BIRLA INSTITUTE OF TECHNOLOGY & SCIENCE, PILANI
WORK INTEGRATED LEARNING PROGRAMMES
Digital Learning
Part A: Course Design
|
Course Title
|
Network Security
|
|
Course No(s)
|
SS ZG513 /ES ZG513/ CSI ZG513
|
|
Credit Units
|
4
|
|
Credit Model
|
|
|
Content Authors
|
SANJAY
SAHAY
|
Course
Objectives:
|
No
|
Course Objective
|
|
CO1
|
Information security is an important area of information
technology and this course on Network Security help audience to understand
the three important security goals in the networks - Confidentiality,
Integrity and Availability and cryptographic techniques to implement these
security goals.
|
|
CO2
|
The course provides a top down approach to explore the
security implementations in different network layers - application, transport
and network.
|
|
CO3
|
The course provides a necessary review of mathematical
concepts to implement different cryptographic techniques to achieve the
network security goals and then provides a deeper dive to the field of
cryptography - symmetric and asymmetric key cryptography and methods to
implement them.
|
|
CO4
|
The course consolidates and sums up the learning taking few
case studies and examples from latest trends and industry deployments.
|
Learning
Outcomes:
|
No
|
Learning Outcomes
|
|
LO1
|
Knowledge to visualize the security goals clearly in the
networks.
|
|
LO2
|
Knowledge of mathematical background and different
cryptographic techniques to provides security in the networks.
|
|
LO3
|
Ability to compare merits and demerits of different
Cryptographic techniques and take decisions while securing a network.
|
|
LO4
|
Ability to analyze a network for security flaws and fool
proofing.
|
Text
Book(s):
|
T1
|
Stallings William: Cryptography and Network Security -
Principles and Practice, Pearson
|
Reference
Books & other resources:
|
R1
|
Forouzan B A, Mukhopadhyay Debdeep:
Cryptography and Network Security, McGraw Hill, 2nd Edition, 2010.
|
|
R2
|
Schneier
Bruice: Applied Cryptography: Protocols,
Algorithms and Source Code In C, Wiley
|
|
R3
|
Kurose James F and Keith W. Ross: Computer Networking: A
Top-Down Approach, Pearson
|
M1: Introduction
|
Type
|
Description
|
|
RL1.1
|
RL1.1.1 = Introduction -
Information Security Objectives
RL1.1.2 = Standardization in
Information Security & OSI Security Architecture
|
|
RL1.2
|
RL1.2.1 = Security Attacks
RL1.2.2 = Security Mechanisms
RL1.2.3 = Security Services
|
|
RL1.3
|
RL1.3.1 = Reference Model for
Network Security
RL1.3.2 = Techniques to
Implement Network Security - An Introduction
|
M2: Security at the Application Layer
|
Type
|
Description/Plan/Reference
|
|
RL2.1
|
RL2.1.1 = Overview - Layered
Architecture in the service model and Networking Layers
RL2.1.2 = Security at the
application layers - objectives, issues and need.
|
|
RL2.2
|
RL2.2.1 = E-Mail System
Architecture
|
|
RL2.3
|
RL2.3.1 = Introduction to PGP
RL2.3.2 = Integrity services
through PGP
RL2.3.3 = Confidentiality
services through PGP
RL2.3.4 = Brief discussion on
the Cryptographic Algorithms used in PGP
|
|
RL2.4
|
RL2.4.1 = Introduction to MIME
and MIME Headers
|
|
RL2.5
|
RL2.5.1 = Introduction to
S/MIME
RL2.5.2 = Security Services
through S/MIME
RL2.5.3 = Brief discussion on
the Certificates and Cryptographic Algorithms in S/MIME
|
M3: Security at the Transport Layer
|
Type
|
Description/Plan/Reference
|
|
RL3.1
|
RL3.1.1 = Web Security -
threats, challenges and solutions.
|
|
RL3.2
|
RL3.2.1 = Secure Socket Layer
(SSL): Introduction
RL3.2.2 = Secure Socket Layer
(SSL): Handshake Protocol
RL3.2.3 = Secure Socket Layer
(SSL): Change Cipher Spec Protocol
RL3.2.4 = Secure Socket Layer
(SSL): Alert Protocol
RL3.2.5 = Secure Socket Layer
(SSL): Record Protocol
|
|
RL3.3
|
RL3.3.1 = Secure Shell (SSH)
Protocol for Secure Remote Login
|
M4: Security at the Network Layer
|
Type
|
Description/Plan/Reference
|
|
RL4.1
|
RL4.1.1 = Security Challenges
at the Network Layer
RL4.1.2 = IP Security (IPSec)
Overview
|
|
RL4.2
|
RL4.2.1 = IP Security -
Different Variations
RL4.2.2 = IP Security
Architecture
RL4.2.3 = Security Policy - IP
Security Packer Processing
|
M5: Classical Encryption
Techniques
|
Type
|
Description/Plan/Reference
|
|
RL5.1
|
RL5.1.1 = Classical Encryption
Techniques - Introduction
RL5.1.2 = Cryptanalytic
Attacks and Security Criteria
|
|
RL5.2
|
RL5.2.1 = Caesar Cipher - A
classical substitution encryption technique
RL5.2.4 = Playfair Cipher
RL5.2.5 = Polyalphabetic
Ciphers - Vigenère Cipher
RL5.2.6 = Vernam and One Time
Pad Ciphers
RL5.2.7 = Comparison of
Classical Substitution Encryption Techniques
|
|
RL5.3
|
RL5.3.1 = Transposition Encryption Technique
|
M6: Mathematics for Symmetric Key
Cryptography
|
Type
|
Description/Plan/Reference
|
|
RL6.1
|
RL6.1.1 = Basic Number Theory
RL6.1.2 = GCD and Euclidean's
Theorem
RL6.1.3 = Matrix Mathematics
|
M7: Block Ciphering Techniques
|
Type
|
Description/Plan/Reference
|
|
RL7.1
|
RL7.1.1 = Block Ciphering
RL7.1.2 =
RL7.1.3 = Feistel Cipher Structure
|
|
RL7.2
|
RL7.2.1 = Data Encryption
Standard (DES)
|
M8: Pseudo Random Number (PRN) Generation and Stream Ciphering
|
Type
|
Description/Plan/Reference
|
|
RL8.1
|
RL8.1.1 = Pseudo Random Number
Generation (PRN)
|
|
RL8.2
|
RL8.2.1 = Introduction to
Stream Ciphering
RL8.2.2 = Example of Stream
Ciphering - RC4
|
|
RL8.3
|
RL8.3.1 = True Random Number
Generation
|
M9: Mathematics for Asymmetric Key Cryptography
|
Type
|
Description/Plan/Reference
|
|
RL9.1
|
RL9.1.1 = Fermat's Theorem
RL9.1.2 = Euler's Theorem
RL9.1.3 = Primitive Roots
|
M10: Asymmetric (Public) Key Cryptography
|
Type
|
Description/Plan/Reference
|
|
RL10.1
|
RL10.1.1 = Reference Model
for Asymmetric (Public) Key Cryptography
|
|
RL10.2
|
RL10.2.1 = Public Key
Cryptosystems - RSA
RL10.2.2 = Public Key
Cryptosystems - ElGamal and
RL10.2.3 = Diffie-Hellman Key
Exchange Algorithm
|
M11: Data Integrity
|
Type
|
Description/Plan/Reference
|
|
RL11.1
|
RL11.1.1 = Hash Functions and
Properties
|
|
RL11.2
|
RL11.2.1 = Secure Hash
Algorithms (SHA)
RL11.2.3 = Message
Authentication Codes (MAC)
|
M12: Mutual Trust - Key
Management
|
Type
|
Description/Plan/Reference
|
|
RL12.1
|
RL12.1.1 = Distribution of
Symmetric Key
|
|
RL12.2
|
RL12.2.1 = Distribution of
Asymmetric (Public) Keys
RL12.2.2 = Basic Concept of Public
Key Certificates
RL12.2.3 = X.509 Certificate
Structure
|
M13: User Authentication and Digital
Signatures
|
Type
|
Description/Plan/Reference
|
|
RL13.1
|
RL13.1.1 = Problem Statement
of User Authentication
RL13.1.2 = Kerberos-4.0 with
details
|
|
RL13.2
|
RL13.2.1 = Basic Concept of
Digital Signatures with one algorithm example
|
Instructional
Plan:
|
Sl. No.
|
Contact Session
|
Pre-contact Session Preparation
|
Post Contact Session Homework
|
|
1
|
CS-1
|
Recorded Lectures for
Module-1
|
Uses
of Wireshark
|
|
2
|
CS-2
|
Recorded Lectures for
Module-1
|
Uses
of Wireshark
|
|
3
|
CS-3
|
Recorded Lectures for
Module-5
|
Review
the Simple attack to break the cryptosystem
|
|
4
|
CS-4
|
Recorded Lectures for
Module-6
|
Caesar/Affine Cipher
–Worksheet and Lab Program
|
|
5
|
CS-5
|
Recorded Lectures for
Module-8
|
Find out more on Intel
processors that include True RNG
|
|
6
|
CS-6
|
Recorded Lectures for
Module-8
|
Stream Cipher - RC4 Lab
Program – Worksheet.
|
|
7
|
CS-7
|
Recorded Lectures for
Module-6
|
Relevance of Extended
Euclidean Algorithm
|
|
8
|
CS-8
|
Recorded Lectures for Module-6
|
Example of Polynomial
Arithmetic
|
|
9
|
CS-9
|
Recorded Lectures for
Module-7
|
Understand the algebra
of AES e.g. finding inverse etc.
|
|
10
|
CS-10
|
NA
|
Implementation of AES
|
|
11
|
CS-11
|
Review Session before
Mid-Semester Exams
|
|
|
12
|
CS-12
|
NA
|
Modes
of Operations Implementation
|
|
13
|
CS-13
|
Recorded Lectures for
Module-11
|
CBC-MAC
implementation
|
|
14
|
CS-14
|
Recorded Lectures for
Module-9, 10
|
Generation
of Large Prime Numbers
|
|
15
|
CS-15
|
Recorded Lectures for
Module-9, 10
|
RSA
Lab Programs
|
|
16
|
CS-16
|
Recorded Lectures for Module-12,
13
|
Check
a digital certificate while accessing a secure website and compare its
structure with X.509 standard
|
|
17
|
CS-17
|
Recorded Lectures for
Module-12, 13
|
Authentication
with Digital Certificate
|
|
18
|
CS-18
|
Recorded Lectures for
Module-2
|
S/MIME
in MS-Outlook - worksheet.
|
|
19
|
CS-19
|
Recorded Lectures for
Module-3
|
SSL
Protocol Analysis using Wireshark - worksheet.
|
|
20
|
CS-20
|
Recorded Lectures for
Module-3
|
SSH
Channel Types - Experimentation using PuTTY and XMing - worksheet.
|
|
21
|
CS-21
|
Recorded Lectures for
Module-4
|
IPSec
with Wireshark - Worksheet.
|
|
22
|
CS-10
|
Review Session Before
Comprehensive Exams
|
|
Contact Session
Details:
|
Sl. No.
|
Contact Session
|
Details need to be covered in the
contact session
|
|
1
|
CS-1
|
o Network Security and OSI Security Architecture
o Review of Attacks, Mechanisms and Services, Network Security
Model
|
|
2
|
CS-2
|
o Network Security Model
o Techniques to Implement Network Security
|
|
3
|
CS-3
|
o Cryptography, Classical Encryption
o Breaking the Cryptosystem
|
|
4
|
CS-4
|
o Modular Arithmetic, Groups and Rings
o One example each in classical substitutive and transposition
ciphering.
|
|
5
|
CS-5
|
o Random numbers, its types and usage.
o TRNG, PRNG, CSPRNG
o Review of BBS
|
|
6
|
CS-6
|
o Stream Ciphering
o RC4 algorithm
|
|
7
|
CS-7
|
o Basic Number Theory
o Extended Euclidean Algorithm
|
|
8
|
CS-8
|
o Galois Field
o Polynomial Arithmetic
|
|
9
|
CS-9
|
o Block Ciphering
o Confusion and Diffusion Theory
|
|
10
|
CS-10
|
o AES and its importance in security
o Efficient implementation of AES.
|
|
11
|
CS-11
|
Recapitulation of the
all the sessions / problem solving before mid-semester exams
|
|
12
|
CS-12
|
o Modes of Operation and its applications
o Multiple Encryption and Meet-in-the Middle Attack
|
|
13
|
CS-13
|
o SHA-1 and SHA-3
o HMAC and CBC-MAC and its Security
|
|
14
|
CS-14
|
o Model of Asymmetric Key Cryptography
o Factorization and other methods for Public Key Cryptography
|
|
15
|
CS-15
|
o RSA and OAEP
o Diffe-Hellman Key Exchange and its Security Aspects
|
|
16
|
CS-16
|
o Distribution of Symmetric and Asymmetric Key
o Digital Signature: DSA
o X.509 Certificate
o Man-in-the Middle Attack
|
|
17
|
CS-17
|
o User/Entity Authentication
o Kerberos
|
|
18
|
CS-18
|
o Review of PGP - Authentication and Confidentiality.
o Review of MIME and S/MIME with a short review of SMTP.
|
|
CS-19
|
o Review of SSL Protocols.
o Review of SSH, its phases and its supported channel types.
|
|
|
20
|
CS-20
|
o Need for IPSec
o Details of ESP and brief idea of AH.
|
|
21
|
CS-21
|
o SAD and SPD with inbound/outbound packet processing.
o Discussion on the IPSec - worksheet.
|
|
22
|
CS-22
|
Recapitulation of the
all the sessions / problem solving before comprehensive exams.
|
Evaluation
Scheme:
Legend: EC =
Evaluation Component; AN = After Noon Session; FN = Fore Noon Session
|
No
|
Name
|
Type
|
Duration
|
Weight
|
Day, Date, Session, Time
|
|
EC-1
|
Quiz-I/ Assignment-I
|
Online
|
-
|
5%
|
February 1 to 10,
2018
|
|
|
Quiz-II
|
Online
|
-
|
5%
|
March 1 to 10, 2018
|
|
|
Lab
|
Online
|
-
|
10%
|
March 20 to 30,
2018
|
|
EC-2
|
Mid-Semester Test
|
Closed Book
|
2 hours
|
30%
|
03/03/2018 (FN) 10 AM – 12 Noon
|
|
EC-3
|
Comprehensive Exam
|
Open Book
|
3 hours
|
50%
|
21/04/2018 (FN) 9 AM – 12 Noon
|
Note - Evaluation components can be tailored depending on the
proposed model.
Important Information:
Syllabus for
Mid-Semester Test (Closed Book): Topics covered in session Nos. 1 to 11
Syllabus for
Comprehensive Exam (Open Book): All topics (Session Nos. 1 to 22)
Important links and information:
Students are
expected to visit the Elearn portal on a regular basis and stay up to date with
the latest announcements and deadlines.
Contact sessions:
Students should attend the online lectures as per the schedule provided on the
Elearn portal.
Evaluation Guidelines:
1. EC-1
consists of either two Assignments or three Quizzes. Students will attempt them
through the course pages on the Elearn portal. Announcements will be made on
the portal, in a timely manner.
2. For
Closed Book tests: No books or reference material of any kind will be permitted.
3. For Open
Book exams: Use of books and any printed / written reference material (filed or
bound) is permitted. However, loose sheets of paper will not be allowed. Use of
calculators is permitted in all exams. Laptops/Mobiles of any kind are not
allowed. Exchange of any material is not allowed.
4. If a
student is unable to appear for the Regular Test/Exam due to genuine
exigencies, the student should follow the procedure to apply for the Make-Up
Test/Exam which will be made available on the Elearn portal. The Make-Up
Test/Exam will be conducted only at selected exam centers on the dates to be
announced later.
It shall be the
responsibility of the individual student to be regular in maintaining the self
study schedule as given in the course handout, attend the online lectures, and
take all the prescribed evaluation components such as Assignment/Quiz,
Mid-Semester Test and Comprehensive Exam according to the evaluation scheme
provided in the handout.
Thank you for the valuable blog post. The blog consists of informational content about the topic I really appreciate your post.YOu may also visit Global Tech Council to get the best deal.
ReplyDeleteVisit- Network security certification
poker siteleri
ReplyDeletebonus veren siteler
betmatik
mobil ödeme bahis
tipobet
kralbet
betpark
slot siteleri
kibris bahis siteleri
ELYQ2G