Computer Security
Topic 1 / Name: Introduction to Computer Security and Security TrendsKnowledge Category / Example/s of category / Teaching methodology
FACT / Security
Assets
Viruses
Terrorists
Malware / Use appropriate example of security (security guards in college gate)
Show any peripheral devices of Computer or Network( Hard disk)
Corrupted Files in pen drive
News, Videos of terrorist attack like 26/11 attack
Use any appropriate example-malicious code transfer through mobile while sharing the data (Bluetooth)among people
CONCEPT / Confidentiality,
Integrity, Availability, Accountability
Risk
Security Attacks / Use any appropriate PPT and example – email
Use any appropriate example – person having large amount of cash in travelling
Use example of Hacker trying to attack on any email account
PRINCIPLE / CIA Model / Use any appropriate PPT
PROCEDURE / Risk Analysis
Steps in Attack / Use any appropriate PPT or Video
Application / Online application / Online Shopping and Online Banking
Learning Resources:
Books:
1)“Cryptography and Network Security” by Atul Kahate Publisher – Tata McGraw Hill
2)“Computer Security” by Dieter Gollman Second Edition Publisher- Wiley India Education
3)“Principles of Computer Security + and Beyond” by Wm. Arthur Conklin Publisher – Tata McGraw Hill
4)“Principles of Information Security” by Michael E. Whitman, Herbert J. Mattord Publisher - Cengage India
Teaching Aids:Black board, Chalk, Transparencies, Power point presentationslides(PPTs), Reference books, notes, LCD projector/OHPProjector.
Lecture No. / Topic/ Subtopic to be covered
1 /
Why focus on Security?–
“Principals of Computer Security CompTIASecurity+andBeyndo” by Wm. Arthur Conklinchapter 1 Page No 1E.g The Secureness of precious materials being stolen like gold, money,
Mark sheet of student etc.)
- Definition of Computer Security
- Why security is important (Need of security)
Eg. Confidential information of defense save on computer of govt dept
- Basics of computer security – C, I, A Model
Integrity - “Computer Security” by Dieter Gollman Chapter 2, Page No 21
Availability - “Computer Security” by Dieter Gollman Chapter 2, Page No 22
Accountability - “Computer Security” by Dieter Gollman Chapter 2, Page No 23
Non-repudiation - “Computer Security” by Dieter Gollman Chapter 2, Page No 23
* Draw pyramid model of CIA
Web Site -
*Note- Conclude the lecture with Block keywords & definitions and suitable diagram
2 /
- Examples of Application where security is important
Challenges in security – which are different barriers in security
Eg: person tries different ways to crack the password of Computer
- Models of security
3 /
Define Risk
“Computer Security” by Dieter Gollman Chapter 1, Page No 13- What is Assets, Vulnerability and threats
(Harddisk is assest )
- Formula for calculation of Risk
PPTs -
4 /
- What Quantitative & Qualitative Risk Analysis
- Counter measures to mitigate the risk
Web Site –
5 /
What is Threat- Definition
What is different categories of Threats
- Definition of Virus and Worms – Differentiate between them
“Cryptography and Network Security” by AtulKahate Chapter 1 Page no 16, 18
- Different types of Viruses – Life Cycle of Viruses (Draw Diagram)
- Define Intruders & Insiders – Differentiate between them (Give real life example or any movie example)
Web Sites –
6 /
Who is Criminal Organization – what is their purpose(any movie example)
“Principles of Computer Security:Comp TIA Security+ and Beyond” by Wm. Arthur Conklin Chapter 1 Page no 9- Who is Terrorists – what is their aim/goals(any movie example)
- Information Warfare
- Why there is need of Information Warfare
- Avenues of Attacks (Example of any Criminal Activity)
- Steps in Attack – How attack can happen in any organization like Bank robbery
7 /
What is Attack – Definition of attack
- Active and Passive Attack – Differentiate between them, Classification of passive and active attacks
- Denial of Service Attack (DOS & DDOS)
Web Site -
8 /
Backdoor, Trapdoors
“Principles of Computer Security:Comp TIA Security+ and Beyond” by Wm. Arthur Conklin Chapter 15 Page no 403- Sniffing
- Spoofing
- Encryption Attack
Web Site –
PPT –
9 /
Man-in-middle attack
“Principles of Computer Security:Comp TIA Security+ and Beyond” by Wm. Arthur Conklin Chapter 15 Page no 408- Replay Attack
- TCP/IP Hacking
Web Site –
PPT –
10 /
Definition of Malware
“Principles of Computer Security:Comp TIA Security+ and Beyond” by Wm. Arthur Conklin Chapter 15 Page no 415- Various categories of Malwares
- What is Virus and Logic Bombs
Web site –
Topic 2 / Name: Authentication and Operational Security Objectives
Knowledge Category / Example/s of category / Teaching methodology
FACT / People
Password
Biometrics / Use appropriate example of people- Internet Users
Show appropriate example- create password to authenticate user for PC or laptop or password for enrollment of admission
Use appropriate example-(Iris) retina scan in Adhar Card Office
CONCEPT / Managing Password
Role of People / Example-Login screen
Example-Cash withdrawal at ATM
PRINCIPLE / Choosing a password
Individual User Responsibilities / Example-Changing PIN of ATM
Use appropriate PPT's
APPLICATION / Thumb Reader / Use Appropriate example of Biometric like Attendance System using Thumb
Learning Resources:
Books:
Title: 1) “Cryptography and Network Security” by Atul Kahate Publisher – Tata McGraw Hill
2) “Computer Security” by Dieter Gollman Publisher – Wiley India
3) “Principles of Computer Security + and Beyond” by Wm. Arthur Conkin Publisher - Tata McGraw Hill
Teaching Aids: Black Board, PPTS, Transparencies, Reference Book, Notes.
PPTs: Preferably prepare PPTs containing-
Lecture No. / Topic/ Subtopic to be covered
1 /
Introduction to operational Security
- Understand meaning - role of people
- What is password?
*Note- Conclude the lecture with Block keywords & definitions and suitable diagram
2 /
- Introduction to terms -identification, Authentication & operational Security
- To understand role of people in security
3 /
- User Name & Password
- How to choose & manage password?
- To understand what are threats while creating passwords.
4 /
- Introduction to terms -identification, Authentication
- Describe different areas where security comes into picture.
5 /
- Discuss role of people in security
- Password Selection
- Piggybacking
- Shoulder Surfing
- Dumpster Diving
- Installing Unauthorized Software/Hardware
- Access By Non-employee
- Security Awareness
- Individual User Responsibilities
6 /
- Examples of role of people using suitable techniques.
7 /
- Define Access Control
- Discuss their principles & policies
8 / " Types of Access controls
Principles of Computer Security Security + and Beyond” by Wm. Arthur Conklin Dwayne Chapter 11 Pg.nos-269,270
9 /
- Introduction to Biometrics
- Types of Biometrics
10 /
- Types of Biometrics & example
- Finger prints
- Hand print
- Retina Patterns
- Voice Patterns
- Signature &Writing Patterns
- Keystrokes
PPT:
Topic 3 / Name: Cryptography
Knowledge Category / Example/s of category / Teaching methodology
FACT / Plaintext
Key
Cipher Text / Use example of Plaintext–Human language
(message:“welcometo third year diploma”)
Show any message is Codified by using. KEY
Alphabet A Codified by key “3” to Alphabet “C”
Show example of codified message like “ABC” is code to “CDE”
CONCEPT / Cryptography,
Cryptanalysis, Cryptology
Encryption
Decryption
Private Key
Public Key
Hashing / Use appropriate example to show the converting of plaintext to cipher text and vice-versa.
Show example of encoding plaintext to Cipher text:
Eg.”Computer” to” retupmoc”
Show example of decoding Cipher text to Plaintext
Eg.“retupmoc” to “Computer”
Show example of key which need to be kept secret:
Eg. door key of own house or password of own email account
Show example of key which is shared with everybody:
Eg door key of own house shared among parents and child
Use any appropriate example and ppt to show mathematical function that perform one way encryption
PRINCIPLE / Substitution Technique
Transposition Technique
Symmetric Cryptography
Asymmetric Cryptography / Use any appropriate example to show Character of plain text is replaced by other character
eg- MONITOR is replace by “NPOJUPS”
Use any appropriate example to show permutation and combination over plaintext to produce Cipher text
Same Key is use for encryption and decryption.
Use any appropriate examples –One key used to lock and same key is used to unlock the door of house
2 separate key are used
One key for encryption and Second key for decryption
Use any appropriate PPT, examples –One key used to lock the door of house. Second key to unlock the door.
PROCEDURE / Substitution Technique
Step use in Caesar Cipher
Step use in Monoalphabetic and
Polyalphabetic
Transposition technique
Step use in Rail fence technique
Step use in Simple columnar
Step use in One time pad
Stenography / Use any appropriate example to show each character of plain text with 3 place down line eg “Amar ” replaced by Dqdv” .
Use any appropriate example to show one block replace another block ”HELLO ” is “LHPPS
Use any appropriate example to show plain text are written as sequence of diagonal and then read as sequence of row.
Use any appropriate example to show plain text written as row and read in the column form
Use any appropriate example to show random cipher text every time
Eg: OTP in mobile
watermark
APPLICATION / Symmetric cryptography:
DES (Data Encryption Standard Algorithm
Asymmetric Key Cryptography:
Digital Signature / Use appropriate PPT
to show step execution of DES algorithm include all step in details
Use appropriate PPT or
video
eg- E-mudrak use in stamping the document in Maharashtra government
2) Income tax return online ,digital signature are used by user to filled form
Learning Resources:
Books:
Title:
1)“Cryptography and Network Security” by Atul Kahate Publisher - Tata McGraw Hill
2)“Computer Security” by Dieter Gollman Publisher – Wiley India
3)“Principles of Computer Security + and Beyond” by Wm. Arthur Conklin Publisher - Tata McGraw Hill
4)“Principles of Information Security” by Michael E. Whitman, Herbert J. Mattord Publisher - Cengage india
Teaching Aids:Black board, Chalk, Transparencies, Power point presentationslides(PPTs), Reference books, notes, LCD projector/OHPProjector.
Lecture No. / Topic/ Subtopic to be covered
1 /
Introduction to Cryptography
“Computer Security” by Dieter Gollman Chapter 11, Page No 186“Principles of Computer Security + and Beyond” by Wm. Arthur”
chapter -5 ,Page No- 83
- Definition of Cryptography, Cryptanalysis and Cryptology
- Identify and describe the types of cryptography
chapter -5 ,Page No- 84
- What is Plain text and Cipher Text?
Website-
css/cryptography.htm
PPT –
2 /
- What is Substitution Technique?
- State different type of substitution technique
- Define Caesar’ciper? Explain with example ?
- Working principle of mono alphabetic substitution technique
- How Poly alphabetic technique is different from mono alphabetic
- Drawback of Substitution technique
Website-
PPTs-
sce.uhcl.edu/yang/public/Modules/.../Substitution%20Ciphers.ppt
3 /
What is Transposition Technique?
Cryptography and Network Security” by AtulKahate Chapter 2, Page No 54- Working principle of rail fence technique with example
- Working principle of Simple Columnar with example
- What is Stenography? State its advantage and disadvantages
“Principles of Computer Security + and Beyond” by Wm. Arthur”
Chapter -5 Cryptography, page 101-103
Website-
PPTs -
4 /
- Define Encryption? Show a block diagram of encryption
- Define Decryption? Show a block diagram of Decryption
- State the sketch of Symmetric key cryptography and problem of Key Distribution
Website:
PPTs - cs.ecust.edu.cn/~yhq/course_files/security/topic2.ppt
5 /
- Name the algorithm uses for Symmetric key cryptography
“Principles of Computer Security + and Beyond” by Wm. Arthur”
Chapter -5 Cryptography, page 91-94
- Conceptual working of DES along with diagram
Computer Security” by Dieter GollmanChapter -11,Page No-199-202”
- Processing step in DES
Website:
PPTs - islab.csie.ncku.edu.tw/course/slide/ch_06.ppt
6 /
- Details of each step in DES Algorithm along with block diagram
Cryptography and Network Security” by AtulKahate Chapter 3, Page No -102-103
b)Details of one Round in DES
Cryptography and Network Security” by AtulKahate Chapter 3, Page No -103
- Step 1- Key transformation
- Step2- Expansion permutation
- Step3- S- Box Substitution
- Step 4-P- Box substitution
- Step 5- XOR and swap
c)Variation of DES
Cryptography and Network Security” by AtulKahate Chapter 3, Page No -111
Website-
PPTs -islab.csie.ncku.edu.tw/course/slide/ch_06.ppt
7 /
- “What is Asymmetric key cryptography?
- Compare Symmetric key cryptography and Asymmetric key cryptography
Introduction to Digital Signature
“ Cryptography and Network Security” by AtulKahate Chapter 4,Page No-165-166“Principles of Computer Security + and Beyond” by Wm. Arthur”
Chapter -5 Cryptography, page 106-107,126,130
“Computer Security” by Dieter GollmanChapter -11,Page No-194-195
Website-
PPTs -
8 /
- Basis of Digital signature
Computer Security” by Dieter GollmanChapter -11,Page No-194-195”
- Basis for Hashing Concept
page 87-89
Computer Security” by Dieter Gollman Chapter -11,Page No-192-194”
- Message digest
page 90
Cryptography and Network Security” by AtulKahate Chapter 4,Page No-167-196
Web Site –
Topic 4 / Name: Computer Security Technology and Intrusion Detection
Knowledge Category / Example/s of category / Teaching methodology
FACT / Attack
Intrusion
Standard Protocols / Use appropriate example to show how attacker attack on Computer security –Eg- attack on particular personal computer to obtained bank account number .
Show Attacker try to enter from weak entry point or bypass the security level
Eg: illegal accessing particular bank account to transfer money
Eg-Theft try to enter through window or door
appropriate exampleEg- File transfer –FTP
CONCEPT / Firewall
Virtual Private Network
Kerberos
Security topologies / Use appropriate example to show firewall mechanism-
Eg Compound wall for Building, Barrier on Road sides.
Restricted access to particular website in College
Use appropriate example to private communication over public network
E.g.: Walky Talky in Army for communicating between soldiers.
Use appropriate ppt to show
Kerberos cycle.
Eg: Student is allowed to enter in Library hall by checking College ID and entering name in Register and Verify by Librarian
Use Appropriate area to show Security zone
Eg: Mobile is banned in exam hall of MSBTE., Hospital
PRINCIPLE / Email Security :
SMTP,
PEM,
PGP,
S/MIME
IPSec Security / Use appropriate PPT and Video to show working of Email Security
Eg: To Send Email –SMTP
Use appropriate ppt
Eg: Secure Branch office Connectivity over the internet
PROCEDURE / Intrusion Detection
Host Based-HIDS
Network based HIDS
IPSec Configuration / Use appropriate ppt to show types of IDS
Eg: Burglar alarm to identify undesirable activity
Use appropriate ppt and video
APPLICATION / DMZ
Internet and intranet
VLAN
Honey pot / Show example of restricted area for student to enter in Server Room in College
Use Appropriate example
Eg. In college Campus network using intranet with help of LAN
Show example of trap place to catch the attacker
Eg: trap is made to catch the theft on websites
Learning Resources:
Books:
Title:
1)“Cryptography and Network Security” by Atul Kahate Publisher – Tata McGraw Hill
2)“Computer Security” by Dieter Gollman Chapter-12,13 Publisher – Wiley India
3)“Principles of Computer Security + and Beyond” by Wm. Arthur Conklin Publisher – Tata McGraw Hill
4)“Cryptography and Network Security ” by William Stalling Publisher - Pearson