II SEMESTER R18 - vnrvjiet.ac.in · 2 vnr vignana jyothi institute of engineering & technology...
Transcript of II SEMESTER R18 - vnrvjiet.ac.in · 2 vnr vignana jyothi institute of engineering & technology...
1
VNR VIGNANA JYOTHI INSTITUTE OF ENGINEERING & TECHNOLOGY, HYDERABAD
M.TECH. I YEAR COURSE STRUCTURE AND SYLLABUS
(COMPUTER NETWORKS & INFORMATION SECURITY)
II SEMESTER R18
Course Type Course Code Name of the Course L T P
Credits
Professional
Core-IV 18PC1CN04
Wireless Networks and Mobile
Computing 3 0 0 3
Professional
Core-V 18PC1CP05 Soft Computing 3 0 0 3
Professional
Core-VI 18PC1CN05 Web Scripting Languages 3 0 0 3
Professional
Elective-III
18PE1CN07 Fundamentals of Wireless Sensor
Networks
3 0 0 3 18PE1CN08 Intrusion Detection
18PE1CN09 Network Programming
Professional
Elective-IV
18PE1CN10 Ethical Hacking
3 0 0 3 18PE1CN11 Security Assessment and Risk
Analysis
18PE1CN12 Information Security Management
and Standards
Professional
Core Lab-III 18PC2CN03
Wireless Networks Simulation and
Soft Computing Laboratory 0 0 3 1.5
Professional
Core Lab-IV 18PC2CN04
Web Scripting Languages
Laboratory 0 0 3 1.5
Project 18PW4CN02 Mini-Project 0 0 4 2
Audit 18AU5EN01 English for Academic and Research
Writing 2 0 0 0
Total 17 0 10 20
2
VNR VIGNANA JYOTHI INSTITUTE OF ENGINEERING & TECHNOLOGY
M.Tech. II Semester (CNIS) L T/P C
3 0 3
(18PC1CN04) WIRELESS NETWORKS AND MOBILE COMPUTING
COURSE OBJECTIVES:
• To comprehend the differences between mobile and wireless
• To understand GSM Architecture, Goals of mobile IP and Ad-Hoc networks
• To give students knowledge of Broadcast Systems
• To analyze WAP, Bluetooth and Secure Environment
COURSE OUTCOMES: At the end of course, student will be able to:
CO-1: Understanding and remembering various Application areas of mobile and wireless
devices
CO-2: Analyzing GSM Transmission Technologies and drawbacks of traditional TCP
CO-3: Applying architecture of DAB and DVB
CO-4: Evaluating various Mark-up Languages and their advantages/disadvantages and
describe Smart client security
UNIT-I:
Introduction to Mobile and Wireless Landscape: Definition of Mobile and Wireless, Components
of Wireless Environment, Challenges Overview of Wireless Networks, Categories of Wireless
Networks Wireless LAN: Infra-red Vs radio transmission, Infrastructure and Ad-hoc Network, IEEE
802.11
UNIT-II:
Global System for Mobile Communications (GSM): GSM Architecture, GSM Entities, Call
Routing in GSM, PLMN Interfaces, GSM Addresses and Identifiers, Network Aspects in GSM,
GSM Frequency Allocation, Authentication and Security.
UNIT-III:
Mobile Network Layer: Mobile IP (Goals, assumptions, entities and tunneling. terminology, IP
packet delivery, agent advertisement and discovery, registration, and encapsulation,
optimizations), Dynamic Host Configuration Protocol (DHCP), Mobile Ad-hoc networks:
Routing, destination Sequence Distance Vector, Dynamic Source Routing
MOBILE TRANSPORT LAYER Traditional TCP, Indirect TCP, Snooping TCP, Mobile TCP, Fast
retransmit/fast recovery, Transmission /time-out freezing, Selective retransmission, Transaction
oriented TCP.
UNIT-IV:
Broadcast Systems: Overview, Cyclical repetition of data, Digital audio data broadcasting:
Multimedia object transfer protocol, Digital video broadcasting: DVB broadcasting, DVB for
high-speed internet access, Convergence of broadcasting and mobile communications.
UNIT-V:
Protocols and Tools: Wireless Application Protocol-WAP. (Introduction, protocol architecture,
and treatment of protocols of all layers), Bluetooth (User scenarios, physical layer, MAC layer,
networking, security, link management) and J2ME.
UNIT-VI:
Mobile and Wireless Security: Creating a Secure Environment, Security Threats, Security
Technologies, Other Security Measures, WAP Security, Smart Client Security.
3
TEXT BOOKS:
1. Jochen Schiller, ―Mobile Communications‖, Pearson Education, Second Edition, 2008.
2. Martyn Mallick, ―Mobile and Wireless Design Essentials‖, Wiley, 2008.
3. Asoke K. Talukder, et al, ―Mobile Computing‖, Tata McGraw Hill, 2008.
REFERENCES:
1. Mobile Computing, Raj Kamal, Oxford University Press.
2. William Stallings, ―Wireless Communications & Networks‖, Person, Second Edition, 2007.
3. Frank Adelstein et al, ―Fundamentals of Mobile and Pervasive Computing‖, TMH, 2005.
4. Jim Geier, ―Wireless Networks first-step‖, Pearson, 2005.
5. Sumit Kasera et al, ―2.5G Mobile Networks: GPRS and EDGE‖, TMH, 2008.
4
VNR VIGNANA JYOTHI INSTITUTE OF ENGINEERING & TECHNOLOGY
M.Tech. II Semester (CNIS) L T/P C
3 0 3
(18PC1CP05) SOFT COMPUTING
COURSE OBJECTIVES:
To introduce soft computing concepts and techniques and foster their abilities in designing
appropriate technique for a given scenario
To implement soft computing-based solutions for real-world problems
To give students knowledge of non-traditional technologies and fundamentals of artificial
neural networks, fuzzy sets, fuzzy logic, genetic algorithms
To provide students an hand-on experience on MATLAB to implement various strategies
COURSE OUTCOMES: At the end of course, student will be able to
CO-1: Identify and describe soft computing techniques and their roles in building intelligent
machines
CO-2: Analyze fuzzy logic and reasoning to handle uncertainty and solve various engineering
problems
CO-3: Apply neural networks and genetic algorithms to combinatorial optimization
problems
CO-4: Evaluate and compare solutions by various soft computing approaches for a given
problem
UNIT-I:
Introduction to Soft Computing: Evolution of Computing: Soft Computing Constituents, From
Conventional AI to Computational Intelligence: Machine Learning Basics.
UNIT-II:
Fuzzy Logic: Fuzzy Sets, Operations on Fuzzy Sets, Fuzzy Relations, Membership Functions: Fuzzy
Rules and Fuzzy Reasoning, Fuzzy Inference Systems, Fuzzy Expert Systems, Fuzzy Decision
Making.
UNIT-III:
Neural Networks: Machine Learning Using Neural Network, Adaptive Networks, Feed forward
Networks, Supervised Learning Neural Networks, Radial Basis Function Networks: Reinforcement
Learning, Unsupervised Learning Neural Networks, Adaptive Resonance architectures,
Advances in Neural networks.
UNIT-IV:
Genetic Algorithms: Introduction to Genetic Algorithms (GA), Applications of GA in Machine
Learning: Machine Learning Approach to Knowledge Acquisition.
UNIT-V:
Matlab/Python Lib: Introduction to Matlab/Python, Arrays and array operations, Functions and
Files, Study of neural network toolbox and fuzzy logic toolbox, Simple implementation of
Artificial Neural Network and Fuzzy Logic.
UNIT-VI:
Recent Trends in deep learning, various classifiers, neural networks and genetic algorithm.
Implementation of recently proposed soft computing techniques.
TEXT BOOKS:
1. J.S.R. Jang, C.T. Sun and E.Mizutani, ―Neuro-Fuzzy And Soft Computing‖, PHI / Pearson
Education, 2004.
5
2. S. N. Sivanandam and S. N. Deepa, ―Principles Of Soft Computing‖, Wiley India Pvt Ltd,
2011
REFERENCES:
1. George J. Klir and Bo Yuan, Fuzzy Sets and Fuzzy Logic: Theory and Applications, Prentice
Hall, 1995.
2. Melanic Mitchell, An Introduction to Genetic Algorithm, MIT Press, 1996.
3. Timothy J. Ross, Fuzzy Logic with Engineering Applications, Wiley, 2010.
4. S. Rajasekaran and G.A.V.Pai, ―Neural Networks, Fuzzy Logic and Genetic Algorithms‖, 1st
ed., PHI, 2003
6
VNR VIGNANA JYOTHI INSTITUTE OF ENGINEERING & TECHNOLOGY
M.Tech. II Semester (CNIS) L T/P C
3 0 3
(18PC1CN05) WEB SCRIPTING LANGUAGES
COURSE OBJECTIVES:
To introduce PHP language for server side scripting
To introduce XML and processing of XML Data with Java
To introduce Server side programming with Java Servlets and JSP
To introduce Client side scripting with Javascript and AJAX
COURSE OUTCOMES: At the end of course, students would be able to:
CO-1: To gain knowledge of client side scripting, validation of forms and AJAX programming
CO-2: To understanding of server side scripting with PHP language
CO-3: To understand what is XML and how to parse and use XML Data with Java
UNIT-I:
Perl: Introduction to Perl and Scripting: Scripts and Programs, Origin of Scripting, Scripting
Today, Characteristics of Scripting Languages, Uses for Scripting Languages, Web Scripting,
and the universe of Scripting Languages. PERL- Names and Values, Variables, Scalar
Expressions, Control Structures, arrays, list, hashes, strings, pattern and regular expressions,
subroutines.
UNIT-II:
Php: Introduction to PHP: Declaring variables, data types, arrays, strings, operators, expressions,
control structures, functions, Reading data from web form controls like text boxes, radio
buttons, lists etc., Handling File Uploads.
UNIT-III:
Adv. Php: Connecting to database (MySQL as reference), executing simple queries, handling
results, Handling sessions and cookies
File Handling in PHP: File operations like opening, closing, reading, writing, appending, deleting
etc. on text and binary files, listing directories.
UNIT-IV:
Ajax: Introduction to AJAX, Ajax Frameworks, HTML in AJAX , XML and Ajax, Ajax Applications,
OO JavaScript and Refactoring Ajax, JavaScript Object Notation (JSON), XSLT Transformations
with JavaScript, Drag and Drop, More Ajax Applications.
UNIT-V:
ajax with xslt: Using XSLT with AJAX : XSLT Basics- XSLT Variables, Output Types, XSLT Elements
and Attributes, XPath, Flow Control in XSLT, XSLT Templates, Parameters and Variables.
UNIT-VI:
Ruby: Introduction, Arrays and Hashes, Classes and Objects, Containers, Blocks and Iterators,
Regular Expressions and Methods, Expressions, Exceptions, Input/Output, Modules.
TEXT BOOKS:
1. The World of Scripting languages: David Barron
2. The Complete Reference PHP — Steven Holzner, Tata McGraw-Hill
3. Ajax In Action by Darren James, Dave Crane, and Eric Pascarello
REFERENCES:
1. Web Technologies, Uttam K Roy, Oxford University Press
7
2. Programming Ruby, The Pragmatic Programmers' Guide 1.9, Dave Thomas, Pragmatic
Bookshelf. ISBN 0974514055
3. Learning Perl by Randal L. Schwartz O’Reilly
4. Learning PHP and MySQL by JON A. PHILLIPS and Michele E. Davis, O’Reilly publications
5. Learning Ruby by Michael James Fitzgerald, O’Reilly publications
8
VNR VIGNANA JYOTHI INSTITUTE OF ENGINEERING & TECHNOLOGY
M.Tech. II Semester (CNIS) L T/P C
3 0 3
(18PE1CN07) FUNDAMENTALS OF WIRELESS SENSOR NETWORKS
COURSE OBJECTIVES:
To classify mobile ad hoc networks, design and implementation issues, and available
solutions
To demonstrate routing mechanisms and the three classes of approaches: proactive, on-
demand, and hybrid
To distinguish clustering mechanisms and the different schemes that have been employed,
e.g., hierarchical, flat, and leaderless
To summarize on sensor networks and their characteristics
COURSE OUTCOMES: At the end of course, students would be able to:
CO-1: Remembering the concept of ad-hoc and sensor networks, their applications and
typical node and network architectures
CO-2: Analyzing protocol design issues (especially energy-efficiency)
CO-3: Evaluating protocol designs for wireless sensor networks
CO-4: Creating protocol designs in terms of their energy-efficiency
UNIT-I:
Introduction: Fundamentals of Wireless Communication Technology. The Electromagnetic
Spectrum. Radio Propagation Mechanisms. Characteristics of the Wireless Channel.
Modulation Techniques. Multiple Access Techniques. Voice Coding. Error Control. Computer
Networks. Computer Network Software. Computer Network Architecture. IEEE 802 Networking
Standards.
UNIT-II:
Wireless Internet, Adhoc Wireless Networks, MAC Protocols in Adhoc Wireless Networks
Quality of Service: Real-time traffic support – Issues and challenges in providing QoS –
Classification of QoS Solutions – MAC layer classifications – QoS Aware Routing Protocols –
Ticket based and Predictive location based Qos Routing Protocols
UNIT-III:
Energy Management Adhoc Networks: Need for Energy Management – Classification of
Energy Management Schemes – Battery Management and Transmission Power Management
Schemes – Network Layer and Data Link Layer Solutions – System power Management
schemes.
UNIT-IV:
Mesh Networks: Necessity for Mesh Networks – MAC enhancements – IEEE 802.11s Architecture
– Opportunistic Routing – Self Configuration and Auto Configuration - Capacity Models –
Fairness – Heterogeneous Mesh Networks – Vehicular Mesh Networks.
UNIT-V:
Sensor Networks: Introduction – Sensor Network architecture – Data Dissemination – Data
Gathering – MAC Protocols for sensor Networks – Location discovery.
UNIT-VI:
Quality of Sensor Networks – Evolving Standards – Other Issues – Recent trends in Infrastructure
less Networks
9
TEXT BOOKS:
1. C. Siva Ram Murthy and B.S.Manoj, ―Ad hoc Wireless Networks – Architectures and
Protocols’, Pearson Education, 2004
2. Ad Hoc And Sensor Networks - Theory and Applications, Dharma Prakash Agrawal, Carlos
De Morais Cordeiro, Cambridge University Press (2010)
3. Mobile Ad Hoc Networks: Current Status and Future Trends, Jonathan Loo (Editor),
Jaime Lloret Mauri (Editor), Jesús Hamilton Ortiz (Editor), CRC Press-2011
REFERENCES:
1. Ad Hoc and Sensor Networks, Cordeiro, World Scientific Publishing Company, 2013
2. Wireless Ad hoc and Sensor Networks: Protocols, Performance, and Control, Jagannathan
Sarangapani, Taylor & Francis/bsp Books (2007)
3. Wireless Ad Hoc and Sensor Networks, Houda Labiod, ISTE (10 July 2007)
4. Security and Privacy in Ad-Hoc and Sensor Networks, Refik Molva (Editor), Gene Tsudik
(Editor), Dirk Westhoff (Editor), Springer (9 April 2008)
10
VNR VIGNANA JYOTHI INSTITUTE OF ENGINEERING & TECHNOLOGY
M.Tech. II Semester (CNIS) L T/P C
3 0 3
(18PE1CN08) INTRUSION DETECTION
COURSE OBJECTIVES:
To compare alternative tools and approaches for Intrusion detection through quantitative
analysis to determine the best tool or approach to reduce risk from intrusion
To identify and describe the parts of all intrusion detection systems and characterize new
and emerging IDS technologies according to the basic capabilities all intrusion detection
systems share
COURSE OUTCOMES: At the end of course, students would be able to:
CO-1: Apply knowledge of the fundamentals and history of Intrusion Detection in order to
avoid common pitfalls in the creation and evaluation of new Intrusion detection
systems
CO-2: Evaluate the security an enterprise and appropriately apply Intrusion Detection tools
and techniques in order to improve their security posture
CO-3: Analyze zero- day detection-Insider Threat issues
UNIT-I:
The state of threats against computers, and networked systems-Overview of computer security
solutions and why they fail-Vulnerability assessment, firewalls, VPN’s -Overview of Intrusion
Detection and Intrusion Prevention- Network and Host-based IDS.
UNIT-II:
Classes of attacks - Network layer: scans, denial of service, penetration- Application layer:
software exploits, code injection-Human layer: identity theft, root access-Classes of attackers-
Kids/hackers/sop, Hesitated groups-Automated: Drones, Worms, Viruses.
UNIT-III:
A General IDS model and taxonomy, Signature-based Solutions, Snort, Snort rules, Evaluation of
IDS, Cost sensitive IDS.
UNIT-IV:
Anomaly Detection Systems and Algorithms-Network Behavior Based Anomaly Detectors (rate
based)-Host-based Anomaly Detectors-Software Vulnerabilities- State transition, Immunology,
Payload Anomaly Detection.
UNIT-V:
Attack trees and Correlation of alerts-Autopsy of Worms and Botnets-Malware detection-
Obfuscation, polymorphism-Document vectors.
UNIT-VI:
Email/IM security issues-Viruses/Spam-From signatures to thumbprints to zero- day detection-
Insider Threat issues-Taxonomy-Masquerade and Impersonation- Traitors, Decoys and
Deception-Future: Collaborative Security.
TEXT BOOKS:
1. The Art of Computer Virus Research and Defense, Peter Szor, Symantec Press ISBN 0-321-
30545-3
2. Crimeware, Understanding New Attacks and Defenses, Markus Jakobsson and Zulfikar
Ramzan, Symantec Press, ISBN: 978-0-321-50195-0 2008
11
REFERENCES: 1. Network Intrusion Detection, Third Edition By Stephen Northcutt, Judy Novak -New Riders
Publishing
2. Intrusion Detection Systems , Rebecca Bace1 and Peter Mel, NIST Special Publication
3. Intrusion Detection Systems -2008-Springer Book
12
VNR VIGNANA JYOTHI INSTITUTE OF ENGINEERING & TECHNOLOGY
M.Tech. II Semester (CNIS) L T/P C
3 0 3
(18PE1CN09) NETWORK PROGRAMMING
COURSE OBJECTIVES:
To analyze the working principle of networks, and topologies by implementing commands,
shell scripts and files
To evaluate different IPC mechanisms
To understand Message queues, semaphores and shared memory
To acquire knowledge on sockets
COURSE OUTCOMES: At the end of course, students would be able to:
CO-1: Understanding the network hardware, network topologies, and protocols
CO-2: Remembering the importance of IPC and signals
CO-3: Creating applications on shared memory, message queues
CO-4: Applying and analyzing the knowledge in developing client server application to
support communication interfaces
UNIT-I:
Linux Utilities- File handling utilities, Security by file permissions, Process utilities, Disk utilities,
Networking utilities, Filters, Text processing utilities and Backup utilities. Bourne again shell (bash)
- Introduction, pipes and redirection, here documents, running a shell script, the shell as a
programming language, shell Meta characters, file name substitution, shell variables,
command Substitution, shell commands, the environment, quoting, test command, control
structures, arithmetic in shell, shell script examples.
UNIT-II:
Files- File Concept, File types File System Structure, Inodes, File Attributes, file I/O in C using
system calls, kernel support for files, file status information-stat family, file and record locking-
lockf and fcntl functions, file permissions- chmod, fchmod, file ownership-chown, lchown,
fchown, links-soft links and hard links – symlink, link, unlink.
UNIT-III:
File and Directory management – Directory contents, Scanning Directories- Directory file APIs.
Process- Process concept, Kernel support for process, process attributes, process control –
process creation, replacing a process image, waiting for a process, process termination,
zombie process, orphan process.
UNIT-IV:
Signals- Introduction to signals, Signal generation and handling, Kernel support for signals,
Signal function, unreliable signals, reliable signals, kill, raise , alarm, pause, abort, sleep
functions.
Interprocess Communication - Introduction to IPC mechanisms, Pipes- creation, IPC between
related processes using unnamed pipes, FIFOs-creation, IPC between unrelated processes
using FIFOs(Named pipes), differences between unnamed and named pipes, popen and
pclose library functions, Introduction to message queues, Semaphores and shared memory.
UNIT-V:
Message Queues- Kernel support for messages, UNIX system V APIs for messages, client/server
example. Semaphores-Kernel support for semaphores, UNIX system V APIs for semaphores.
Shared Memory- Kernel support for shared memory, Unix system V APIs for shared memory,
client/server example.
13
UNIT-VI:
Network IPC - Introduction to Unix Sockets, IPC over a network, Client-Server model, Address
formats(Unix domain and Internet domain), Socket system calls for Connection Oriented -
Communication, Socket system calls for Connectionless - Communication,
Example-
Client/Server Programs- Single Server-Client connection, multiple simultaneous clients, Socket
options - setsockopt, getsockopt, fcntl.
TEXT BOOKS:
1. Unix System Programming using C++, T.Chan, PHI.
2. Unix Concepts and Applications, 4th Edition, Sumitabha Das, TMH.
3. Unix Network Programming, W.R. Stevens, PHI.
REFERENCES:
1. Linux System Programming, Robert Love, O’Reilly, SPD.
2. Advanced Programming in the Unix environment, 2nd Edition, W.R. Stevens, Pearson
Education.
3. Unix for Programmers and Users, 3rd Edition, Graham Glass, King Ables, Pearson Education.
4. Unix Network Programming the Sockets Networking API, Vol.-I, W.R. Stevens, Bill Fenner,
A.M. Rudoff, Pearson Education.
5. Unix shell Programming, S.G. Kochan and P. Wood, 3rd edition, Pearson Education.
14
VNR VIGNANA JYOTHI INSTITUTE OF ENGINEERING & TECHNOLOGY
M.Tech. II Semester (CNIS) L T/P C
3 0 3
(18PE1CN10) ETHICAL HACKING
COURSE OBJECTIVES:
To ability to quantitatively assess and measure threats to information assets
To evaluate where information networks are most vulnerable
To apply security plans designed for protecting data assets against attacks
To perform penetration tests into secure networks for evaluation purposes
COURSE OUTCOMES: At the end of course, students would be able to:
CO-1: Understanding and experience in Ethical Hacking
CO-2: Creating techniques to minimize risks of attacks
CO-3: Analyzing different techniques and methods applied by hackers
CO-4: Applying SQL injection and penetration test methods
UNIT-I:
Introduction to Ethical Hacking, Ethics, and Legality: Ethical Hacking Terminology, Different
Types of Hacking Technologies, Different Phases Involved in Ethical Hacking and Stages of
Ethical Hacking: Passive and Active Reconnaissance, Scanning, Gaining Access, Maintaining
Access, Covering Tracks, Hacktivism, Types of Hacker Classes, Skills Required to Become an
Ethical Hacker, Vulnerability Research, Ways to Conduct Ethical Hacking, Creating a Security
Evaluation Plan, Types of Ethical Hacks.
Foot printing and Social Engineering
Foot printing, Information Gathering Methodology, DNS Enumeration Who is and ARIN Lookups,
Trace route, Social Engineering, Common Types Of Attacks, Insider Attacks, Identity Theft,
Phishing Attacks, Online Scams, URL Obfuscation, Social-Engineering Countermeasures
UNIT-II:
System Hacking Understanding Password-Cracking Techniques, Password-Cracking
Countermeasures, 48 Understanding Different Types of Passwords Passive Online Attacks,
Active Online Attacks, Offline Attacks Non-electronic Attacks, Understanding Key loggers and
Other Spyware Technologies Understand Escalating Privileges, Executing Applications, Buffer
Overflows, Understanding Rootkits Planting, Understanding How to Hide Files, NTFS File
Streaming NTFS Stream Countermeasures, Understanding Steganography Technologies,
Understanding How to Cover Your Tracks and Erase Evidence, Disabling Auditing, Clearing the
Event Log.
UNIT-III:
Trojans, Backdoors, Viruses, and Worms: Trojans and Backdoors, Overt and Covert Channels,
Types of Trojans, Reverse Connecting Trojans, Netcat Trojan, Indications of a Trojan Attack,
Trojan Construction Kit and Trojan Makers, Countermeasure Techniques in Preventing Trojans,
Difference between a Virus and a Worm, Types of Viruses, Understand Antivirus Evasion
Techniques, Understand Virus Detection Methods
Session Hijacking : Denial of Service, Session Hijacking, Spoofing vs. Hijacking, Types of Session
Hijacking, Sequence Prediction, Steps in Performing Session Hijacking, Prevention of Session
Hijacking
UNIT-IV:
Hacking Web Servers, Web Application Vulnerabilities, and Web-Based Password Cracking
Techniques: Hacking Web Servers, Types of Web Server Vulnerabilities, Attacks against Web
Servers, Web Server Hardening Methods Web Application Vulnerabilities, Objectives of Web
Application Hacking, Anatomy of an Attack, Web Application Threats, Google Hacking, Web
Application Countermeasures. Web-Based P a s s w o r d Cracking Techniques, Authentication
15
Types, Password Cracker, Password Attacks: Classification Password- Cracking
Countermeasures
UNIT-V:
SQL Injection and Buffer Overflows: SQL Injection, Steps to Conduct SQL Injection, SQL Server
Vulnerabilities, SQL Injection Countermeasures Buffer Overflows, Types of Buffer Overflows and
Methods of Detection, Stack-Based Buffer Overflows, Buffer Overflow Mutation Techniques
UNIT-VI:
Linux Hacking Linux Basics, Compile a Linux Kernel, GCC Compilation Commands, Install Linux
Kernel Modules, Linux Hardening Methods
Penetration Testing Methodologies
Security Assessments, Penetration Testing Methodologies, Penetration Testing Steps, Pen- Test
Legal Framework, Automated Penetration Testing Tools, Pen-Test Deliverables.
TEXT BOOKS:
1. CEH official Certified Ethical Hacking Review Guide, Wiley India Edition
2. Certified Ethical Hacker: Michael Gregg, Pearson Education
3. Certified Ethical Hacker: Matt Walker, TMH.
REFERENCES:
1. Hacking: The Art of Exploitation, 2nd Edition by Jon Erickson
2. Hacking: Computer Hacking, Security Testing, Penetration Testing, and Basic
Secur Paperback – 2016 by Gary Hall and Erin Watson
3. The Hardware Hacker: Adventures in Making and Breaking Hardware, 1st Edition
by Andrew Bunnie Huang
16
VNR VIGNANA JYOTHI INSTITUTE OF ENGINEERING & TECHNOLOGY
M.Tech. II Semester (CNIS) L T/P C
3 0 3
(18PE1CN11) SECURITY ASSESSMENT AND RISK ANALYSIS
COURSE OBJECTIVES:
To describe the concepts of risk management
To define and differentiate various Contingency Planning components
To integrate the IRP, DRP, and BCP plans into a coherent strategy to support sustained
organizational operations.
To define and be able to discuss incident response options, and design an Incident
Response Plan for sustained organizational operations.
COURSE OUTCOMES: At the end of course, students would be able to:
CO-1: Capable of recommending contingency strategies including data backup and
recovery and alternate site selection for business resumption planning
CO-2: Skilled to be able to describe the escalation process from incident to disaster in case of
security disaster
CO-3: Capable of designing a disaster recovery plan for sustained organizational operations.
CO-4: Capable of designing a business continuity plan for sustained organizational operations
UNIT-I:
Security Basics: Information Security (INFOSEC) Overview: critical information characteristics –
availability information states – processing security countermeasures education, training and
awareness, critical information characteristics – confidentiality critical information
characteristics – integrity, information states – storage, information states – transmission,
security, countermeasures policy, procedures and practices, threats, vulnerabilities.
UNIT-II:
Threats to and Vulnerabilities of Systems: Definition of terms (e.g., threats, vulnerabilities, risk),
major categories of threats (e.g., fraud, Hostile Intelligence, Service (HOIS), malicious logic,
hackers, environmental and technological hazards, disgruntled employees, careless
employees, HUMINT, and monitoring), threat impact areas, Countermeasures: assessments
(e.g., surveys, inspections), Concepts of Risk Management: consequences (e.g., corrective
action, risk assessment), cost/benefit analysis of controls, implementation of cost effective
controls, monitoring the efficiency and effectiveness of controls (e.g., unauthorized or
inadvertent disclosure of information), threat and vulnerability assessment.
UNIT-III:
Security Planning: Directives and procedures for policy mechanism, Risk Management:
acceptance of risk (accreditation), corrective actions information identification, risk analysis
and/or vulnerability assessment components, risk analysis results evaluation, roles and
responsibilities of all the players in the risk, analysis process, Contingency Planning/Disaster
Recovery: agency response procedures and continuity of operations, contingency plan
components, determination of backup requirements, development of plans for recovery
actions after a disruptive event, development of procedures for off site processing,
emergency destruction procedures, guidelines for determining critical and essential workload,
team member responsibilities in responding to an emergency situation.
UNIT-IV:
Policies and Procedures, Physical Security Measures: Alarms, building, construction, cabling,
communications centre, environmental controls (humidity and air conditioning), filtered
power, physical access control systems (key cards, locks and alarms),Personnel Security
Practices and Procedures: access authorization/verification
17
(need to know), contractors, employee clearances, position sensitivity, security training and
awareness, systems maintenance personnel, Administrative Security Procedural Controls:
attribution, copyright protection and licensing Auditing and Monitoring: conducting security
reviews, effectiveness of security programs, investigation of security breaches, privacy review
of accountability controls, review of audit trails and logs.
UNIT-V:
Operations Security (OPSEC): OPSEC surveys/OPSEC planning INFOSEC: computer security –
audit, cryptography encryption (e.g., point to point network, link), cryptography key
management (to include electronic key), cryptography strength (e.g., complexity, secrecy,
characteristics of the key),
UNIT-VI:
3 case studies of threat and vulnerability assessment
TEXT BOOKS:
1. Principles of Incident Response and Disaster Recovery, Whitman & Mattord, Course
Technology ISBN: 141883663X
2. (Web Link) http://www.cnss.gov/Assets/pdf/nstissi_4011.pdf
REFERENCES:
1. Security and Risk Mitigation Standard Requirements Paperback – Import, 3 Dec 2018
by Gerardus Blokdyk
2. The Security Risk Assessment Handbook
3. Security Analysis and Portfolio Management by S. Kevin
18
VNR VIGNANA JYOTHI INSTITUTE OF ENGINEERING & TECHNOLOGY
M.Tech. II Semester (CNIS) L T/P C
3 0 3
(18PE1CN12) INFORMATION SECURITY MANAGEMENT & STANDARDS
COURSE OBJECTIVES:
To understand management aspects of information security
To analyze security risks and associated assessment models like COBIT
To distinguish proactive security mechanisms, like firewalls, IDS/IPS etc. and application
audit methodology
To identify various security standardizations and legal issues involving information security
COURSE OUTCOMES: At the end of course, students would be able to:
CO-1: Understand the security of information systems management
CO-2: Differentiate organizational network security related issues and mitigating mechanisms
CO-3: Manage in providing secure project and implementing it
CO-4: Interpret networking and security skills to industrial need
UNIT-I:
Information Systems in Organizations: Information Systems, Importance of Information systems,
Functions of Information systems, Examples of Information Systems, Changing nature of
Information Systems, Building Blocks of Information Security, CIA model.
UNIT-II:
Information Security Management in Organizations: Information Security Planning and
Governance, Governance and framework, Security Policy, Standards, Guidelines and
Procedures, Types of Security Policies-EISP, ISSP, SysSP, Criteria for selection of a policy,
Information Security Management System (ISMS), Organizational responsibility for Information
Security Management, Information Security Awareness Scenario in Indian Organizations
UNIT-III:
Risk Management: Overview of Risk Management, Risk Identification mechanisms, Asset
Identification, Data Classification and management, Information Asset valuation, Information
Prioritization, Vulnerability Identification, Risk Assessment models, Risk Control techniques,
selecting a Risk Control strategy, Introduction to Quantitative and Qualitative Approaches,
OCTAVE and COBIT frameworks.
UNIT-IV:
Security Technology: Physical Security for Information systems, Biometric controls for security,
Biometric based security issues and challenges.
Finding Networking vulnerabilities, Firewalls – Processing modes, Categorization,
Architectures, Selecting the right firewall, managing the Firewalls. Protecting Remote
Connections – Virtual Private Networks for security.
UNIT-V:
Security Audit: Introduction to security audits, need for security audits, organizational roles,
Auditor’s roles, Types of security audits, Audit approaches Technology based audits,
Penetration testing, Business Continuity and Disaster Recovery Planning.
UNIT-VI:
Security Management Standards: Overview of ISO 17799/ISO 27001 Standards, System Security
Engineering Capability Maturity Model (SSE-CMM). Legal, Ethical, and professional Issues in
Information Security.
19
TEXT BOOKS:
1. Information Systems Security, Nina Godbole, Wiley India, 2009
2. Principles and Practices of Information Security. Michael E. Whitman, Herbert J. Mattord,
Cengage Learning
3. Microsoft Security Risk Management Guide
REFERENCES:
1. http://www.gta.ufrj.br/ensino/cpe728/03_ins_info_security_iso_17799_1101.pdf
2. Firewalls and Network Security, MichealE. Whitman, et al. Cengage Learning, 2008
3. Information Security Management Handbook, Harold F. Tipton, CRC Press, 2012
4. Information Security Policies and Procedures, 2nd Edition, Thomas R. Peltier, Auerbach,
2004
20
VNR VIGNANA JYOTHI INSTITUTE OF ENGINEERING & TECHNOLOGY
M.Tech. II Semester (CNIS) L T/P C
0 3 1.5
(18PC2CN03) WIRELESS NETWORKS SIMULATION & SOFT COMPUTING LABORATORY
A) WIRELESS NETWORKS SIMULATION LABORATORY
COURSE OBJECTIVES:
To understand fundamentals of wireless networks
To experiment and design various wireless scenarios for network research and Analyze
different routing algorithms for MANETs
COURSE OUTCOMES: At the end of course, students would be able to:
CO-1: Applying different scenarios for wired and wireless networks on simulator
CO-2: Evaluating TCP, UDP connection between nodes in a network and routing in MANETs
Week 1,2:
Write a script to create fixed wireless nodes with color and initial position 2. Write a script to
create wireless nodes and change the color of nodes randomly 3. Write a script to create
wireless nodes with mobility. 4. Write a script to TCP communication between wireless nodes 5.
Write a script for dynamic 2‐node wireless scenario with TCP connection. Check the Packets
are exchanged between the nodes as they come within hearing range and drop when they
are moving away.
Week 3
6.Write a script to connection over a 3 node network over an area of size (500m*400m) The
nodes (n0, n1, n2) position respectively At initially (5, 5) (490, 285) (150, 240) At time 10sec
node1 start moving towards point (250, 250) at speed of 3m/s At time 15sec node0 start
moving towards point (480, 300) at speed of 5m/s At time 20sec node1 start moving towards
point (480, 3000) at speed of 5m/s Node2 is constant Take total simulation time 150sec, at time
10s a TCP connection initiated between node0 and node1 a) Use DSDV and IEEE802.11 MAC
b) Use AODV and IEEE802.11 MAC
Week 4
A simple topology to illustrate the hidden node problem using the IEEE802.11a setting (Take 4
nodes as n0 to n1: CBR traffic at rate 700kb, n2 to n3: CBR traffic at rate3Mb, n1 is in the carrier
sense range of n2, but n0 is not).
Week 5
Write a script to create wireless nodes with change destination and color of nodes randomly
at particular time interval.For a wireless consisting of three mobile nodes (n0‐n2), write a script
and make an ad‐ hoc simulation to output in trace file. Use the routing protocol as Ad‐hoc on
demand vector (AODV).
Week 6
For a wireless network consisting of three mobile nodes (n0‐n2), write a script and make an
ad‐hoc simulation to analyze the output in the trace file. Use the routing protocol as a
destination sequence distance vector (DSDV).
Week 7
For a wireless network consisting of three mobile nodes (n0‐n2), write a script and make an
ad‐hoc simulation to analyze the output in the trace file. Use the routing protocol as dynamic
source routing (DSR).
21
Week 8
Write a script for multi hop TCP communication in Wireless network with the use of MANET
routing protocol AODV.
Week 9
Write a script for multi hop TCP communication in Wireless network with the use of MANET
routing protocol DSDV.
Week 10
Write a script for multi hop TCP communication in Wireless network with the use of MANET
routing protocol DSR.
TEXT BOOKS:
1. Jochen Schiller, ―Mobile Communications‖, Pearson Education, Second Edition, 2008.
2. Martyn Mallick, ―Mobile and Wireless Design Essentials‖, Wiley, 2008.
3. Asoke K. Talukder, et al, ―Mobile Computing‖, Tata McGraw Hill, 2008.
REFERENCES:
1. Mobile Computing, Raj Kamal,Oxford University Press.
2. William Stallings, ―Wireless Communications & Networks‖, Person, Second Edition,2007.
3. Frank Adelstein et al, ―Fundamentals of Mobile and Pervasive Computing‖, TMH, 2005.
4. Jim Geier, ―Wireless Networks first-step‖, Pearson, 2005.
5. Sumit Kasera et al, ―2.5G Mobile Networks: GPRS and EDGE‖, TMH, 2008
B) SOFT COMPUTING LABORATORY
COURSE OBJECTIVES:
To introduce soft computing concepts and techniques and foster their abilities in designing
for real-world problems
To give students knowledge of non-traditional technologies and fundamentals of artificial
neural networks, fuzzy sets, fuzzy logic, genetic algorithms and to provide students hand-on
experience on MATLAB to implement various strategies
COURSE OUTCOMES: At the end of course, students would be able to:
CO-1: Apply fuzzy logic and reasoning to handle uncertainty and solve various engineering
problems.
CO-2: Apply genetic algorithms to combinatorial optimization problems and to Evaluate and
compare solutions by various soft computing approaches for a given problem.
Week 11:
1. To perform Union, Intersection and Complement operations.
2. To implement De-Morgan’s Law.
3. To plot various membership functions.
Week 12:
4. To implement FIS Editor. Use Fuzzy toolbox to model tip value that is given after a dinner
based on quality and service.
5. To implement FIS Editor
Week 13:
6. Perceptron net for an AND function with bipolar inputs and targets.
7. To calculate the weights for given patterns using hetero associative neural net.
Week 14:
8. To store vector in an auto-associative net. Find weight matrix & test the net with input
TEXT BOOKS:
1. Jyh:Shing Roger Jang, Chuen:Tsai Sun, EijiMizutani, Neuro Fuzzy and Soft Computing ,
22
Prentice: Hall of India, 2003.
2. Principles of Soft Computing, 2ed (WIND) by S.N. Deepa and S.N. Sivanandam
3. George J. Klir and Bo Yuan, Fuzzy Sets and Fuzzy Logic:Theory and Applications , Prentice
Hall, 1995.
REFERENCES:
1. Soft Computing techniques - N.P. Padhy, S.P. Simon OXFORD publishers
2. S. Rajasekaram & G.A. Vijyalakshmi Pai, Neural Networks, Fuzzy Logicand Genetic
Algorithms, PHI
3. Advances in Soft Computing: Engineering Design and Manufacturing 2003rd Edition -
Springer
4. MATLAB Toolkit Manual
23
VNR VIGNANA JYOTHI INSTITUTE OF ENGINEERING & TECHNOLOGY
M.Tech. II Semester (CNIS) L T/P C
0 3 1.5
(18PC2CN04) WEB SCRIPTING LANGUAGES LABORATORY
COURSE OBJECTIVES:
To understand the importance of the web as a medium of communication
To understand the principles of creating an effective web page, including an in-depth
consideration of information architecture
To understand PHP language for server side scripting
COURSE OUTCOMES: At the end of course, student will be able to:
CO-1: Gain knowledge of client side scripting, validation of forms and AJAX programming
CO-2: Have understanding of server side scripting with PHP language
CO-3: Have understanding of what is XML and how to parse and use XML Data with Java
Week No.
1. a) Write a Perl program to display various Server Information like Server Name, Server
Software, Server protocol, CGI Revision etc.
b) Write a Perl program to accept UNIX command from a HTML form and to display the
output of the command executed.
Write a Perl program to accept the User Name and display a greeting message
randomly chosen from a list of 4 greeting messages.
2. Write a Perl program to keep track of the number of visitors visiting the web page and
to display this count of visitors, with proper headings.
3. Write a Perl program to display a digital clock which displays the current time of the
server.
4. a) Write your first name repeated five times using a while loop.
b) Write your last name in increasing heading size starting with h1 till h6. Use a for loop
this time.
5. a) Write a function that sums the values of three numbers.
b) Write PHP code to change the background color of the page and display a
welcome message including the given name submitted in the html form.
6. Write a PHP script that will connect to your MySQL database and query your birthday
table, selecting all the rows and columns. Display the results as an HTML table in a web
page.
a) Modify the query to select only the thename column, for all rows in your birthday
table.
b) Modify the query to select all the columns in your birthday table for those rows with
a birth month in March.
c) Modify the query to select only the thename column in your birthday table for those
rows with a birth month in March.
7. Lab Internal Examination –I
8. Simple AJAX programs
9. a) Example to demonstrate how a web page can fetch information from an XML file
with AJAX
b) Display XML data in HTML Table
24
10. Example to demonstrate how a web page can communicate with a web server while
a user types characters in an input field.
11. a) Write Ruby program to get ruby version with patch number,current date and time.
b) Write a Ruby program to create a new string which is n copies of a given string
where n is a non-negative integer
12. Write a Ruby program which accept the user's first and last name and print them in
reverse order with a space between them.
13. Write a Ruby program to check three numbers and return true if one or more of them
are small. A number is called "small" if it is in the range 1..10 inclusive
14. Write a Ruby program to create a string using the first two characters (if present) of a
given string if the first character is 'p' and second one is 's' otherwise return a blank
string
15. Write a Ruby program to check two given integers and return the larger value.
However if the two values have the same remainder when divided by 5 then return the
smaller value and if the two values are the same, return 0
16. Lab Internal Examination -II
TEXT BOOKS:
1. Web Technologies, Uttam K Roy, Oxford University Press
2. The Complete Reference PHP — Steven Holzner, Tata McGraw-Hill
3. Programming Ruby, The Pragmatic Programmers' Guide 1.9, Dave Thomas, Pragmatic
Bookshelf. ISBN 0974514055
REFERENCES:
1. Learning Perl by Randal L. Schwartz O’Reilly
2. PHP & MySQL: The Missing Manual by Brett McLaughlin, 2nd edition
3. Learning PHP and MySQL by JON A. PHILLIPS and Michele E. Davis, O’Reilly publications
4. Learning Ruby by Michael James Fitzgerald, O’Reilly publications
25
VNR VIGNANA JYOTHI INSTITUTE OF ENGINEERING AND TECHNOLOGY
M.Tech. II Semester – (CNIS) L T/P C
2 0 0
(18AU5EN01) ENGLISH FOR ACADEMIC AND RESEARCH WRITING
COURSE OBJECTIVES:
To understand the usage of appropriate vocabulary. (Formal, Informal, Gender Insensitive
etc.)
To understand the features and processes of academic writing
To identify the resources
To understand standard documentation styles
COURSE OUTCOMES: At the end of course, student will be able to:
CO-1: Use appropriate vocabulary. (Formal, Informal, Slang, Gender Insensitive etc.)
CO-2: Employ processes of academic writing
CO-3: Identify the resources
CO-4: Understand standard documentation styles
UNIT-I:
Introduction to Research:
i. Identifying the topic
ii. Identifying Sources; Finding Sources
iii. Defining the broad area; Defining the specific area; Difference between a broad area
and specific area
iv. Choosing a topic
v. Mechanics of Writing – Language, Tone, Style, Ethics
UNIT-II:
Referencing & Library Skills:
i. Literature Survey
ii. Writing Objectives
iii. Hypothesis
iv. Methodology
v. Prospects for Future Research
UNIT-III:
Academic Writing Skills:
i. Paraphrasing
ii. Summarizing
iii. Quoting
iv. Rewriting
v. Expansion
UNIT-IV:
Kinds of Academic Writing:
i. Essays
ii. Reports
iii. Reviews
iv. SOPs
v. Abstracts
vi. Proposals
26
UNIT-V:
Research Process
i. Selection of Topic
ii. Formulation of Hypothesis
iii. Collection of Data
iv. Analysis of Data
v. Interpretation of Data
vi. Presentation of Data
UNIT-VI:
i. Title
ii. Abstract
iii. Introduction
iv. Literature Survey
v. Methodology
vi. Discussion
vii. Findings/Results
viii. Conclusion
ix. Documenting Sources
TEXT BOOKS:
1. Goldbort R. (2006) Writing for Science, Yale University Press (available on Google Books)
2. Highman N. (1998), Handbook of Writing for the Mathematical Sciences, SIAM. Highman’s
Book.
REFERENCES:
1. Day R. (2006) How to Write and Publish a Scientific Paper, Cambridge University Press
2. Adrian Wall work, English for Writing Research Papers, Springer New York Dordrecht
Heidelberg London, 2011
3. MLA Handbook for Research.