III B.TECH IISEMESTER 2015-16 · 2015-16 course file of network security iii b.tech iisemester b....

2015-16

COURSE FILE

OF

NETWORK SECURITY

III B.TECH IISEMESTER

B. NAGESWARA RAO

ASSOCIATE PROFESSOR

FACULTY DETAILS:

Name of the Faculty:: B.NAGESWARA RAO

Designation: Assoc.Prof

Department:: CSE

COURSE DETAILS

Name Of The Programme:: B.Tech cse Batch:: 2013

Designation::

Year Semester II

Department:: cse

Title of The Subject NS Subject Code

No of Students 65

COURSE PLAN

2015-16

Regulation: R12

COURSE PLAN

2015-16

Regulation: R12

FACULTY DETAILS:

Name of the Faculty:: B.NAGESWARA RAO Designation: Assoc.Prof

Department:: CSE

1. TARGET

a) Percentage Pass 100

b) Percentage I class 90

2. COURSE PLAN

(Please write how you intend to cover the contents: i.e., coverage of Units by lectures, guest lectures, design exercises, solving numerical problems, demonstration of models, model preparation, or by assignments, etc.)

3. METHOD OF EVALUATION

3.1. Continuous Assessment Examinations (CAE 1, CAE 2)

3.2. Assignments / Seminars

3.3. Mini Projects

3.4. Quiz

3.5. Term End Examination

3.6. Others

4. List out any new topic(s) or any innovation you would like to introduce in teaching the subject in this Semester.

Signature of HOD Signature of Faculty Date: Date: 7/3/2014

FACULTY DETAILS:

Name of the Faculty:: B.NAGESWARA RAO


Department:: CSE

Guidelines for Preparing the Course:

Course Description:

The course covers theory and practice of computer security, focusing in particular on the security aspects of the web and Internet. It surveys cryptographic tools used to provide security, such as shared key encryption (DES, 3DES, RC-4/5/6, etc.); public key encryption, key exchange, and digital signature (Diffie-Hellmann, RSA, DSS, etc.). It then reviews how these tools are utilized in the internet protocols and applications such as SSL/TLS, IPSEC, Kerberos, PGP, S/MIME, SET, and others (including wireless). System security issues, such as viruses, intrusion, and firewalls, will also be covered.

Course Objectives:

1. To defined security goals , security attacks ,security services and security mechanism to Security services.

2. T o introduce two techniques , cryptography and steganography to implement security mechanisms

3. To know the general model for security encryption process then to look at three impotent Block encryption algorithms and to introduce symmetric stream encryption. And Applications af these algorithms to achieve confidentiality.

4. To discuss the use of message authentication codes and hash fictions ,public key encryption principles and algorithms,

5. To look at the use of public-key encryption to produce digital signature and issues of key Management.

6. To discuss two protocols that provide security for electronic mail such as PGP and S/MIME

7. To know the importance of IPSec and its architecture and functionalities. 8. To discuss the importance of Web security, protocols and their architectures.

9. To discuss the various Network management protocols and their architectures. 10. To discuss about Intruders , viruses, related threats, To discuss an overview of functionality and

design principles of Firewalls, To discuss the concepts of Trusted system and Intrusion Detection Systems

GUIDELINES TO STUDY THE SUBJECT

2015-16

Regulation: R12

Learning Outcomes: Upon completion of this course, students will be able to:

1. Students can explain the differences between the three major goals of information security: confidentiality, integrity and availability, and can list and explain one Technique for ensuring each.

2. Students can explain how public key cryptography can be used to ensure the identity

of the sender of an encrypted message.

3. Able to demonstrate and apply concept and principle of security Attacks, Services and

Mechanisms.

4. Able to demonstrate existing Conventional encryption algorithms.

5. Expertise in Message authentication, Hash function and Public key encryption.

6. Able to applying Cryptographic algorithms in various real time applications.

7. Able to Investigate and perform various security vulnerability tests.

8. Able to understand impact of the security attacks in real time applications

9. Understand the security vulnerabilities in existing Cryptograph algorithms and network

security protocols.

FACULTY DETAILS: Name of the Faculty:: B.Nageswara Rao

Designation: Assoc.Prof Department:: CSE

On completion of this Subject / Course the student shall be able to:

S.No. Objectives Outcomes 1.

To defined security goals , security attacks ,security services and security mechanism to Security services.

1 2.

T o introduce two techniques , cryptography and steganography to implement security mechanisms

2 3.

To know the general model for security encryption process then to look at three impotent Block encryption algorithms and to introduce symmetric stream encryption. And Applications of these algorithms to achieve confidentiality.

3,4

4.

To discuss the use of message authentication codes and hash fictions ,public key encryption principles and algorithms,

5 5.

To look at the use of public-key encryption to produce digital signature and issues of key Management 5

6.

To discuss two protocols that provide security for electronic mail such as PGP and S/MIME

6 7.

To know the importance of IPSec and its architecture and functionalities 7 8.

To discuss the importance of Web security, protocols and their architectures.

8

9.

Discuss the various Network management protocols and their architectures.

9 10.

To discuss about Intruders , viruses, related threats, To discuss an overview of functionality and design principles of Firewalls, To discuss the concepts of Trusted system and Intrusion Detection Systems 10

Signature of Faculty Date:

Note: For each of the OBJECTIVE indicate the appropriate OUTCOMES to be achieved. Kindly refer Page 16, to know the illustrative verbs that can be used to state the objectives.

COURSE OBJECTIVES

2015-16

Regulation: R12

4

FACULTY DETAILS: Name of the Faculty:: B.Nageswara Rao

Designation: Assoc.Prof Department:: CSE

The expected outcomes of the Course / Subject are:

S.No. General Categories of Outcomes Specific Outcomes of the Course

A. An ability to apply knowledge of mathematics,

science, and engineering

B. An ability to design and conduct experiments, as

well as to analyze and interpret data

An ability to design a system, component, or

C. process to meet desired needs within realistic

Constraints such as economic, environmental,

social, political, ethical, health and safety,

Manufacturability and sustainability

D. An ability to function on multi-disciplinary teams

E. An ability to identify, formulate, and solve

engineering problems

F. An understanding of professional and ethical

responsibility

G. An ability to communicate effectively

The broad education necessary to understand the

H. impact of engineering solutions in a global,

economic, environmental, and societal context

I. A recognition of the need for, and an ability to

engage in life-long learning

J. A knowledge of contemporary issues

An ability to use the techniques, skills, and

K. modern engineering tools necessary for

engineering practice.

Objectives – Outcome Relationship Matrix (Indicate the relationships by mark).

Outcomes A B C D E F G H I J K

Objectives

1.

2.

3.

4.

5.

6.

7.

8.

9.

10.

5

COURSE OUTCOMES

2015-16

Regulation: R12

FACULTY DETAILS: Name of the Faculty:: B.NageswaraRao

Designation: Assoc.prof Department:: CSE

The Schedule for the whole Course / Subject is:: 74

S. No. Description Duration (Date) Total No.

From To of Periods

1.

Security goals, security attacks, security services and security mechanism to Security services.

14-12-15 28-12-15 11

2.

Conventional encryption principles 29-12-15 11-1-16 10

3.

public key cryptography principles and algorithms, 12-01-16 25-01-16 10

4.

Electronic mail security

27-01-16 6-02-16 9

5.

IP Security

15-02-14 26-02-16 9

6.

Web security

27-02-63 9-03-16 8

7

Simple Network management

protocols 11-03-16 22-03-16

9

8

Fire walls and IDS 26-03-16 6-04-16 8

Total No. of Instructional periods available for the course: 70 Hours / Periods

COURSE SCHEDULE

2015-16

Regulation: R12

SCHEDULE OF INSTRUCTIONS

2015-16

UNIT - I Regulation: R12

FACULTY DETAILS:

Name of the Faculty:: B.Nageswara Rao


Department:: CSE


SI.

No. of Objectives & References

Date Topics / Sub - Topics

Outcome (Text Book, Journal…)

No. Periods

Nos. Page No___ to ___

1

14-12-

15

1 Security attacks,( Interruption, Interception, Modification and Fabrication 1 1

T1

2

15-12-

15

1 Security Services (Confidentiality, Authentication ,Integrity, Non-repudiation, access control and Availability), and 1 1

T1

3

16-12-

15

1 Mechanisms,

1 1

T1

4

18-12-

15

1 A Model for Internetwork Security

1 1

T1

5

19-12-

15

1 Internet Standards and RFCs.

1 1

T1

6

21-12-

15

1 Buffer overflow

1 1

T2 T

2

7

22-12-

15

1 format string vulnerabilities

1 1

T2 T

2

8

23-12-

15

2 Secure hash functions and HMAC TCP

session hijacking 1 1

T2 T

2

9

26-12-

15

1 ARP attacks route table modifications

1 1

T2 T

2

10

28-12-

15

1 . UDP hijacking, and man-in-the-middle

attacks

1 1

T2 T

2

Signature of Faculty Date

Note: 1. ENSURE THAT ALL TOPICS SPECIFIED IN THE COURSE ARE MENTIONED. 2. ADDITIONAL TOPICS COVERED, IF ANY, MAY ALSO BE SPECIFIED BOLDLY. 3. MENTION THE CORRESPONDING COURSE OBJECTIVE AND OUT COME NUMBERS AGAINST EACH TOPIC.


2015-16

UNIT - II Regulation: R12

FACULTY DETAILS:



Department:: CSE


SI.




No. Periods


1 29 -12-15 1

Conventional Encryption Principles,

2 2

T1

2 30

-12--

15,1-16 2 Symmetric algorithms, DES

2 2

T1

3

2

&

4 -1-16 2

AES algorithms

2 2

T1

4 5 -1-16 1

RC4 algorithm

2 2

T1

5 6 -1-16 1

Cipher block modes of operation

2 2

T1

6 8 -1-16 1

Distribution approaches of Message Authentication.

2 2

T1

7 9 -1-16 1

location of encryption devices key

2 2

T1

8 11-1-16 1

Secure hash functions and HMAC

2 2

T1


Note: 1. ENSURE THAT ALL TOPICS SPECIFIED IN THE COURSE ARE MENTIONED. 2. ADDITIONAL TOPICS COVERED, IF ANY, MAY ALSO BE SPECIFIED BOLDLY.

MENTION THE CORRESPONDING COURSE OBJECTIVE AND OUT COME NUMBERS AGAINST EACH TOPIC.


2015-16

UNIT - III Regulation: R12

FACULTY DETAILS:



Department:: CSE


SI.




No. Periods


1

12-01-

16 1

Public key cryptography principles

3 3

T1

2

13-01-

16 1

Public key cryptography algorithms ,RSA

3 3

T1

3

16,-01-

16 1 Diffie-Hellman Key Exchange algorithm

3 3

T1

4

18-01-

16 1 Elliptic-curve cryptography snd DSS

3 3

T1

5

19-01-

16 1 digital signatures& certificates

3 3

T1

6

20-01-

16 1 Key management &Certificate authority

3 3

T1

7

21,22,-

01-16 2 Kerberos ,versions

3 3

T1

8

23,25-

1-16 2

X.509 Directory authentication service.

3 3

T1





2015-16

UNIT - IV Regulation: R12

FACULTY DETAILS:



Department:: CSE


SI.




No. Periods


1 27-1-16 1

Electronic mail security

PGP 4 4

T1 T

1

2 28-1-16 1

Pretty Good Privacy

4 4

T1 T

1

3 29-1-16 1

Pretty Good Privacy

4 4

T1 T

1

4

30,1/1-

16 2

s/mime

4 4

T1 T

1

5 2-2-16 1

S/MIME

4 4

T1 T

1

6 3-2-16 1

S/MIME

4 4

T1 T

1

7 5-2-16 1

PGP Revision

4 4

T1 T

1

8 6-2-16 1

S/MIME Revision

4 4

T1 T

1





2015-16

UNIT - V Regulation: R12

FACULTY DETAILS:



Department:: CSE


SI.




No. Periods


1 15-2-16 1

IP Security Overview

5 5

T1

2 16-2-16 1

IP Security architecture

5 5

T1

3 17-2-16 1

Authentication Header

5 5

T1

4

19,20-

2-16 2 ESP

5 5

T1

5 22-2-16 1

5 5

T1

6 23-2-16 1

combining security associations

5 5

T1

7 24—16 1 Key Management, Oakley protocol

5 5

T1

8 26-2-16 1 ISAKMP

5 5

T1





2015-16

UNIT - VI Regulation: R12

FACULTY DETAILS:



Department:: CSE


SI.




No. Periods


1 27-2-16 1

Web security requirements

6 6

T1

2 29-2-16 1

Secure Socket Layer (SSL)

6 6

T1

3 1-03-16 1

Secure Socket Layer (SSL)

6 6

T1

4 2-03-16 1 Handshake protocol

6 6

T1

5 4-03-16 1 TLS

6 6

T1

6 5-03-16 1 Secure Electronic Transaction, Overview

6 6

T1

7 8-03-16 1 Dual Signature

6 6

T1

8 9-03-16 1 Payment Processing

6 6

T1





2015-16

UNIT - VII Regulation: R12

FACULTY DETAILS:



Department:: CSE


SI.




No. Periods


1 11-3-16 1

Basic concepts of SNMP

7 7

T1

2 14-3-16 1

SNMPv1,

7 7

T1

3 15-3-16 1

Community facility

7 7

T1

4 16-3-16 1

and SNMPv3

7 7

T1

5 17-3-14 1

Intruders,

7 7

T1

6 18-3-16 1

Password management

8 7

T1

7

19-

21,3-16 2

Viruses

9

T1

8 22-3-16 1

related threats

8 7

T1





2015-16

UNIT - VIII Regulation: R12

FACULTY DETAILS:



Department:: CSE


SI.




No. Periods


1

26-03-

16 1 Firewall design principles

9 8

T1

2 28-3-16 1 Firewall design principles

10 9

T1

3 29-3-14 1 Trusted Systems

10 9

T1

4 30-3-16 1 Trojan Horse Defense

10 9

T1

5 1-4-16 1

Intrusion Detection Systems.

10 9

T1

6

2,4-4-

16 2

Intrusion Detection Systems

10 9

T1

7 6-4-16 1

Previous questions

10 9

T1




COURSE COMPLETION STATUS

2015-16

Regulation: R12

FACULTY DETAILS:


Subject:: Subject Code

Department::

Actual Date of Completion & Remarks, if any

Nos. of

Units Remarks Objectives

Achieved

Unit 1

Completed as per schedule 1

Unit 2 Completed as per schedule 2



5



Unit 7 7

Unit 8 8,9

Signature of Dean of School Signature of Faculty Date: Date:

NOTE: AFTER THE COMPLETION OF EACH UNIT MENTION THE NUMBER OF OBJECTIVES ACHIEVED.

FACULTY DETAILS:



Department:: CSE

The Schedule for the whole Course / Subject is::

Date:

This Tutorial corresponds to Unit Nos.I,II Time:

1.What is the OSI security architecture? 2.List and briefly define categories of passive and active security attacks. 3Explain the network security model.

4. What are the essentials ingredients of a symmetric cipher? 5. Compare DES, 3DES, and AES? 6. What is the difference between a session key and a master key? 7. What is the difference between a block cipher and a stream cipher? 8. What is the difference between a link and end to end encryption? 9. What are the advantages of key distributions?

Please write the Questions / Problems / Exercises which you would like to give to the students and also mention the

objectives to which these questions / Problems are related.


TUTORIAL SHEETS - I

2015-16

Regulation: R12

FACULTY DETAILS:



Department:: CSE

The Schedule for the whole Course / Subject is::

Date:

This Tutorial corresponds to Unit Nos. Time:

1. List three approaches to message authentication? 2. What is a message authentication code? 3. List HMCA Design objectives? 4. How is MA Different from HMAC?

5. Give examples of applications of IPSec. 6. what services are provided by IPSec? 7. List different encryption and authentication algorithms which are used for AH andESP. 8. what is a replay attack? 9. List disadvantages(weaknesses) of Diffie-Hellman key exchange algorithm. 10. .List and briefly define three classes of intruders. 11. .what is the different between statistical anomaly detection and rule-base intrusion detection? 12. List three design goals for a firewall.

Please write the Questions / Problems / Exercises which you would like to give to the students and also mention the

objectives to which these questions / Problems are related.


TUTORIAL SHEETS - II

2015-16

Regulation: R12

These verbs can also be used while framing questions for Continuous Assessment Examinations as well as for End – Semester (final) Examinations.

ILLUSTRATIVE VERBS FOR STATING GENERAL OBJECTIVES

Know Understand Analyze Generate

Comprehend Apply Design Evaluate

ILLUSTRATIVE VERBS FOR STATING SPECIFIC OBJECTIVES:

A. Cognitive Domain

1 2 3 4 5 6

Knowledge

Comprehension Application

Analysis

Synthesis Evaluation

Understanding

of knowledge & of whole w.r.t. its combination of judgement

comprehension

constituents ideas/constituents

Define Convert Change Breakdown Categorize Appraise

Identify Defend Compute Differentiate Combine Compare

Label Describe (a Demonstrate Discriminate Compile Conclude

List procedure) Deduce Distinguish Compose Contrast

Match Distinguish Manipulate Separate Create Criticize

Reproduce Estimate Modify Subdivide Devise Justify

Select Explain why/how Predict Design Interpret

State Extend Prepare Generate Support

Generalize Relate Organize

Give examples Show Plan

Illustrate Solve Rearrange

Infer Reconstruct

Summarize Reorganize

Revise

B. Affective Domain C. Psychomotor Domain (skill development)

Adhere Resolve Bend Dissect Insert Perform Straighten

Assist Select Calibrate Draw Keep Prepare Strengthen

Attend Serve Compress Extend Elongate Remove Time

Change Share Conduct Feed Limit Replace Transfer

Develop Connect File Manipulate Report Type

Help Convert Grow Move preciselyReset Weigh

Influence Decrease Handle Operate Run

Initiate Demonstrate Increase Paint Set

ILLUSTRATIVE VERBS

FOR STATING

INSTRUCTIONAL OBJECTIVES

2015-16

Regulation: R12

LESSON PLAN

Unit-1

2015-16

Regulation: R12

Name of the Faculty: B.NAGESWARARAO

Subject NS Subject Code ns

Unit 1

INSTRUCTIONAL OBJECTIVES: 11

On completion of this lesson the student shall be able to(Outcomes)

Unit 1 Learning Outcomes Upon successful completion of this unit, the student will be able to

.explain the meaning and importance of information security;

explain the ideas behind the basic security concepts as confidentiality, integrity,

and availability;

Session

No Topics to be covered

Time

Ref

Teaching

Method

1 Security attacks,( Interruption, Interception, Modification and Fabrication

50 minuts

T1 Black Board

2 Security Services (Confidentiality, Authentication ,Integrity, Non-repudiation, access control and Availability), and

50 T1 Black Board

3 Mechanisms, 50 T1 Black Board

4 A Model for Internetwork Security 50 T1 Black Board

5 Internet Standards and RFCs.

50 T1

Black

Board,PPT

6 Buffer overflow 50 T2 Black Board

7 format string vulnerabilities

50 T2

Black

Board,PPT

8 Secure hash functions and HMAC TCP session hijacking

50 T2 PPT

9 ARP attacks route table modifications 50 T2 Black Board

10 . UDP hijacking, and man-in-the-middle attacks

50 T2 Black Board

explain the concepts of data and network security as different aspects of

information security;

list the key objectives behind securing information and information systems; and

list some examples of information assets and associated threats.

ASSIGNMENT

Unit-I

2015-16

Regulation: R12

Assignment / Questions 1.What is the OSI security architecture? 2.List and briefly define categories of passive and active security attacks. 3Explain the network security model.

Signature of Faculty Note: Mention for each question the relevant objectives and outcomes.

LESSON PLAN

Unit-II

2015-16

Regulation: R12

Name of the Faculty: B.Nageswara Rao

Subject NS Subject Code NS

Unit II


On completion of this lesson the student shall be able to

.

Upon successful completion of this unit, the student will be able to

describe the need for cryptographic algorithms in the context of overall information

security;

explain the steps in DES algorithm for encrypting data;

Sessio

n

No

Topics to be covered

Time

Ref

Teaching

Method

1 Conventional Encryption Principles,

50 Minuts

T1

Black

Board

2 Symmetric algorithms, DES 50 T1

Black

Board

3 AES algorithms

50 T1

Black

Board

4 RC4 algorithm

50 T1

Black

Board

6 Cipher block modes of operation

50 T1

Black

Board,PPT

7 Distribution approaches of Message Authentication. 50 T1

Black

Board

8 location of encryption devices key

50 T1

Black

Board,PPT

9 Secure hash functions and HMAC

50 T1 PPT

explain the steps in Triple DES algorithm for encrypting data; and

explain the steps in AES algorithm for encrypting data.

ASSIGNMENT

Unit-II

2015-16

Regulation: R12

Assignment / Questions

10. 1. What are the two basic functions used in encryption algorithms? 11. What are the essentials ingredients of a symmetric cipher? 12. Compare DES, 3DES, and AES? 13. What is the difference between a session key and a master key? 14. What is the difference between a block cipher and a stream cipher? 15. What is the difference between a link and end to end encryption? 16. What are the advantages of key distributions?


LESSON PLAN

Unit-III

2015-16

Regulation: R12


Subject NS Subject Code NS

Unit III


On completion of this lesson the student shall be able to(Outcomes)


compare and contrast symmetric and asymmetric encryption algorithms;

explain the basic idea behind public-key-based asymmetric algorithms for

encryption-based security of information;

explain the steps in RSA public-key algorithm; and

Session


Time

Ref

Teaching

Method

1 Public key cryptography principles

50 T1

Black

Board

2 Public key cryptography algorithms ,RSA

50 T1

Black

Board

3 Diffie-Hellman Key Exchange algorithm 50 T1

Black

Board

4 Elliptic-curve cryptography snd DSS 50 T1

Black

Board

5 digital signatures& certificates 50 T1

Black

Board,PPT

6 Key management &Certificate authority 50 T1

Black

Board

7 Kerberos ,versions 50 T1

Black

Board,PPT

8 X.509 Directory authentication service.

50 T1 PPT

9 Public-key Infrastructure 50 T1 Black Board

explain the steps in Diffie-Hellman public-key algorithm.

ASSIGNMENT

Unit-III

2015-16

Regulation: R12

Assignment / Questions

13. List three approaches to message authentication? 14. What is a message authentication code? 15. List HMCA Design objectives? 16. How is MA Different from HMAC? 17. What is the difference between a private key and a secret key? 18. What is the digital signature? 19. What is a public key certificate? 20. Explain different crypto algorithms where public key crypto systems are used?


LESSON PLAN

Unit-IV

2015-16

Regulation: R12


Subject NS Subject Code

Unit IV


On completion of this lesson the student shall be able to (Outcomes)


. Explain how Pretty Good Privacy (PGP) secures data

explain the need for security protocols in the context of use with Internet-based

applications;

describe how S/MIME is an Internet standard approach to e-mail security that

incorporate the same functionality as PGP.

.

2.

Session


Time

Ref

Teaching

Method

1 Electronic mail security

PGP

50 T1

Black

Board

2 Pretty Good Privacy 50 T1

Black

Board

3 Pretty Good Privacy 50 T1

Black

Board

4 s/mime 50 T1

Black

Board

5 S/MIME 50 T1

Black

Board,PPT

6 S/MIME 50 T1

Black

Board

7 PGP Revision 50 T1

Black

Board,PPT

8 S/MIME Revision 50 T1 PPT

Black Board

ASSIGNMENT

Unit-IV

2015-16

Regulation: R12

Assignment / Questions 1.What are the five principal services provided by PGP? 2. what is radix-64 conversion?How is it used for an e-mail application? 4 How does PGP provide public key management? 5.what is S/MIME


LESSON PLAN

Unit-V

2015-16

Regulation: R12



Unit V



explain the need for security protocols in the context of use with Internet-based

applications;

describe how Internet Protocol Security (IPSec) secures communications over the

Internet; and

explain how key management portion of IPSec involves the determation and

distribution of secret keys..

Describe how Authentication Header provides support for data integrity and

authentication of packets.

2.

ASSIGNMENT 2015-16

Session


Time

Ref

Teaching

Method

1 IP Security Overview

50 T1

Black

Board

2 IP Security architecture

50 T1

Black

Board

3 Authentication Header

50 T1

Black

Board

4 ESP 50 T1

Black

Board

5 50 T1

Black

Board,PPT

6 combining security associations

50 T1

Black

Board

7 Key Management, Oakley protocol 50 T1

Black

Board,PPT

8 ISAKMP 50 T1 PPT

Unit-V

Regulation: R12

Assignment / Questions 1.Give examples of applications of IPSec. 2.what services are provided by IPSec? 3.List different encryption and authentication algorithms which are used for AH andESP. 4what is a replay attack? 5.List disadvantages(weaknesses) of Diffie-Hellman key exchange algorithm.


LESSON PLAN

Unit-VI

2015-16

Regulation: R12



Unit



.

Describe how Secure Sockets Layer (SSL) enables security of several internet-

based applications;

Describe how TLS enables security of several internet-based applications.

Describe how Secure electronic transaction (SET) is an open encryption and

security specification designed to protect credit card transactions on the Internet.

Session


Time

Ref

Teaching

Method

1 Web security requirements

50 T1

Black

Board

2 Secure Socket Layer (SSL)

50 T1

Black

Board

3 Secure Socket Layer (SSL)

50 T1

Black

Board

4 Handshake protocol 50 T1

Black

Board

5 TLS 50 T1

Black

Board,PPT

6 Secure Electronic Transaction, Overview 50 T1

Black

Board

7 Dual Signature 50 T1

Black

Board,PPT

8 Payment Processing 50 T1 PPT

2.

ASSIGNMENT

Unit-VI

2015-16

Regulation: R12

Assignment / Questions 1List different alert codes of TLS protocol. 2. list the series of messages exchanged between client and server in handshake protocol. 3what services are provided by the SSL Record protocol? 4.what are the advantages of SET protocol? 5.what is adual signature and what is its purpose?


LESSON PLAN

Unit-VII

2015-16

Regulation: R12



Unit



Explain the basic idea behind intrusion prevention systems and how they work; and

explain the basic idea behind intrusion detection

Explain the basic idea behind firewalls and how they work;

Describe how a virus can infects other programmes by modifying them.

Describe how a worm can replicate itself and send copies frim computet to

computer across networkconnections,and the worm usually performs unwated

fuctions.

Session


Time

Ref

Teaching

Method

1 Basic concepts of SNMP

50 T1

Black

Board

2 SNMPv1,

50 T1

Black

Board

3 Community facility

50 T1

Black

Board

4 and SNMPv3

50 T1

Black

Board

5 Intruders,

50 T1

Black

Board,PPT

6 Password management

50 T1

Black

Board

7 Viruses

50 T1

Black

Board,PPT

8 and related threats

50 T1 PPT

ASSIGNMENT

Unit-VII

2015-16

Regulation: R12

Assignment / Questions 1.List and briefly define three classes of intruders. 2.what is the different between statistical anomaly detection and rule-base intrusion detection? 3.How are honeyport used for network security? 4.what are the different type of viruses. 5.what is a digital immune system?


LESSON PLAN

Unit-VIII

2015-16

Regulation: R12


Subject NS Subject Code ns

Unit VIII



explain the basic idea behind firewalls and how they work;

explain the basic idea behind intrusion detection Systems.

Session


Time

Ref

Teaching

Method

1 Firewall design principles 50 T1

Black

Board

2 Firewall design principles 50 T1

Black

Board

3 Trusted Systems 50 T1

Black

Board

4 Trojan Horse Defense 50 T1

Black

Board

5 Intrusion Detection Systems.

50 T1

Black

Board,PPT

6 Intrusion Detection Systems

50 T1

Black

Board

7 Previous questions

50 T1

Black

Board,PPT

ASSIGNMENT

Unit-VIII

2015-16

Regulation: R12

Assignment / Questions 1.List three design goals for a firewall. 2.what is IP address spoofing, and how can it be prevented using firewalls? 3.what is an application-level gateway?


Date post:	11-Jun-2020
Category:	Documents
Upload:	others
View:	1 times
Download:	0 times

III B.TECH IISEMESTER 2015-16 · 2015-16 course file of network security iii b.tech iisemester b....

Documents