Network Security Syllabus
Computer Science and Engineering Department, SVNIT, Surat
B. Tech. Computer Science and Engineering – Curriculum
B. Tech. IV (CSE) Semester – VII
L T P Credit
NETWORK SECURITY (CORE ELECTIVE - 4)
CS423 3 0 0 03
Scheme
1. Course Outcomes (COs):
At the end of the course, students will be able to
CO1 gain knowledge of network and system security attacks and its prevention mechanisms.
CO2 apply different security mechanisms for given application scenario.
CO3 perform security analysis of network and system security protocols.
CO4 evaluate security protocols for different metrics like functionality, cost and efficiency.
CO5 design and integrate security protocols depending on organization’s requirement.
2. Syllabus
INTRODUCTION (04 Hours)
Introduction to Network and System Security, Security Attacks, Security Requirements,
Confidentiality, Integrity, and Availability, Security Mechanisms, NIST Security Standards,
Assets and Threat Models.
REVIEW OF CRYPTOGRAPHIC TOOLS (04 Hours)
Number Theory, Prime Numbers, Modular Arithmetic, Confidentiality with Symmetric
Encryption, Message Authentication and Hash Functions, Public-Key Encryption, Digital
Signatures and Key Management, Random and Pseudorandom Numbers.
SYSTEM SECURITY (10 Hours)
User Authentication - Means of Authentication, Password-Based Authentication, Token-Based
Authentication, Biometric Authentication, Remote User Authentication, Access Control-Access
Control Principles, Subjects, Objects, and Access Rights, Discretionary Access Control, Example:
UNIX File Access Control, Role-Based Access Control, Database Security-The Need for Database
Security, Database Access Control, Inference, Statistical Databases, Database Encryption, Cloud
Security, Malicious Software, Intruders, Denial of Service and Distributed Denial of Service
attacks, Intrusion Detection and Prevention.
SOFTWARE SECURITY AND TRUSTED SYSTEMS (12 Hours)
Buffer Overflow-Stack Overflows, Defending Against Buffer Overflows, Other Forms of
Overflow Attacks, Software Security-Software Security Issues, Handling Program Input, Writing
Safe Program Code, Interacting with the Operating System and Other Programs, Handling
Page 131 of 173
Computer Science and Engineering Department, SVNIT, Surat
B. Tech. Computer Science and Engineering – Curriculum
Program Output, Operating System Security-System Security Planning, Operating Systems
Hardening, Application Security, Security Maintenance, Linux/Unix Security, Windows Security,
Virtualization Security, Trusted Computing and Multilevel Security-The Bell-LaPadula Model for
Computer Security, Other Formal Models for Computer Security, The Concept of Trusted
Systems, Application of Multilevel Security, Trusted Computing and the Trusted Platform
Module, Common Criteria for Information Technology Security Evaluation, Assurance and
Evaluation.
NETWORK SECURITY (10 Hours)
Internet Security Protocols and Standards-Secure E-mail and S/MIME, Pretty Good Privacy
(PGP), Domain Keys Identified Mail, Secure Sockets Layer (SSL) and Transport Layer Security
(TLS), HTTPS, IPv4 and IPv6 Security, IPSec Protocol, Internet Authentication Applications-
Kerberos, X.509, Public-Key Infrastructure, Federated Identity Management, Wireless Network
Security-Wireless Security Overview, IEEE 802.11 Wireless LAN Overview, IEEE 802.11i
Wireless LAN Security, Network Management Security-SNMP Protocol.
ADVANCED TOPICS (02 Hours)
(Total Contact Time: 42 Hours)
3. Books Recommended:
1. William Stallings, Computer Security: Principles and Practice, 2/E, Pearson, 2012.
2. John Vacca, Network and System Security, 2/E, Elsevier, 2013.
3. William Stallings, Network Security Essentials: Applications and Standards, Prentice Hall, 4th edition,
2010.
4. Alfred J. Menezes, Paul C. van Oorschot and Scott A. Vanstone, Handbook of Applied Cryptography,
CRC Press, 2001.
5. William Stallings, Cryptography and Network Security, 7/E, Pearson, 2018.
