ii semester r18 - vnrvjiet.ac.in · 2 vnr vignana jyothi institute of engineering & technology...

1

VNR VIGNANA JYOTHI INSTITUTE OF ENGINEERING & TECHNOLOGY, HYDERABAD

M.TECH. I YEAR COURSE STRUCTURE AND SYLLABUS

(COMPUTER NETWORKS & INFORMATION SECURITY)

II SEMESTER R18

Course Type Course Code Name of the Course L T P

Credits

Professional

Core-IV 18PC1CN04

Wireless Networks and Mobile

Computing 3 0 0 3

Professional

Core-V 18PC1CP05 Soft Computing 3 0 0 3

Professional

Core-VI 18PC1CN05 Web Scripting Languages 3 0 0 3

Professional

Elective-III

18PE1CN07 Fundamentals of Wireless Sensor

Networks

3 0 0 3 18PE1CN08 Intrusion Detection

18PE1CN09 Network Programming

Professional

Elective-IV

18PE1CN10 Ethical Hacking

3 0 0 3 18PE1CN11 Security Assessment and Risk

Analysis

18PE1CN12 Information Security Management

and Standards

Professional

Core Lab-III 18PC2CN03

Wireless Networks Simulation and

Soft Computing Laboratory 0 0 3 1.5

Professional

Core Lab-IV 18PC2CN04

Web Scripting Languages

Laboratory 0 0 3 1.5

Project 18PW4CN02 Mini-Project 0 0 4 2

Audit 18AU5EN01 English for Academic and Research

Writing 2 0 0 0

Total 17 0 10 20

2

VNR VIGNANA JYOTHI INSTITUTE OF ENGINEERING & TECHNOLOGY

M.Tech. II Semester (CNIS) L T/P C

3 0 3

(18PC1CN04) WIRELESS NETWORKS AND MOBILE COMPUTING

COURSE OBJECTIVES:

• To comprehend the differences between mobile and wireless

• To understand GSM Architecture, Goals of mobile IP and Ad-Hoc networks

• To give students knowledge of Broadcast Systems

• To analyze WAP, Bluetooth and Secure Environment

COURSE OUTCOMES: At the end of course, student will be able to:

CO-1: Understanding and remembering various Application areas of mobile and wireless

devices

CO-2: Analyzing GSM Transmission Technologies and drawbacks of traditional TCP

CO-3: Applying architecture of DAB and DVB

CO-4: Evaluating various Mark-up Languages and their advantages/disadvantages and

describe Smart client security

UNIT-I:

Introduction to Mobile and Wireless Landscape: Definition of Mobile and Wireless, Components

of Wireless Environment, Challenges Overview of Wireless Networks, Categories of Wireless

Networks Wireless LAN: Infra-red Vs radio transmission, Infrastructure and Ad-hoc Network, IEEE

802.11

UNIT-II:

Global System for Mobile Communications (GSM): GSM Architecture, GSM Entities, Call

Routing in GSM, PLMN Interfaces, GSM Addresses and Identifiers, Network Aspects in GSM,

GSM Frequency Allocation, Authentication and Security.

UNIT-III:

Mobile Network Layer: Mobile IP (Goals, assumptions, entities and tunneling. terminology, IP

packet delivery, agent advertisement and discovery, registration, and encapsulation,

optimizations), Dynamic Host Configuration Protocol (DHCP), Mobile Ad-hoc networks:

Routing, destination Sequence Distance Vector, Dynamic Source Routing

MOBILE TRANSPORT LAYER Traditional TCP, Indirect TCP, Snooping TCP, Mobile TCP, Fast

retransmit/fast recovery, Transmission /time-out freezing, Selective retransmission, Transaction

oriented TCP.

UNIT-IV:

Broadcast Systems: Overview, Cyclical repetition of data, Digital audio data broadcasting:

Multimedia object transfer protocol, Digital video broadcasting: DVB broadcasting, DVB for

high-speed internet access, Convergence of broadcasting and mobile communications.

UNIT-V:

Protocols and Tools: Wireless Application Protocol-WAP. (Introduction, protocol architecture,

and treatment of protocols of all layers), Bluetooth (User scenarios, physical layer, MAC layer,

networking, security, link management) and J2ME.

UNIT-VI:

Mobile and Wireless Security: Creating a Secure Environment, Security Threats, Security

Technologies, Other Security Measures, WAP Security, Smart Client Security.

3

TEXT BOOKS:

1. Jochen Schiller, ―Mobile Communications‖, Pearson Education, Second Edition, 2008.

2. Martyn Mallick, ―Mobile and Wireless Design Essentials‖, Wiley, 2008.

3. Asoke K. Talukder, et al, ―Mobile Computing‖, Tata McGraw Hill, 2008.

REFERENCES:

1. Mobile Computing, Raj Kamal, Oxford University Press.

2. William Stallings, ―Wireless Communications & Networks‖, Person, Second Edition, 2007.

3. Frank Adelstein et al, ―Fundamentals of Mobile and Pervasive Computing‖, TMH, 2005.

4. Jim Geier, ―Wireless Networks first-step‖, Pearson, 2005.

5. Sumit Kasera et al, ―2.5G Mobile Networks: GPRS and EDGE‖, TMH, 2008.

4



3 0 3

(18PC1CP05) SOFT COMPUTING

COURSE OBJECTIVES:

To introduce soft computing concepts and techniques and foster their abilities in designing

appropriate technique for a given scenario

To implement soft computing-based solutions for real-world problems

To give students knowledge of non-traditional technologies and fundamentals of artificial

neural networks, fuzzy sets, fuzzy logic, genetic algorithms

To provide students an hand-on experience on MATLAB to implement various strategies

COURSE OUTCOMES: At the end of course, student will be able to

CO-1: Identify and describe soft computing techniques and their roles in building intelligent

machines

CO-2: Analyze fuzzy logic and reasoning to handle uncertainty and solve various engineering

problems

CO-3: Apply neural networks and genetic algorithms to combinatorial optimization

problems

CO-4: Evaluate and compare solutions by various soft computing approaches for a given

problem

UNIT-I:

Introduction to Soft Computing: Evolution of Computing: Soft Computing Constituents, From

Conventional AI to Computational Intelligence: Machine Learning Basics.

UNIT-II:

Fuzzy Logic: Fuzzy Sets, Operations on Fuzzy Sets, Fuzzy Relations, Membership Functions: Fuzzy

Rules and Fuzzy Reasoning, Fuzzy Inference Systems, Fuzzy Expert Systems, Fuzzy Decision

Making.

UNIT-III:

Neural Networks: Machine Learning Using Neural Network, Adaptive Networks, Feed forward

Networks, Supervised Learning Neural Networks, Radial Basis Function Networks: Reinforcement

Learning, Unsupervised Learning Neural Networks, Adaptive Resonance architectures,

Advances in Neural networks.

UNIT-IV:

Genetic Algorithms: Introduction to Genetic Algorithms (GA), Applications of GA in Machine

Learning: Machine Learning Approach to Knowledge Acquisition.

UNIT-V:

Matlab/Python Lib: Introduction to Matlab/Python, Arrays and array operations, Functions and

Files, Study of neural network toolbox and fuzzy logic toolbox, Simple implementation of

Artificial Neural Network and Fuzzy Logic.

UNIT-VI:

Recent Trends in deep learning, various classifiers, neural networks and genetic algorithm.

Implementation of recently proposed soft computing techniques.

TEXT BOOKS:

1. J.S.R. Jang, C.T. Sun and E.Mizutani, ―Neuro-Fuzzy And Soft Computing‖, PHI / Pearson

Education, 2004.

5

2. S. N. Sivanandam and S. N. Deepa, ―Principles Of Soft Computing‖, Wiley India Pvt Ltd,

2011

REFERENCES:

1. George J. Klir and Bo Yuan, Fuzzy Sets and Fuzzy Logic: Theory and Applications, Prentice

Hall, 1995.

2. Melanic Mitchell, An Introduction to Genetic Algorithm, MIT Press, 1996.

3. Timothy J. Ross, Fuzzy Logic with Engineering Applications, Wiley, 2010.

4. S. Rajasekaran and G.A.V.Pai, ―Neural Networks, Fuzzy Logic and Genetic Algorithms‖, 1st

ed., PHI, 2003

6



3 0 3

(18PC1CN05) WEB SCRIPTING LANGUAGES

COURSE OBJECTIVES:

To introduce PHP language for server side scripting

To introduce XML and processing of XML Data with Java

To introduce Server side programming with Java Servlets and JSP

To introduce Client side scripting with Javascript and AJAX

COURSE OUTCOMES: At the end of course, students would be able to:

CO-1: To gain knowledge of client side scripting, validation of forms and AJAX programming

CO-2: To understanding of server side scripting with PHP language

CO-3: To understand what is XML and how to parse and use XML Data with Java

UNIT-I:

Perl: Introduction to Perl and Scripting: Scripts and Programs, Origin of Scripting, Scripting

Today, Characteristics of Scripting Languages, Uses for Scripting Languages, Web Scripting,

and the universe of Scripting Languages. PERL- Names and Values, Variables, Scalar

Expressions, Control Structures, arrays, list, hashes, strings, pattern and regular expressions,

subroutines.

UNIT-II:

Php: Introduction to PHP: Declaring variables, data types, arrays, strings, operators, expressions,

control structures, functions, Reading data from web form controls like text boxes, radio

buttons, lists etc., Handling File Uploads.

UNIT-III:

Adv. Php: Connecting to database (MySQL as reference), executing simple queries, handling

results, Handling sessions and cookies

File Handling in PHP: File operations like opening, closing, reading, writing, appending, deleting

etc. on text and binary files, listing directories.

UNIT-IV:

Ajax: Introduction to AJAX, Ajax Frameworks, HTML in AJAX , XML and Ajax, Ajax Applications,

OO JavaScript and Refactoring Ajax, JavaScript Object Notation (JSON), XSLT Transformations

with JavaScript, Drag and Drop, More Ajax Applications.

UNIT-V:

ajax with xslt: Using XSLT with AJAX : XSLT Basics- XSLT Variables, Output Types, XSLT Elements

and Attributes, XPath, Flow Control in XSLT, XSLT Templates, Parameters and Variables.

UNIT-VI:

Ruby: Introduction, Arrays and Hashes, Classes and Objects, Containers, Blocks and Iterators,

Regular Expressions and Methods, Expressions, Exceptions, Input/Output, Modules.

TEXT BOOKS:

1. The World of Scripting languages: David Barron

2. The Complete Reference PHP — Steven Holzner, Tata McGraw-Hill

3. Ajax In Action by Darren James, Dave Crane, and Eric Pascarello

REFERENCES:

1. Web Technologies, Uttam K Roy, Oxford University Press

7

2. Programming Ruby, The Pragmatic Programmers' Guide 1.9, Dave Thomas, Pragmatic

Bookshelf. ISBN 0974514055

3. Learning Perl by Randal L. Schwartz O’Reilly

4. Learning PHP and MySQL by JON A. PHILLIPS and Michele E. Davis, O’Reilly publications

5. Learning Ruby by Michael James Fitzgerald, O’Reilly publications

8



3 0 3

(18PE1CN07) FUNDAMENTALS OF WIRELESS SENSOR NETWORKS

COURSE OBJECTIVES:

To classify mobile ad hoc networks, design and implementation issues, and available

solutions

To demonstrate routing mechanisms and the three classes of approaches: proactive, on-

demand, and hybrid

To distinguish clustering mechanisms and the different schemes that have been employed,

e.g., hierarchical, flat, and leaderless

To summarize on sensor networks and their characteristics


CO-1: Remembering the concept of ad-hoc and sensor networks, their applications and

typical node and network architectures

CO-2: Analyzing protocol design issues (especially energy-efficiency)

CO-3: Evaluating protocol designs for wireless sensor networks

CO-4: Creating protocol designs in terms of their energy-efficiency

UNIT-I:

Introduction: Fundamentals of Wireless Communication Technology. The Electromagnetic

Spectrum. Radio Propagation Mechanisms. Characteristics of the Wireless Channel.

Modulation Techniques. Multiple Access Techniques. Voice Coding. Error Control. Computer

Networks. Computer Network Software. Computer Network Architecture. IEEE 802 Networking

Standards.

UNIT-II:

Wireless Internet, Adhoc Wireless Networks, MAC Protocols in Adhoc Wireless Networks

Quality of Service: Real-time traffic support – Issues and challenges in providing QoS –

Classification of QoS Solutions – MAC layer classifications – QoS Aware Routing Protocols –

Ticket based and Predictive location based Qos Routing Protocols

UNIT-III:

Energy Management Adhoc Networks: Need for Energy Management – Classification of

Energy Management Schemes – Battery Management and Transmission Power Management

Schemes – Network Layer and Data Link Layer Solutions – System power Management

schemes.

UNIT-IV:

Mesh Networks: Necessity for Mesh Networks – MAC enhancements – IEEE 802.11s Architecture

– Opportunistic Routing – Self Configuration and Auto Configuration - Capacity Models –

Fairness – Heterogeneous Mesh Networks – Vehicular Mesh Networks.

UNIT-V:

Sensor Networks: Introduction – Sensor Network architecture – Data Dissemination – Data

Gathering – MAC Protocols for sensor Networks – Location discovery.

UNIT-VI:

Quality of Sensor Networks – Evolving Standards – Other Issues – Recent trends in Infrastructure

less Networks

9

TEXT BOOKS:

1. C. Siva Ram Murthy and B.S.Manoj, ―Ad hoc Wireless Networks – Architectures and

Protocols’, Pearson Education, 2004

2. Ad Hoc And Sensor Networks - Theory and Applications, Dharma Prakash Agrawal, Carlos

De Morais Cordeiro, Cambridge University Press (2010)

3. Mobile Ad Hoc Networks: Current Status and Future Trends, Jonathan Loo (Editor),

Jaime Lloret Mauri (Editor), Jesús Hamilton Ortiz (Editor), CRC Press-2011

REFERENCES:

1. Ad Hoc and Sensor Networks, Cordeiro, World Scientific Publishing Company, 2013

2. Wireless Ad hoc and Sensor Networks: Protocols, Performance, and Control, Jagannathan

Sarangapani, Taylor & Francis/bsp Books (2007)

3. Wireless Ad Hoc and Sensor Networks, Houda Labiod, ISTE (10 July 2007)

4. Security and Privacy in Ad-Hoc and Sensor Networks, Refik Molva (Editor), Gene Tsudik

(Editor), Dirk Westhoff (Editor), Springer (9 April 2008)

10



3 0 3

(18PE1CN08) INTRUSION DETECTION

COURSE OBJECTIVES:

To compare alternative tools and approaches for Intrusion detection through quantitative

analysis to determine the best tool or approach to reduce risk from intrusion

To identify and describe the parts of all intrusion detection systems and characterize new

and emerging IDS technologies according to the basic capabilities all intrusion detection

systems share


CO-1: Apply knowledge of the fundamentals and history of Intrusion Detection in order to

avoid common pitfalls in the creation and evaluation of new Intrusion detection

systems

CO-2: Evaluate the security an enterprise and appropriately apply Intrusion Detection tools

and techniques in order to improve their security posture

CO-3: Analyze zero- day detection-Insider Threat issues

UNIT-I:

The state of threats against computers, and networked systems-Overview of computer security

solutions and why they fail-Vulnerability assessment, firewalls, VPN’s -Overview of Intrusion

Detection and Intrusion Prevention- Network and Host-based IDS.

UNIT-II:

Classes of attacks - Network layer: scans, denial of service, penetration- Application layer:

software exploits, code injection-Human layer: identity theft, root access-Classes of attackers-

Kids/hackers/sop, Hesitated groups-Automated: Drones, Worms, Viruses.

UNIT-III:

A General IDS model and taxonomy, Signature-based Solutions, Snort, Snort rules, Evaluation of

IDS, Cost sensitive IDS.

UNIT-IV:

Anomaly Detection Systems and Algorithms-Network Behavior Based Anomaly Detectors (rate

based)-Host-based Anomaly Detectors-Software Vulnerabilities- State transition, Immunology,

Payload Anomaly Detection.

UNIT-V:

Attack trees and Correlation of alerts-Autopsy of Worms and Botnets-Malware detection-

Obfuscation, polymorphism-Document vectors.

UNIT-VI:

Email/IM security issues-Viruses/Spam-From signatures to thumbprints to zero- day detection-

Insider Threat issues-Taxonomy-Masquerade and Impersonation- Traitors, Decoys and

Deception-Future: Collaborative Security.

TEXT BOOKS:

1. The Art of Computer Virus Research and Defense, Peter Szor, Symantec Press ISBN 0-321-

30545-3

2. Crimeware, Understanding New Attacks and Defenses, Markus Jakobsson and Zulfikar

Ramzan, Symantec Press, ISBN: 978-0-321-50195-0 2008

11

REFERENCES: 1. Network Intrusion Detection, Third Edition By Stephen Northcutt, Judy Novak -New Riders

Publishing

2. Intrusion Detection Systems , Rebecca Bace1 and Peter Mel, NIST Special Publication

3. Intrusion Detection Systems -2008-Springer Book

12



3 0 3

(18PE1CN09) NETWORK PROGRAMMING

COURSE OBJECTIVES:

To analyze the working principle of networks, and topologies by implementing commands,

shell scripts and files

To evaluate different IPC mechanisms

To understand Message queues, semaphores and shared memory

To acquire knowledge on sockets


CO-1: Understanding the network hardware, network topologies, and protocols

CO-2: Remembering the importance of IPC and signals

CO-3: Creating applications on shared memory, message queues

CO-4: Applying and analyzing the knowledge in developing client server application to

support communication interfaces

UNIT-I:

Linux Utilities- File handling utilities, Security by file permissions, Process utilities, Disk utilities,

Networking utilities, Filters, Text processing utilities and Backup utilities. Bourne again shell (bash)

- Introduction, pipes and redirection, here documents, running a shell script, the shell as a

programming language, shell Meta characters, file name substitution, shell variables,

command Substitution, shell commands, the environment, quoting, test command, control

structures, arithmetic in shell, shell script examples.

UNIT-II:

Files- File Concept, File types File System Structure, Inodes, File Attributes, file I/O in C using

system calls, kernel support for files, file status information-stat family, file and record locking-

lockf and fcntl functions, file permissions- chmod, fchmod, file ownership-chown, lchown,

fchown, links-soft links and hard links – symlink, link, unlink.

UNIT-III:

File and Directory management – Directory contents, Scanning Directories- Directory file APIs.

Process- Process concept, Kernel support for process, process attributes, process control –

process creation, replacing a process image, waiting for a process, process termination,

zombie process, orphan process.

UNIT-IV:

Signals- Introduction to signals, Signal generation and handling, Kernel support for signals,

Signal function, unreliable signals, reliable signals, kill, raise , alarm, pause, abort, sleep

functions.

Interprocess Communication - Introduction to IPC mechanisms, Pipes- creation, IPC between

related processes using unnamed pipes, FIFOs-creation, IPC between unrelated processes

using FIFOs(Named pipes), differences between unnamed and named pipes, popen and

pclose library functions, Introduction to message queues, Semaphores and shared memory.

UNIT-V:

Message Queues- Kernel support for messages, UNIX system V APIs for messages, client/server

example. Semaphores-Kernel support for semaphores, UNIX system V APIs for semaphores.

Shared Memory- Kernel support for shared memory, Unix system V APIs for shared memory,

client/server example.

13

UNIT-VI:

Network IPC - Introduction to Unix Sockets, IPC over a network, Client-Server model, Address

formats(Unix domain and Internet domain), Socket system calls for Connection Oriented -

Communication, Socket system calls for Connectionless - Communication,

Example-

Client/Server Programs- Single Server-Client connection, multiple simultaneous clients, Socket

options - setsockopt, getsockopt, fcntl.

TEXT BOOKS:

1. Unix System Programming using C++, T.Chan, PHI.

2. Unix Concepts and Applications, 4th Edition, Sumitabha Das, TMH.

3. Unix Network Programming, W.R. Stevens, PHI.

REFERENCES:

1. Linux System Programming, Robert Love, O’Reilly, SPD.

2. Advanced Programming in the Unix environment, 2nd Edition, W.R. Stevens, Pearson

Education.

3. Unix for Programmers and Users, 3rd Edition, Graham Glass, King Ables, Pearson Education.

4. Unix Network Programming the Sockets Networking API, Vol.-I, W.R. Stevens, Bill Fenner,

A.M. Rudoff, Pearson Education.

5. Unix shell Programming, S.G. Kochan and P. Wood, 3rd edition, Pearson Education.

14



3 0 3

(18PE1CN10) ETHICAL HACKING

COURSE OBJECTIVES:

To ability to quantitatively assess and measure threats to information assets

To evaluate where information networks are most vulnerable

To apply security plans designed for protecting data assets against attacks

To perform penetration tests into secure networks for evaluation purposes


CO-1: Understanding and experience in Ethical Hacking

CO-2: Creating techniques to minimize risks of attacks

CO-3: Analyzing different techniques and methods applied by hackers

CO-4: Applying SQL injection and penetration test methods

UNIT-I:

Introduction to Ethical Hacking, Ethics, and Legality: Ethical Hacking Terminology, Different

Types of Hacking Technologies, Different Phases Involved in Ethical Hacking and Stages of

Ethical Hacking: Passive and Active Reconnaissance, Scanning, Gaining Access, Maintaining

Access, Covering Tracks, Hacktivism, Types of Hacker Classes, Skills Required to Become an

Ethical Hacker, Vulnerability Research, Ways to Conduct Ethical Hacking, Creating a Security

Evaluation Plan, Types of Ethical Hacks.

Foot printing and Social Engineering

Foot printing, Information Gathering Methodology, DNS Enumeration Who is and ARIN Lookups,

Trace route, Social Engineering, Common Types Of Attacks, Insider Attacks, Identity Theft,

Phishing Attacks, Online Scams, URL Obfuscation, Social-Engineering Countermeasures

UNIT-II:

System Hacking Understanding Password-Cracking Techniques, Password-Cracking

Countermeasures, 48 Understanding Different Types of Passwords Passive Online Attacks,

Active Online Attacks, Offline Attacks Non-electronic Attacks, Understanding Key loggers and

Other Spyware Technologies Understand Escalating Privileges, Executing Applications, Buffer

Overflows, Understanding Rootkits Planting, Understanding How to Hide Files, NTFS File

Streaming NTFS Stream Countermeasures, Understanding Steganography Technologies,

Understanding How to Cover Your Tracks and Erase Evidence, Disabling Auditing, Clearing the

Event Log.

UNIT-III:

Trojans, Backdoors, Viruses, and Worms: Trojans and Backdoors, Overt and Covert Channels,

Types of Trojans, Reverse Connecting Trojans, Netcat Trojan, Indications of a Trojan Attack,

Trojan Construction Kit and Trojan Makers, Countermeasure Techniques in Preventing Trojans,

Difference between a Virus and a Worm, Types of Viruses, Understand Antivirus Evasion

Techniques, Understand Virus Detection Methods

Session Hijacking : Denial of Service, Session Hijacking, Spoofing vs. Hijacking, Types of Session

Hijacking, Sequence Prediction, Steps in Performing Session Hijacking, Prevention of Session

Hijacking

UNIT-IV:

Hacking Web Servers, Web Application Vulnerabilities, and Web-Based Password Cracking

Techniques: Hacking Web Servers, Types of Web Server Vulnerabilities, Attacks against Web

Servers, Web Server Hardening Methods Web Application Vulnerabilities, Objectives of Web

Application Hacking, Anatomy of an Attack, Web Application Threats, Google Hacking, Web

Application Countermeasures. Web-Based P a s s w o r d Cracking Techniques, Authentication

15

Types, Password Cracker, Password Attacks: Classification Password- Cracking

Countermeasures

UNIT-V:

SQL Injection and Buffer Overflows: SQL Injection, Steps to Conduct SQL Injection, SQL Server

Vulnerabilities, SQL Injection Countermeasures Buffer Overflows, Types of Buffer Overflows and

Methods of Detection, Stack-Based Buffer Overflows, Buffer Overflow Mutation Techniques

UNIT-VI:

Linux Hacking Linux Basics, Compile a Linux Kernel, GCC Compilation Commands, Install Linux

Kernel Modules, Linux Hardening Methods

Penetration Testing Methodologies

Security Assessments, Penetration Testing Methodologies, Penetration Testing Steps, Pen- Test

Legal Framework, Automated Penetration Testing Tools, Pen-Test Deliverables.

TEXT BOOKS:

1. CEH official Certified Ethical Hacking Review Guide, Wiley India Edition

2. Certified Ethical Hacker: Michael Gregg, Pearson Education

3. Certified Ethical Hacker: Matt Walker, TMH.

REFERENCES:

1. Hacking: The Art of Exploitation, 2nd Edition by Jon Erickson

2. Hacking: Computer Hacking, Security Testing, Penetration Testing, and Basic

Secur Paperback – 2016 by Gary Hall and Erin Watson

3. The Hardware Hacker: Adventures in Making and Breaking Hardware, 1st Edition

by Andrew Bunnie Huang

https://www.amazon.com/Gary-Hall/e/B001JSALOC/ref=dp_byline_cont_book_1

https://www.amazon.com/s/ref=dp_byline_sr_book_2?ie=UTF8&text=Erin+Watson&search-alias=books&field-author=Erin+Watson&sort=relevancerank

https://www.amazon.com/s/ref=dp_byline_sr_book_1?ie=UTF8&text=Andrew+Bunnie+Huang&search-alias=books&field-author=Andrew+Bunnie+Huang&sort=relevancerank

16



3 0 3

(18PE1CN11) SECURITY ASSESSMENT AND RISK ANALYSIS

COURSE OBJECTIVES:

To describe the concepts of risk management

To define and differentiate various Contingency Planning components

To integrate the IRP, DRP, and BCP plans into a coherent strategy to support sustained

organizational operations.

To define and be able to discuss incident response options, and design an Incident

Response Plan for sustained organizational operations.


CO-1: Capable of recommending contingency strategies including data backup and

recovery and alternate site selection for business resumption planning

CO-2: Skilled to be able to describe the escalation process from incident to disaster in case of

security disaster

CO-3: Capable of designing a disaster recovery plan for sustained organizational operations.

CO-4: Capable of designing a business continuity plan for sustained organizational operations

UNIT-I:

Security Basics: Information Security (INFOSEC) Overview: critical information characteristics –

availability information states – processing security countermeasures education, training and

awareness, critical information characteristics – confidentiality critical information

characteristics – integrity, information states – storage, information states – transmission,

security, countermeasures policy, procedures and practices, threats, vulnerabilities.

UNIT-II:

Threats to and Vulnerabilities of Systems: Definition of terms (e.g., threats, vulnerabilities, risk),

major categories of threats (e.g., fraud, Hostile Intelligence, Service (HOIS), malicious logic,

hackers, environmental and technological hazards, disgruntled employees, careless

employees, HUMINT, and monitoring), threat impact areas, Countermeasures: assessments

(e.g., surveys, inspections), Concepts of Risk Management: consequences (e.g., corrective

action, risk assessment), cost/benefit analysis of controls, implementation of cost effective

controls, monitoring the efficiency and effectiveness of controls (e.g., unauthorized or

inadvertent disclosure of information), threat and vulnerability assessment.

UNIT-III:

Security Planning: Directives and procedures for policy mechanism, Risk Management:

acceptance of risk (accreditation), corrective actions information identification, risk analysis

and/or vulnerability assessment components, risk analysis results evaluation, roles and

responsibilities of all the players in the risk, analysis process, Contingency Planning/Disaster

Recovery: agency response procedures and continuity of operations, contingency plan

components, determination of backup requirements, development of plans for recovery

actions after a disruptive event, development of procedures for off site processing,

emergency destruction procedures, guidelines for determining critical and essential workload,

team member responsibilities in responding to an emergency situation.

UNIT-IV:

Policies and Procedures, Physical Security Measures: Alarms, building, construction, cabling,

communications centre, environmental controls (humidity and air conditioning), filtered

power, physical access control systems (key cards, locks and alarms),Personnel Security

Practices and Procedures: access authorization/verification

17

(need to know), contractors, employee clearances, position sensitivity, security training and

awareness, systems maintenance personnel, Administrative Security Procedural Controls:

attribution, copyright protection and licensing Auditing and Monitoring: conducting security

reviews, effectiveness of security programs, investigation of security breaches, privacy review

of accountability controls, review of audit trails and logs.

UNIT-V:

Operations Security (OPSEC): OPSEC surveys/OPSEC planning INFOSEC: computer security –

audit, cryptography encryption (e.g., point to point network, link), cryptography key

management (to include electronic key), cryptography strength (e.g., complexity, secrecy,

characteristics of the key),

UNIT-VI:

3 case studies of threat and vulnerability assessment

TEXT BOOKS:

1. Principles of Incident Response and Disaster Recovery, Whitman & Mattord, Course

Technology ISBN: 141883663X

2. (Web Link) http://www.cnss.gov/Assets/pdf/nstissi_4011.pdf

REFERENCES:

1. Security and Risk Mitigation Standard Requirements Paperback – Import, 3 Dec 2018

by Gerardus Blokdyk

2. The Security Risk Assessment Handbook

3. Security Analysis and Portfolio Management by S. Kevin

https://www.amazon.in/Gerardus-Blokdyk/e/B071RZKFNK/ref=dp_byline_cont_book_1

18



3 0 3

(18PE1CN12) INFORMATION SECURITY MANAGEMENT & STANDARDS

COURSE OBJECTIVES:

To understand management aspects of information security

To analyze security risks and associated assessment models like COBIT

To distinguish proactive security mechanisms, like firewalls, IDS/IPS etc. and application

audit methodology

To identify various security standardizations and legal issues involving information security


CO-1: Understand the security of information systems management

CO-2: Differentiate organizational network security related issues and mitigating mechanisms

CO-3: Manage in providing secure project and implementing it

CO-4: Interpret networking and security skills to industrial need

UNIT-I:

Information Systems in Organizations: Information Systems, Importance of Information systems,

Functions of Information systems, Examples of Information Systems, Changing nature of

Information Systems, Building Blocks of Information Security, CIA model.

UNIT-II:

Information Security Management in Organizations: Information Security Planning and

Governance, Governance and framework, Security Policy, Standards, Guidelines and

Procedures, Types of Security Policies-EISP, ISSP, SysSP, Criteria for selection of a policy,

Information Security Management System (ISMS), Organizational responsibility for Information

Security Management, Information Security Awareness Scenario in Indian Organizations

UNIT-III:

Risk Management: Overview of Risk Management, Risk Identification mechanisms, Asset

Identification, Data Classification and management, Information Asset valuation, Information

Prioritization, Vulnerability Identification, Risk Assessment models, Risk Control techniques,

selecting a Risk Control strategy, Introduction to Quantitative and Qualitative Approaches,

OCTAVE and COBIT frameworks.

UNIT-IV:

Security Technology: Physical Security for Information systems, Biometric controls for security,

Biometric based security issues and challenges.

Finding Networking vulnerabilities, Firewalls – Processing modes, Categorization,

Architectures, Selecting the right firewall, managing the Firewalls. Protecting Remote

Connections – Virtual Private Networks for security.

UNIT-V:

Security Audit: Introduction to security audits, need for security audits, organizational roles,

Auditor’s roles, Types of security audits, Audit approaches Technology based audits,

Penetration testing, Business Continuity and Disaster Recovery Planning.

UNIT-VI:

Security Management Standards: Overview of ISO 17799/ISO 27001 Standards, System Security

Engineering Capability Maturity Model (SSE-CMM). Legal, Ethical, and professional Issues in

Information Security.

19

TEXT BOOKS:

1. Information Systems Security, Nina Godbole, Wiley India, 2009

2. Principles and Practices of Information Security. Michael E. Whitman, Herbert J. Mattord,

Cengage Learning

3. Microsoft Security Risk Management Guide

REFERENCES:

1. http://www.gta.ufrj.br/ensino/cpe728/03_ins_info_security_iso_17799_1101.pdf

2. Firewalls and Network Security, MichealE. Whitman, et al. Cengage Learning, 2008

3. Information Security Management Handbook, Harold F. Tipton, CRC Press, 2012

4. Information Security Policies and Procedures, 2nd Edition, Thomas R. Peltier, Auerbach,

2004

20



0 3 1.5

(18PC2CN03) WIRELESS NETWORKS SIMULATION & SOFT COMPUTING LABORATORY

A) WIRELESS NETWORKS SIMULATION LABORATORY

COURSE OBJECTIVES:

To understand fundamentals of wireless networks

To experiment and design various wireless scenarios for network research and Analyze

different routing algorithms for MANETs


CO-1: Applying different scenarios for wired and wireless networks on simulator

CO-2: Evaluating TCP, UDP connection between nodes in a network and routing in MANETs

Week 1,2:

Write a script to create fixed wireless nodes with color and initial position 2. Write a script to

create wireless nodes and change the color of nodes randomly 3. Write a script to create

wireless nodes with mobility. 4. Write a script to TCP communication between wireless nodes 5.

Write a script for dynamic 2‐node wireless scenario with TCP connection. Check the Packets

are exchanged between the nodes as they come within hearing range and drop when they

are moving away.

Week 3

6.Write a script to connection over a 3 node network over an area of size (500m*400m) The

nodes (n0, n1, n2) position respectively At initially (5, 5) (490, 285) (150, 240) At time 10sec

node1 start moving towards point (250, 250) at speed of 3m/s At time 15sec node0 start

moving towards point (480, 300) at speed of 5m/s At time 20sec node1 start moving towards

point (480, 3000) at speed of 5m/s Node2 is constant Take total simulation time 150sec, at time

10s a TCP connection initiated between node0 and node1 a) Use DSDV and IEEE802.11 MAC

b) Use AODV and IEEE802.11 MAC

Week 4

A simple topology to illustrate the hidden node problem using the IEEE802.11a setting (Take 4

nodes as n0 to n1: CBR traffic at rate 700kb, n2 to n3: CBR traffic at rate3Mb, n1 is in the carrier

sense range of n2, but n0 is not).

Week 5

Write a script to create wireless nodes with change destination and color of nodes randomly

at particular time interval.For a wireless consisting of three mobile nodes (n0‐n2), write a script

and make an ad‐ hoc simulation to output in trace file. Use the routing protocol as Ad‐hoc on

demand vector (AODV).

Week 6

For a wireless network consisting of three mobile nodes (n0‐n2), write a script and make an

ad‐hoc simulation to analyze the output in the trace file. Use the routing protocol as a

destination sequence distance vector (DSDV).

Week 7

For a wireless network consisting of three mobile nodes (n0‐n2), write a script and make an

ad‐hoc simulation to analyze the output in the trace file. Use the routing protocol as dynamic

source routing (DSR).

21

Week 8

Write a script for multi hop TCP communication in Wireless network with the use of MANET

routing protocol AODV.

Week 9


routing protocol DSDV.

Week 10


routing protocol DSR.

TEXT BOOKS:

1. Jochen Schiller, ―Mobile Communications‖, Pearson Education, Second Edition, 2008.

2. Martyn Mallick, ―Mobile and Wireless Design Essentials‖, Wiley, 2008.

3. Asoke K. Talukder, et al, ―Mobile Computing‖, Tata McGraw Hill, 2008.

REFERENCES:

1. Mobile Computing, Raj Kamal,Oxford University Press.

2. William Stallings, ―Wireless Communications & Networks‖, Person, Second Edition,2007.

3. Frank Adelstein et al, ―Fundamentals of Mobile and Pervasive Computing‖, TMH, 2005.

4. Jim Geier, ―Wireless Networks first-step‖, Pearson, 2005.

5. Sumit Kasera et al, ―2.5G Mobile Networks: GPRS and EDGE‖, TMH, 2008

B) SOFT COMPUTING LABORATORY

COURSE OBJECTIVES:

To introduce soft computing concepts and techniques and foster their abilities in designing

for real-world problems

To give students knowledge of non-traditional technologies and fundamentals of artificial

neural networks, fuzzy sets, fuzzy logic, genetic algorithms and to provide students hand-on

experience on MATLAB to implement various strategies


CO-1: Apply fuzzy logic and reasoning to handle uncertainty and solve various engineering

problems.

CO-2: Apply genetic algorithms to combinatorial optimization problems and to Evaluate and

compare solutions by various soft computing approaches for a given problem.

Week 11:

1. To perform Union, Intersection and Complement operations.

2. To implement De-Morgan’s Law.

3. To plot various membership functions.

Week 12:

4. To implement FIS Editor. Use Fuzzy toolbox to model tip value that is given after a dinner

based on quality and service.

5. To implement FIS Editor

Week 13:

6. Perceptron net for an AND function with bipolar inputs and targets.

7. To calculate the weights for given patterns using hetero associative neural net.

Week 14:

8. To store vector in an auto-associative net. Find weight matrix & test the net with input

TEXT BOOKS:

1. Jyh:Shing Roger Jang, Chuen:Tsai Sun, EijiMizutani, Neuro Fuzzy and Soft Computing ,

22

Prentice: Hall of India, 2003.

2. Principles of Soft Computing, 2ed (WIND) by S.N. Deepa and S.N. Sivanandam

3. George J. Klir and Bo Yuan, Fuzzy Sets and Fuzzy Logic:Theory and Applications , Prentice

Hall, 1995.

REFERENCES:

1. Soft Computing techniques - N.P. Padhy, S.P. Simon OXFORD publishers

2. S. Rajasekaram & G.A. Vijyalakshmi Pai, Neural Networks, Fuzzy Logicand Genetic

Algorithms, PHI

3. Advances in Soft Computing: Engineering Design and Manufacturing 2003rd Edition -

Springer

4. MATLAB Toolkit Manual

23



0 3 1.5

(18PC2CN04) WEB SCRIPTING LANGUAGES LABORATORY

COURSE OBJECTIVES:

To understand the importance of the web as a medium of communication

To understand the principles of creating an effective web page, including an in-depth

consideration of information architecture

To understand PHP language for server side scripting


CO-1: Gain knowledge of client side scripting, validation of forms and AJAX programming

CO-2: Have understanding of server side scripting with PHP language

CO-3: Have understanding of what is XML and how to parse and use XML Data with Java

Week No.

1. a) Write a Perl program to display various Server Information like Server Name, Server

Software, Server protocol, CGI Revision etc.

b) Write a Perl program to accept UNIX command from a HTML form and to display the

output of the command executed.

Write a Perl program to accept the User Name and display a greeting message

randomly chosen from a list of 4 greeting messages.

2. Write a Perl program to keep track of the number of visitors visiting the web page and

to display this count of visitors, with proper headings.

3. Write a Perl program to display a digital clock which displays the current time of the

server.

4. a) Write your first name repeated five times using a while loop.

b) Write your last name in increasing heading size starting with h1 till h6. Use a for loop

this time.

5. a) Write a function that sums the values of three numbers.

b) Write PHP code to change the background color of the page and display a

welcome message including the given name submitted in the html form.

6. Write a PHP script that will connect to your MySQL database and query your birthday

table, selecting all the rows and columns. Display the results as an HTML table in a web

page.

a) Modify the query to select only the thename column, for all rows in your birthday

table.

b) Modify the query to select all the columns in your birthday table for those rows with

a birth month in March.

c) Modify the query to select only the thename column in your birthday table for those

rows with a birth month in March.

7. Lab Internal Examination –I

8. Simple AJAX programs

9. a) Example to demonstrate how a web page can fetch information from an XML file

with AJAX

b) Display XML data in HTML Table

24

10. Example to demonstrate how a web page can communicate with a web server while

a user types characters in an input field.

11. a) Write Ruby program to get ruby version with patch number,current date and time.

b) Write a Ruby program to create a new string which is n copies of a given string

where n is a non-negative integer

12. Write a Ruby program which accept the user's first and last name and print them in

reverse order with a space between them.

13. Write a Ruby program to check three numbers and return true if one or more of them

are small. A number is called "small" if it is in the range 1..10 inclusive

14. Write a Ruby program to create a string using the first two characters (if present) of a

given string if the first character is 'p' and second one is 's' otherwise return a blank

string

15. Write a Ruby program to check two given integers and return the larger value.

However if the two values have the same remainder when divided by 5 then return the

smaller value and if the two values are the same, return 0

16. Lab Internal Examination -II

TEXT BOOKS:

1. Web Technologies, Uttam K Roy, Oxford University Press

2. The Complete Reference PHP — Steven Holzner, Tata McGraw-Hill

3. Programming Ruby, The Pragmatic Programmers' Guide 1.9, Dave Thomas, Pragmatic

Bookshelf. ISBN 0974514055

REFERENCES:

1. Learning Perl by Randal L. Schwartz O’Reilly

2. PHP & MySQL: The Missing Manual by Brett McLaughlin, 2nd edition

3. Learning PHP and MySQL by JON A. PHILLIPS and Michele E. Davis, O’Reilly publications

4. Learning Ruby by Michael James Fitzgerald, O’Reilly publications

25

VNR VIGNANA JYOTHI INSTITUTE OF ENGINEERING AND TECHNOLOGY

M.Tech. II Semester – (CNIS) L T/P C

2 0 0

(18AU5EN01) ENGLISH FOR ACADEMIC AND RESEARCH WRITING

COURSE OBJECTIVES:

To understand the usage of appropriate vocabulary. (Formal, Informal, Gender Insensitive

etc.)

To understand the features and processes of academic writing

To identify the resources

To understand standard documentation styles


CO-1: Use appropriate vocabulary. (Formal, Informal, Slang, Gender Insensitive etc.)

CO-2: Employ processes of academic writing

CO-3: Identify the resources

CO-4: Understand standard documentation styles

UNIT-I:

Introduction to Research:

i. Identifying the topic

ii. Identifying Sources; Finding Sources

iii. Defining the broad area; Defining the specific area; Difference between a broad area

and specific area

iv. Choosing a topic

v. Mechanics of Writing – Language, Tone, Style, Ethics

UNIT-II:

Referencing & Library Skills:

i. Literature Survey

ii. Writing Objectives

iii. Hypothesis

iv. Methodology

v. Prospects for Future Research

UNIT-III:

Academic Writing Skills:

i. Paraphrasing

ii. Summarizing

iii. Quoting

iv. Rewriting

v. Expansion

UNIT-IV:

Kinds of Academic Writing:

i. Essays

ii. Reports

iii. Reviews

iv. SOPs

v. Abstracts

vi. Proposals

26

UNIT-V:

Research Process

i. Selection of Topic

ii. Formulation of Hypothesis

iii. Collection of Data

iv. Analysis of Data

v. Interpretation of Data

vi. Presentation of Data

UNIT-VI:

i. Title

ii. Abstract

iii. Introduction

iv. Literature Survey

v. Methodology

vi. Discussion

vii. Findings/Results

viii. Conclusion

ix. Documenting Sources

TEXT BOOKS:

1. Goldbort R. (2006) Writing for Science, Yale University Press (available on Google Books)

2. Highman N. (1998), Handbook of Writing for the Mathematical Sciences, SIAM. Highman’s

Book.

REFERENCES:

1. Day R. (2006) How to Write and Publish a Scientific Paper, Cambridge University Press

2. Adrian Wall work, English for Writing Research Papers, Springer New York Dordrecht

Heidelberg London, 2011

3. MLA Handbook for Research.

ii semester r18 - vnrvjiet.ac.in · 2 vnr vignana jyothi institute of engineering & technology...

Documents