessment details are to be announced to the students, right at the beginning of the semester by the teacher. End Semester Examination: 100 marks Question Pattern Answer any five questions by choosing at least one question from each Module. Module I Question 1 : 20 marks Question 2 : 20 marks

Module II Question 3 : 20 marks Question 4 : 20 marks

Module III Question 5 : 20 marks Question 6 : 20 marks

Page No.: 10 

 

Module IV Question 7 : 20 marks Question 8 : 20 marks

CIC 14 104: CYBER FORENSICS BASICS Module I

Modules I II III IV Tutorial Total

Hours 10 9 10 10 13 52

Introduction to Computer Forensics, history of computer forensics, understanding case law, developing computer forensics resources, preparing for computer investigations, understanding law enforcement agency investigations, understanding corporate investigations, maintaining professional conduct, Understanding Computer Investigations -Preparing a computer investigation, taking a systematic approach, procedures for corporate high tech investigations, understanding data recovery workstations and software, conducting an investigation, completing the case, Requirements for forensic lab certification , determining the physical requirements for a computer forensics lab, selecting a basic forensic workstation, building a business case for developing a forensic lab. Module II Data Acquisition - storage formats for digital evidence, determining the best acquisition method, contingency planning for image acquisitions, using acquisition tools, validating data acquisitions, performing RAID data acquisitions, using remote network acquisition tools, using other forensic acquisition tools, Processing Crime and Incident Scene-identifying digital evidence, collecting evidence in private sector incident scenes, processing law enforcement crime scenes, preparing for a search, securing a computer incident or crime scene . Seizing digital evidence at the scene, storing digital evidence, obtaining a digital hash. Module III Working with windows and DOS systems- file systems, exploring Microsoft file structures, examining NTFS disks, whole disk encryption, the windows registry, Microsoft and Ms-DOS start up tasks, virtual machines, Evaluating Computer Forensic s Tool needs, computer forensics software and hardware tools, validating and testing forensics software. the Macintosh file structure and boot process, examining UNIX and LINUX disk structures and boot processes, examining CD data structures, examining SCSI Disk, examining IDE/EIDE and SATA devices. Module IV Analysis and validation -determining what data to collect and analyze, validating forensic data, addressing data -hiding techniques, performing remote acquisitions. Recovering Graphics FilesRecognizing ,locating and recovering graphic files, understanding data compression, copy rights issues with graphics, identifying unknown file formats, copyright issues with graphics. Network Forensicsoverview, performing live acquisitions, developing standard procedures for network forensics, using network tools. Email Investigations-role of E-mail in investigations, exploring the roles of the client and server, investigating e-mail crimes and violations, understanding E-mail servers, specialized E-mail forensic tools. Cell Phone and Mobile Device forensics- Mobile device forensics, acquisition procedures for cell phones and mobile devices. Text book 1. Computer Forensics and Investigations- Bill Nelson, Amelia Phillips, Frank Enfinger, Christofer Steuart , Second Indian Reprint 2009, Cengage Learning India Private Limited. 2. Digital Evidence and Computer Crime – Eoghan Casey, Edition 3, Academic Press,2011 Page No.: 11 

 

3. Computer Forensics and Cyber Crime : An Introduction – Marjie Britz, Edition 2, Prentice Hall, 2008 References 1. Practical guide to Computer Forensics- David Benton and Frank Grindstaff , 2006, Book Surge Publishing, 2006 2. Computer Evidence: Collection & Preservation- Christopher L.T Brown Charles River Media publishing, Edition 1, 2005 3. Computer Investigation ( Forensics, the Science of crime-solving) – Elizabeth Bauchner, Mason Crest Publishers, 2005 4. Real Digital Forensics- Keith J. Jones, Richard Bejtlich and Curtis W. Rose, Addison-Wesley publishers, 2005 5. Forensic Computer Crime Investigation (International Forensic Science and Investigation)Thomas A. Johnson, CRC Press, 2005. Internal Continuous Assessment: 100 marks Internal continuous assessment is in the form of periodical tests, assignments, seminars or a combination of all whichever suits best. There will be a minimum of two tests per subject. The assessment details are to be announced to the students, right at the beginning of the semester by the teacher. End Semester Examination: 100 marks Question Pattern Answer any five questions by choosing at least one question from each Module. Module I Question 1 : 20 marks Question 2 : 20 marks

Module II Question 3 : 20 marks Question 4 : 20 marks

Module III Question 5 : 20 marks Question 6 : 20 marks

Page No.: 12 

 

Module IV Question 7 : 20 marks Question 8 : 20 marks

CIC 14 105 (A): ACCESS CONTROL AND AUTHENTICATION SYSTEM Module I

Modules I II III IV Tutorial Total

Hours 10 10 10 9 13 52

Access control – Introduction - Attenuation of privileges – Trust and Assurance – Confinement problem - Security design principles– Identity Management models – local –Network - federal – global web identity – XNS approach for global Web identity - Centralized enterprise level Identity Management. Module II Elements of trust paradigms in computing – Third party approach to identity trust – Kerberos Explicit third party authentication paradigm – PKI approach to trust establishment – Attribute certificates – Generalized web of trust models – Biometric Authentications. Module III Mandatory access control - Comparing information flow in BLP and BIBA models – Combining the BLP and BIBA models – Chinese wall problem. Discretionary access control and Access matrix model – definitions – Safety problem – The take grant protection model – Schematic protection model – SPM rules and operations – Attenuating– Applications Module IV Role based access control – Hierarchical Access Control - Mapping of a mandatory policy to RABC – Mapping discretionary control to RBAC – RBAC flow analysis – Separation of Duty in RBAC – RBAC consistency properties - The privileges perspective of separation of duties – Functional specification for RBAC . Text Books 1. Messoud Benantar, “Access Control Systems: Security, Identity Management and Trust Models”, Springer, 2009. 2. Elena Ferrari and M. Tamer A-zsu, “Access Control in Data Management Systems”, Morgan & Claypool Publishers, 2010. 3. John Berger,” Biometrics for Network Security”, Prentice Hall, 2004. Internal Continuous Assessment: 100 marks Internal continuous assessment is in the form of periodical tests, assignments, seminars or a combination of all whichever suits best. There will be a minimum of two tests per subject. The assessment details are to be announced to the students, right at the beginning of the semester by the teacher. End Semester Examination: 100 marks Question Pattern Answer any five questions by choosing at least one question from each Module.

Page No.: 13 

 

Module I

Module II

Module III

Module IV

Question 1 : 20 marks Question 2 : 20 marks

Question 3 : 20 marks Question 4 : 20 marks

Question 5 : 20 marks Question 6 : 20 marks

Question 7 : 20 marks Question 8 : 20 marks

Page No.: 14 

 

CIC 14 105 (B): FILE SYSTEM FORENSIC ANALYSIS Module I

Modules I II III IV Tutorial Total

Hours 10 10 9 10 13 52

Digital investigation foundation- Digital investigations and evidence, Digital crime scene investigation process, Data analysis, overview of toolkits, Computer foundations- Data organizations, booting process, Hard disk technology, Hard disk data acquisition- introduction, reading the source data, writing the output data, a case study. Module II Volume Analysis- introduction, background, analysis basics, PC based partitions- DOS partitions, Analysis considerations, Apple partitions, removable media, Server based partitions- BSD partitions, Sun Solaris slices, GPT partitions, Multiple disk volumes- RAID, Disk Spanning. File system analysisWhat is a file system, File system, Content, Metadata, File name, Application, Application-level search techniques, Specific file systems, FAT concepts and analysis- Introduction, File system category, Content, Metadata, File name, The big picture, File recovery, determining the type, Consistency check. FAT data structure- Boot sector, FAT 32 FS info, FAT, Directory entries, Long file name directory entries. Module III NTFS concepts- Introduction, Everything is a file, MFT concepts, MFT entry attribute concepts, Other attribute concepts, Indexes, Analysis tools, NTFS Analysis- File system category, Content category, Metadata category, File name category, The big picture, File recovery, determining the type, Consistency check. NTFS data structure- Basic concepts, Standard file attributes, Index attributes and data structures, File system metadata files. Module IV Ext2 and Ext3 concepts- File system category, Content, Metadata, File name, The big picture, File, determining the type, Consistency check. Ext2 and Ext3 data structures-Super block, group descriptor tables, Block bitmap, Inodes, Extended attributes, Directory Entry, Symbolic Link, Hash trees, Journal data structures, UFS1 and UFS2 concepts and analysis- Introduction, File system category, Content, Metadata, File name, The big picture, File recovery, determining the type, Consistency check, UFS1 and UFS2 data structures- UFS1 superblock, UFS2 superblock, Cylinder group summary, UFS1 group descriptor, UFS2 group descriptor, Block and fragment bitmaps, UFS1 Inodes, UFS2 Inodes, UFS2 Extended attributes, Directory entries. Textbooks 1. File System Forensic Analysis – Brian Carrier, Addison Wesley, 2005 2. Digital Evidence and Computer Crime- Casey, Eoghan , edition 2, Academic Press, 2004. 3. Computer Forensics- Kruse, Warren and Jay Heiser, Addison Wesley, 2002. References 1. Guide to Computer Forensics and Investigations- Bill Nelson, Amelia Phillips, Frank Enfinger, Chris Steuart, Thomson Course Technology, 2004 2. Forensic Discovery – Dan Farmer &Wietse Venema, Addison Wesley, 2005 Page No.: 15 

 

3. Incident Response and Computer Forensics- Mandia, Kevin, Chris Prosise, Matt Pepe, MH, 2003. 4. A Fast File System for UNIX-McKusick, William N. Joy, Samuel J. Leffler, Robert S. Fabry, ACM Transactions on Computer Systems, August 1984, pp 181-197. 5. The Common Vulnerabilities and Exposures database, entry CVE-2000-0666. Internal Continuous Assessment: 100 marks Internal continuous assessment is in the form of periodical tests, assignments, seminars or a combination of all whichever suits best. There will be a minimum of two tests per subject. The assessment details are to be announced to the students, right at the beginning of the semester by the teacher. End Semester Examination: 100 marks Question Pattern Answer any five questions by choosing at least one question from each Module. Module I

Module II

Module III

Module IV

Question 1 : 20 marks Question 2 : 20 marks

Question 3 : 20 marks Question 4 : 20 marks

Question 5 : 20 marks Question 6 : 20 marks

Question 7 : 20 marks Question 8 : 20 marks

Page No.: 16 

 

CIC 14 105 (C): BIOMETRIC IMAGE PROCESSING Module I

Modules I II III IV Tutorial Total

Hours 10 10 9 10 13 52

Fundamentals: Digital Image representation - Fundamental steps in Image Processing - Elements of Digital Image Processing Systems - Sampling and Quantization - Basic relationships between pixels Imaging Geometry - Transformation Technology - The Fourier Transform, The Hadamard Transform, The Discrete Cosine Transform. Module II Image Processing Methods: Image Enhancement: The Spatial Domain Methods, The Frequency Domain Methods - Image Segmentation: Pixel Classification by Thresholding, Histogram Techniques, Smoothing and Thresholding - Gradient Based Segmentation: Gradient Image, Boundary Tracking, Laplacian Edge Detection. Fingerprint Biometrics: Fingerprint Patterns, Fingerprint Features, Fingerprint Image, width between two ridges - Fingerprint Image Processing - Minutiae Determination - Fingerprint Matching: Fingerprint Classification, Matching policies. Module III Face Recognition: Detection and Location of Faces: Statistics-Based method, Knowledge-Based method - Feature Extraction and Face Recognition: Gray value Based method, Geometry Feature Based method, Neural Networks method. Module IV Iris Biometrics: Iris System Architecture, Definitions and Notations - Iris Recognition: Iris location, Doubly Dimensionless Projection, Iris code, Comparison - Coordinate System: Head Tilting Problem, Basic Eye Model, Searching Algorithm - Texture Energy Feature. Fusion In Biometrics: Introduction to Multibiometrics - Information Fusion in Biometrics - Issues in Designing a Multibiometric System Sources of Multiple Evidence - Levels of Fusion in Biometrics - Sensor level, Feature level, Rank level, Decision level fusion - Score level Fusion. References 1. David D. Zhang, “Automated Biometrics: Technologies and Systems”, Kluwer Academic Publishers, New Delhi, 2000. 2. Rafael C.Gonzalez, Richard E.Woods, Steven L.Eddins, “Digital Image Processing”, Pearson Education, New Delhi, 2009 3. Arun A. Ross , Karthik Nandakumar, A.K.Jain, “Handbook of Multibiometrics”, Springer, New Delhi, 2006 Internal Continuous Assessment: 100 marks Internal continuous assessment is in the form of periodical tests, assignments, seminars or a combination of all whichever suits best. There will be a minimum of two tests per subject. The assessment details are to be announced to the students, right at the beginning of the semester by the teacher. End Semester Examination: 100 marks Page No.: 17 

 

Question Pattern Answer any five questions by choosing at least one question from each Module. Module I

Module II

Module III

Module IV

Question 1 : 20 marks Question 2 : 20 marks

Question 3 : 20 marks Question 4 : 20 marks

Question 5 : 20 marks Question 6 : 20 marks

Question 7 : 20 marks Question 8 : 20 marks

Page No.: 18 

 

CIC 14 105 (D): PATTERN RECOGNITION Module I

Modules I II III IV Tutorial Total

Hours 10 10 10 9 13 52

Introduction: Basic Concepts of Pattern Recognition- Fundamental problems in Pattern Recognition System Design- Design Concepts and Methodologies – Examples of Automatic Pattern Recognition Systems Module II Pattern Classification By Distance Functions: Minimum Distance Pattern Classification – Cluster Seeking – Unsupervised Pattern Recognition. Pattern Classification By Likelihood Functions: Introduction – Pattern Classification as a Statistical Decision Problem – Bayes Classifier for Normal Patterns- Nonparametric decision making Module III Pattern Preprocessing And Feature Selection: Similarity and Distance – Clustering Transformations and Feature Ordering – Clustering in Feature Selection – Feature selection through Divergence Maximization – Binary Feature Selection. Module IV Case Studies In Pattern Recognition: Clustering – Artificial Neural Networks – Image Analysis References 1. Earl Gose, Richard Johnsonbaugh and Steve Jost,”Pattern Recognition and Image Analysis”, Prentice Hall, New Delhi, 2005. 2. Earl Gose Richard Johnsonbaugh Steve Jost, “Pattern Recognition And Image Analysis”, Prentice Hall, Inc, 2002 3. Wolff D D Parsons M L, “Pattern Recognition Approach To Data Interpretation”, Plenum Press, 1983. 4. Julius T. Tou and Rafael C. Gonzalez, "Pattern Recognition Principles”, Addison Wesley, New Delhi, 1974 Internal Continuous Assessment: 100 marks Internal continuous assessment is in the form of periodical tests, assignments, seminars or a combination of all whichever suits best. There will be a minimum of two tests per subject. The assessment details are to be announced to the students, right at the beginning of the semester by the teacher. End Semester Examination: 100 marks Question Pattern Answer any five questions by choosing at least one question from each Module.

Page No.: 19 

 

Module I

Module II

Module III

Module IV

Question 1 : 20 marks Question 2 : 20 marks

Question 3 : 20 marks Question 4 : 20 marks

Question 5 : 20 marks Question 6 : 20 marks

Question 7 : 20 marks Question 8 : 20 marks

Page No.: 20 

 

CIC 14 106 (P): SEMINAR [Hours/Week: 2] Objective: To assess the debating capability of the student to present a technical topic. In addition, to impart training to students to face audience and present their ideas and thus creating in them self esteem and courage that are essential for engineers. Individual students are required to choose a topic of their interest from Information Security related topics preferably from outside the M.Tech syllabus and give a seminar on that topic about 30 minutes. A committee consisting of at least three faculty members (preferably specialized in Information Security) shall assess the presentation of the seminar and award marks to the students. Each student shall submit two copies of a write up of his/her seminar topic. One copy shall be returned to the student after duly certifying it by the chairperson of the assessing committee and the other will be kept in the departmental library. Internal continuous assessment marks are awarded based on the relevance of the topic, presentation skill, quality of the report and participation. Internal Continuous Assessment: 100 marks Regularity and Class Work

-

30 Marks

Report

-

20 Marks

Tests, Viva

-

50 Marks

Page No.: 21 

 

CIC 14 107 (P): OPERATING SYSTEM AND SECURITY LAB 1. Write programs using the following system calls of Linux/Unix operating system: fork, exec, getpid, exit, wait, close. 2. Write programs using the I/O system calls of Linux/Unix operating system (open, read, write) 3. Implementation of Memory and Address Protection 4. Implementation of Access Control List 5. Write Shell Scripting using grep, sed & awk. 6. Setting of File Permissions and Protections. 7. Setting up the local security policy. Internal Continuous Assessment: 100 marks Regularity & Class work

-

30 marks

Report

-

20 marks

Tests, Viva

-

50 marks

Page No.: 22 

 

SECOND SEMESTER CIC 14 201: DATABASE DESIGN AND SECURITY Module I

Modules I II III IV Tutorial Total

Hours 9 10 10 10 13 52

Database System concepts and applications. Data modeling using Entity-Relationship model. Record Storage and File organization. Module II The relational Data Model. Relational constraints and the Relational Algebra. SQL. ER to Relational mapping. Module III Database Design Theory and Methodology- Functional Dependencies and Normalization for Relational Databases. Object Oriented Database concepts. Object Relational and Extended Relational Database Systems. Data warehousing and Data Mining. Module IV Introduction to database security, security models, physical and logical security, security requirements, reliability and integrity, sensitive data, inference, multilevel databases and multilevel security, access control- mandatory and discretionary , security architecture, issues. Text Books 1. Ramez Elmasri, Shamkant B. Navathe , “Fundamentals of Database System” Addison Wesley, New Delhi/Third/Fourth Edition 2. Ron Ben Natan, “Implementing database security and auditing”, Elsevier publications, 2005. 3. Hassan A. Afyduni, “Database Security and Auditing”, Course Technology – Cengage Learning, NewDelhi, 2009. References 1. Abraham Silberschatz, Hanry F Korth, Sudarshan S, “Database Systems Concepts”, McGraw Hill, 2003. 2. Raghu Ramakrishnan, "Database Management Systems", McGraw Hill/ Third Edition, 2003 3. M. Gertz, and S. Jajodia, “Handbook of Database Security- Application and Trends”, 2008, Springer. Internal Continuous Assessment: 100 marks Internal continuous assessment is in the form of periodical tests, assignments, seminars or a combination of all whichever suits best. There will be a minimum of two tests per subject. The assessment details are to be announced to the students, right at the beginning of the semester by the teacher. End Semester Examination: 100 marks Question Pattern Page No.: 23 

 

Answer any five questions by choosing at least one question from each Module. Module I Question 1 : 20 marks Question 2 : 20 marks

Module II Question 3 : 20 marks Question 4 : 20 marks

Module III Question 5 : 20 marks Question 6 : 20 marks

Page No.: 24 

 

Module IV Question 7 : 20 marks Question 8 : 20 marks

CIC 14 202: NETWORK SECURITY Module I

Modules I II III IV Tutorial Total

Hours 9 10 10 10 13 52

Introduction to Security in Networks – Characteristics of Networks – Intrusion – Kinds of security breaches – Plan of attack - Points of vulnerability – Methods of defense – Control measures – Effectiveness of controls. Transport Level Security – Web Security Issues – SSL – TLS – HTTPS - SSH Module II E-Mail Security – PGP – S/MIME – IP Security - Firewalls design principles – Trusted systems – Electronic payment protocols. Module III Wireless Fundamentals: Wireless Hardware- Wireless Network Protocols- Wireless Programming WEP Security. Wireless Cellular Technologies – concepts – Wireless reality – Security essentials – Information classification standards - Wireless Threats: Cracking WEP - Hacking Techniques- Wireless Attacks – Airborne Viruses. Module IV Standards and Policy Solutions – Network Solutions – Software Solutions – Physical Hardware SecurityWireless Security – Securing WLAN – Virtual Private Networks – Intrusion Detection System – Wireless Public Key infrastructure. Tools – Auditing tools – Pocket PC hacking – wireless hack walkthrough. References 1. Russel Dean Vines, “Wireless Security Essentials:Defending Mobile from Data Piracy”, JW&S, 1 2. Cyrus, Peikari and Seth Fogie, “Maximum Wireless Security”, SAMS Publishing 2002. 3. Yi-Bing Lin & Imrich Chlamtac, “Wireless and Mobile Networks Architectures”, JW Sons, 2001. 4. Raj Pandya, “Mobile and Personal Communication systems and services”, PHI, 2001. 5. Tara M. Swaminathan & Charles R. Eldon, “Wireless Security and Privacy- Best Practices & Design Techniques”, AW, 2002. 6. Bruce Potter and Bob Fleck, “802.11 Security”, O’Reilly Publications, 2002. 7. Burkhardt, “Pervasive Computing”, Pearson Education, India Edition, 2007. 8. J. Schiller, “Mobile Communication”, Pearson Education, India Edition, 2002. Internal Continuous Assessment: 100 marks Internal continuous assessment is in the form of periodical tests, assignments, seminars or a combination of all whichever suits best. There will be a minimum of two tests per subject. The assessment details are to be announced to the students, right at the beginning of the semester by the teacher. End Semester Examination: 100 marks Question Pattern Page No.: 25 

 

Answer any five questions by choosing at least one question from each Module. Module I Question 1 : 20 marks Question 2 : 20 marks

Module II Question 3 : 20 marks Question 4 : 20 marks

Module III Question 5 : 20 marks Question 6 : 20 marks

Page No.: 26 

 

Module IV Question 7 : 20 marks Question 8 : 20 marks

CIC 14 203: CYBER LAW AND SECURITY POLICIES Module I

Modules I II III IV Tutorial Total

Hours 9 10 10 10 13 52

Introduction to Computer Security: Definition, Threats to security, Government requirements, Information Protection and Access Controls, Computer security efforts, Standards, Computer Security mandates and legislation, Privacy considerations, International security activity. Module II Secure System Planning and administration, Introduction to the orange book, Security policy requirements, accountability, assurance and documentation requirements, Network Security, The Red book and Government network evaluations. Module III Information security policies and procedures: Corporate policies- Tier 1, Tier 2 and Tier3 policies process management-planning and preparation-developing policies-asset classification policydeveloping standards. Module IV Information security: fundamentals-Employee responsibilities- information classification-Information handlingTools of information securityInformation processing-secure program administration.Organizational and Human Security: Adoption of Information Security Management Standards, Human Factors in Security- Role of information security professionals. References 1. Debby Russell and Sr. G.T Gangemi, "Computer Security Basics (Paperback)”, 2nd Edition, O’ Reilly Media, 2006. 2. Thomas R. Peltier, “Information Security policies and procedures: A Practitioner’s Reference”, 2nd Edition Prentice Hall, 2004. 3. Kenneth J. Knapp, “Cyber Security and Global Information Assurance: Threat Analysis and Response Solutions”, IGI Global, 2009. 4. Thomas R Peltier, Justin Peltier and John blackley, ”Information Security Fundamentals”, 2nd Edition, Prentice Hall, 1996 5. Jonathan Rosenoer, “Cyber law: the Law of the Internet”, Springer-verlag, 1997. Internal Continuous Assessment: 100 marks Internal continuous assessment is in the form of periodical tests, assignments, seminars or a combination of all whichever suits best. There will be a minimum of two tests per subject. The assessment details are to be announced to the students, right at the beginning of the semester by the teacher. End Semester Examination: 100 marks Question Pattern Answer any five questions by choosing at least one question from each Module. Page No.: 27 

 

Module I

Module II

Module III

Module IV

Question 1 : 20 marks Question 2 : 20 marks

Question 3 : 20 marks Question 4 : 20 marks

Question 5 : 20 marks Question 6 : 20 marks

Question 7 : 20 marks Question 8 : 20 marks

Page No.: 28 

 

CIC 14 204 (A): ADVANCED CRYPTOGRAPHY Module I

Modules I II III IV Tutorial Total

Hours 9 10 10 10 13 52

Cryptography and modern cryptography – The setting of private-key encryption – Historical ciphers and their cryptanalysis – Basic principles of modern cryptography – Services, Mechanisms and Attacks – OSI security architecture - Foundations of Cryptology. Module II Definition – Substitution ciphers – Transposition ciphers - Stream and block ciphers. Characteristics of good ciphers - Data Encryption Standard (DES) – International Data Encryption Algorithm – Advanced Encryption Standard – Block cipher modes of operation – Confidentiality using symmetric encryption. Module III Introduction to Number Theory - Prime Numbers - Fermat's and Euler's Theorems - The Chinese Remainder Theorem - Principles of Public Key Cryptosystems – The RSA Algorithm – Key Management – Diffie Hellman Key Exchange – Elliptic Curve Cryptography. Module IV Authentication requirements – Authentication functions – Message Authentication Codes (MAC) – Hash functions – Security of hash functions and MACs. MD5 Message Digest Algorithm – Secure Hash Algorithm (SHA) –HMAC – Digital Signatures - Authentication Protocols - Digital Signature Standard (DSS). References 1. Bernard Menezes, “Network Security and Cryptography”, Cengage Learning, New Delhi, 2010. 2. Ingemar J.Cox, Matthew L.Miller, Jeffrey A.Bloom, Jessica Fridrich, Ton Kalker, “Digital Watermarking and Steganography”, Morgan Kaufmann Publishers, New York, 2008. 3. William Stallings, “Cryptography and Network Security, Prentice Hall, New Delhi, 2006. 4. Wenbo Mao, “Modern Cryptography – Theory and Practice”, Pearson Education, New Delhi, 2006. 5. Jonathan Katz, Yehuda Lindell, “Introduction to Modern Cryptography”, Chapman & Hall/CRC, New York, 2007. 6. Bruce Schneier, “Applied Cryptography”, John Wiley & Sons, New York, 2004. 7. Atul Kahate, “Cryptography and Network Security”, Tata McGrew Hill, 2003. 8. Jorg Roth, “Complexity Theory & Cryptology – An Introduction to Cryptocomplexity”, Springer - 2005 Internal Continuous Assessment: 100 marks Internal continuous assessment is in the form of periodical tests, assignments, seminars or a combination of all whichever suits best. There will be a minimum of two tests per subject. The assessment details are to be announced to the students, right at the beginning of the semester by the teacher. End Semester Examination: 100 marks Page No.: 29 

 

Question Pattern Answer any five questions by choosing at least one question from each Module. Module I

Module II

Module III

Module IV

Question 1 : 20 marks Question 2 : 20 marks

Question 3 : 20 marks Question 4 : 20 marks

Question 5 : 20 marks Question 6 : 20 marks

Question 7 : 20 marks Question 8 : 20 marks

Page No.: 30 

 

CIC 14 204 (B): ETHICAL HACKING AND NETWORK DEFENSE Module I

Modules I II III IV Tutorial Total

Hours 9 10 10 10 13 52

Introduction - Certified Ethical Hackers – Network and Computer Attacks – Ethical Hacking Plan – Hacking Methodology. Footprinting Tools – Conducting Competitive Intelligence - DNS Zone Transfers – Introduction to Social Engineering – Performing Social Engineering Attacks - Social Engineering Countermeasures. Module II Introduction to Port Scanning – Types of Port Scan – Port Scanning Tools - Conducting Ping Sweeps Shell Scripting. Enumeration: Introduction - Enumerating Windows, Symbian, Java OS, Android and NetWare Operating Systems. Module III Hacking Web Servers: Web Application – Web Application Vulnerabilities – Tools for Web Attackers and Security Testers. Hacking Wireless Network: Wireless Technology – Wireless Network Standards – Authentication – Wardriving – Wireless Hacking – Protecting Networks with Security Devices. Module IV Windows: Vulnerabilities – Choosing Tools – Information Gathering – RPC – Null Sessions – Share Permissions – Hardcore Vulnerability Exploitation. Linux: Vulnerabilities – Information Gathering – Unconnected Services - .rhosts and hosts.equiv Files – NFS – File Permissions – Buffer Overflow. Messaging Systems – Web Applications – Mobile Applications - Databases - Reporting Results. References 1. Michael T. Simpson, “Ethical Hacking and Network Defense”, Cengage Learning, New Delhi, 2010. 2. Kevin Beaver, “Hacking for Dummies”, Wiley Publication, India, 2007. 3. Ankit Fadia, “Unofficial Guide to Ethical Hacking”, Macmillan Company, New Delhi, 2001. Internal Continuous Assessment: 100 marks Internal continuous assessment is in the form of periodical tests, assignments, seminars or a combination of all whichever suits best. There will be a minimum of two tests per subject. The assessment details are to be announced to the students, right at the beginning of the semester by the teacher. End Semester Examination: 100 marks Question Pattern Answer any five questions by choosing at least one question from each Module.

Page No.: 31 

 

Module I

Module II

Module III

Module IV

Question 1 : 20 marks Question 2 : 20 marks

Question 3 : 20 marks Question 4 : 20 marks

Question 5 : 20 marks Question 6 : 20 marks

Question 7 : 20 marks Question 8 : 20 marks

Page No.: 32 

 

CIC 14 204 (C): ALGORITHMS AND COMPLEXITY Module I

Modules I II III IV Tutorial Total

Hours 10 9 10 10 13 52

Analysis: RAM model – Notations, Recurrence analysis - Master's theorem and its proof - Amortized analysis - Advanced Data Structures: B-Trees, Binomial Heaps, Fibonacci Heaps, Disjoint Sets, Union by Rank and Path Compression Module II Graph Algorithms and complexity: Matroid Theory, All-Pairs Shortest Paths, Maximum Flow and Bipartite Matching. Module III Randomized Algorithms : Finger Printing, Pattern Matching, Graph Problems, Algebraic Methods, Probabilistic Primality Testing, De-Randomization Module IV Complexity classes - NP-Hard and NP-complete Problems - Cook's theorem NP completeness reductions. Approximation algorithms – Polynomial Time and Fully Polynomial time Approximation Schemes. Probabilistic Complexity Classes, Probabilistic Proof Theory and Certificates. References 1. Dexter Kozen, “The Design and Analysis of Algorithms”, Springer, 1992. 2. T. H. Cormen, C. E. Leiserson, R. L. Rivest, “Introduction to Algorithms”, Prentice Hall India, 1990. 3. S. Basse, “Computer Algorithms: Introduction to Design and Analysis”, Addison Wesley, 1998. 4. U. Manber, “Introduction to Algorithms: A creative approach”, Addison Wesley, 1989. 5. V. Aho, J. E. Hopcraft, J. D. Ullman, “The design and Analysis of Computer Algorithms”, Addison Wesley, 1974. 6. R. Motwani and P. Raghavan, “Randomized Algorithms”, Cambrdige University Press, 1995. 7. C. H. Papadimitriou, “Computational Complexity”, Addison Wesley, 1994 8. Leonard Adleman, “Two theorems on random polynomial time”. In Proceedings of the 19th IEEE Symposium on Foundations of Computer Science, pages 75–83, 1978. 9. J. Gill. “Computational complexity of probabilistic Turing machines”. SIAM Journal of Computing, 6:675–695, 1977. 10. C. Lautemann, “BPP and the Polynomial Hierarchy”. Information Processing Letters, 17:215– 217, 1983. 11. M. Sipser, “A complexity theoretic appraoch to randomness”, In Proceedings of the 15th ACM Symposium on Theory of Computing, pages 330–335, 1983. 12. L.G. Valiant and V.V. Vazirani, “NP is as easy as detecting unique solutions”, Theoretical Computer Science, 47:85–93, 1986. Internal Continuous Assessment: 100 marks

Page No.: 33 

 

Internal continuous assessment is in the form of periodical tests, assignments, seminars or a combination of all whichever suits best. There will be a minimum of two tests per subject. The assessment details are to be announced to the students, right at the beginning of the semester by the teacher. End Semester Examination: 100 marks Question Pattern Answer any five questions by choosing at least one question from each Module. Module I

Module II

Module III

Module IV

Question 1 : 20 marks Question 2 : 20 marks

Question 3 : 20 marks Question 4 : 20 marks

Question 5 : 20 marks Question 6 : 20 marks

Question 7 : 20 marks Question 8 : 20 marks

Page No.: 34 

 

CIC 14 205 (A): RISK MANAGEMENT AND SECURITY Module I

Modules I II III IV Tutorial Total

Hours 9 10 10 10 13 52

Essentials of computer security - Sources of security threats – Intruders, Viruses, Worms and related threats - Threat identification - Threat analysis - Vulnerability identification and Assessment Components of Computer Security - Physical security – System access control - Goals of Security Efforts to secure computer networks – Ethical issues in Computer Security- Operational issues, Human issues. Module II Intrusion Detection System (IDS) – Types and challenges – Intrusion prevention system (IPS) – Firewalls - Design Principles, Scanning, filtering and blocking. Vulnerabilities – Sources of vulnerabilities, Vulnerability identification and Assessment, Cyber-crime and Hackers, Viruses and content filtering - Security Assessment, Analysis and Assurance – Computer network security protocol and standards - Security Policies – Integrity policies – confidentiality policies - Security models - Access Control Matrix Model, Take-Grant Protection Model. Module – III Security Monitoring and Auditing - Assurance and Trust, Need for Assurance, Role of Requirements in Assurance, Audit Assurance in Software Development Phases, Building Secure and Trusted Systems Designing an Auditing System, Implementation Considerations, Auditing to Detect Violations of a security Policy, Auditing Mechanisms, Audit Browsing. Module –IV Risk management and security planning – Risk management Process Overview- Cost-Benefit Analysis, Risk Analysis, Laws and Customs, Human Issues, Organizational issues - Information system Risk analysis – System approach to risk management, Threat assessment, Assets and safeguards, modes of risk analysis – Effective risk analysis, Qualitative Risk analysis, Value analysis References 1. 2. 3. 4. 5.

Matt Bishop, “Computer Security: Art and Science”, Addison-Wesley Professional, 2003. Joseph M.Kizza, “Computer Network security”, Springer, 2005 Matt Bishop, “Introduction to Computer Security”, Addison-Wesley Professional, 2005. Thomas R.Peltier, “Information Security Risk Analysis”, CRC Press, 2001. C.A.Roper, “Risk management for Security professional”, Elsevier, 1999.

Internal Continuous Assessment: 100 marks Internal continuous assessment is in the form of periodical tests, assignments, seminars or a combination of all whichever suits best. There will be a minimum of two tests per subject. The assessment details are to be announced to the students, right at the beginning of the semester by the teacher. End Semester Examination: 100 marks Page No.: 35 

 

Question Pattern Answer any five questions by choosing at least one question from each Module. Module I

Module II

Module III

Module IV

Question 1 : 20 marks Question 2 : 20 marks

Question 3 : 20 marks Question 4 : 20 marks

Question 5 : 20 marks Question 6 : 20 marks

Question 7 : 20 marks Question 8 : 20 marks

Page No.: 36 

 

CIC 14 205 (B): WINDOWS AND LINUX FORENSIC ANALYSIS Module I

Modules I II III IV Tutorial Total

Hours 10 10 9 10 13 52

Windows Forensic Analysis- Live Response: Data Collection- Introduction , Live Response- Locard’s Exchange Principle, Order of Volatility ,When to Perform Live Response ,What Data to Collect- System Time, Logged-on Users, Open Files, Network Information, Network Connections, Process Information, Process-to-Port Mapping, Process Memory, Network Status, Nonvolatile Information, Live-Response Methodologies, Live Response: Data Analysis- Data Analysis, Agile Analysis, Windows Memory Analysis-Collecting Process Memory, Dumping Physical Memory, Alternative Approaches for Dumping Physical Memory, Analyzing a Physical Memory Dump. Module II Registry Analysis- Inside the Registry, Registry Analysis- RegRipper, System Information, Autostart Locations, USB Removable Storage Devices, Mounted Devices, Portable Devices, Finding Users, Tracking User Activity, Redirection, Virtualization, Deleted Registry Keys, File Analysis- Log Files, Event Logs, Other Log files, Recycle Bin, XP System Restore Points, Vista Volume Shadow Copy Service, Prefetch and Shortcut files, File Metadata, File Signature Analysis, NTFS Alternate Data Streams, Alternative Methods of Analysis, Executable File Analysis- Static Analysis, Dynamic Analysis. Module III Rootkits, Rootkit Detection-Live Detection, GMER, Helios, MS Strider GhostBuster, F-Secure BlackLight, Sophos Anti-Rootkit, Postmortem Detection, Prevention, Case studies, Performing Analysis on a Budget-Documenting Your Analysis, Tools-Acquiring Images, Image Analysis, File Analysis, Network Tools, Search Utilities. Module IV Linux Forensic Analysis- Live Response Data Collection- Prepare the Target Media, Format the Drive, Gather Volatile Information, Acquiring the Image, Initial Triage and Live Response: Data Analysis- Log Analysis, Keyword Searches, User Activity, Network Connections, Running Processes, Open File Handlers, The Hacking Top Ten, Reconnaissance Tools, The /Proc File System- Introduction , Process Ids. File Analysis- The Linux Boot Process, System and Security Configuration Files- Users, Groups, and Privileges, Cron Jobs, Log Files, Identifying Other Files of Interest- . SUID and SGID Root Files, Recently Modified/Accessed/Created Files, Modified System Files, Out -of-Place inodes, Hidden Files and Hiding Places, Malware- Introduction, Viruses, Storms on the Horizon, Scanning the Target Directory Textbooks 1. Unix and Linux Forensic Analysis DVD ToolKit - Chris Pogue, Cory Altheide, Todd Haverkos, Syngress Inc. , 2008 2. Windows Forensic Analysis DVD Toolkit- Harlan Carvey, Edition 2, Syngress Inc. , 2009

Page No.: 37 

 

References 1. Windows Registry Forensics: Advanced Digital Forensic Analysis of the Windows Registry Harlan Carvey, Syngress Inc, Feb 2011 2. File System Forensic Analysis- Brian Carrier, Addison Wesley, Edition 1, 2005 3. Handbook of Digital Forensics and Investigation- Eoghan Casey, Academic Press, 2009 4. Digital Forensics with Open Source Tools- Cory Altheide, Harlan Carvey, Syngress Inc, IstEd, April 2011 Internal Continuous Assessment: 100 marks Internal continuous assessment is in the form of periodical tests, assignments, seminars or a combination of all whichever suits best. There will be a minimum of two tests per subject. The assessment details are to be announced to the students, right at the beginning of the semester by the teacher. End Semester Examination: 100 marks Question Pattern Answer any five questions by choosing at least one question from each Module. Module I

Module II

Module III

Module IV

Question 1 : 20 marks Question 2 : 20 marks

Question 3 : 20 marks Question 4 : 20 marks

Question 5 : 20 marks Question 6 : 20 marks

Question 7 : 20 marks Question 8 : 20 marks

Page No.: 38 

 

CIC 14 205 (C): BIOMETRIC SECURITY Module I

Modules I II III IV Tutorial Total

Hours 9 10 10 10 13 52

Biometrics- Introduction- benefits of biometrics over traditional authentication systems –benefits of biometrics in identification systems-selecting a biometric for a system –Applications – Key biometric terms and processes - biometric matching methods -Accuracy in biometric systems. Module II Physiological Biometric Technologies: Fingerprints - Technical description –characteristics Competing technologies - strengths – weaknesses – deployment - Facial scan – Technical description characteristics - weaknesses-deployment - Iris scan - Technical description – characteristics - strengths – weaknesses – deployment - Retina vascular pattern – Technical description – characteristics - strengths – weaknesses – employment - Hand scan – Technical description-characteristics - strengths – weaknesses deployment – DNA biometrics. Module III Behavioral Biometric Technologies: Handprint Biometrics - DNA Biometrics - signature and handwriting technology - Technical description – classification - keyboard / keystroke dynamics - Voice – data acquisition - feature extraction - characteristics - strengths – weaknesses- deployment. Module IV Multi biometrics: Multi biometrics and multi factor biometrics - two-factor authentication with passwords - tickets and tokens – executive decision - implementation Plan. References 1. Samir Nanavathi, Michel Thieme, and Raj Nanavathi, “Biometrics -Identity verification in a network”, Wiley Eastern, 2002. 2. John Chirillo and Scott Blaul,” Implementing Biometric Security”, Wiley Eastern Publications, 2005. 3. John Berger,” Biometrics for Network Security”, Prentice Hall, 2004. Internal Continuous Assessment: 100 marks Internal continuous assessment is in the form of periodical tests, assignments, seminars or a combination of all whichever suits best. There will be a minimum of two tests per subject. The assessment details are to be announced to the students, right at the beginning of the semester by the teacher. End Semester Examination: 100 marks Question Pattern Answer any five questions by choosing at least one question from each Module.

Page No.: 39 

 

Module I

Module II

Module III

Module IV

Question 1 : 20 marks Question 2 : 20 marks

Question 3 : 20 marks Question 4 : 20 marks

Question 5 : 20 marks Question 6 : 20 marks

Question 7 : 20 marks Question 8 : 20 marks

Page No.: 40 

 

CIC 14 205 (D): SPEECH PROCESSING Module I

Modules I II III IV Tutorial Total

Hours 9 10 10 10 13 52

Speech Signal Modelling: Speech signal characteristics and classifications - Speech production mechanism - Acoustic Theory of speech production - Source – Filter model - Lossless Tube Models Digital Model of speech signals Module II Speech Signal Analysis: Time domain Analysis for speech processing – Short time energy and magnitude - short time average zero crossing - Speech vs silence discrimination - Pitch period estimation using autocorrelation - Short time Fourier analysis- Definition and properties - Design of digital filter banks - Pitch detection - analysis by synthesis Module III Speech Coding: Linear predictive coding - principle - solution of LPC equation - Cholesky decomposition method - Durbin's method - Lattice formulation - Frequency domain coding – Model based coding – LPC residual coding Module IV Speech Recognition: Template training method - Hidden Markov Model - Gaussian Mixture model connected word recognition - Speaker identification/Verification. References 1. Rabiner L R and Schaffer R W, "Digital Processing of Speech Signals", Prentice -Hall, Englewod - Clitts, New Jersey, 1986. 2. Rebner L R K and Juang B H, "Fundamentals of Speech Recognition", Pearson Education, First Indian reprint 2003. 3. Kondoz, "Digital Speech", John Wiley and Sons Ltd., 1994. 4. Thomas F Quatieri, “Discrete Time Speech Signal Processing”, Pearson Education, 2002. 5. John R Deller, John Hansen and Proakis J G, ” Discrete Time Processing of Speech Signals”, IEEE Press, 1999. Internal Continuous Assessment: 100 marks Internal continuous assessment is in the form of periodical tests, assignments, seminars or a combination of all whichever suits best. There will be a minimum of two tests per subject. The assessment details are to be announced to the students, right at the beginning of the semester by the teacher. End Semester Examination: 100 marks Question Pattern Answer any five questions by choosing at least one question from each Module.

Page No.: 41 

 

Module I

Module II

Module III

Module IV

Question 1 : 20 marks Question 2 : 20 marks

Question 3 : 20 marks Question 4 : 20 marks

Question 5 : 20 marks Question 6 : 20 marks

Question 7 : 20 marks Question 8 : 20 marks

Page No.: 42 

 

CIC 14 206 (P): SEMINAR [Hours/Week: 2] Objective: To assess the debating capability of the student to present a technical topic. In addition, to impart training to students to face audience and present their ideas and thus creating in them self-esteem and courage that are essential for engineers. Individual students are required to choose a topic of their interest from Information Security related topics preferably from outside the M.Tech syllabus and give a seminar on that topic about 30 minutes. A committee consisting of at least three faculty members (preferably specialized in Information Security) shall assess the presentation of the seminar and award marks to the students. Each student shall submit two copies of a write up of his/her seminar topic. One copy shall be returned to the student after duly certifying it by the chairperson of the assessing committee and the other will be kept in the departmental library. Internal continuous assessment marks are awarded based on the relevance of the topic, presentation skill, quality of the report and participation. Internal Continuous Assessment: 100 marks Regularity and Class Work

-

30 Marks

Report

-

20 Marks

Tests, Viva

-

50 Marks

Page No.: 43 

 

CIC 14 207 (P): DATABASE SECURITY LABORATORY 1. Creating a database for an application using DDL. 2. Setting up of integrity constraints. 3. Data manipulation using DML queries. 4. Use Rollback, commit, savepoint, grant and revoke commands. 5. Creation, deletion and modification of users and implementing authentication mechanisms for different users. 6. Designing and implementing password policies. 7. Creating, assigning and revoking user roles. 8. Implementing a Virtual private database. 9. Auditing database activities with Oracle. 10. Security auditing.

Page No.: 44 

 

THIRD SEMESTER CIC 14 301 (A): DIGITAL WATERMARKING AND STEGANOGRAPHY

Modules I II III IV Tutorial Total

Hours 10 10 9 10 13 52

Module I Introduction: Information Hiding, Steganography and Watermarking – History of watermarking – Importance of digital watermarking – Applications – Properties – Evaluating watermarking systems. Watermarking Models & Message Coding: Notation – Communications – Communication based models – Geometric models – Mapping messages into message vectors – Error correction coding – Detecting multi-symbol watermarks. Module II Watermarking With Side Information & Analyzing Errors: Informed Embedding – Informed Coding – Structured dirty-paper codes - Message errors – False positive errors – False negative errors – ROC curves – Effect of whitening on error rates. Module III Perceptual Models: Evaluating perceptual impact – General form of a perceptual model – Examples of perceptual models – Robust watermarking approaches - Redundant Embedding, Spread Spectrum Coding, Embedding in Perceptually significant coefficients. Module IV Watermark Security & Authentication: Security requirements – Watermark security and cryptography – Attacks – Exact authentication – Selective authentication – Localization – Restoration. Steganography: Steganography communication – Notation and terminology – Information-theoretic foundations of steganography – Practical steganographic methods – Minimizing the embedding impact – Steganalysis References 1. Ingemar J. Cox, Matthew L. Miller, Jeffrey A. Bloom, Jessica Fridrich, Ton Kalker, “Digital Watermarking and Steganography”, Margan Kaufmann Publishers, New York, 2008. 2. Ingemar J. Cox, Matthew L. Miller, Jeffrey A. Bloom, “Digital Watermarking”, Margan Kaufmann Publishers, New York, 2003. 3. Michael Arnold, Martin Schmucker, Stephen D. Wolthusen, “Techniques and Applications of Digital Watermarking and Contest Protection”, Artech House, London, 2003. 4. Juergen Seits, “Digital Watermarking for Digital Media”, IDEA Group Publisher, New York, 2005. 5. Peter Wayner, “Disappearing Cryptography – Information Hiding: Steganography & Watermarking”, Morgan Kaufmann Publishers, New York, 2002. Internal Continuous Assessment: 100 marks Internal continuous assessment is in the form of periodical tests, assignments, seminars or a combination of all whichever suits best. There will be a minimum of two tests per subject. The assessment details are to be announced to the students, right at the beginning of the semester by the teacher. Page No.: 45 

 

End Semester Examination: 100 marks Question Pattern Answer any five questions by choosing at least one question from each Module. Module I

Module II

Module III

Module IV

Question 1 : 20 marks Question 2 : 20 marks

Question 3 : 20 marks Question 4 : 20 marks

Question 5 : 20 marks Question 6 : 20 marks

Question 7 : 20 marks Question 8 : 20 marks

Page No.: 46 

 

CIC 14 301 (B): PKI AND TRUST MANAGEMENT Module I

Modules I II III IV Tutorial Total

Hours 10 10 10 9 13 52

Overview of PKI technology Basic Security Concepts, PKI Entities, Related Technologies. Work Performed by Certificate Authorities Attack on CA. PKI standards General PKIX Standardization Requirements. Digital Certificates and SSL. Module II PKI design issues PKI structure, Inter-domain, revocation, policy. PKI standards. Architecture for PKI – baseline requirements for global PKI, components – crypto primitive, cryptographic, long term, protocol security, secure protocol, security policy. Module III Implementing secure web services requirements, implementation and deployment, implementation cost, performance. Managing PKI, requesting, obtaining, using and revoking a certificate, case studies. Module IV Trust management challenges, taxonomy framework, architecture, system components, system setting and operations. Text Book 1. John R. Vacca, “Public Key Infrastructure”, Auerbach publications, New york, 2004. References 1. JeanMarc Seigneur, Adam Slagell, “Collaborative Computer Security and Trust Management”, Information Science Reference, New York(IGI Global), 2010. 2. Klaus Schmeh, “Cryptography and Public Key Infrastructure on the Internet”, Allied Publishers, 2004. 3. Carlisle Adams, Steve Lloyd, “Understanding PKI: Concepts, Standards, and Deployment Considerations”, AddisonWesley, 2003. 4. Kapil Raina, “PKI Security Solutions for the Enterprise”, Wiley, 2003. 5. Brian Komar, "Windows Server 2008 PKI and Certificate Security", Microsoft Press, 2008. 6. W. Mao, “Modern Cryptography: Theory & Practice”, Pearson Education, 2004. Internal Continuous Assessment: 100 marks Internal continuous assessment is in the form of periodical tests, assignments, seminars or a combination of all whichever suits best. There will be a minimum of two tests per subject. The assessment details are to be announced to the students, right at the beginning of the semester by the teacher. End Semester Examination: 100 marks Question Pattern Page No.: 47 

 

Answer any five questions by choosing at least one question from each Module. Module I Question 1 : 20 marks Question 2 : 20 marks

Module II Question 3 : 20 marks Question 4 : 20 marks

Module III Question 5 : 20 marks Question 6 : 20 marks

Page No.: 48 

 

Module IV Question 7 : 20 marks Question 8 : 20 marks

CIC 14 301 (C): ARTIFICIAL INTELLIGENCE Module I

Modules I II III IV Tutorial Total

Hours 9 10 10 10 13 52

Introduction: Artificial Intelligence– History –The state of art- Intelligent Agents – Structure – Environment. Search Strategies: Breadth-first search- Uniform cost search- Depth-first search- Depthlimited search- Iterative deepening search- Bidirectional search- Heuristic search techniquesComparing search strategies. Module II Knowledge And Reasoning: Representation – Logic – Propositional logic – Using predicate logic, using rules - Forward and backward chaining–Strong and weak slot fillers. Planning: Overview - An example domain- Components- Goal Stack planning- Non-linear planning- Hierarchical planning-Reactive systems. Module III Uncertainty: Non-monotonic reasoning- Logics- Implementation- Probability and Bayes theoremCertainty factors- Bayesian networks- Dempster- Shafer theory. Natural Language Processing: Phases Syntactic Processing-Semantic Analysis-Discourse and Pragmatic Processing. Module IV Learning: Introduction- Learning by Taking Advice- Learning in problem solving- Inductive learningLearning decision trees-Explanation-based learning-Formal learning-Learning in Neural and Belief Networks. Expert Systems: Features – Characteristics-Architecture-Basic Activities-Stages in development - Structure of a knowledge base – Probability based Expert Systems - Tools. References 1. Stuart Russell and Peter Norvig, “Artificial Intelligence – A Modern Approach”, Prentice Hall of India, Second Edition, New Delhi, 2008. 2. Elaine Rich and Kevin Knight, “Artificial Intelligence”, Tata McGraw Hill Publishing Company, New Delhi, 2005. 3. Dan W Patterson, “Introduction to AI and Expert Systems”, Prentice Hall of India, New Delhi, 2006. 4. Eugene Charniak, Drew McDermott, “Introduction to Artificial Intelligence”, Pearson Education, New Delhi, 2006. 5. Nils J Nilsson, “Principles of Artificial Intelligence”, Narosa Publishing House, New Delhi, 2005. 6. N P Padhy, “Artificial Intelligence and Intelligence Systems”, Oxford University Press, 2006 Internal Continuous Assessment: 100 marks Internal continuous assessment is in the form of periodical tests, assignments, seminars or a combination of all whichever suits best. There will be a minimum of two tests per subject. The assessment details are to be announced to the students, right at the beginning of the semester by the teacher. Page No.: 49 

 

End Semester Examination: 100 marks Question Pattern Answer any five questions by choosing at least one question from each Module. Module I Question 1 : 20 marks Question 2 : 20 marks

Module II Question 3 : 20 marks Question 4 : 20 marks

Module III Question 5 : 20 marks Question 6 : 20 marks

Page No.: 50 

 

Module IV Question 7 : 20 marks Question 8 : 20 marks

CIC 14 302 (A): MOBILE FORENSICS Module I

Modules I II III IV Tutorial Total

Hours 9 10 10 10 13 52

Overview of wireless technologies and security: Personal Area Networks, Wireless Local Area Networks, Metropolitan Area Networks, Wide Area Networks. Wireless threats, vulnerabilities and security: Wireless LANs, War Driving, War Chalking, War Flying, Common Wi-fi security recommendations, PDA Security, Cell Phones and Security, Wireless DoS attacks, GPS Jamming, Identity theft. Module II CIA triad in mobile phones-Voice, SMS and Identification data interception in GSM: Introduction, practical setup and tools, implementation- Software and Hardware Mobile phone tricks: Netmonitor, GSM network service codes, mobile phone codes, catalog tricks and AT command set- SMS security issues. Module III Crime and mobile phones, evidences, forensic procedures, files present in SIM card, device data, external memory dump, evidences in memory card, operators systems- Android forensics: Procedures for handling an android device, imaging android USB mass storage devices, logical and physical techniques. Module IV Digital forensics: Introduction – Evidential potential of digital devices: closed vs. open systems, evaluating digital evidence potential- Device handling: seizure issues, device identification, networked devices and contamination. References 1. Gregory Kipper, “Wireless Crime and Forensic Investigation”, Auerbach Publications, 2007. 2. Iosif I. Androulidakis, “ Mobile phone security and forensics: A practical approach”, Springer publications, 2012. 3. Andrew Hoog, “ Android Forensics: Investigation, Analysis and Mobile Security for Google Android”, Elsevier publications, 2011. 4. Angus M.Marshall, “ Digital forensics: Digital evidence in criminal investigation”, John – Wiley and Sons, 2008. Internal Continuous Assessment: 100 marks Internal continuous assessment is in the form of periodical tests, assignments, seminars or a combination of all whichever suits best. There will be a minimum of two tests per subject. The assessment details are to be announced to the students, right at the beginning of the semester by the teacher. End Semester Examination: 100 marks Question Pattern Page No.: 51 

 

Answer any five questions by choosing at least one question from each Module. Module I Question 1 : 20 marks Question 2 : 20 marks

Module II Question 3 : 20 marks Question 4 : 20 marks

Module III Question 5 : 20 marks Question 6 : 20 marks

Page No.: 52 

 

Module IV Question 7 : 20 marks Question 8 : 20 marks

CIC 14 302 (B): SECURITY THREATS Module I

Modules I II III IV Tutorial Total

Hours 9 10 10 10 13 52

Introduction: Security threats - Sources of security threats- Motives - Target Assets and vulnerabilities – Consequences of threats- E-mail threats - Web-threats - Intruders and Hackers, Insider threats, Cybercrimes. Module II Network Threats: Active/ Passive – Interference – Interception – Impersonation – Worms – Virus – Spam’s – Ad ware - Spy ware – Trojans and covert channels – Backdoors – Bots - IP Spoofing - ARP spoofing - Session Hijacking - Sabotage-Internal treats- Environmental threats - Threats to Server security. Module III Security Threat Management: Risk Assessment - Forensic Analysis - Security threat correlation – Threat awareness - Vulnerability sources and assessment- Vulnerability assessment tools - Threat identification - Threat Analysis - Threat Modeling - Model for Information Security Planning. Module IV Security Elements: Authorization and Authentication - types, policies and techniques - Security certification - Security monitoring and Auditing - Security Requirements Specifications - Security Policies and Procedures, Firewalls, IDS, Log Files, Honey Pots. Human factors – Security awareness, training, Email and Internet use policies. References 1. Joseph M Kizza, “Computer Network Security”, Springer Verlag, 2005 2. Swiderski, Frank and Syndex, “Threat Modeling”, Microsoft Press, 2004. 3. William Stallings and Lawrie Brown, “Computer Security: Principles and Practice”, Prentice Hall, 2008. 4. Thomas Calabres and Tom Calabrese, “Information Security Intelligence: Cryptographic Principles & Application”, Thomson Delmar Learning, 2004. Internal Continuous Assessment: 100 marks Internal continuous assessment is in the form of periodical tests, assignments, seminars or a combination of all whichever suits best. There will be a minimum of two tests per subject. The assessment details are to be announced to the students, right at the beginning of the semester by the teacher. End Semester Examination: 100 marks Question Pattern Answer any five questions by choosing at least one question from each Module.

Page No.: 53 

 

Module I Question 1 : 20 marks Question 2 : 20 marks

Module II Question 3 : 20 marks Question 4 : 20 marks

Module III Question 5 : 20 marks Question 6 : 20 marks

Page No.: 54 

 

Module IV Question 7 : 20 marks Question 8 : 20 marks

Modules I II III IV Tutorial Total

CIC 14 302 (C): DATA MINING Module I

Hours 9 10 10 10 13 52

Introduction: Motivation – Data Mining Functionalities – Classification on data mining systems – Task Primitives – Major Issues - Data Preprocessing. Module II Data Warehouse And Olap: Data warehouse – Multidimensional data model – Data Warehouse architecture – OLAP Technology – Data Cube Computation. Module III Association Analysis: Basic Concepts – Frequent Item set mining methods - Types of association rules. Classification: Introduction – Statistics and Probability - Decision Tree Induction – Bayesian Classification – Classification by Back propagation – Rule Based Classification – Support Vector Machines. Module IV Cluster Analysis: Partitioning methods – Hierarchical Methods – Density based methods - Neural Network Based Methods. Advanced Topics: Introduction to spatial data mining – Text Mining – Web Mining. References 1. 2. 3. 4.

Jaiwei Han, Micheline Kamber, “Data Mining: Concepts and Techniques”, Elsevier, 2006. Rajan Chattamvelli, “Data Mining Methods”, Narosa, 2009. Pang-Ning Tan, Michael Steinbach, "Introduction to Data Mining", Addison Wesley, 2006. Margaret Dunham, “Data Mining: Introductory and Advanced Topics”, Pearson Education, New Delhi, 2007. 5. Alex Berson, “Data Warehousing, Data Mining and OLAP,” Tata Mc Graw Hill , 2004

Internal Continuous Assessment: 100 marks Internal continuous assessment is in the form of periodical tests, assignments, seminars or a combination of all whichever suits best. There will be a minimum of two tests per subject. The assessment details are to be announced to the students, right at the beginning of the semester by the teacher. End Semester Examination: 100 marks Question Pattern Answer any five questions by choosing at least one question from each Module. Module I Question 1 : 20 marks Question 2 : 20 marks

Module II Question 3 : 20 marks Question 4 : 20 marks

Module III Question 5 : 20 marks Question 6 : 20 marks

Page No.: 55 

 

Module IV Question 7 : 20 marks Question 8 : 20 marks

CIC 14 303 (P): INDUSTRIAL TRAINING Hours/Week: 30 (During the period of training) Objective: To enable the student to correlate theory and industrial practice. The students have to arrange and undergo an industrial training of minimum two weeks in an industry preferably dealing with Security Auditing during the semester break between semester 2 and semester 3 and complete within 15 calendar days from the start of semester 3. The students are required to submit a report of the training undergone and present the contents of the report before the evaluation committee. Evaluation committee will award the marks of end semester based on training quality, contents of the report and presentation. End semester Examination: Marks 50

Page No.: 56 

 

CIC 14 304 (P): MASTER RESEARCH PROJECT PHASE - I [Hours/Week: 22] Objective: To improve the professional competency and research aptitude by touching the areas which otherwise not covered by theory or laboratory classes. The project work aims to develop the work practice in students to apply theoretical and practical tools/techniques to solve real life problems related to industry and current research. The project work can be a design project/experimental project and/or computer simulation project on any of the topics in Information Security and its allied areas. The project work is allotted individually on different topics. The students shall be encouraged to do their project work in the parent institute itself. If found essential, they may be permitted to continue their project outside the parent institute, subject to the conditions of M.Tech regulations. Department will constitute an Evaluation Committee to review the project work. The Evaluation committee consists of at least three faculty members of which internal guide and another expert in the specified area of the project shall be two essential members. The student is required to undertake the master research project Phase - I during the third semester and the same is continued in the 4th semester (Phase - II). Phase 1 consist of preliminary thesis work, two reviews of the work and the submission of preliminary report. First review would highlight the topic, objectives, methodology and expected results. Second review evaluates the progress of the work, preliminary report and scope of the work, which is to be completed in the 4th semester. The Evaluation committee consists of at least three faculty members of which internal guide and another expert in the specified area of the project shall be two essential members. Internal Continuous Assessment Review First Second Total

Guide 50 100 150

Page No.: 57 

 

Evaluation Committee 50 100 150

FOURTH SEMESTER CIC 14 401 (P): MASTERS RESEARCH PROJECT PHASE – II [Hours/Week: 30] Objective: To improve the professional competency and research aptitude by touching the areas which otherwise not covered by theory or laboratory classes. The project work aims to develop the work practice in students to apply theoretical and practical tools/techniques to solve real life problems related to industry and current research. Master Research project phase - II is a continuation of project phase - I started in the third semester. There would be two reviews in the fourth semester, first in the middle of the semester and the second at the end of the semester. First review is to evaluate the progress of the work, presentation and discussion. Second review would be a pre-submission presentation before the evaluation committee to assess the quality and quantum of the work done. This would be a pre-qualifying exercise for the students for getting approval by the departmental committee for the submission of the thesis. At least one technical paper is to be prepared for possible publication in journal or conferences. The technical paper is to be submitted along with the thesis. The final evaluation of the project will be external evaluation. Internal Continuous Assessment Review First Second Total

Guide 50 100 150

Evaluation Committee 50 100 150

End Semester Examination Project Evaluation by external examiner

:

150 marks

Viva Voce by external and internal examiners

:

150 marks

Page No.: 58