SEMESTER - V

SL. COURSE COURSE

NAME OF THE L T P C S TCH
NO CATEGORY CODE
COURSE
1 PC BCB2302 Introduction to java 3 0 0 3 0 3
programming
2 PC BCB2303 Introduction to python 3 0 0 3 0 3
programming
3 PC BCB2304 Cyber Security and SIEM 3 0 0 3 0 3
4 DE ****** E1 Elective – I 3 0 0 3 0 3
5 DE ****** E2 Elective – II 3 0 0 3 0 3
PRACTICAL
6 PC BCB2332 Java Programming laboratory 0 0 2 1 0 2
7 PC BCB2333 Python Programming 0 0 2 1 0 2
Laboratory
15 0 4 17 0 19
Total
L – Lecture ; T – Tutorial ; P – Practical ; S- Self Study; C – Credit; TCH -Total Contact
Hour

SEMESTER - VI
SL. COURSE COURS
NAME OF THE COURSE L T P C S TC
NO CATEGO E
H
RY CODE
1 PC BCB2316 Computer Graphics 3 0 0 3 0 3
2 PC BCB2317 Data Warehousing and Data Mining 3 0 0 3 0 3
3 DE ****** E3 Elective – III 3 0 0 3 0 3
4 DE ****** E4 Elective – IV 3 0 0 3 0 3
5 DE ****** E5 Elective – V 3 0 0 3 0 3
PRACTICAL
6 PC BCB2346 Project Work 0 0 8 4 0 8
15 0 8 19 0 23
Total
L – Lecture ; T – Tutorial ; P – Practical ; S- Self Study; C – Credit; TCH -Total Contact
Hour
 Specialization in Cyber Security
LIST OF ELECTIVES
COURSE COURS
TC
SEM CATEGOR E NAME OF THE COURSE L T P C S
H
Y CODE

5 DE BCC235 Principles of Computer Security 3 0 0 3 0 3

5
5 DE BCC236 Cyber Forensics 3 0 0 3 0 3
2
5 DE BCC236 Ethical Hacking and Systems 3 0 0 3 0 3
5 Defence
6 DE BCC237 Network Security 3 0 0 3 0 3
5
6 DE BCC238 Cyber Security Techniques and 2 0 2 3 0 3
5 Tools
6 DE BCC239 Secure Coding Practices 3 0 0 3 0 3
4
L– Lecture ; T – Tutorial ; P – Practical ; S- Self Study; C – Credit; TCH -Total
Contact Hour
 SEMESTER V
COURSE INTRODUCTION TO JAVA
CREDITS 3
TITLE PROGRAMMING
COURSE COURSE
BCB2302 PC L-T-P-S 3- 0- 0 -0
CODE CATEGORY
26th ACM LEARNIN
Version 1.0 Approval Details BTL-4
23-03-2019 G LEVEL
ASSESSMENT SCHEME
First Second Seminar/
Surprise
Periodical Periodical Assignments/ Attendance ESE
Test / Quiz
Assessment Assessment Project
15% 15% 10% 5% 5% 50%
The course explains about object-oriented programming concepts, overview of java
features of Java and benefits of OOPS concepts. Object-oriented programming
Course
(OOP) is at the core of Java. In fact, all Java programs are to at least some extent
Description
object-oriented. OOP is so integral to Java that it is best to understand its basic
principles before you begin writing even simple Java programs.
1. To understand the java basics
2. To design SQL language within MySQL and PHP to access and manipulate
Course databases
Objective 3. To implement java classes and objects
4. To demonstrate concepts of inheritance and implement inheritance
5. To implement interfaces and packages
Upon completion of this course, the students will be able to
1. Describe the java basics.
Course 2. Implement java control structures, arrays and strings
Outcome 3. Implement java classes and objects
4. Implement and apply the concepts of inheritance and implement inheritance
5. Implement interfaces and packages
Prerequisites: Programming skills
CO, PO AND PSO MAPPING
CO PO -1 PO-2 PO-3 PO-4 PO-5 PO-6 PSO-1 PSO-2 PSO-3
CO-1 1 1 1 2 2 2 3 2 -

CO-2 1 1 1 1 2 1 - 1 2
CO-3 1 1 1 2 2 2 1 - -
CO-4 1 2 2 2 2 2 2 2 2
CO-5 1 1 1 2 2 2 1 2 -
1: Weakly related, 2: Moderately related and 3: Strongly related
MODULE 1: INTRODUCTION TO JAVA
(9L)
Feaeri tures of java ‐ JDK Environment & tools like (java, javac, appletviewer, javadoc,
jdb) ‐ OOPs Concepts Class, Abstraction, Encapsulation, Inheritance, Polymorphism ‐
Difference between C++ and JAVA ‐ Structure of java program ‐Data types, Variables, CO-1
Operators, Keywords, Naming Convention. BTL-
Practical component: Inh tance, Polymorphism, Structure of java program ‐Data types, 3
Variables, Operators
Suggested Readings: OOPs Concepts Class
MODULE 2: CONTROL STRUCTURES, ARRAYS AND STRINGS
(9L)
Decision Making (if, switch), Looping (for, while)‐ Type Casting ‐ Array Creating an
array Types of Array ‐ One Dimensional arrays ‐ Two Dimensional array ‐ String ‐
CO-2
Arrays , Methods. ‐ StringBuffer class.
BTL-
Practical component:
4
One Dimensional and Two Dimensional array ‐ String ‐ Methods. ‐ StringBuffer class
Suggested Readings: Decision Making (if, switch), Looping(for, while)
MODULE 3: CLASSES AND OBJECTS
(9L)
Creating Classes and objects ‐ Memory allocation for objects – Constructor –Simple
CO-3
programs using classes and objects
BTL-
Practical component: Constructor –Simple programs using classes and objects.
4
Suggested Readings: Creating Classes and objects
MODULE 4: INHERITANCE
(9L)
Inheritance – introduction, types of inheritance, implementation of inheritance – uses of
extends keyword – implementation of types of inheritance‐ simple programs using
CO-4
inheritance
BTL-
Practical component: Implementation of inheritance, implementation of types of
4
inheritance
Suggested Readings: Uses of extends keyword
MODULE 5: INTERFACE AND PACKAGE
(9L)
Interfaces – introduction, Abstract classes and methods ‐ Implementation of
Polymorphism ‐ Method Overloading, Method Overriding ‐ Nested and Inner classes ‐
Packages Packages Concept Creating user defined packages ‐ Java Built in packages
java.lang, java.math, java.util, Random, Date, Hashtable , Wrapper classes. CO-5
Practical component: Method Overloading, Method Overriding ‐ Nested and Inner BTL-4
classes ‐ Packages and interfaces
Suggested Readings: Wrapper classes
LAB / MINI PROJECT/FIELD WORK
TEXT BOOKS
1 th
E Balagurusamy, (2014). Programming with JAVA , 5 edition,Tata McGraw Hill

REFERENCE BOOKS
Surbhi Kakar(2017), A Textbook of Java Programming, IK International Publishing
1
House first edition

E BOOKS
1. https://www.pdfdrive.net/java‐the‐complete‐reference‐7th‐edition‐e3625514.html
MOOC
1. https://www.coursera.org/specializations/object‐oriented‐programming

INTRODUCTION TO PYTHON
COURSE TITLE CREDITS 3
PROGRAMMING
COURSE CODE BCB2303 COURSE CATEGORY PC L-T-P-S 3- 0- 0 -0
26th ACM LEARNING
Version 1.0 Approval Details BTL-3
23-03-2019 LEVEL
ASSESSMENT SCHEME
First Second Seminar/
Surprise
Periodical Periodical Assignments/ Attendance ESE
Test / Quiz
Assessment Assessment Project
15% 15% 10% 5% 5% 50%
This course explains about the concepts of programming language, strings, lists,
Course
tuples, functions, files and directories. It starts from theoretical concepts along
Description
with syntax to understand and implement.
Course 1. To understand preliminary concepts of programming language and
Objective fundamentals
 2. To understand about strings
3. To explain about lists concepts
4. To understand the tuples and functions
5. To understand the files and directories
Upon completion of this course, the students will be able to
1. Describe the Preliminary Concepts of Programming Language & syntax and
Semantics methods
Course
2. Perform string manipulation
Outcome
3. Define the Lists concept
4. Implement the Tuples and functions
5. Implement file and Directories
Prerequisites: Programming skills
CO, PO AND PSO MAPPING
CO PO -1 PO-2 PO-3 PO-4 PO-5 PO-6 PSO-1 PSO-2 PSO-3
CO-1 1 1 1 2 2 2 3 2 2
CO-2 1 1 1 1 2 1 3 2 2
CO-3 1 1 1 2 2 2 3 2 2
CO-4 1 2 2 2 2 2 3 2 2
CO-5 1 1 1 2 2 2 3 2 2
1: Weakly related, 2: Moderately related and 3: Strongly related
MODULE 1: INTRODUCTION
(9L)
Python Introduction, History of Python, Python features, Python Installation, Python
Environment Variables, Running Python, Simple Programs, Python Identifiers,
Reserved words, Lines and Indentation, Multi line statements, Quotation in Python,
Comments in Python, Command line arguments, Assigning values to the variables, CO-1
Multiple assignment, Standard data types, Type Conversion, Operators in Python. BTL-3
Practical component: Simple Programs, Python Identifiers, Reserved words, Lines
and Indentation, Multi line statements, Quotation in Python, Comments in Python
Suggested Readings: History of Python, Python features
MODULE 2: STRINGS
(9L)
Assigning values in strings, String manipulations, String special operators, String
formatting operators. CO-2
Practical component: String special operators, String formatting operators BTL-4
Suggested Readings: Assigning values in strings
MODULE 3: LISTS
(9L)
Lists‐ Introduction, accessing values in list, List manipulations, List Operations,
Indexing, slicing & matrices. CO-3
Practical componentList manipulations, List Operations, Indexing, slicing & matrices. BTL-4
Suggested Readings: Accessing values in list:
MODULE 4: TUPLES AND FUNCTIONS
(9L)
Built –in Functions and methods, Tuples‐ introduction, accessing values, Tuple
functions, Dictionary Introduction, Accessing values, Functions
CO-4
Practical component: Accessing values, Tuple functions, Dictionary Introduction,
BTL- 4
Accessing values, Functions
Suggested Readings: Built –in Functions and methods
MODULE 5: FILES AND DIRECTORIES
(9L)
I/O function, Opening and closing files, file object attribute, manipulations of the files,
Directories in python, File and Directory related methods. CO-5
Practical component: Manipulations of the files BTL-4
Suggested Readings: I/O function
LAB / MINI PROJECT/FIELD WORK
TEXT BOOKS
1 PovelSolin, Martin Novak, (2012), Introduction to Python Programming, NCLab Public
Computing
REFERENCE BOOKS
1 John C. Lusth, (2012), An Introduction to Python , The University of Alabama
E BOOKS
1. https://users‐cs.au.dk/chili/PBI/python_tutorial_jakobfredslund.pdf
MOOC
1. https://www.coursera.org/learn/interactive‐python‐1
COURSE TITLE CYBER SECURITY AND SIEM CREDITS 3
COURSE COURSE
CODE BCB2304 CATEGORY PC L-T-P-S 3-0-0-0
LEARNING
Version 1.0 Approval Details LEVEL BTL-3
ASSESSMENT SCHEME
Second Seminar/
First Surprise
Periodical Assignments/ Attendance ESE
Periodical Test
Assessment Assessment Project / Quiz
15% 15% 10% 5% 5% 50%
A SIEM and Log Management exposes the relevance of various types of
Course
Description logs generated from different systems and also exposes the concept of
SIEM which is used for Log correlation and alerts.
1. To identify the different types of logs and log formats.
2. To make use of the Python and SHELL scripting for log analysis.
3. To acquire knowledge about SIEM Tools and apply for log
Course
analysis.
Objective
4. To acquire knowledge on log Management Policies for audits.
5. To apply the concepts of service management in Ticketing.
Upon completion of this course, the students will be able to
1. Understand the log management policies.
Course 2. Differentiate between the log formats.
Outcome 3. Understand the configuration of Syslog server
4. Understand the workflow of Ticketing.
Prerequisites:
CO, PO AND PSO MAPPING
CO PO-1 PO-2 PO-3 PO-4 PO-5 PO-6 PSO-1 PSO-2 PSO-3
CO-1 3 2 3 - 1 - 3 2 1
CO-2 3 2 3 - - - 3 2 1
CO-3 3 2 3 1 - 1 3 2 1
CO-4 3 2 3 - - - 3 1 1
CO-5 3 3 3 - - - 3 1 1
1: Weakly related, 2: Moderately related and 3: Strongly related
MODULE 1: INTRODUCTION (9L)
Concepts of Log, What Should the Logs Log? Everything - The 5 Ws (Who, CO-1
What, When, Where, and Why) - Unix Logs – Windows Logs - Windows BTL-3
Event ID - Events and Event Lifecycle - Linux Logs - Types of logs -
Security logs - Application logs – System Logs
Practical component:Run an application on Linux to see the Linux logs.
Export log to text files. Script for searching logs.
Suggested Readings: Syslog help documents.

MODULE 2: LOG FORMATS (9L)

Log files – Log formats – CLF - Application specific Log Formats – Apache
Logs Format – IIS Log Format – JSON Log Format – Log 4J Format - Mail logs
Format – Mail Error Code – HTTP Error Code - Firewall Logs Format– vendor
Specific Logs Format. CO-2
Practical component: Import Apache logs to Excel and summarize. Identify the BTL-3
HTTP error.
Suggested Readings: HTTP error code, mail error code.
MODULE 3: MANAGING LOG FILES (9L)
Log tools – SYSLOG – Python Scripting - SHELL Scripting - Open-source Log
analyzers - Log File Conversion Log Rotation and Archival - Determining an
Archiving Methodology -Separating Logs, Security Controls - Log Management
Policies Case Studies. CO-3
Practical component: Write a log management policy for log management. BTL-3
Suggested Readings: Shell scripting.
MODULE 4: LOG COLLECTION ( 9L)
Event Correlation - Event Normalization, Correlation Rules - Rule Engine - Rule
Management - Log Collection - Push Log, Pull Log Collection - Prebuilt Log
Collection - Custom Log - Parsing/Normalization of Logs - Correlation Engine -
CO-4
SIEM Tools Demonstration- Reports Generation.
BTL-3
Practical component: Run SIEM Tool.
Suggested Readings : Regular Expressions.
MODULE 5: SERVICE DELIVERY (9L)
Introduction and Key concepts of service management -Four dimensions of
service management – Ticketing System - ITIL Service value system - Principles
- Service Value chain Practices - Case Studies. CO-5
Practical component: Ticketing workflow. BTL-3
Suggested Readings: ITIL V4
TEXT BOOKS
1 ITIL 4: Acquiring and Managing Cloud Services, AXELOS, 2021.
2 ITIL 4: Create, Deliver and Support, AXELOS, 2021.
3 Robert Johnston, Michael Shulver, Nigel Slack and Graham Clark(2021), Service
Operations Management – Pearson 5th Edition. (2021).
4 Betsy Page Sigman and Erickson Delgado (2016), Splunk Essentials 2nd Edition.
REFERENCE BOOKS
1 Don Murdoch (2019).Blue Team Handbook: SOC, SIEM, and Threat Hunting Use
Cases
2 Phillip Q. Maier (2006).Audit and Trace Log Management Consolidation and
Analysis
 COURSE JAVA PROGRAMMING
CREDITS 1
TITLE LABORATORY
COURSE
COURSE CODE BCB2332 PC L-T-P-C-S 0-0-2-0
CATEGORY
26th ACM LEARNING
Version 1.0 Approval Details BTL-4
23-03-2019 LEVEL
ASSESSMENT SCHEME
CIA ESE
80% 20%
This course will cover the fundamentals of java, features of Java programming,
Course
classes and objects, overloading, overriding, inheritance and its types of
Description
inheritance, interfaces, packages, arrays and control structures
1. To have a better understanding of classes and objects.
2. To learn and implement the classes and objects.
Course 3. To learn and implement the overloading and overriding
Objective 4. To learn and implement the inheritances and its types, inython pterfaces and
packages
5. To learn and implement the arrays and control structures
Upon completion of this course, the students will be able to
1. Apply classes and objects
Course 2. Implement overloading and overriding methods
Outcome 3. Define inheritance
4. Design interfaces and packages
5. Evaluate and perform arrays and control structures
Prerequisites: Basic Programming
CO, PO AND PSO MAPPING
CO PO -1 PO-2 PO-3 PO-4 PO-5 PO-6 PSO-1 PSO-2 PSO-3
CO-1 1 1 1 2 2 2 3 2 1
CO-2 1 1 1 1 2 1 3 2 1
CO-3 1 1 1 2 2 2 3 2 1
CO-4 1 2 2 2 2 2 3 2 1
CO-5 1 1 1 2 2 2 3 2 1
1: Weakly related, 2: Moderately related and 3: Strongly related
LAB / MINI PROJECT/FIELD WORK
 1. Implementation of Classes and Objects
2. Write a java program to implement the constructor with its types
3. Write a java program to implement the overloading and overriding
4. Write a java program to implement the inheritance with its types
5. Write a java program to implement the Strings with its functions
6. Write a java program to implement the Arrays
7. Write a java program to implement the Control structures
8. Write a java program to implement the abstract classes
9. Write a java program to implement the Interfaces
10. Write a java program to implement the Packages
TEXT BOOKS
1 E Balagurusamy, (2014). Programming with JAVA , 5th edition,Tata McGraw Hill
REFERENCE BOOKS
1 Surbhi Kakar(2017), A Textbook of Java Programming, IK International Publishing
House,first edition
E BOOKS
1. https://www.pdfdrive.net/java‐the‐complete‐reference‐7th‐edition‐e3625514.html
MOOC
1. https://www.coursera.org/specializations/object‐oriented‐programming
 COURSE PYTHON PROGRAMMING LABORATORY CREDIT
1
TITLE S
COURSE COURSE
BCB2333 PC L-T-P-S 0-0-2-0
CODE CATEGORY
Versio
1.0 Approval Details LEARNING LEVEL BTL-4
n
ASSESSMENT SCHEME
CIA ESE
80% 20%
The purpose of this course is to introduce to students to code fundamentals of
Course
python using Strings, tuples, files, directories and to implement the concepts
Description
related to security.
1. To understand preliminary concepts of programming language and
fundamentals
Course 2. To understand about strings
Objective 3. To have better understanding on tuples.
4. To learn and implement files and directories.
5. To implement security related concepts
Upon completion of this course, the students will be able to
1. Describe the Preliminary Concepts of Programming Language & syntax and
Course Semantics methods
Outcome 2. Apply and understand the Strings
3. Apply tuples.
4. Explain and work with directories.
5. Explain security using python scripts.
CO, PO AND PSO MAPPING
CO PO -1 PO-2 PO-3 PO-4 PO-5 PO-6 PSO-1 PSO-2 PSO-3
CO-1 1 1 1 2 2 2 3 - 1
CO-2 1 1 1 1 2 1 1 2 1
CO-3 1 1 1 2 2 2 2 - 2
CO-4 1 2 2 2 2 2 2 2 -
CO-5 1 1 1 2 2 2 3 - 1
1: Weakly related, 2: Moderately related and 3: Strongly related
LAB / MINI PROJECT/FIELD WORK
1. Write a python program to implement Data Types, Operators and Expressions.
2. Write a python program to implement Conditional and Control Statements.
3. Write a python program to implement Functions.
4. Write a python program using List.
5. Write a python program using Files.
6. Write a python program to analyse the Apache access log and error log.
7. Write a python program for Buffer overflow Exploitation.
8. Write a python program to transfer file from client/server.
9. Write a python program script to hack ciphers.
10. Write a python program to perform port scan.
TEXT BOOKS
1 PovelSolin, Martin Novak(2012), Introduction to Python Programming
REFERENCE BOOKS
1 John C. Lusth(2011), An Introduction to Python
E BOOKS
1. https://users‐cs.au.dk/chili/PBI/python_tutorial_jakobfredslund.pdf
MOOC
1. https://www.coursera.org/learn/interactive‐python‐1
 SEMESTER VI
COURSE
COMPUTER GRAPHICS CREDITS 3
TITLE
COURSE COURSE L-T-P-S 3- 0- 0 -0
BCB2316
CODE CATEGORY PC
26th ACM LEARNIN
Version 1.0 Approval Details BTL-4
23-03-2019 G LEVEL
ASSESSMENT SCHEME
First Second Seminar/
Surprise Test /
Periodical Periodical Assignments/ Attendance ESE
Quiz
Assessment Assessment Project
15% 15% 10% 5% 5% 50%
The objective of this course is to familiarize students with fundamental
algorithms and data structures that are used in today’s interactive graphics
Course systems as well as programming and architecture of high-resolution graphics
Description computers. The principles and practise of computer graphics are described from
their mathematical foundations to the modern applications domains of scientific
visualisation, virtual reality, computer games and film animation.
1. To introduce to the students the concepts of computer graphics.
2. To provide an interactive computer graphics, two-dimensional system and
Course
mapping.
Objective
3. To discuss the important drawing algorithm, two-dimensional transformation
Clipping and filling.
Upon completion of this course, the students will be able to
1. Describe the fundamentals of Graphics system, display devices and
techniques.
2. Implement various algorithms to scan, convert the basic geometrical
Course
primitive’s area filling.
Outcome
3. Create and manage the transmission of Two-Dimensional Multimedia
4. Analyze about the Three-Dimensional transformations
5. Apply the various surface detection methods to simulate the user visibility in
different applications.
Prerequisites: Programming skills in C.
CO, PO AND PSO MAPPING
CO PO -1 PO-2 PO-3 PO-4 PO-5 PO-6 PSO-1 PSO-2 PSO-3
CO-1 3 1 1 1 - 1 3 2 1
CO-2 - 2 3 - - - 2 1 1
 CO-3 3 - 2 1 1 - 3 2 2
CO-4 1 2 3 - - 2 3 - 1
CO-5 3 3 2 1 - - - 2 1
1: Weakly related, 2: Moderately related and 3: Strongly related
MODULE 1 – OVERVIEW OF COMPUTER GRAPHICS SYSTEM
(9L)
Over View of Computer Graphics System – Video display devices – Raster Scan
and random scan system – Input devices – Hard copy devices. CO-1
Practical component: Study of Fundamental Graphics Functions. BTL-2
Suggested Readings: Fundamentals of Graphics system, display devices
MODULE 2 – OUTPUT PRIMITIVES AND ATTRIBUTES
(9L)
Drawing line, circle and ellipse generating algorithms – Scan line algorithm –
Character generation –attributes of lines, curves and characters – Antialiasing.
CO-2
Practical component: Implementation of Line drawing algorithms: DDA Algorithm,
BTL-2
Bresenham's Algorithm. Mid-Point Algorithm.
Suggested Readings: Basic Geometric Shape generating algorithm and its attributes.
MODULE 3 – TWO DIMENSIONAL GRAPHICS TRANSFORMATIONS AND
VIEWING (9L)
Two‐dimensional Geometric Transformations – Windowing and Clipping – Clipping
of lines and clipping of polygons.
CO-3
Practical component: Implementation of 2D Transformation and Clipping
BTL-3
Techniques.
Suggested Readings: Two Dimensional Transformation, Clipping Techniques.
MODULE 4 – THREE DIMENSIONAL GRAPHICS AND VIEWING
(9L)
Three‐dimensional concepts – Object representations‐ Polygon table, Quadric
surfaces, Splines Bezier curves and surfaces – Geometric and Modelling
CO-4
transformations – Viewing ‐ Parallel and perspective projections.
BTL-3
Practical component: Implementation of 3D Transformation.
Suggested Readings: Three Dimensional Transformation, Projection Techniques.
MODULE 5 – REMOVAL OF HIDDEN SURFACES
(9L)
Visible Surface Detection Methods – Classification- Computer Animation-- Creating
interactive multimedia – Multimedia Authoring Systems.
Practical component: To Perform different operations (rotation, scaling move etc..) CO-5
on objects BTL-3
Suggested Readings: Visible Surface Detection Methods - Computer Animation.
TEXT BOOKS
1 Hearn, D. and Pauline Baker(2002) ,M., Computer Graphics (C‐Version), 2nd
Edition, Pearson Education.
REFERENCE BOOKS
1 Neuman, W.M., and Sproull , R.F., Principles of Interactive Computer Graphics, 2nd
Edition, McGraw Hill Book Co.
E BOOKS
1 http://www.freebookcentre.net/CompuScience/Free‐Computer‐Graphics‐Books‐
Download.html
MOOC
1 https://www.mooc‐list.com/tags/computer‐graphics
 COURSE TITLE DATA WAREHOUSING AND DATA MINING CREDITS 3
COURSE CODE BCB2317 COURSE CATEGORY PC L-T-P-S 3-0-0-0
26th ACM LEARNING
Version 1.0 Approval Details BTL-3
23-03-2019 LEVEL
ASSESSMENT SCHEME
First Second Seminar/
Surprise
Periodical Periodical Assignments/ Attendance ESE
Test / Quiz
Assessment Assessment Project
15% 15% 10% 5% 5% 50%
This course focus on issues relating to the feasibility, usefulness,
effectiveness, and scalability of techniques for the discovery of patterns
Course
hidden in large data sets. This course presents an overall picture of the
Description
field, introducing interesting data mining techniques and systems and
discussing applications and research directions
1. To understand the basic concepts, modeling, design
architectures, and general implementations of data warehouses
2. To apply methods for data cleaning, data integration, data
reduction, data transformation, and data discretization
Course 3. To mine frequent patterns, associations, and correlations in
Objective large data sets
4. To understand the basic concepts and methods for
classification.
5. To discuss the basic concepts and methods for data
clustering,
Upon completion of this course, the students will be able to
1. Compare data warehouse architecture and operational
databases.
Course
2. Illustrate Data preprocessing methods for data mining.
Outcome
3. Construct Association rules for Data mining.
4. Solve Classification and clustering methods.
5. Describe recent trends in data mining
Prerequisites: Database Management Systems
CO, PO AND PSO MAPPING
CO PO -1 PO-2 PO-3 PO-4 PO-5 PO-6 PSO-1 PSO-2 PSO-3
CO-1 - 3 2 - - 2 2 1 -
CO-2 3 1 - 1 - 2 - 2 -
CO-3 2 3 3 - 2 - 1 - 3
CO-4 3 1 2 - - 2 3 3 -
CO-5 - - - 3 3 - 3 - 3
1: Weakly related, 2: Moderately related and 3: Strongly related
MODULE 1: INTRODUCTION AND DATA WAREHOUSING (9L)
Introduction, Data Warehouse, Multidimensional Data Model, Data Warehouse
Architecture, Implementation, Further Development, Data Warehousing to Data
Mining CO-1
Suggested Readings: Operational Databases BTL-
2
MODULE 2: DATA PREPROCESSING, LANGUAGE, ARCHITECTURES (9L)
Why Preprocessing, Cleaning, Integration, Transformation, Reduction,
CO-2
Discretization, Concept - Hierarchy Generation, Data Mining Primitives, Query
BTL-
Language, Graphical User Interfaces, Architectures
3
Suggested Readings: Data Objects and Attribute types
MODULE 3: ASSOCIATION RULES
(9L
Association Rule Mining, Single‐Dimensional Boolean Association Rules from
CO-3
Transactional Databases.
BTL-3
Suggested Readings: Pattern Mining
MODULE 4 : CLASSIFICATION AND CLUSTERING
(9L)
Classification and Prediction, Issues, Decision Tree Induction, Bayesian
Classification, Cluster Analysis, Types of data, Categorization of methods, CO-4
Partitioning methods, Outlier Analysis. BTL-3
Suggested Readings: Model Evaluation and Selection, Evaluation of Clustering
MODULE 5: RECENT TRENDS (9L)
Web Mining – Text Mining – Spatial Mining –Applications of Data Mining CO-5
Suggested Readings: Data mining Applications BTL-3
TEXT BOOKS
J. Han, M. Kamber(2011), “Data Mining: Concepts and Techniques”, Harcourt India /
1.
Morgan Kauffman
2 Margaret H.Dunham(2002), “Data Mining: Introductory and Advanced Topics”,
Pearson Education
REFERENCE BOOKS
Alex Bezon, Stephen J.Smith(2001), “Data Warehousing, Data Mining & OLAP”,
1.
McGraw‐ Hill
E BOOKS
1. http://charuaggarwal.net/Data-Mining.pdf
MOOC
1. https://nptel.ac.in/courses/106105174/
 COURSE
PROJECT WORK CREDITS 4
TITLE
COURSE COURSE
BCB2346 PC L-T-P-S 0-0-8-0
CODE CATEGORY
VERSIO 26th ACM LEARNING
1.0 APPROVAL DETAILS 23-03-2019 BTL-4
N LEVEL
ASSESSMENT SCHEME
CIA ESE
50% 50%
This course will be conducted as an individual or small group project under the
Course
direct supervision of a academic staff. The specific project topic undertaken will
Description
reflect the common interests and expertise of the student(s) and guide
1. To perform a literature review
2. To study the detailed technical work
3. To develop a solution for the problem and develop an application by using
Course
relevant computer application concepts
Objective
4. To produce progress reports or maintain a professional journal to establish
work completed and deliver a seminar on the general area
5. To present the work in a forum involving poster presentations
Upon successful completion of the course students will be able to:
1. Demonstrate a sound technical knowledge of their selected project topic.
2. Identify, formulate a solution for a problem.
Course
3. Construct engineering solutions to complex problems utilising a systems
Outcome
approach.
4. Demonstrate the project
5. Analyse and publish the work
Prerequisites: Software Engineering , Programming Skills
CO, PO AND PSO MAPPING
CO PO -1 PO-2 PO-3 PO-4 PO-5 PO-6 PSO-1 PSO-2 PSO-3
CO1 2 1 3 1 - - - 1 2
CO2 1 1 3 1 - - - 2 2
CO3 1 2 3 2 2 - 2 3 3
CO4 1 3 3 2 2 2 2 3 3
CO5 2 3 3 3 2 2 3 3 3
1: Weakly related, 2: Moderately related and 3: Strongly related
Mini Project
Design and develop practical solutions to real life problems related to needs of the society. The
theoretical knowledge gained from the subject should be applied to develop effective solutions to
various computing problems. Submit a complete report of the project work carried out.
 COURSE TITLE CYBER FORENSICS CREDITS 3
COURSE CODE BCC2362 COURSE CATEGORY DE L-T-P-S 3-0-0-0
26th ACM LEARNING
Version 1.0 Approval Details BTL-3
23-03-2019 LEVEL
ASSESSMENT SCHEME
First Second Seminar/
Surprise Attendanc
Periodical Periodical Assignments/ ESE
Test / Quiz e
Assessment Assessment Project
15% 15% 10% 5% 5% 50%
This course provides a solid foundation by introducing digital forensics to
those who are new to the field. It guides the student toward becoming a
skilled cyber forensics investigator. It introduces the history of digital
Course
forensics and explains how the use of electronic evidence developed. It
Description
explores current digital forensics software and hardware tools, including
those that might not be readily available, and evaluates their strengths and
weaknesses.
1. To illustrate the history of digital forensics and explains how
the use of electronic evidence developed
2. To prepare to acquire data from a suspect’s drive and
discusses available Linux and GUI acquisition tools.
Course
3. To explain search warrants and the nature of a typical digital
Objective
forensics case.
4. To explore current digital forensics software and hardware
tools,
5. To understand recent trends in cyber forensics.
Upon completion of this course, the students will be able to
1. Describe the basic concepts the various ideas about
cybercrime.
2. Identify the international and national cybercrime strategy.
Course 3. Formulate and design the procedures for searching and
Outcome seizing evidence.
4. Evaluate the strengths and weaknesses of cyber forensics
tools.
5. Recognize the features of Cyber Forensics to apply in real time
scenarios.
Prerequisites: BCC2355 – Principles of Cyber Security
CO, PO AND PSO MAPPING
PO- PO-
CO PO -1 PO-2 PO-3 PO-4 PSO-1 PSO-2 PSO-3
5 6
CO-1 - 2 2 1 3 - 2 3 -
CO-2 3 2 3 - - 1 3 - -
CO-3 - - 2 1 3 - - 2 1
CO-4 3 3 3 1 2 1 3 3 1
CO-5 3 3 - 1 3 - 3 2 1
1: Weakly related, 2: Moderately related and 3: Strongly related
MODULE 1: UNDERSTANDING THE THREAT FROM CYBER CRIME
(9L)
Introduction Cyber Threat – Definition of Cyber Crime – Classification – Current
Threats and Trends – Diversity of Cyber Crime – Cyber Hate Crimes – Cyber CO-1
Terrorism. BTL-2
Suggested Readings: Evolution of cyber security
MODULE 2: RESPONDING TO CYBER CRIME (9L)
Cyber Strategy – National Security Strategy – Cyber Security Strategy – Organized
Crime Strategy –Cyber Crime Strategy ‐ Policy Cyber Crime – International
Response – National Cyber Security Structure – Strategic Policy Requirements –
Police and Crime Commissioners. CO-2
Practical component: Write a one-page summary of the licensing requirements BTL-2
in the region you selected.
Suggested Readings: Advances in Cyber Security: Principles, Techniques, and
Applications
MODULE 3: INVESTIGATING CYBER CRIME
(9L)
Preventing Cyber Crime – Password Protection – Get Safe Online – Cyber Security
Guidance for Business ‐ Cyber Crime Investigation Skills – Criminal Investigation –
Code of Ethics – Evidence – Hi‐Tech Investigations – Capturing and Analyzing
CO-3
Digital Evidence.
BTL-3
Practical component: Analyze different password manages available and it’s
features.
Suggested Readings: Best practices for Cyber security standards
MODULE 4: DIGITAL FORENSICS (9L)
Introduction to Digital Forensics ‐ Forensic Software and Hardware ‐ Analysis and
Advanced Tools ‐ Forensic Technology and Practices ‐ Forensic Ballistics and
Photography ‐ Face, Iris and Fingerprint Recognition ‐ Audio Video Analysis ‐
CO-4
Windows System Forensics ‐ Linux System Forensics ‐ Network Forensics.
BTL-3
Practical component: Create a chart outlining each tool’s current capabilities,
and write a one- to two-page report on the features you found most beneficial.
Suggested Readings: OS Forensics tool
MODULE 5 : CASE STUDY
(9L)
Latest Study Topics on Cyber Crime and Investigations ‐ Recent Cyber Crime Cases
– Recent Digital Forensics Cases – Bridging the Gaps in Cyber Crime Investigations
between the cyber security stake holders. CO-5
Practical component: Investigate a recent cybercrime case and write a detailed BTL-3
report.
Suggested Readings: Next-generation digital forensics
TEXT BOOKS
 Thomas Halt, Adam M. Bossler and Kathryn C.Seigfried Spellar(2017), “Cybercrime and
1.
Digital Forensics: An Introduction”, Routledge Taylor and Francis Group
REFERENCE BOOKS
William, Stallings. (2018). Effective Cyber security: A Guide to Using Best Practices
1
and Standards, Addison - Wesley Professional Publishers, 1st Edition.
E BOOKS
1. http://www.uou.ac.in/sites/default/files/slm/Introduction-cyber-security.pdf
MOOC
1. https://www.edx.org/course/cybersecurity-fundamentals
2. https://www.coursera.org/specializations/cyber-security
 ETHICAL HACKING AND SYSTEMS CREDITS 3
COURSE TITLE
DEFENSE
COURSE COURSE
BCC2365 DE L-T-P-S 3-0-0-0
CODE CATEGORY
26th ACM LEARNIN
Version 1.0 Approval Details BTL-3
23-03-2019 G LEVEL
ASSESSMENT SCHEME
First Second Seminar/
Surprise
Periodical Periodical Assignments/ Attendance ESE
Test / Quiz
Assessment Assessment Project
15% 15% 10% 5% 5% 50%
Ethical hacking involves an authorized attempt to gain unauthorized access
Course to a computer system, application, or data. ... Also known as “white hats,”
Description ethical hackers are security experts that perform these assessments. The
proactive work they do helps to improve an organization's security posture.
1. To identify, formulate, and solve complex engineering problems by
applying principles
2. To function effectively on a team whose members together provide
leadership, create a collaborative and inclusive environment,
Course 3. To apply engineering design to produce solutions that meet specified
Objective needs
4. To develop and conduct appropriate experimentation, analyze and
interpret data.
5. To acquire and apply new knowledge as needed, using appropriate
learning strategies.
Upon completion of the course, the students will be able
1. Describe the concepts of ethical hacking
Course 2. Describe the concepts of System hacking
Outcome 3. Perform TCP/IP and Port scanning
4. Identify desktop and server OS vulnerabilities
5. Describe network protection systems
Prerequisites: Operating System
CO, PO AND PSO MAPPING
CO PO -1 PO-2 PO-3 PO-4 PO-5 PO-6 PSO-1 PSO-2 PSO-3
CO-1 3 2 2 2 1 - 3 2 1
CO-2 3 2 2 2 - - 3 2 1
CO-3 3 2 2 2 - 1 3 2 1
CO-4 3 2 2 2 - - 3 2 1
CO-5 3 2 2 2 - - 3 2 1
1: Weakly related, 2: Moderately related and 3: Strongly related
MODULE 1: TCP/IP OVERVIEW CONCEPTS AND PORT SCANNING (9L)
Overview of TCP/IP-IP addressing-numbering systems- Introduction to port
scanning-types of port scan-port scanning tools-ping sweeps- Understanding
scripting - Enumeration.
CO-1
Practical component:
BTL-3
Identifying vulnerabilities in OS
Suggested Readings:
Scanning tools
MODULE 2: VULNERABILITY PROGRAM
Risk and risk management – Security industry and challenges – sources of
vulnerability – Vulnerability Management Program – Program Structure –
Operational Roles – Contributing Roles – Policies.
CO-2
Practical component:
BTL-3
Design a vulnerability component structure or program with roles.
Suggested Readings:
Policies and Procedures
MODULE 3: VULNERABILITY STANDARD (9L)
Vulnerability Standards – CVE – Structure – Limitations – Vulnerability Rating –
CVSS Nomenclature – NVD – CPE – SCAP – Technology – Active scanning –
Passive scanning – Agents – Baseline – ITSM Process – Execution and Reporting
– Principles of Mitigation – Overview of Cloud Vulnerability. CO-3
Practical component: BTL-3
Perform scan and generate report
Suggested Readings:
CVE, CVSS and principles
MODULE 4: DESKTOP AND SERVER OS VULNERABILITIES
(9L)
Windows OS vulnerabilities-tools for identifying vulnerabilities in windows-
Linux OS vulnerabilities-vulnerabilities of embedded OS.
CO-4
Practical component:
BTL-3
Various OS and Vulnerabilities
Suggested Readings: Embedded OS
MODULE 5: NETWORK PROTECTION SYSTEMS
(9L)

Understanding routers-understanding firewalls-risk analysis tools CO-5

 understanding intrusion and detection and prevention systems-honeypots.
Practical component:
Routers and Firewall BTL-3
Suggested Readings: Intrusion and Detection
TEXT BOOKS
1 Michael T. Simpson, Kent Backman, James Corley(2016) “Hands‐On Ethical
Hacking and Network Defense” Delmar Cengage Learning; 2nd edition
2 Steven DeFino, Barry Kaufman, Nick Valenteen (2015 )“Official Certified Ethical
Hacker Review Guide” Wiley publisher

3 Ethical Hacking Techniques and Countermeasures for cybercrime prevention, Nabie Y

Conteh, 2021

REFERENCE BOOKS
1 Patrick Engebretson(2011), The Basics of Hacking and Penetration Testing: Ethical
Hacking and Penetration Testing Made Easy , Syngress Basics Series
E BOOKS
1 https://www.nationalcyberwatch.org/resource/ethical-hacking-systems-defense-
national-cyberwatch-center-edition/
MOOC
1. https://www.coursera.org/courses?query=ethical%20hacking
COURSE TITLE NETWORK SECURITY CREDITS 3
COURSE
COURSE CODE BCC2375 DE L-T-P-S 3-0-0-0
CATEGORY
26th ACM LEARNIN
Version 1.0 Approval Details BTL-3
23-03-2019 G LEVEL
ASSESSMENT SCHEME
First Second Seminar/
Surprise
Periodical Periodical Assignments/ Attendance ESE
Test / Quiz
Assessment Assessment Project
15% 15% 10% 5% 5% 50%
Network security is a broad term that covers a multitude of technologies, devices
Course and processes. The goal of this course is to set of rules and configurations
Description designed to protect the integrity. Students will learn the network architecture is
complex and is faced with a threat environment.
1. To understand the concept of network security management.
2. To understand the concept of network security tools.
Course
3. To understand the concept of threat environment
Objective
4. To exploit vulnerabilities.
5. To understand confidentiality and accessibility of computer networks
Upon completion of this course, the students will be able to
1. Describe the Basic concepts of Network Security
Course 2. Identify the attacks on WWW
Outcome 3. Describe the Internet Security Protocols
4. Identify and explore the authentication mechanisms over internet
5. Describe wireless security.
Prerequisites: Basics of Cyber Security
CO, PO AND PSO MAPPING
CO PO -1 PO-2 PO-3 PO-4 PO-5 PO-6 PSO -1 PSO-2 PSO-3
CO-1 3 2 2 1 1 1 3 2 1
CO-2 2 - 2 1 - 1 3 - 1
CO-3 1 2 2 - 1 - - 2 -
CO-4 3 2 - 1 1 - 3 2 1
CO-5 3 2 2 1 - 1 3 2 -
1: Weakly related, 2: Moderately related and 3: Strongly related
MODULE 1: INTRODUCTION TO CYBER SECURITY
(9L)
Introduction to Cyber Security, Need for security, Concept of Cyber Space, Cyber
Crimes and Cyber-attack. Fundamental security principles – threats, attacks and
CO-1
vulnerability. Key Security triad – Confidentiality, Integrity and Availability.
BTL-2
Practical component: Detection of various cyber-attacks using Wireshark.
Suggested Readings: Evolution of cyber security
MODULE 2: SECURITY ATTACKS, PRINCIPLES AND MANAGEMENT
(9L)
Introduction to different classes of security attacks - active and passive. Impact of
attacks on an organization and individuals. Principles of Cybersecurity - Apply
cybersecurity architecture principles. Cybersecurity models (the CIA triad, the star
CO-2
model, the Parkerian hexad).
BTL-2
Practical component: Packet sniffing using Wireshark.
Suggested Readings: Advances in Cyber Security: Principles, Techniques, and
Applications
MODULE 3: SECURITY PLANS, POLICIES AND PROCEDURES
(9L)
Defining a Cyber Security policy, General security expectations, roles and
responsibilities in the organization – Stakeholders.
CO-3
Practical component:
BTL-3
Managing securing policies using tcpdump, dumpcap using Wireshark.
Suggested Readings: Best practices for Cyber security standards
MODULE 4: OVERVIEW OF SECURITY COUNTERMEASURE TOOLS
(9L)
Introduction to key security tools including firewalls, anti-virus and cryptography –
Identify security tools and hardening techniques – Prevention of cyber-attacks. Security
CO-4
Countermeasure tools and techniques - Encryption standards.
BTL-2
Practical component: Security analysis and reporting using Wireshark.
Suggested Readings: Cyber-attacks, countermeasures and protection schemes
MODULE 5: TESTING, DIGITAL FORENSICS AND NEXT GENERATION SECURITY
(9L)
Cyber security testing – Penetration testing. System Level Solutions - Intrusion
Detection System (IDS) and Intrusion Protection System (IPS). Basic Concept of
Ethical Hacking. Protecting against Cyber Crime – Identity Theft, Cyber Stalking and CO-5
Investment fraud. BTL-2
Practical component: PenTest (Penetration Testing) using Wireshark.
Suggested Readings: Next-generation digital forensics
TEXT BOOKS
 William Stallings, (2016)“Principle of Computer Security”, McGraw Hill Education, Fourth
1.
Edition
REFERENCE BOOKS
William, Stallings. (2018). Effective Cyber security: A Guide to Using Best Practices and
1
Standards, Addison - Wesley Professional Publishers, 1st Edition.
E BOOKS
1. https://bookauthority.org/books/best-network-security-ebooks
MOOC
1. https://www.coursera.org/specializations/computer-security-systems-management

2. https://www.coursera.org/specializations/computer-network-security
 CYBER SECURITY TECHNIQUES AND
COURSE TITLE CREDITS 3
TOOLS
COURSE D L-T-P-S 2-0-2-0
COURSE CODE BCC2385
CATEGORY E
26th ACM LEARNIN
Version 1.0 Approval Details BTL-4
23-03-2019 G LEVEL
ASSESSMENT SCHEME
Second Seminar/
First Periodical Surprise
Periodical Assignments/ Attendance ESE
Assessment Test / Quiz
Assessment Project
15% 15% 10% 5% 5% 50%
This course gives you the background needed to understand basic
Cybersecurity. You will learn the history of Cybersecurity, types and
motives of cyber-attacks to further your knowledge of current threats to
Course
organizations and individuals. Key terminology, basic system concepts and
Description
tools will be examined as an introduction to the Cybersecurity field. You will
learn about critical thinking and its importance to anyone looking to pursue a
career in Cybersecurity.
1. Assess the current security landscape, including the nature of the threat,
the general status of common vulnerabilities, and the likely
consequences of security failures;
Course 2. Assess how all domains of security interact to achieve effective system-
Objective wide security at the enterprise level.
3. Appraise the interrelationships among elements that comprise a modern
security system, including hardware, software, policies, and people;
Compare and contrast logical and physical security;
Upon completion of this course, the students will be able to
1. Outline the Cyber Issues in Real World.
2. Describe the Installation of VMware and can Inspect Kali Linux
Course
3. Evaluate the trends and patterns that will determine the future state of
Outcome
cybersecurity.
4. Describe the Metasploit framework for hacking
5. Assess the security in mobile devices
Prerequisites: Introduction to Cyber Security
CO, PO AND PSO MAPPING
CO PO -1 PO-2 PO-3 PO-4 PO-5 PO-6 PSO-1 PSO-2 PSO-3
CO-1 3 2 - - 1 - 2 - 2
CO-2 - 3 2 - - - 2 - 2
CO-3 - 2 3 1 - 1 1 - -
CO-4 2 2 1 - - - 1 - 2
CO-5 - 2 2 1 - 1 1 1 3
1: Weakly related, 2: Moderately related and 3: Strongly related
MODULE 1 – CYBER ISSUES
( 6L+6P)
Window Password Hacking and Cracking – Steganography - Data frauds - data
diddling - scavenging - data theft - data leakage – squatting - Id theft - Password theft
– key logger - Job Racketing - Marketing and Advertisement Rackets - Nigerian
CO-1
frauds- pay per click scams – web defacement - ATM frauds - IP spoofing - email & ip
BTL-3
address – Software piracy - software license - commercial piracy.
Practical Component: Implementation of Steganography
Suggested Readings: Steganography
MODULE 2 – VIRTUAL LAB SET UP
( 6L+6P)
Installing VMware -Setting Up Kali Linux - Target Virtual Machines - Creating the
Windows XP Target - Setting Up the Ubuntu 8.10 Target - Creating the Windows 7
CO-2
Target.
BTL-3
Practical Component: Implementation of Symmetric and Asymmetric cryptography.
Suggested Readings: VMware, Kali Linux
MODULE 3 – KALI LINUX
( 6L+6P)
Linux Command Line - The Linux Filesystem - User Privileges - File Permissions -
Editing Files- Data Manipulation - Managing Installed Packages - Processes and
Services - Managing Networking - Netcat: The Swiss Army Knife of TCP/IP
CO-3
Connections - Automating Tasks.
BTL-3
Practical Component: Implementation of Windows security using firewall and other
tools
Suggested Readings: The Linux Filesystem, Netcat
MODULE 4– METASPLOIT FRAMEWORK
( 6L+6P)
Starting Metasploit - Finding Metasploit Modules - Setting Module Options - Payloads
- Types of Shells - Setting a Payload Manually - Msfcli - Creating Standalone Payloads
CO-4
with Msfvenom - Using an Auxiliary Module.
BTL-3
Practical Component: Implementation to identify web vulnerabilities
Suggested Readings: Metasploit, Msfcli
MODULE 5– MOBILE HACKING
( 6L+6P)
Mobile Attack Vectors - The Smartphone Pentest Framework - Remote Attacks -
Client-Side Attacks - Malicious Apps - Mobile Post Exploitation CO-5
Practical Component: Implementation of Mobile Audit and generate the report of the BTL-3
existing Artiacts Suggested Readings: Pentest Framework
TEXT BOOKS
1. Gautam Kumawat(2017), Ethical Hacking & Cyber Security Course: A Complete
Package, Udemy Course (First Unit)
2. Georgia Weidman(2014) , Penetration testing A Hands- On Introduction to Hacking,
no starch press II-V unit)
REFERENCE BOOKS
1. Charles P. Pfleeger Shari Lawrence Pfleeger Jonathan Margulies (2015), Security in
Computing, 5th Edition , Pearson Education .
E BOOKS
1 https://www.newhorizons.com/promotions/cybersecurity-ebooks
MOOC
1 https://www.udemy.com/course/hands-on-penetration-testing-labs-30/

COURSE
SECURE CODING PRACTICES CREDITS 3
TITLE

L-T-P-
COURSE CODE DE 3-0-0-0
S
LEAR
26th ACM NING
Version BTL-3
23-03-2019 LEVE
L
ASSESSMENT SCHEME
First Periodical Surprise Test Attend
ESE
Assessment / Quiz ance
15% 5% 5% 50%
The course gives the insights of coding practices to ensure any
Course Description software developed has checks and system in place that helps
strengthen the software and get rid of any security issues like
vulnerabilities.
Course Objective 1. To understand the basic concepts of programming errors
2. To identify and analyze the security problems
 3. To understand and correct and incorrect use of formatted output
functions
4. To understand the common vulnerabilities
5. To recommend the specific development practices
Upon completion of this course, the students will be able to
1. Identify the most frequent programming errors leading to
software vulnerabilities.
2. Analyze security problems in software and integral security
issues
Course Outcome 3. Implement the correct and incorrect use of formatted output
functions.
4. Apply their knowledge to the common vulnerabilities associated
with file I/O
5. Develop practices for improving the overall security of your C /
C++ application.
Prerequisites: Basics of Security
CO, PO AND PSO MAPPING
PSO- PSO- PSO-
CO PO-3 PO-4 PO-6
1 2 3
CO-1 - 2 2 2 - 1
CO-2 2 1 1 1 1 1
CO-3 3 1 1 1 - -
CO-4 1 1 1 1 - 2
CO-5 3 1 1 1 1 3
1: Weakly related, 2: Moderately related and 3: Strongly related
MODULE 1: SOFTWARE SECURITY CONCEPTS (9L)
Gauging the Threat - CO-1
Security Concepts - C BTL-2
and C++ - Development
Platforms - Strings -
Character Strings -
Common String
manipulation Errors -
String Vulnerabilities
and Exploits -
Mitigation Strategies -
String handling
functions - runtime
protection strategies -
notable vulnerabilities
Suggested Readings:
Evolution of Software
security
MODULE 2: POINTER SUBTERFUGE AND INTEGER SECURITY
(9L)
Data Locations - Function Pointers - Object Pointers - Modifying the
Instruction Pointer - Global Offset Table - The. dtors Section - Virtual
Pointers - The atexit() and on_exit() Functions - The longjmp() Function
- Exception Handling - Mitigation Strategies - Integer Security - Integer
Conversions - Integer Operations - Integer Vulnerabilities -BTL-2
Mitigation
Strategies.
Suggested Readings:
Security algorithms
MODULE 3: FORMATTED OUTPUT FUNCTIONS
(9L)
Variadic Functions -
Exploiting Formatted
Output Functions -
Stack Randomization- CO-3
Mitigation Strategies - BTL-3
Notable Vulnerabilities
Suggested Readings:
Vulnerabilities
MODULE 4: FILE I/O
(9L)
File I/O Basics - File I/O
Interfaces - Access
Control - File
Identification - Race CO-4
Conditions - Mitigation BTL-2
Strategies Suggested
Readings: File
Handling
MODULE 5: RECOMMENDED PRACTICES
(9L)
The Security
Development Lifecycle CO-5
- Security Training - BTL-2
Requirements -Design-
Implementation –
Verification Suggested
Readings: Security
Development Model
TEXT BOOKS
Seacord, R. C.(2013), Secure Coding in C and C++, Addison
1. Wisley for Software Engineering Institute, 2nd edition.
REFERENCE BOOKS
Daswani N., Kern C., Kesavan A(2007)., Foundations of Security,
1.
Apress.
E BOOKS
1. https://www.newhorizons.com/promotions/cybersecurity-ebooks
MOOC
https://www.coursera.org/learn/secure-coding-principles?
1.
specialization=secure-coding-practices