CSC401 / Cyber Security

Syllabus

117KB

Y2S4-CSC401+421-BTECH-CSE-IT-SYLLABUS.pdf

PDF

Open

Resources

M1: Introduction to Applied Cryptosystems

[⤓] 1.1 Basic of Cryptography

[⤓] 1.1 Protocols for identification and login

[⤓] 1.2 challenge-response, auth protocol and its attacks

[⤓] 1.2 Schnorr’s identification protocol

[⤓] 1.2 Secret Key Cryptography

[⤓] 1.3 Data Encryption Standard

[⤓] 1.3 Proving properties in zero knowledge

[⤓] 1.4 One-sided authenticated key exchange

[⤓] 1.4 Security Goals

[⤓] 1.5 Security of protocol AKE1, PAKE0, PAKE1, PAKE2

MODULE 1 - CSC401 - STRUCTURED SYLLABUS

• Protocols for Identification and Login:

  • Interactive Protocols

  • ID Protocols

  • Password Protocols

  • Challenge-Response Protocols

  • Schnorr's Identification Protocol

• Proving Properties in Zero Knowledge:

• Authenticated Key Exchange:

  • One-sided Authenticated Key Exchange

  • Security of Protocol AKE1

  • Protocol PAKE0

  • Protocol PAKE1

  • Protocol PAKE2

M2: Fundamentals of Security Protocols and usage

[⤓] 2.1 SCP

[⤓] 2.1 Secure Copy Protocol (SCP)

[⤓] 2.2 SSH (Secure Shell)

[⤓] 2.3 SSL (Secure Sockets Layer)

[⤓] 2.4 TLS (Transport Layer Security)

[⤓] 2.5 Digital Signature

[⤓] 2.5 STARTTLS

[⤓] 2.6 IPSec (Internet Protocol Security)

[⤓] 2.7 VPN (Virtual Private Network)

[⤓] 2.8 HTTPS (Hyper Text Transfer Protocol Secure)

[⤓] 2.9 Encrypting and Signing Emails-PGP

[⤓] 2.10 Encrypting and Signing Emails DKIM

[⤓] 2.11 Encrypting and Signing Emails-SPF

[⤓] 2.12 Single Sign On (SSO)

[⤓] 2.13 Signature and Anomaly based detection

[⤓] 2.14 Honeypots and Honeynets

MODULE 2 - CSC401 - STRUCTURED SYLLABUS

• Security Protocols and Standards:

  • SCP (Secure Copy Protocol)

  • SSH (Secure Shell)

  • SSL (Secure Sockets Layer)

  • TLS (Transport Layer Security)

  • STARTTLS

  • IPSec (Internet Protocol Security)

  • VPN (Virtual Private Network)

  • HTTPS (Hypertext Transfer Protocol Secure)

• Encrypting and Signing Emails:

  • PGP (Pretty Good Privacy) - GPG/OpenPGP

  • DKIM (DomainKeys Identified Mail)

  • SPF (Sender Policy Framework)

• Single Sign-On (SSO):

  • OAuth

  • OpenID

• Security Monitoring and Management:

  • Signature and Anomaly Based Detection

  • Honeypots and Honeynets

  • Network Log Management (syslog or SPLUNK)

• Role-Based Access Control (RBAC):

  • Role Mining

• Domain Name System (DNS):

  • Dig Tool

  • DNSSEC (DNS Security Extensions) - DS and NSEC Records

M3: Implementation of Cryptosystems

MODULE 3 - CSC401 - STRUCTURED SYLLABUS

• Authenticated Key Exchange:

  • Goals for Authentication and Key Establishment

  • Encryption-based Protocol and its Attacks

  • Perfect Forward Secreteness

  • Protocol based on Ephemeral Encryption

  • Attacks on Insecure Variations

  • Identity Protection

  • Password Authenticated Key Exchange (PAKE)

    • Phishing Attacks

  • Explicit Key Confirmation

M4: Network Security Primitives

MODULE 4 - CSC401 - STRUCTURED SYLLABUS

• Classes of Key Agreement Protocols:

  • Pairing-based Cryptographic Protocols

  • ID-based Encryption Schemes

  • Conference Key Protocols

  • Security Goals (for Key Agreement)

  • Static and Dynamic Groups

  • Key Exchange Protocol

• Techniques for Network Protection:

  • Monitoring and Detection

  • Firewalls:

    • Packet Filter Firewalls

    • Stateful Firewalls

    • Application-Aware Firewalls

    • Personal Firewalls

  • Proxies

  • NAT (Network Address Translation)

  • ACL (Access Control List)

M5: Security issues and solutions

MODULE 5 - CSC401 - STRUCTURED SYLLABUS

• Intrusion Detection Systems (IDS):

  • Snort

• Attack Techniques:

  • Network Reconnaissance:

    • Nmap

    • Vulnerability Audits - OpenVAS

  • DNS-based Attacks:

  • Phishing:

    • DNSTwist

  • Network-based Malware Attacks:

    • Remote Access Trojan (e.g., Poison Ivy)

    • Domain Name Generation Algorithm (DGA) based Botnets

  • LAN Attacks:

    • ARP Cache Poisoning (Ettercap/arp spoof)

    • MAC Flooding

    • Man-in-the-Middle Attacks

    • Port Stealing

    • DHCP Attacks

    • VLAN Hopping

  • Network Sniffing:

    • Wireshark

  • Password Cracking:

    • John the Ripper

  • Attacks on SSL/TLS:

    • SSL Stripping

    • DROWN Attack

    • POODLE Attack

• Network Packet Creation and Manipulation:

  • Scapy Library

  • dpkt Library

M6: Protecting the Network Infrastructure

MODULE 6 - CSC401 - STRUCTURED SYLLABUS

• Securing Network Services:

  • NTP (Network Time Protocol) - Vulnerabilities and Configuration

  • SNMP (Simple Network Management Protocol) - Vulnerabilities and Configuration

• Network Security Technologies:

  • VPN (Virtual Private Network)

  • IPSec (Internet Protocol Security)

  • RADIUS (Remote Authentication Dial-In User Service)

  • TACACS+ (Terminal Access Controller Access Control System Plus)

• Intrusion Prevention Systems (IPS):

  • Operation of Host-Based Intrusion Prevention Systems

  • Operation of Network-Based Intrusion Prevention Systems

• Content and Endpoint Security

Notes

MidTerm

[⤓] CSC401-M1-Concept-Outline

[⤓] CSC401-M2-Concept-Outline

[⤓] CSC401-CYBER-SECURITY-M1+M2-SHORT-NOTES-MidTerm

[⤓] CSC401-CYBER-SECURITY-M1+M2-Concept-Diagrams-MidTerm

EndSem

[⤓] CSC401-M3+4+5+6-Concept-Diagram

Question Directory

[⤓] CSC401-Applied-Crypto-QUESTION-BANK-BTECH

[⤓] CSC401-Applied-Crypto-QUESTION-BANK-ANSWERS+CONCEPT-DIAGRAM

Assignment Questions

[⤓] CSC401-CYBER-Assignment-MidTerm

Previous Year Questions

[⤓] Y2S4-CSC401-CYBERSEC-MidTerm-PYQ-Apr25

[⤓] Y2S4-CSC401-CYBERSEC-EndSem-PYQ-Jun25

Collaborate on Vaultscapes | Notionmantavyam on Notion

Get Credited for sharing your Knowledge Source with your Peers

Feedback Form | Vaultscapes | Notionmantavyam on Notion

Submit Queries/Feedbacks/Suggestions/Complaints using this Form