JAWAHARLAL NEHRU TECHNOLOGICAL UNIVERSITY HYDERABAD

M.Tech. (CYBER FORENSICS & INFORMATION SECURITY / CYBER SECURITY)

COURSE STRUCTURE AND SYLLABUS
I Year – II Semester
Course Title Int. Ext. L P C
marks marks
Core Course IV Cyber Security 25 75 4 -- 4
Core Course V Cyberspace - Vulnerabilities and Defence 25 75 4 -- 4
Core Course VI Computer Forensics 25 75 4 -- 4
Core Elective III 1. Privacy and Security in Cyber Space 25 75 4 -- 4
2. Cyber laws and Security Policies
3. Digital Watermarking and Steganography
4. Incident Response and Forensics
Core Elective IV 1. Software Security Engineering 25 75 4 -- 4
2. IT Security Metrics
3. Intrusion Detection and Prevention Systems
4. Network Programming
Open Elective II Open Elective – 2 25 75 4 -- 4
Laboratory II Computer Forensics Tools Lab 25 75 -- 4 2
Seminar II 50 -- -- 4 2
Total Credits 24 8 28
 JAWAHARLAL NEHRU TECHNOLOGICAL UNIVERSITY HYDERABAD
M.Tech- I Year – II Semester (Cyber Forensics /Cyber Security & Information Security)
CYBER SECURITY
Objectives:
To learn about cyber crimes and how they are planned
To learn the vulnerabilities of mobile and wireless devices
To learn about the crimes in mobile and wireless devices

UNIT-I
Introduction to Cybercrime: Introduction, Cybercrime and Information security, who are
cybercriminals, Classifications of Cybercrimes, Cybercrime: The legal Perspectives and Indian
Perspective, Cybercrime and the Indian ITA 2000, A Global Perspective on Cybercrimes.
Cyber offenses: How criminals Plan Them: Introduction, How Criminals plan the Attacks, Social
Engineering, Cyber stalking, Cyber cafe and Cybercrimes, Botnets: The Fuel for Cybercrime, Attack
Vector, Cloud Computing.
UNIT-II
Cybercrime: Mobile and Wireless Devices: Introduction, Proliferation of Mobile and Wireless Devices,
Trends in Mobility, Credit card Frauds in Mobile and Wireless Computing Era, Security Challenges Posed
by Mobile Devices, Registry Settings for Mobile Devices, Authentication service Security, Attacks on
Mobile/Cell Phones, Mobile Devices: Security Implications for Organizations, Organizational Measures for
Handling Mobile, Organizational Security Policies an Measures in Mobile Computing Era, Laptops.
UNIT III
Cybercrimes and Cyber security: the Legal Perspectives: Introduction Cyber Crime and Legal
Landscape around the world, Why Do We Need Cyber laws: The Indian Context, The Indian IT Act,
Challenges to Indian Law and Cybercrime Scenario In India, Digital signatures and the Indian IT Act,
Amendments to the Indian IT Act, Cybercrime and Punishment
Cyber law, Technology and Students: Indian Scenario.
UNIT IV
Understanding Computer Forensics: Introduction, Historical background of Cyber forensics, Digital
Forensics Science, The Need for Computer Forensics, Cyber Forensics and Digital evidence, Forensics
Analysis of Email, Digital Forensics Lifecycle, Chain of Custody concept, Network Forensics, Approaching
a computer, Forensics Investigation, Challenges in Computer Forensics, Special Tools and Techniques
Forensics Auditing
UNIT V
Cyber Security: Organizational Implications: Introduction, Cost of Cybercrimes and IPR issues, Web
threats for Organizations, Security and Privacy Implications, Social media marketing: Security Risks and
Perils for Organizations, Social Computing and the associated challenges for Organizations.

Text book:
1. Cyber Security: Understanding Cyber Crimes, Computer Forensics and Legal Perspectives, Nina
Godbole and Sunil Belapure, Wiley INDIA.
2. Introduction to Cyber Security , Chwan-Hwa(john) Wu,J.David Irwin.CRC Press T&F Group

Reference book:
1. Cyber Security Essentials, James Graham, Richard Howard and Ryan Otson, CRC Press.
 JAWAHARLAL NEHRU TECHNOLOGICAL UNIVERSITY HYDERABAD
M.Tech- I Year – II Semester (Cyber Forensics /Cyber Security & Information Security)
CYBERSPACE- VULNERABILITIES AND DEFENCE
Objectives:
 To learn the risks inherent in information system components, namely hardware, software, and
people
 To learn identifying the traits a CIO must have to address cyber security challenges
 To learn how to ensure business continuity in the event of adverse incidents, including acts of nature
 To learn about intrusion detection and prevention systems (IDPS), focusing on configurations,
capabilities, selection, management, and deployment
 To learn how to secure a computer against malware and cyber attacks

UNIT I.
Vulnerabilities in Information Systems: Measuring Vulnerability, Avoiding Vulnerabilities through
Secure Coding, Threats Classification, Threat Modeling Process,
Vulnerabilities in the Organization: Common Organizational Vulnerabilities, Access Authorization and
Authentication, Human Factors, Security Services, External Technologies, Wireless Networks, Bluetooth.
Passive Vulnerabilities, Active Vulnerabilities, Precautions. Wireless Fidelity. Worldwide Interoperability
Microwave Access. Cloud Computing. Risks in Information Systems Infrastructure: Risks in Hardware,
Software, People, Laptops, Cyberspace. Risk Insurance in Cyberspace.
UNIT II.
Secure Information Systems: Assets Identification, Assets Communication, Assets Storage, Resource
Access Control Facility, Securing the Email Communications, Information Security Management.
Cybersecurity and the CIO: CIO Personality, Education, Experience, Responsibilities, Contingency Plans,
Information Security, Cyber Policies, the Changing Role.
UNIT III.
Building a Secure Organization: Business Continuity Planning. System Access Control, System
Development and Maintenance, Physical and Environmental Security and Compliance. Personnel
Security, Security Organization, Computer and Network Management, Asset Classification and Control,
Security Policy.
UNIT IV.
Cyberspace Intrusions: IDPS Configuration. IDPS Capabilities. IDPS Management. IDPS Classification.
IDPS Comparison.
UNIT V.
Cyberspace Defense: File Protection Applications. PC Performance Applications. Protection Tools.
Cyberspace and the Law: International Laws. Cybercrime

Text Book:
1. Cyberspace and Cybersecurity, George Kostopoulos, 2012, Auerbach Publications.
 JAWAHARLAL NEHRU TECHNOLOGICAL UNIVERSITY HYDERABAD
M.Tech- I Year – II Semester (Cybre Forensics & Information Security/Cyber Security)
COMPUTER FORENSICS
Objectives:
To understand the cyberspace
To understand the forensics fundamentals
To understand the evidence capturing process.
To understand the preservation of digital evidence.

UNIT I :
Computer Forensics Fundamentals: Introduction to Computer Forensics, Use of Computer Forensics in
Law Enforcement, Computer Forensics Assistance to Human Resources/Employment Proceedings,
Computer Forensics Services, Benefits of Professional Forensics Methodology, Steps Taken by
Computer Forensics Specialists, Who Can Use Computer Forensic Evidence?.Types of Computer
Forensics Technology : Types of Military Computer Forensic Technology, Types of Law Enforcement
Computer Forensic Technology, Types of Business Computer Forensics Technology.
UNIT II :

Computer Forensics Evidence and Capture: Data Recovery: Data Recovery Defined, Data Backup
and Recovery, The Role of Backup in Data Recovery, The Data-Recovery Solution, Case
Histories.Evidence Collection and Data Seizure: Why Collect Evidence?, Collection Options,
Obstacles, Types of Evidence, The Rules of Evidence, Volatile Evidence, General Procedure, Collecting
and Archiving, Methods of Collection, Artifacts, Collection Steps, Controlling Contamination: The Chain of
Custody.
UNIT III: Duplication and Preservation of Digital Evidence: Preserving the Digital Crime Scene,
Computer Evidence Processing Steps, Legal Aspects of Collecting And Preserving Computer Forensic
Evidence. Computer Image Verification and Authentication : Special Needs of Evidential
Authentication, Practical Considerations, Practical Implementation.
UNIT IV: Computer Forensics Analysis: Discovery of Electronic Evidence: Electronic Document
Discovery: A Powerful New Litigation Tool, Identification of Data: Timekeeping, Time Matters,Forensic
Identification and Analysis of Technical Surveillance Devices. Reconstructing Past Events: How to
Become a Digital Detective, Useable File Formats, Unusable File Formats, Converting Files. Networks:
Network Forensics Scenario, A Technical Approach, Destruction of Email, Damaging Computer Evidence,
International Principles Against Damaging of Computer Evidence, Tools Needed for Intrusion Response
to the Destruction of Data, Incident Reporting and Contact Forms.
UNIT V: Current Computer Forensics Tools: Evaluating Computer Forensics Tool Needs, Computer
Forensics Software Tools, Computer Forensics Hardware Tools, Validating and Testing Forensics
Software.

TEXT BOOKS:
1. “Computer Forensics : Computer Crime Scene Investigation”, JOHN R. VACCA, Firewall Media.
2. “Guide to Computer Forensics and Investigations”4e, Nelson, Phillips Enfinger, Steuart, Cengage
Learning.
REFERENCES:
1. “Computer Forensics and Cyber Crime”, Marjie T Britz, Pearson Education.
2. “Computer Forensics”, David Cowen, Mc Graw Hill.
3. Brian Carrier , "File System Forensic Analysis" , Addison Wesley, 2005
4. Dan Farmer & Wietse Venema ,"Forensic Discovery", Addison Wesley, 2005
5. Eoghan Casey , ―Digital Evidence and Computer Crime ―, Edition 3, Academic Press, 2011
6. Chris Pogue, Cory Altheide, Todd Haverkos ,Unix and Linux Forensic Analysis DVD ToolKit,
Syngress Inc. , 2008
7. Harlan Carvey ,Windows Forensic Analysis DVD Toolkit, Edition 2, Syngress Inc. , 2009
8. Harlan Carvey ,Windows Registry Forensics: Advanced Digital Forensic Analysis of the Windows
Registry , Syngress Inc, Feb 2011
9. Eoghan Casey, Handbook of Digital Forensics and Investigation, Academic Press, 2009
10. Gonzales/ Woods/ Eddins, Digital Image Processing using MATLAB, 2nd edition, Gatesmark
Publishing, ISBN 9780982085400
11. N.Efford, Digital Image Processing, Addison Wesley 2000, ISBN 0-201-59623-7
12. M Sonka, V Hlavac and R Boyle, Image Processing, Analysis and Machine Vision, PWS
13. 1999, ISBN 0-534-95393-
14. Pratt.W.K., Digital Image Processing, John Wiley and Sons, New York, 1978
 JAWAHARLAL NEHRU TECHNOLOGICAL UNIVERSITY HYDERABAD
M.Tech- I Year – II Semester (Cyber Forensics /Cyber Security & Information Security)
PRIVACY AND SECURITY IN CYBER SPACE (Core Elective-III)

Objectives:
To understand the computer security fundamentals
To understand the integrity policies
To understand system, user, program security issues

UNIT I :
An Overview of Computer Security: The Basic Components, Threats, Policy and Mechanism,
Assumptions and Trust, Assurance, Operational Issues, Human Issues. Security Policies: Security
Policies, Types of Security Policies, The Role of Trust, Types of Access Control, Example: Academic
Computer Security Policy, General University Policy, Electronic Mail Policy, Confidentiality Policies: Goals
of Confidentiality Policies, The Bell-LaPadula Model, Informal Description, Example: The Data General
B2 UNIX System.

UNIT II
Integrity Policies: Goals, Biba Integrity Model, Clark-Wilson Integrity Model, The Model, Comparison
with the Requirements, Comparison with Other Models, Hybrid Policies: Chinese Wall Model, Bell-
LaPadula and Chinese Wall Models, Clark-Wilson and Chinese Wall Models, Clinical Information
Systems Security Policy, Bell-LaPadula and Clark-Wilson Models, Originator Controlled Access Control,
Role-Based Access Control.

UNIT III :
Design Principles: Overview, Design Principles, Principle of Least Privilege, Principle of Fail-Safe
Defaults, Principle of Economy of Mechanism, Principle of Complete Mediation, Principle of Open Design,
Principle of Separation of Privilege, Principle of Least Common Mechanism, Principle of Psychological
Acceptability.

UNIT III :
System Security: Introduction, Policy: The Web Server System in the DMZ, The Development System,
Networks: The Web Server System in the DMZ, The Development System, Users: The Web Server
System in the DMZ, The Development System, Authentication: The Web Server System in the DMZ,
Development Network System.

UNIT IV :
User Security: Policy, Access: Passwords, The Login Procedure, Trusted Hosts, Leaving the System,
Files and Devices: Files, File Permissions on Creation, Group Access, File Deletion, Devices, Writable
Devices, Smart Terminals, Monitors and Window Systems, Processes: Copying and Moving Files,
Accidentally Overwriting Files, Encryption, Cryptographic Keys, and Passwords, Start-up Settings,
Limiting Privileges, Malicious Logic.

UNIT V:
Program Security: Introduction, Common Security-Related Programming Problems, Improper Choice of
Initial Protection Domain, Improper Isolation of Implementation Detail, Improper Change, Improper
Naming, Improper Deallocation or Deletion, Improper Validation, Improper Indivisibility, Improper
Sequencing, Improper Choice of Operand or Operation, Testing, Maintenance, and Operation.

TEXT BOOK:
1. “Introduction to Computer Security”, Matt Bishop, Sathyanarayana S.Venkatramanayya, Pearson
Education.
REFERENCES:
1. “Computer Security”, Dieter Gollmann, Wiley India.
 JAWAHARLAL NEHRU TECHNOLOGICAL UNIVERSITY HYDERABAD
M.Tech- I Year – II Semester (Cyber Forensics /Cyber Security & Information Security)
CYBER LAWS AND SECURITY POLICIES (Core Elective-III)

Objectives:
To understand the computer security issues
To make secure system planning, policies

UNIT-I
Introduction to Computer Security: Definition, Threats to security, Government requirements, Information
Protection and Access Controls, Computer security efforts, Standards, Computer Security mandates and
legislation, Privacy considerations, International security activity.
UNIT-II
Secure System Planning and administration, Introduction to the orange book, Security policy
requirements, accountability, assurance and documentation requirements, Network Security, The Red
book and Government network evaluations.
UNIT-III
Information security policies and procedures: Corporate policies- Tier 1, Tier 2 and Tier3 policies -
process management-planning and preparation-developing policies-asset classification policy-developing
standards.
UNIT- IV
Information security: fundamentals-Employee responsibilities- information classification-
Information handling- Tools of information security- Information processing-secure program
administration.
UNIT-V
Organizational and Human Security: Adoption of Information Security Management Standards, Human
Factors in Security- Role of information security professionals.

REFERENCES

1. Debby Russell and Sr. G.T Gangemi, "Computer Security Basics (Paperback)”, 2ndEdition,
O’ Reilly Media, 2006.
2. Thomas R. Peltier, “Information Security policies and procedures: A Practitioner’s
Reference”, 2nd Edition Prentice Hall, 2004.
3. Kenneth J. Knapp, “Cyber Security and Global Information Assurance: Threat Analysis and
Response Solutions”, IGI Global, 2009.
4. Thomas R Peltier, Justin Peltier and John blackley, ”Information Security Fundamentals”, 2nd
Edition, Prentice Hall, 1996
5. Jonathan Rosenoer, “Cyber law: the Law of the Internet”, Springer-verlag, 1997
6. James Graham, “ Cyber Security Essentials” Averbach Publication T & F Group.
 JAWAHARLAL NEHRU TECHNOLOGICAL UNIVERSITY HYDERABAD
M.Tech- I Year – II Semester (Cyber Forensics /Cyber Security & Information Security)
DIGITAL WATERMARKING AND STEGANOGRAPHY (Core Elective-III)

Objectives:
To learn about the watermarking models and message coding
To learn about watermark security and authentication.
To learn about stegnography. Perceptual models

UNIT I

INTRODUCTION: Information Hiding, Steganography and Watermarking – History of watermarking –

Importance of digital watermarking – Applications – Properties – Evaluating watermarking systems.

WATERMARKING MODELS & MESSAGE CODING: Notation – Communications – Communication

based models – Geometric models – Mapping messages into message vectors – Error correction coding
– Detecting multi-symbol watermarks.

UNIT II

WATERMARKING WITH SIDE INFORMATION & ANALYZING ERRORS: Informed Embedding –

Informed Coding – Structured dirty-paper codes - Message errors – False positive errors – False negative
errors – ROC curves – Effect of whitening on error rates.

UNIT III

PERCEPTUAL MODELS: Evaluating perceptual impact – General form of a perceptual model –

Examples of perceptual models – Robust watermarking approaches - Redundant Embedding, Spread
Spectrum Coding, Embedding in Perceptually significant coefficients

UNIT IV

WATERMARK SECURITY & AUTHENTICATION: Security requirements – Watermark security and

cryptography – Attacks – Exact authentication – Selective authentication – Localization – Restoration.

UNIT V

STEGANOGRAPHY: Steganography communication – Notation and terminology – Information-theoretic

foundations of steganography – Practical steganographic methods – Minimizing the embedding impact –
Steganalysis

REFERENCES:
1. Ingemar J. Cox, Matthew L. Miller, Jeffrey A. Bloom, Jessica Fridrich, Ton Kalker, “Digital
Watermarking and Steganography”, Margan Kaufmann Publishers, New York, 2008.
2. Ingemar J. Cox, Matthew L. Miller, Jeffrey A. Bloom, “Digital Watermarking”, Margan Kaufmann
Publishers, New York, 2003.
3. Michael Arnold, Martin Schmucker, Stephen D. Wolthusen, “Techniques and Applications of Digital
Watermarking and Contest Protection”, Artech House, London, 2003.
4. Juergen Seits, “Digital Watermarking for Digital Media”, IDEA Group Publisher, New York, 2005.
5. Peter Wayner, “Disappearing Cryptography – Information Hiding: Steganography & Watermarking”,
Morgan Kaufmann Publishers, New York, 2002.
 JAWAHARLAL NEHRU TECHNOLOGICAL UNIVERSITY HYDERABAD
M.Tech- I Year – II Semester (Cyber Forensics /Cyber Security & Information Security)
INCIDENT RESPONSE AND FORENSICS (Core Elective-III)

Objectives:

To know the real world incidents

To make a pre incident preparation
To understand about incident detection and characterization

UNIT I:
Real-World Incidents: What Constitutes an Incident?, What Is Incident Response?, Where We Are Now,
Why Should You Care About Incident Response?, Concept of the Attack Lifecycle, IR Management
Handbook: What Is a Computer Security Incident?, What Are the Goals of Incident Response?, Who Is
Involved in the IR Process?, The Incident Response Process: Initial Response, Investigation,
Remediation, Tracking of Significant Investigative Information, Reporting.

UNIT II:
Pre-Incident Preparation: Preparing the Organization for Incident Response, Identifying Risk, Policies
That Promote a Successful IR, Working with Outsourced IT, Thoughts on Global Infrastructure Issues,
Educating Users on Host-Based Security, Preparing the IR Team, Preparing the Infrastructure for Incident
Response, Computing Device Configuration, Network Configuration.

UNIT III:
Incident Detection and Characterization: Collecting Initial Facts, Checklists, Maintenance of Case
Notes, Building an Attack Timeline, Understanding Investigative Priorities, What Are Elements of Proof?,
Setting Expectations with Management, Initial Development of Leads, Defining Leads of Value, Acting on
Leads, Turning Leads into Indicators, The Lifecycle of Indicator Generation, Resolving Internal Leads,
Resolving External Leads.

UNIT IV:
Data Collection: Live Data Collection, When to Perform a Live Response, Selecting a Live Response
Tool, What to Collect, Live Data Collection on Microsoft Windows Systems, Prebuilt Toolkits, Do It
Yourself, Memory Collection, Live Data Collection on Unix-Based Systems, Live Response Toolkits,
Memory Collection.

UNIT V:
Forensic Duplication: Forensic Image Formats, Complete Disk Image, Partition Image, Logical Image,
Image Integrity, Traditional Duplication, Hardware Write Blockers, Image Creation Tools, Live System
Duplication, Duplication of Enterprise Assets, Duplication of Virtual Machines.

TEXT BOOK:
“ Incident Response and Computer Forensics”, Kevin Mandia, Mathew Pepe, Jason Luttgens, 3rd Edition,
McGraw-Hill Osborne Media, 2014.
REFERENCES:
1. "Handbook Computer Crime Investigation's Forensic Tools and Technology", Eoghan Casey,
Academic Press.
2. “A Step-by-Step Guide to Computer Attacks and Effective Defenses”, Skoudis. E., Perlman. R.
Counter Hack, Prentice Hall Professional Technical Reference.
3. “Disk Detective: Secret You Must Know to Recover Information From a Computer”, Norbert
Zaenglein, Paladin Press.
4. “Guide to computer forensics and investigations”, Bill Nelson,Amelia Philips and Christopher
Steuart, Cengage Learning.
 JAWAHARLAL NEHRU TECHNOLOGICAL UNIVERSITY HYDERABAD
M.Tech- I Year – II Semester (Cyber Forensics /Cyber Security & Information Security)
SOFTWARE SECURITY ENGINEERING (Core Elective-IV)
Objectives:
 Students will demonstrate knowledge of the distinction between critical and non-critical systems.
 Students will demonstrate the ability to manage a project including planning, scheduling and risk
assessment/management.
 Students will author a software requirements document.
 Students will demonstrate an understanding of the proper contents of a software requirements
document.
 Students will author a formal specification for a software system.
 Students will demonstrate an understanding of distributed system architectures and application
architectures.
 Students will demonstrate an understanding of the differences between real-time and non-real
time systems.
 Students will demonstrate proficiency in rapid software development techniques.
 Students will be able to identify specific components of a software design that can be targeted for
reuse.
 Students will demonstrate proficiency in software development cost estimation.
 Students will author a software testing plan.

UNIT – I
Security a software Issue: introduction, the problem, Software Assurance and Software Security,
Threats to software security, Sources of software insecurity, Benefits of Detecting Software Security
What Makes Software Secure: Properties of Secure Software, Influencing the security properties of
software, Asserting and specifying the desired security properties?
UNIT – II
Requirements Engineering for secure software: Introduction, the SQUARE process Model,
Requirements elicitation and prioritization
UNIT – III
Secure Software Architecture and Design: Introduction, software security practices for architecture and
design: architectural risk analysis, software security knowledge for architecture and design: security
principles, security guidelines and attack patterns
Secure coding and Testing: Code analysis, Software Security testing, Security testing considerations
throughput the SDLC
UNIT – IV
Security and Complexity: System Assembly Challenges: introduction, security failures, functional and
attacker perspectives for security analysis, system complexity drivers and security
UNIT – V
Governance and Managing for More Secure Software: Governance and security, Adopting an
enterprise software security framework, How much security is enough?, Security and project
management, Maturity of Practice

TEXT BOOK:
1. Software Security Engineering: Julia H. Allen, Pearson Education
REFERNCE BOOKS:
1. Developing Secure Software: Jason Grembi, Cengage Learning
2. Software Security : Richard Sinn, Cengage Learning
 JAWAHARLAL NEHRU TECHNOLOGICAL UNIVERSITY HYDERABAD
M.Tech- I Year – II Semester (Cyber Forensics /Cyber Security & Information Security)
IT SECURITY METRICS (Core Elective-IV)

Objectives:
To understand about the data and security metrics and measurements of the data
To know about the security operations, cost and values

UNIT-I:
What Is a Security Metric? Metric and Measurement, Security Metrics Today, The Dissatisfying State of
Security Metrics, Reassessing Our Ideas About Security Metrics. Designing Effective Security Metrics:
Choosing Good Metrics, GQM for Better Security Metrics, More Security Uses for GQM, Summary.
UNIT-II:
Understanding Data: What are Data? Data Sources for Security Metrics; We Have Metrics and Data -
Now what, Summary, Case Study 1. The Security Process Management Framework: Managing
Security as a Business Process, the SPM Framework, Before You Begin SPM, Summary. The Analyzing
Security Metrics Data: The Most Important Step, Analysis Tools and Techniques, Summary. Designing
the Security Measurement Project: Before the Project Begins, Phase One: Build a Project Plan and
Assemble the Team, Phase two: Gather the Metrics Data, phase Three: Analyze the Metrics Data and
Build Conclusions, phase Four: Present Results, Phase Five: Reuse the Results, Project Management
Tools, Summary.
UNIT-III:
Measurements Security Operations: Sample Metrics for Security Operations, Sample Measurement
Project for Security Operations, Summary. Measuring Compliance and Conformance: The Challenges
of Measuring Compliance, Sample Measurement Projects for Compliance and Conformance, Summary.
UNIT-IV:
Measuring Security Cost and Value: Sample Measurement Projects for Compliance and Conformance,
The Importance of Data to Measuring Cost and Value, Summary. Measuring People, Organizations,
and Culture: Sample Measurement Projects for People, Organizations, and Culture, Summary.
UNIT-V:
The Security Improvement Program: Moving from Projects to Programs, Managing Security
Measurement with a Security, Requirements for a SIP, Measuring the SIP. Summary. Learning Security:
Different Contexts for Security Process Management: Organizational Learning, Three Learning Styles
for IT Security Metrics, Final Thoughts, Summary.

Text Books:
1. IT SECURITY METRICS, Lance Hayden, TATA McGraw-HILL.
2. SECURITY METRICS, CAROLINE WONG, TATA McGraw-HILL.
 JAWAHARLAL NEHRU TECHNOLOGICAL UNIVERSITY HYDERABAD
M.Tech- I Year – II Semester (Cyber Forensics /Cyber Security & Information Security)
INTRUSION DETECTION AND PREVENTION SYSTEMS (Core Elective-IV)

Objectives:
To understand about the intruders .
To know the intrusion detection and prevention policies

UNIT-I
INTRODUCTION: Understanding Intrusion Detection – Intrusion detection and prevention basics – IDS
and IPS analysis schemes, Attacks, Detection approaches –Misuse detection – anamoly detection –
specification based detection – hybrid detection
THEORETICAL FOUNDATIONS OF DETECTION: Taxonomy of anomaly detection system – fuzzy logic
– Bayes theory – Artificial Neural networks – Support vector machine – Evolutionary computation –
Association rules – Clustering
UNIT-II
ARCHITECTURE AND IMPLEMENTATION: Centralized – Distributed – Cooperative Intrusion Detection
- Tiered architecture
UNIT-III
JUSTIFYING INTRUSION DETECTION: Intrusion detection in security – Threat Briefing – Quantifying
risk – Return on Investment (ROI)
UNIT-IV
APPLICATIONS AND TOOLS: Tool Selection and Acquisition Process - Bro Intrusion Detection –
Prelude Intrusion Detection - Cisco Security IDS - Snorts Intrusion Detection – NFR security
UNIT-V
LEGAL ISSUES AND ORGANIZATIONS STANDARDS: Law Enforcement / Criminal Prosecutions –
Standard of Due Care – Evidentiary Issues, Organizations and Standardizations.

REFERENCES:
1. Ali A. Ghorbani, Wei Lu, “Network Intrusion Detection and Prevention: Concepts and Techniques”,
Springer, 2010.
2. Carl Enrolf, Eugene Schultz, Jim Mellander, “Intrusion detection and Prevention”, McGraw Hill, 2004
3. Paul E. Proctor, “The Practical Intrusion Detection Handbook “,Prentice Hall , 2001.
4. Ankit Fadia and Mnu Zacharia, “Intrusiion Alert”, Vikas Publishing house Pvt., Ltd, 2007.
5. Earl Carter, Jonathan Hogue, “Intrusion Prevention Fundamentals”, Pearson Education, 2006.
 JAWAHARLAL NEHRU TECHNOLOGICAL UNIVERSITY HYDERABAD
M.Tech- I Year – II Semester (Cyber Forensics /Cyber Security & Information Security)
NETWORK PROGRAMMING (Core Elective-IV)
Objectives:
 To understand to Linux utilities
 To understand file handling, signals
 To understand IPC, network programming in Java
 To understand processes to communicate with each other across a Computer Network.

UNIT-I
Introduction to Network Programming: OSI model, Unix standards, TCP and UDP & TCP connection
establishment and Format, Buffer sizes and limitation, standard internet services, Protocol usage by
common internet application.
Sockets : Address structures, value – result arguments, Byte ordering and manipulation function and
related functions Elementary TCP sockets – Socket, connect, bind, listen, accept, fork and exec function,
concurrent servers. Close function and related function.
UNIT-II
TCP client server: Introduction, TCP Echo server functions, Normal startup, terminate and signal
handling server process termination, Crashing and Rebooting of server host shutdown of server host.
Elementary UDP sockets: Introduction UDP Echo server function, lost datagram, summary of UDP
example, Lack of flow control with UDP, determining outgoing interface with UDP.
I/O Multiplexing: I/O Models, select function, Batch input, shutdown function, poll function, TCP Echo
server,
UNIT-III
socket options: getsockopt and setsockopt functions. Socket states, Generic socket option IPV6 socket
option ICMPV6 socket option IPV6 socket option and TCP socket options.
Advanced I/O Functions: Introduction, Socket Timeouts, recv and send Functions, readv and writev
Functions, recvmsg and sendmsg Functions, Ancillary Data, How Much Data Is Queued? Sockets and
Standard I/O, T/TCP: TCP for Transactions
UNIT-IV
Elementary name and Address conversions: DNS, gethost by Name function, Resolver option,
Function and IPV6 support, uname function, other networking information.
Daemon Processes and inetd Superserver – Introduction, syslogd Daemon, syslog Function,
daemon_init Function, inetd Daemon, daemon_inetd Function
Broadcasting- Introduction, Broadcast Addresses, Unicast versus Broadcast, dg_cli Function Using
Broadcasting, Race Conditions
Multicasting- Introduction, Multicast Addresses, Multicasting versus Broadcasting on A LAN, Multicasting
on a WAN, Multicast Socket Options, mcast_join and Related Functions, dg_cli Function Using
Multicasting, Receiving MBone Session Announcements, Sending and Receiving, SNTP: Simple Network
Time Protocol, SNTP (Continued)
UNIT-V
Raw Sockets-Introduction, Raw Socket Creation, Raw Socket Output, Raw Socket Input, Ping Program,
Traceroute Program, An ICMP Message Daemon,
Datalink Access- Introduction, BPF: BSD Packet Filter, DLPI: Data Link Provider Interface, Linux:
SOCK_PACKET, libpcap: Packet Capture Library, Examining the UDP Checksum Field
Remote Login: Terminal line disciplines, Pseudo-Terminals, Terminal modes, Control Terminals, rlogin
Overview, RPC Transparency Issues.

Text Books:
1. UNIX Network Programming, by W. Richard Stevens, Bill Fenner, Andrew M. Rudoff, Pearson
Education
2. UNIX Network Programming, 1st Edition, - W.Richard Stevens. PHI.
 JAWAHARLAL NEHRU TECHNOLOGICAL UNIVERSITY HYDERABAD
M.Tech- I Year – II Semester (Cyber Forensics /Cyber Security & Information Security)
COMPUTER FORENSICS TOOLS LAB

To perform the following tasks for the lab, Internet facility and open source tools should be provided.
1. Use a Web search engine, such as Google or Yahoo!, and search for companies specializing in
computer forensics. Select three and write a two-to three-page paper comparing what each
company does.(Project 1-1)
2. Search the Internet for articles on computer crime prosecutions. Find at least two. Write one to
two pages summarizing the two articles and identify key features of the decisions you find in your
search. (Project 1-5)
3. Use a Web search engine, search for various computer forensics tools.
4. Preparing and processing of investigations. Try to examine and identify the evidences from the
drives. (Project 2-1)
5. Extracting of files that have been deleted.( (Project 2-4)
6. Illustrate any Data acquisition method and validate. Use an open source data acquisition tool.
7. You’re investigating an internal policy violation when you find an e-mail about a serious assault
for which a police report needs to be filed. What should you do? Write a two-page paper
specifying who in your company you need to talk to first and what evidence must be turned over
to the police.(Project 5-2)
8. Create a file on a USB drive and calculate its hash value like FTK Imager. Change the file and
calculate the hash value again to compare the files.(Project 5-4)
9. Compare two files created in Microsoft Office to determine whether the files are different at the
hexadecimal level. Keep a log of what you find. (Project 6-1)
10. Illustrate the analysis of forensic data.
11. Illustrate the validating of forensic data.
12. Locate and extract Image (JPEG) files with altered extensions.(Project 10-1)
13. Examine or Investigate an E-mail message.

TEXT BOOK:

1. “Computer Forensics and Investigations”, Nelson, Phillips Enfinger, Steuart, Cengage Learning.
References
1. Brian Carrier , "File System Forensic Analysis" , Addison Wesley, 2005
2. Dan Farmer & Wietse Venema ,"Forensic Discovery", Addison Wesley, 2005
3. Eoghan Casey , ―Digital Evidence and Computer Crime ―, Edition 3, Academic Press, 2011
4. Chris Pogue, Cory Altheide, Todd Haverkos ,Unix and Linux Forensic Analysis DVD ToolKit,
Syngress Inc. , 2008
5. Harlan Carvey ,Windows Forensic Analysis DVD Toolkit, Edition 2, Syngress Inc. , 2009
6. Harlan Carvey ,Windows Registry Forensics: Advanced Digital Forensic Analysis of the Windows
Registry , Syngress Inc, Feb 2011
7. Eoghan Casey, Handbook of Digital Forensics and Investigation, Academic Press, 2009
8. Gonzales/ Woods/ Eddins, Digital Image Processing using MATLAB, 2nd edition, Gatesmark
Publishing, ISBN 9780982085400
9. N.Efford, Digital Image Processing, Addison Wesley 2000, ISBN 0-201-59623-7
10. M Sonka, V Hlavac and R Boyle, Image Processing, Analysis and Machine Vision, PWS
11. 1999, ISBN 0-534-95393-
12. Pratt.W.K., Digital Image Processing, John Wiley and Sons, New York, 1978