Last Updated on by ICT BYTE
Information Security
Course Title: Information Security Full Marks: 45+30
Course No: MIT504 Pass Marks: 22.5+15
Nature of the Course: Theory + Lab Credit Hrs: 3
Semester: I
Course Description:
This course introduces the concepts of information security. The topics covered include information security, cryptosystem, message authentication, digital signature, database and data center security, denial of service attack, intrusion detection, security administration, and digital forensics.
Course Objectives:
The main objective of this course is to make students familiar with the concepts of information security so that upon completion of the course students will be able to understand and use the best practices for securing information and computer systems.
Course Contents:
Unit 1: Information Systems Security (4 Hrs.)
Information Systems Security, Tenets of Information Systems Security, Domains of IT Infrastructures, IT Security Policy Framework, Data Classification Standards
Unit 2: Private and Public Cryptosystem (8 Hrs.)
Block Ciphers, AES, IDEA, Stream Ciphers, RC4, Stream Cipher using Feedback Shift Registers, ElGamal, Elliptic Curve Cryptography, Format Preserving Encryption, Overview of Homomorphic Encryption, Lightweight Cryptography and Post Quantum Cryptography
Unit 3: Message Authentication Codes and Digital Signature (8 Hrs.)
Message Authentication Code, HMAC, Data Authentication Algorithm, Cipher Based MAC, Digital Signature, ElGamal Digital Signature Scheme, Schnorr Digital Signature Scheme, Digital Signarture Algorithm, Elliptic Curve Digital Signature Algorithm, RSA-PSS Digital Signature Algorithm
Unit 4: Database and Data Center Security (4 Hrs.)
Database Security, SQL Injection Attacks, Database Access Control, Inference, Database Encryption, Data Center Security
Unit 5: Denial of Service Attacks (6 Hrs.)
Denial Service Attacks, Flooding Attacks, Distributed Denial Service Attacks, Application Based Bandwidth Attacks, Reflector and Amplifier Attacks, Defensing Against Denial Service Attacks, Responding to Denial Service Attacks
Unit 6: Intrusion Detection and Prevention (6 Hrs.)
Intruders, Intrusion Detection, Intrusion Detection Analysis Approaches, Host-Based Intrusion Detection, Network-Based Intrusion Detection, Hybrid Intrusion Detection, Intrusion Detection Exchange Format, Honeypots, Intrusion Prevention System
Unit 7: Security Operations and Administrations (5 Hrs.)
Security Administration, Compliance, Professional Ethics, Infrastructure for IT Security Policy, Data Classification Standards, Configuration Management, Change Management Process, Application Software Security, Software Development and Security
Unit 8: Digital Forensics (4 Hrs.)
Digital Forensics, Computer Crime, Forensic Methods and Lab, Collecting, Seizing and Protecting Evidence, Recovering Data, Operating System Forensics, Mobile Forensics
Laboratory Works:
Laboratory works include implementing and simulating the concepts in above mentioned chapters using appropriate platforms and tools
References:
- David Kim, Michael G. Solomon, Fundamentals of Information Systems Security, 4th Edition, Jones & Bartlett Learning
- William Stallings, Cryptography and Network Security: Principles and Practice, 8th Edition, Pearson
- William Stallings and Lawrie Brown, Computer Security: Principles and Practice, 4th Edition, Pearson
