Pre-requisites : CS341, CS348
Overview, vulnerabilities, risk assessment, incidents. Cryptography: Classical Cryptography, Symmetric Cryptography, Public Key (Asymmetric cryptography), Modern Cryptography, Hash Functions, Key Exchange. Review: Installing Unix and common service daemons (Unix Security, Windows NT Security, Ping, traceroute, TCP Dump, sniffer etc.), Networking. Security issues: Terminology (Integrity, Availability, Confidentiality, Non-repudiation, Authentication, Authorization/Access Control, accounting, auditing, Passive and Active Attacker, Interruption, Interception, Modification, Fabrication, Social Engineering), Vulnerabilities and Counter Measures (Viruses, worms, Trojan horses, backdoors, unused services, buffer overflows, RPC), Exploits (Buffer overflow, Port Scanning etc). Applications Security (System Security, Audit Logs Intrusion Detection, Wrappers, Password and remote authorization tools e.g. PGP, S/MIME, SSH, Netscape/SSL, SET, IPsec, Kerberos, Firewalls, VPN etc, Secure (commerce) Transaction over a network, Network Anonymity.
1. W. Stallings, Cryptography and Network Security: Principles and Practice, 3rd Ed, Prentice Hall, 2003.
1. B. Schneier, Applied Cryptography, 2nd Ed, John Wiley & Sons, Inc., 1996.
2. A. Menezes, P. van Oorshot and S. Vanstone, Handbook of Applied Cryptogrphy, CRC Press, 1997.
3. C. Kauffman, R. Perham and M. Speciner, Network Security: Private Communication in a Public World, Prentice-Hall, 1994.
4. H. C. A. van Tilborg, Fundamentals of Cryptology, Kluwer Academic Publishers, 2000.
5. P. Garrett, Making and Breaking Codes: An Introduction to Cryptology, Prentice-Hall, 2001.
6. P. Wayner, Disappearing Cryptography, 2nd Ed, Morgan Kaufmann, 2002.
7. W. Cheswick, S. Bellovin and A. Rubin, Firewalls and Internet Security. Repelling the Wiley Hacker, 2nd Ed, Addison-Wesley, 2003.
8. Related publications in Journals/Conferences.