CY601- Cyber Crime Investigation & Digital Forensic


Course Objective : This course focusses on two aspects of Cyber Security: analysis and assessment of risk plus how to minimize it, and, how to extract and use digital information from a wide range of systems and devices. The course is structured so that all students cover the same introductory material, but then choose to specialize in either Cyber Security or Digital Forensics. Any aforesaid science graduate who requires keen interest & knowledge of IT programming languages with basic knowledge of math beyond calculus.

Unit I: Cyber Crime–Definition, Nature and Extent of Cyber Crimes in India and other countries – Classification of Cyber Crimes–Differences between conventional crimes and cybercrimes - Trends in Cyber Crimes across the world.

Unit II: Forms of Cyber Crimes, Frauds–Cyber bullying, hacking, cracking, DoS–viruses, works, bombs, logical bombs, time bombs, email bombing, data diddling, salami attacks, phishing,steganography,cyberstalking,spoofing,cyberpornography,defamation,computer vandalism, crimes through social networking sites, malwares, social engineering, credit card frauds & financial frauds, telecom frauds. Cloud based, E-commerce Frauds and other forms.

Unit III: Profile of Cyber criminals–Cyber Crime Psychology–Psychological theories dealing with cybercrimes-Learning, Motivation, personality and intelligence theories of cyber criminals – Criminal profiling. Impact of cybercrimes – Economic, Psychological and Sociological impact on individual, corporate and companies, government and the nation.

Unit IV : Modus Operandi of various cyber crimes and frauds–Modus Operandi-Fraud triangle–fraud detection techniques-countermeasures. Intrusion Analysis, Intrusion Analysis as a Core Skill set, Methods to Performing Intrusion Analysis, Intrusion Kill Chain, Passively Discovering Activity in Historical Data and Logs, Detecting Future Threat Actions and Capabilities, Denying Access to Threats, Delaying and Degrading Adversary Tactics and Malware, Identifying Intrusion Patterns and Key Indicators.

References:


1. Thomus J.Halt, Adam M. bossler and Kathryn C., Seigfried- spellar, Cyber Crime Investigation & Digital Forensic, An Introduction, second edition.


CY602- Software Engineering

RATIONALE: The purpose of this subject is to cover the underlying concepts and techniques used in Software Engineering & Project Management. Some of these techniques can be used in software design & its implementation.

Unit I: The Software Product and Software Process Software Product and Process Characteristics, Software Process Models: LinearSequential Model, Prototyping Model, RAD Model, Evolutionary Process Models likeIncremental Model, Spiral Model, Component Assembly Model, RUP and Agileprocesses. Software Process customization and improvement, CMM, Product andProcess Metrics.

Unit II: Requirement Elicitation, Analysis, and Specification Functional and Non-functional requirements, Requirement Sources and Elicitation Techniques, Analysis Modeling for Function- oriented and Object-oriented software development, Use case Modeling, System and Software Requirement Specifications, Requirement Validation, Traceability

Unit III: Software Design The Software Design Process, Design Concepts and Principles, Software Modeling and UML, Architectural Design, Architectural Views and Styles, User Interface Design, Function7 oriented Design, SA/SD Component Based Design, Design Metrics.

Unit IV: Software Analysis and Testing Software Static and Dynamic analysis, Code inspections, Software Testing, Fundamentals, Software Test Process, Testing Levels, Test Criteria, Test Case Design, TestOracles, Test Techniques, Black-Box Testing, White-Box Unit Testing and Unit, Testing Frameworks, Integration Testing, System Testing and other Specialized, Testing, Test Plan, Test Metrics, Testing Tools. , Introduction to Object-oriented analysis, design and comparison with structured Software Engg.

Unit V: Software Maintenance & Software Project Measurement Need and Types of Maintenance, Software Configuration Management (SCM), Software Change Management, Version Control, Change control and Reporting, Program Comprehension Techniques, Re- engineering, Reverse Engineering, Tool Support. Project Management Concepts, Feasilibility Analysis, Project and Process Planning, Resources Allocations, Software efforts, Schedule, and Cost estimations, Project Scheduling and Tracking, Risk Assessment and Mitigation, Software Quality Assurance(SQA). Project Plan, Project Metrics. Practical and Lab work Lab work should include a running case study problem for which different deliverable sat the end of each phase of a software development life cycle are to be developed. Thiswill include modeling the

requirements, architecture and detailed design. Subsequentlythe design models will be coded and tested. For modeling, tools like Rational Roseproducts. For coding and testing, IDE like Eclipse, Net Beans, and Visual Studio can be used.

References


  1. Pankaj Jalote ,”An Integrated Approach to Software Engineering”, Narosa Pub, 2005

  2. Rajib Mall, “Fundamentals of Software Engineering” Second Edition, PHI Learning

  3. R S. Pressman ,”Software Engineering: A Practitioner's Approach”, Sixth edition2006, McGraw-Hill.

  4. Sommerville,”Software Enginerring”,Pearson Education.

  5. Richard H.Thayer,”Software Enginerring & Project Managements”, WileyIndia

  6. Waman S.Jawadekar,”Software Enginerring”, TMH

  7. Bob Hughes, M.Cotterell, Rajib Mall “ Software Project Management”, McGrawHil


Departmental Elective CY503 (A) – Internet & Web Technology


Unit I: Introduction: Concept of WWW, Internet and WWW, HTTP Protocol : Request and Response, Web browser and Web servers, Features of Web 2.0 Web Design: Concepts of effective web design, Webdesign issues including Browser, Bandwidth and Cache, Display resolution, Look and Feel of the Web site, Page Layout and linking, User centric design, Sitemap, Planning and publishing website, Designing effective navigation.

Unit II: HTML :Basics of HTML, formatting and fonts, commenting code, color, hyperlink, lists, tables, images, forms, XHTML, Meta tags, Character entities, frames and frame sets, Browser architecture and Web site structure. Overview and features of HTML5

Unit III: Style sheets : Need for CSS, introduction to CSS, basic syntax andstructure, using CSS, background images, colors and properties,manipulating texts, usingfonts, borders and boxes, margins, padding lists,positioning using CSS, CSS2, Overview and features of CSS3 JavaScript : Client side scriptingwith JavaScript, variables, functions, conditions, loops and repetition, Pop up boxes, Advance JavaScript: Javascript and objects, JavaScript own objects, the DOM and web browser environments, Manipulation using DOM, forms and validations,DHTML : Combining HTML, CSS andJavascript, Events and buttons

Unit IV: XML : Introduction to XML, uses of XML, simple XML, XML keycomponents, DTD andSchemas, Using XML with application. Transforming XML using XSL and XSLT PHP: Introduction and basic syntax of PHP, decision and looping with examples, PHP and HTML, Arrays, Functions, Browser control and detection, string, Form processing, Files, Advance Features: Cookies and Sessions, Object Oriented Programming with PHP

Unit VI: PHP and MySQL:Basic commandswith PHP examples, Connection to server, creating database, selecting a database, listing database, listing table names,creating a table, inserting data, altering tables, queries, deleting database, deleting data and tables, PHP myadmin and databasebugs

Reference Books:

  1. Developing Web Applications, Ralph Moseley and M. T. Savaliya, Wiley-India

  2. Web Technologies, Black Book, dreamtech Press

  3. HTML 5, Black Book, dreamtech Press

  4. Web Design, Joel Sklar, Cengage Learning

  5. Developing Web Applications in PHP and AJAX, Harwani, McGrawHill

  6. Internet and World Wide Web How to program, P.J. Deitel & H.M. Deitel , Pearson


Departmental Elective CY503 (B) – Applied Cryptography

Unit I: History of cryptography, some background in probability and algorithms, classical cryptography (shift cipher, monoalphabetic substitution cipher, polyalphabetic substitution cipher), encryption with perfect secrecy, one-time pad; implementation aspects: shared secret randomness vs perfect secrecy Some background in algorithms and complexity theory, modern cryptography principles, one-way functions, trapdoor functions, hard-core bits, construction of a public-key cryptosystem based on general cryptographic primitives, implementation aspects: computational efficiency vs hardness.

Unit II: Algorithmic number theory, number theory and cryptographic assumptions, Reductions, proofs by reductions, number theory candidates for cryptographic primitives (e.g., factoring and related problems), public-key cryptosystems from number theory problems; brief discussion of quantum computing; implementation aspects: large integer arithmetic for implemented public- key cryptosystems Randomness and pseudo-randomness, pseudo-random generators, functions and permutations. Symmetric encryption: introduction, security notions, symmetric encryption schemes based on pseudo-randomness primitives, security proofs, fundamental concepts; implementation aspects: generating and testing randomness.

Unit III: Symmetric encryption: block ciphers (e.g., DES, Triple-DES, AES), substitution/permutation networks, Feistel networks, modes of operations (e.g., ECB, CBC, OFB, Counter), cryptanalysis attacks (e.g., exhaustive, linear, differential, meet-in-the-middle attack), key lengths; implementation aspects: security-performance-features tradeoffs. Message authentication: introduction, notion and schemes (e.g., CBC-MAC), collision resistant hashing (MD5, SHA-1, SHA-2, SHA-3, HMAC, Merkle-Hellman), CCA security for symmetric encryption, simultaneous message confidentiality and message integrity, the GCM mode, application case study 1: password-based secure computer access; implementation aspects: security performance-features tradeoffs.

Unit IV: number theory candidates for cryptographic primitives (e.g., discrete logarithms, brief discussion of related problems including elliptic curves). Asymmetric encryption: comparison with symmetric encryption, definitions, constructions (e.g., RSA variants, El Gamal), hybrid encryption; implementation aspects: security-performance-features tradeoffs. Asymmetric encryption: malleable and homomorphic encryption notion and schemes (e.g., Paillier, brief discussion of various schemes, including Gentry’s), additional schemes achieving various

security notions in various models (e.g., Cramer-Shoup), identity-based encryption; implementation aspects: security-performance-features-trust tradeoffs.

Reference:


  1. [KL] J. Katz and Y. Lindell, Introduction to Modern Cryptography: Principles and Protocol s, Chapman & Hall/CRC Press, 2nd edition http://www.cs.umd.edu/~jkatz/imc.html

  2. [MOV] A. Menezes, P. Van Oorschot, S. Vanstone, Handbook of Applied Cryptography, CRC Press, August 2001 http://www.cacr.math.uwaterloo.ca/hac/


    Unit-I Introduction to compiling & Lexical Analysis Introduction of Compiler, Major data Structure in compiler, types of Compiler, Front-end and Back-end of compiler, Compiler structure: analysis-synthesis model of compilation, various phases of a compiler, Lexical analysis: Input buffering , Specification & Recognition of Tokens,Design of a Lexical Analyzer Generator, LEX.


    Unit-II Syntax Analysis &Syntax Directed Translation Syntax analysis: CFGs, Top down parsing, Brute force approach, recursive descent parsing, transformation on the grammars, predictive parsing, bottom up parsing, operator precedence parsing, LR parsers (SLR,LALR, LR),Parser generation. Syntax directed definitions: Construction of Syntax trees, Bottom up evaluation of S-attributed definition, L-attribute definition, Top down translation, Bottom Up evaluation of inherited attributes Recursive Evaluation, Analysis of Syntax directed definition.


    Unit-III Type Checking & Run Time Environment Type checking: type system, specification of simple type checker, equivalence of expression, types, type conversion, overloading of functions and operations, polymorphic functions. Run time Environment: storage organization, Storage allocation strategies, parameter passing, dynamic storage allocation , Symbol table, Error Detection & Recovery, Ad-Hoc and Systematic Methods.


    Unit –IV Code Generation Intermediate code generation: Declarations, Assignment statements, Boolean expressions, Case statements, Back patching, Procedure calls Code Generation: Issues in the design of code generator, Basic block and flow graphs, Register allocation and assignment, DAG representation of basic blocks, peephole optimization, generating code from DAG.


    Unit –V Code Optimization Introduction to Code optimization: sources of optimization of basic blocks, loops in flow graphs, dead code elimination, loop optimization, Introduction to global data flow analysis, Code Improving transformations ,Data flow analysis of structure flow graph Symbolic debugging of optimized code.


    References:

    1. A. V. Aho, R. Sethi, and J. D. Ullman. Compilers: Principles, Techniques and Tools , Pearson Education

    2 Raghavan, Compiler Design, TMH Pub.

  3. Louden. Compiler Construction: Principles and Practice, Cengage Learning

  4. A. C. Holub. Compiler Design in C , Prentice-Hall Inc., 1993.

  5. Mak, writing compiler & Interpreters, Willey Pub


Unit I: Disaster Recovery and Business Continuity: Introduction, Terminologies Disaster Types Consequences of Disaster, Disaster Recovery & Business Continuity, Principles of Disaster Recovery and Business Continuity, Issues in Disaster Recovery & Business Continuity, Addressed Activities, Solutions, Best Practices, International Strategy for Disaster Reduction (ISDR).

Unit II: Nature and Causes of Disasters: Nature of Disasters, Categorization of Disasters, Natural Disasters- Earthquakes, Protecting Yourself During Earthquake, Volcanoes, Protection from Volcanoes, Forecasting Volcanoes Estimating Earthquakes Earthquakes, Tsunami, Protecting Yourself During Tsunami, Landslides, Effects of Landslides, Protecting Yourself from Landslides, Floods, Effect of floods Prevention Measures, Wildfires Safety Measures, Drought, Consequences of Drought Measures to Overcome Drought Effects, Man-Made Disasters Accidents Power Outage Telecommunication Outage Categorization of Human Intentional Disasters.

Unit-III: Emergency Management: Need for Emergency Management, Phases of Emergency Management, Mitigation Preparedness, Response Recovery, Effect of Disaster on Business Organizations, Emergency Management for Business Organizations FEMA- Federal Emergency Management Agency, Activities of FEMA.

Unit-IV: Laws and Acts: Introduction Applicable Acts in DR Laws and Acts, Foreign Corrupt Practices Act (FCPA), Gramm-Leach-Bliley Act Flood Disaster Protection Act of 1973, CAN- SPAM Act of 2003, Personal Information Protection and Electronic Documents Act (PIPEDA), Laws and Acts of Europe Data Protection Act 1998, Transmission of Personal Data, Directive 2002/58/EC Personal Data, Directive 95/46/EC Insurance, Financial Groups Directive (FGD), Foundation of Personal Data Security Law: OECD Financial Transactions Reporting (FTR) Act 1988.

Unit-V: Business Continuity Management - Business Continuity Planning, Objectives of Business Continuity Planning, Essential Resources in Business Continuity Planning, Business Continuity Management Planning Steps in ISO (International Organization for Standardization), Risk Analysis, Risk Assessment, Basic Elements of Risk Assessment, Business Impact Analysis

(BIA), Components of Business Impact Analysis, Threat Analysis, Risk Analysis, and Business Impact Analysis, Crisis Management Steps in Crisis Management.

References:-


  1. John Rittinghouse, James F. Ransome, “Business Continuity and Disaster Recovery for InfoSec Managers”.

  2. Susan Snedaker, Business Continuity and Disaster Recovery Planning for IT Professionals”

  3. Joseph F. Gustin, “Disaster and Recovery Planning: A Guide for Facility Managers”


.


Open Elective CY504 (B) – OOAD

Unit I: Overview of Object Oriented concepts: Objects and classes, abstraction, generalization and inheritance, encapsulation, multiple inheritance, aggregation abstraction classes, polymorphism, link and association, Need for object oriented approach

Unit II: System design life cycle, object oriented S/W development process model, Object Oriented Analysis, Object Modeling Technique (OMT): object model, function model, relationship among models, object diagrams, state diagrams, data flow diagrams, analysis.

Unit III: Object oriented Design: Overview of object design, Combination the models, Designing algorithms, design optimization, Implementation of control, Adjustment, Design of association, object representation, physical packaging, documenting design decision, comparison of use-case driven approach.

Unit IV: Translation Object Oriented design into implementation, Programming style, Documentation, characterization of object oriented languages, Comparison of object oriented language like C++, JAVA, object programming.

Unit V: Unified Modeling Language (UML): Class diagram sequence diagram Use case diagram, Collaboration, diagram, state, chart diagram, Activity diagram, component diagram, deployment diagram, Object oriented Database: Relational Vs .object oriented database, the architecture of object oriented database, query language for Object Oriented database.

References:-

  1. Satzinger, Jackson and Burd, “Object oriented Analysis and design with the Unified Process”,


  2. CENGAGE Learning. Michael Blaha and J. Rumbugh, “Object oriented Modeling and design with UML”, Pearson

2. Education O’Docherty, “Object Oriented Analysis and Design Understanding, System Development with UML2.0”, Wiley India.


Open Elective CY504 (C) – Dataware Housing & Mining

Unit I: Data Warehousing: Need for data warehousing , Basic elements of data warehousing, Data Mart, Data Warehouse Architecture, extract and load Process, Clean and Transform data, Star ,Snowflake and Galaxy Schemas for Multidimensional databases, Fact and dimension data, Partitioning Strategy-Horizontal and Vertical Partitioning.

Unit II: Data Warehouse and OLAP technology, Multidimensional data models and different OLAP Operations, OLAP Server: ROLAP, MOLAP, Data Warehouse implementation ,Efficient Computation of Data Cubes, Processing of OLAP queries, Indexing data.

Unit III: Data Mining: Data Preprocessing ,Data Integration and Transformation, Data Reduction, Discretizaion and Concept Hierarchy Generation , Basics of data mining, Data mining techniques, KDP (Knowledge Discovery Process), Application and Challenges of Data Mining, Introduction of Web Structure Mining, Web Usage Mining, Spatial Mining, Text Mining, Security Issue, Privacy Issue, Ethical Issue.

Unit IV: Mining Association Rules in Large Databases: Association Rule Mining, Single- Dimensional Boolean Association Rules, Multi-Level Association Rule, Apriori Algorithm, Fp- Growth Algorithm, Time series mining association rules, latest trends in association rules mining.

Unit V: Classification and Clustering Distance Measures, Types of Clustering, K-Means Algorithm, Decision Tree Induction, Bayesian Classification, Association Rule Based, Other Classification Methods, Prediction, Classifier Accuracy, Categorization of methods, Partitioning methods, Outlier Analysis.

Reference:-


  1. P.Ponnian, “Data Warehousing Fundamentals”, John Weliey. Han,Kamber, “Data Mining Concepts & Techniques”,

  2. M.Kaufman. M.H.Dunham, “Data Mining Introductory & Advanced Topics”, Pearson Education. Ralph Kimball, “The Data Warehouse Lifecycle Tool Kit”,

  3. John Wiley. M.Berry , G.Linoff, “Master in Data Mining”, John Wiley. W.H.Inmon, “Building the Data Ware houses”,

  4. Wiely Dreamtech. E.G. Mallach , “The Decision Support & Data Warehouse Systems”, TMH