West Bengal State Council of Technical &

Vocational Education and Skill

Development
(Technical Education Division)

Syllabus
of

Diploma in Cyber Forensics & Information

Security [CFS]

Part-III (5th Semester)

Revised 2022
 WEST BENGAL STATE COUNCIL OF TECHNICAL & VOCATIONAL
EDUCATION AND SKILL DEVELOPMENT
(A Statutory Body under West Bengal Act XXVI of 2013)
(Technical Education Division)
Karigari Bhavan, 4th Floor, Plot No. B/7, Action Area-III, Newtown, Rajarhat, Kolkata–700 160

WBSCTVESD Curriculum for Diploma Courses in Engineering and Technology

Semester – V
(Cyber Forensics and Information Security Engineering)

5th Semester Cyber Forensics and Information Security Engineering

Hours per week
Sl. Contact
No Code No. Course Title L T P Hours Credits

Cyber Crime Investigation and Cyber

1.
CFS301 Forensics 3 0 0 3 2.5
2. CFS303 Introduction to Cryptography 3 1 0 4 2.5
3. CFS305 Intrusion Detection and Penetration Testing 3 0 0 3 2.5
4. Program Elective-2 3 0 0 3 2.5
5. Program Elective-3 3 0 0 3 2.5
6. CFS-PR302 Major Project 0 0 3 3 2
Cyber Crime Investigation and Cyber
7.
CFS315 Forensics Lab 0 0 3 3 2
Intrusion Detection and Penetration Testing 1.5
8.
CFS317 Lab 0 0 3 3
9. 1.5
Program Elective-2 Lab 0 0 3 3
10. 1.5
Program Elective-3 Lab 0 0 3 3
11. CFS-SI-301 Internship II (at least 4 weeks) 0 0 0 0 1
Total 16 0 15 31 22

1|Page
List of Program Elective-2 Courses [PE-2] [THEORY]

PE2-CFS307 Steganography and Digital Watermarking

PE2-CFS309 Mobile Phone Security and Forensics

List of Program Elective-3 Courses [PE-3] [THEORY]

PE3-CFS311 Cyber Security Vulnerabilities & Safeguards

PE3-CFS313 Cloud Security

List of Program Elective-2 Courses [PE-2] [PRACTICAL]

PE2-CFS319 Steganography and Digital Watermarking Lab

PE2-CFS321 Mobile Phone Security and Forensics Lab

List of Program Elective-3 Courses [PE-3] [PRACTICAL]

PE3-CFS323 Cyber Security Vulnerabilities & Safeguards Lab

PE3-CFS325 Cloud Security Lab

2|Page
 Detailed Curriculum Content for Semester-V

Syllabus for Cyber Crime Investigation and Cyber Forensics (Theory)

Course Title Cyber Crime Investigation and Cyber Forensics

Course Code: CFS301 Semester: Fifth
Duration: Six Months Maximum Marks:100
Teaching Scheme Examination Scheme
Theory: 3 hrs./week Mid Semester Test: 20 Marks,
Quizzes, Viva-voce, Assignment: 10 Marks
Total hours: 48 Class Attendance: 10 Marks
Credit: 2.5 End Semester Exam.: 60 Marks
Pass Criterion: Students have to obtain at least 40% marks (pass marks) in both internal assessment
and end semester examination separately.
Pre-Requisites: Concepts of Hardware, OS, Networking, Programming

Aim:
 Able to learn about the cyber crime investigation process and methodologies.
 Able to learn different cyber forensics methodologies

Course Outcomes: After completion of the course students will be able to learn the following major
themes:
 Ability to perform cyber crime investigation process.
 Ability to perform digital forensics

Course Content
Unit-1 12 hours

1. Cyber Crime and Cyber Forensics

1.1. Cyber Crime
1.1.1. Definitions
1.1.2. Tools and Techniques Used to Commit Cyber Crime
1.1.3. Types of Cyber Crimes
1.1.4. Crimes targeting computer systems
1.1.5. Crimes in which computer systems are used as tools/instruments
1.1.6. What is Digital Evidence and the Nature of Digital Evidence
1.1.7. Digital Devices – Sources for Digital Evidences
1.2. Cyber Forensics
1.2.1.Definition
1.2.2.Classification of Cyber Forensics
1.2.2.1. Database Forensics
1.2.2.2. Email Forensics
1.2.2.3. Malware Forensics
1.2.2.4. Memory Forensics
1.2.2.5. Mobile Forensics
1.2.2.6. Network Forensics

3|Page
 1.2.2.7. Cloud Forensics
1.2.3. What Cyber Forensics Can Reveal
1.2.4.What can the Investigating Officer expect from Cyber Forensic Analysis

Unit-2 6 hours

2. Pre-Investigation Assessment
2.1 Doing the Basics Right
2.2 Is it a crime (as per ITAA2008) in the first place?
2.3 Preliminary Review of the Scene of Offence
2.4 Evaluating the Scene of Offence
2.5 Preliminary Interviews at the Scene of Offence
2.6 Pre-Investigation Technical Assessment
2.7 Issuance of preservation notice
2.8 Containment of the incident / Offence

Unit-3 20 hours

3.Standard Operating Procedures for investigations

3.1 Importance of SOPs in the Investigation
3.2 Standard Operating Procedures – A Flow Chart
3.3 Crime Scene Investigation: Search and Seizure
3.3.1 Steps in Crime Scene Investigation
3.3.2 Seizure Memo and Seizure Proceedings
3.3.3 Chain of Custody and Digital Evidence Collection Form
3.3.4 Chain of custody
3.3.5 Digital Evidence Collection (DEC) form
3.4 Forensic Collection of Digital Media
3.4.1 Identifying/Seizing of the devices needs to be forensically imaged for analysis
3.4.2 Investigative Tools and Equipment
3.5 Collection of Digital evidence
3.5.1 Procedure for gathering evidences from switched-off systems
3.5.2 Procedure for gathering evidences from live systems (Switched-on Systems)
3.5.3 Procedure for gathering evidences from Mobile Phones
3.6 Forensic Duplication – A Technical Introduction
3.7 Network Drives Imaging and Logical File Collection
3.8 Conducting Interviews
3.9 Packaging and labeling of the evidence
3.10 Transportation of the evidences
3.11 Legal procedure to be followed post seizure of evidence
3.12 Expert Opinion from the Forensic Examiner
3.13 Analyzing External / Third-party information
3.13.1 Time Zone Conversion
3.13.2 E mail Headers
3.13.3 Cases where the Subject Mail Is Not Available

4|Page
 3.14 Gathering information from external agencies/companies
3.14.1 Availability of information and format from ISPs
3.14.2 Information from e-mail service
3.14.3 Information from Mobile service providers
3.14.4 Information from Social networking sites
3.14.5 Information from Financial institutions/Internet banking institutions
3.14.6 Information from Web site domain/hosting providers
3.14.7 Information from VoIP service providers
3.14.8 Analyzing and handling the external data
3.15 Correlating the external data with lab findings

Unit-4 10 hours

4. File Systems and Virtual Machine

4.1. Understanding File Systems
4.2. Examining ext3, ext4 and NTFS Disc
4.3. Understanding Disk Encryption and Windows Registry
4.4. Understanding Virtual Machines

Text books:

1. Fundamentals of Digital Forensics, Joakimkavrestad, Springer Publication

2. Practical Cyber Forensics, Niranjan Reddy, Apress
3. Investigating the Cyber Breatch, Josepg Muniz and Aamir Lakhani, Pearson
4. Digital Forensic, Nilakshi Jain, D. R. Kalbande, Wiley
5. Cyber Security, Nina Godbole and Sunit Belapure, Wiley
6. Cyber Security and Cyber Law, Jain, Wiley
7. Introduction to Information Security and Cyber Law, Tripathi, Wiley
8. Cyber Law and IT Protection, Harish Chander, PHI Learning
9. Bill Nelson, Amelia Phillips and Christopher Steuart, ―Guide to Computer Forensics and
Investigations: Processing Digital Evidence‖ Course Technology Ptr

Reference books:
1. Dejey and S. Murugan, ―Cyber Forensics‖, Oxford University Press,.
2. Information Retrieval, Soni, Wiley
3. Storage Network Management and Retrieval, Khairnar, Wiley

5|Page
 Syllabus for Introduction to Cryptography (Theory)
Course Title Introduction to Cryptography
Course Code: CFS303 Semester: Fifth
Duration: Six Months Maximum Marks: 100
Teaching Scheme: Examination Scheme:
Mid Semester Test: 20 Marks
Theory: 4 hrs./week ( L:3, T:1)
Quizzes, Viva-voce, Assignment: 10 Marks
Credit: 2.5 Class Attendance: 10 Marks
Total hours: 64 End Semester Exam: 60 Marks
Pass Criterion: Students have to obtain at least 40% marks (pass marks) in both internal
assessment and end semester examination separately.
Pre-Requisites: Mathematical Background: Integer and Modular Arithmetic, Matrices, GCD
(Euclid’s Algorithm), Concepts of Computer Networking and Communication Protocols.

Aim:
 To understand the key terms such as Cryptography, Cryptanalysis, Cryptology, Encryption,
Decryption, Steganography, Plain text and Cipher text.
 To explore various types of Ciphers and encipherment techniques.
 To know about the encryption techniques such as substitution and transposition, Cipher
properties such as Confusion and Diffusion, Block Ciphers and Stream Ciphers.
 To study the key types, Key Range and Key Size, Possible types of Cryptanalysis attacks.
 To study the Symmetric key types, modes of operations, Data Encryption Standard Structure,
Function, its Analysis and attacks.
 To know about the Block Cipher Design Principles.
 To study the concept of AES, its Transformations, Key Expansion and Security.
 To study the use of Asymmetric Key Cryptography, The RSA Algorithm, its Operations and
Performance analysis.
 To introduce general ideas behind Cryptographic hash function, SHA-512
 To study different Applications of Cryptographic hash Functions
 To understand One-way Authentication, Mutual Authentication and Dictionary Attacks
 To know Key Management Fundamentals, Key Distribution, Digital Certificates, Digital
Certificate Format, Creating Digital Certificates

Course outcomes:
The students will be able to –
 Describe the concepts of Cryptography, Cryptanalysis, Cryptology, Encryption, Decryption,
steganography, Plain text and Cipher text.
 Understand various types of Ciphers and encryption techniques.
 Explain the encryption techniques such as substitution and transposition, Cipher Properties such
as Confusion and diffusion, Block Ciphers and Stream Ciphers.
 Describe the key types, Key Range and Key Size, Possible types of Cryptanalysis attacks.
 Explain the Symmetric key types, modes of operations, Data Encryption Standard Structure,
Function, its Analysis and attacks.
 Understand the Block Cipher Design Principles.
 Describe the concept of AES, its Transformations, Key Expansion and Security.
 Explain the use of Asymmetric Key Cryptography, RSA Algorithm, its Operations and
Performance analysis.
 Get idea of Cryptographic hash function, SHA-512
 Explain the different Applications of Cryptographic hash Functions.

6|Page
  Demonstrate One-way Authentication, Mutual Authentication and Dictionary Attacks.
 Describe the Key Management Fundamentals, Key Distribution, Digital Certificates and Digital
Certificate Format.
 Write a Java Program for Creating Digital Certificates.

Course Content

Unit-1 16 hours
Cryptography Techniques
1.1.Basic Terms: Cryptography, Cryptanalysis, Cryptology, Plain Text, Cipher Text, Encryption,
Decryption, Difference between Steganography and Cryptography.
1.2.Elementary Substitution Ciphers: Monoalphabetic Ciphers, Polyalphabetic Ciphers (The Vigenere
Ciphers, The Hill Ciphers, One-time Pad).
1.3.Elementary Transposition Ciphers: Types of Transposition Ciphers, Transposition Ciphers using
Matrices.
1.4.Cipher Properties: Confusion and diffusion, Block Ciphers and Stream Ciphers.
1.5.Symmetric and Asymmetric Key Cryptography, Key Range and Key Size.
1.6. Comparison between Symmetric and Asymmetric key Cryptography
1.7. Concept of Digital Envelope

Unit-2 12 hours

Symmetric or Secret Key Cryptography

2.1 An Overview of Symmetric Key Cryptography

2.2 Algorithm Types: Stream Ciphers, Block Ciphers
2.3 Overview of Algorithm Modes: ECB, CBC, CFB, OFB
2.4 Data Encryption Standard (DES): Fiestel Structure, Round Function
2.5 DES Analysis and DES attacks
2.6 Basics of Block Cipher Design Principles
2.7 Advanced Encryption Standard (AES): Introduction, Transformations and Key Expansion, Security

Unit-3 8 hours

Asymmetric or Public Key Cryptography

3.1 An Overview of Asymmetric Key Cryptography

3.2 The RSA Algorithm: Introduction, Operations (Key Generation), Performance (Time Complexity,
Speeding Up RSA), Understanding the crux of RSA, Trapdoor One-way Function, Security of RSA,
Advantages of RSA over other algorithms on encryption and decryption methodology considering
plain text and its header and message body)
3.3 ElGamal Cryptography: Operations (Key Generation, Key Encryption, Key Decryption)

7|Page
 Unit-4 10 hours
Cryptographic hash Functions
4.1 Cryptographic Hash Function: Criteria, Random Oracle Model (concept)
4.2 Applications of Cryptographic hash Functions: Message Authentication,
Digital Signatures and other Applications (One-way password file, PRF/PRNG)
4.3 Requirements and Security: Security Requirements for Cryptographic Hash
Functions, Brute-Force Attacks, Cryptanalysis
4.4 Hash Algorithm (MD5, SHA, SHA-2): Introduction, Different Versions, SHA-512 Message
Preparation steps.
Unit-5 8 hours
User Authentication Mechanisms:
5.1 One-way Authentication: Password-based, Certificate-based, Two-factor (LDAP)
5.2 Mutual Authentication: Shared Secret-based, Asymmetric Key-based, Authentication and Key
Agreement, Use of Timestamps
5.3 Dictionary Attacks: Attack types, Defeating Dictionary Attacks

Unit-6 10 hours
Key Management

6.1 Key Management Fundamentals, Its Lengths and Lifetimes, Key Generation
6.2 Key Distribution: Symmetry-Key, Public-Key Distribution
6.3 Diffie-Hellman Key Exchange protocol, Man-in-the-Middle attack
6.4 Digital Certificates: Certificate types, X.509 Digital Certificate Format
6.5 Certificate Authority and Certificate Servers
6.6 Creating Digital Certificates using programming language (e.g. Java/Python, etc.)

Reference Books:
1. Introduction to Cryptography, Hans Delfs, Springer Publication
2. Understanding Cryptography, Bart Preneel, Springer Publication
3. Cryptography and Network Security Principles and Practice, William Stallings, Pearson.
4. Public-Key Cryptography: Theory and Practice, Das / Veni Madhavan, Pearson
5. Network Security and Cryptography, Bernard Menezes, Cengage Learning.
6. Everyday Cryptography Fundamental Principles & Applications, Keith M. Martin, Oxford
University Press.
7. Cryptography and Network Security, Atul Kahate, McGraw Hill Education (India) Private Limited.
8. Practical Cryptography in Python: Learning Correct Cryptography by Example, Nielson, Apress
Cryptography and Security, C. K. Shyamala, N. Harini, T. R. Padmanabhan, Wiley.
9. Cryptography and Network Security, Amjad, Wiley
10. Cryptography and Network Security, Gupta, PHI Learning
11. Cryptography and Information Security, Pachghare, PHI Learning
12. Information Theory, Coding & Cryptography, Bose, McGraw Hill Education (India) Private Ltd.
Reference Links:
1. https://www.youtube.com/channel/UC1usFRN4LCMcfIV7UjHNuQg by Prof. Christof Paar
2. https://www.youtube.com/channel/UCg1Vosp3cP28vNFnXoe2RNQ/videos

NPTEL
1. https://nptel.ac.in/courses/106/105/106105031/
2. https://nptel.ac.in/courses/106/105/106105162/
3. https://nptel.ac.in/courses/106/106/106106221/#

8|Page
 Syllabus for Intrusion Detection and Penetration Testing (Theory)

Intrusion Detection and Penetration Testing

Course Title

Course Code: CFS305 Semester: Fifth

Duration: Six Months Maximum Marks:100
Teaching Scheme Examination Scheme
Theory: 3 hrs./week Mid Semester Test: 20 Marks,
Quizzes, Viva-voce, Assignment: 10 Marks
Total hours: 48 Class Attendance: 10 Marks
Credit: 2.5 End Semester Exam.: 60 Marks
Pass Criterion: Students have to obtain at least 40% marks (pass marks) in both internal assessment
and end semester examination separately.
Pre-Requisites: Networking and Communication Protocols, Operating Systems, Introduction to
Cyber Security.

Aim:
 Gain understanding of basic issues, concepts, principles and techniques in Intrusion Detection.
 Be able to evaluate Intrusion Detection Systems for particular security requirements.
 Gain understanding of the underlying principles and techniques associated with penetration
testing.

Course Outcome: After completion of the course students will be able to learn the following major
themes:
 Gain a good understanding of the basic issues and concepts of Intrusion Detection.
 Gain detailed knowledge of the principles and techniques of Intrusion Detection.
 Evaluate Intrusion Detection Systems for particular security requirements.
 Gain a good understanding of the ways that user, administrator and programmer errors can lead
to exploitable insecurities.
 Perform the entire penetration testing process including planning, reconnaissance, scanning,
exploitation, post-exploitation and result reporting.

Course Content

Unit-1 8 hours

1. Introduction to Intrusion Detection

1.1. Basic concepts of Intrusions
1.2. Network Based Attacks
1.3. Basic Security Concepts

9|Page
 Unit-2 8 hours

2. Principles and Techniques for Intrusion Detection

2.1 Host Based Intrusion Detection
2.2 Network Based Intrusion Detection
2.3 Misuse Detection
2.4 Anomaly Detection

Unit-3 8 hours

3. Intrusion Tracing and Response

3.1 IP Spoofing
3.2 Stepping Stones
3.3 Reflector
3.4 Zombie
3.5 Blocking

Unit-4 8 hours

4. Introduction to Penetration Testing

4.1 Need for Penetration Testing
4.2 Ethical requirements
4.3 Legal issues
4.4 Report structure and components
4.5 Case Study with one sample Pen Testing

Unit-5 16 hours

5. Penetration Testing Techniques and Standards

5.1 Intelligence Gathering

5.2 Scanning & Enumeration
5.3 Software Exploitation
5.4 Password Cracking
5.5 Social Engineering
5.6 Cookie handling and URL rewriting
5.7 Penetration Testing Standards

Text books:
1. Stephen Northcutt and Judy Novak, ―Network Intrusion Detection: An Analysts' Handbook‖,
Sams Publishing.
2. HACKING EXPOSED 7 NETWORK SECURITY, MCCLURE, McGraw Hill.

Reference books:
1. Stuart McClure, Joel Scambray and George Kurtz,
―Hacking Exposed Network Security Secrets and Solutions‖, McGraw Hill.
2. Guide to Computer network Security, Joseph Kizza, Springer Publication

10 | P a g e
 Syllabus for Steganography and Digital Watermarking (Theory)

Steganography and Digital Watermarking

Course Title
(Program Elective-2)
Course Code: PE2-CFS307 Semester: Fifth
Duration: Six Months Maximum Marks:100
Teaching Scheme Examination Scheme
Theory: 3 hrs./week Mid Semester Test: 20 Marks,
Quizzes, Viva-voce, Assignment: 10 Marks
Total hours: 48 Class Attendance: 10 Marks
Credit: 2.5 End Semester Exam.: 60 Marks
Pass Criterion: Students have to obtain at least 40% marks (pass marks) in both internal assessment
and end semester examination separately.
Pre-Requisites: Basic concepts of Mathematics, Algorithms and Programming languages (such as C,
Python)

Aim: The aim of this course:

 To learn about the Steganography and watermarking models.

 To learn about Steganography in spatial and transform domains.
 To learn about watermark security and authentication.

Course Outcome: The students will be able to –

 Know the History and importance of Steganography and watermarking.
 Analyze Applications and properties of Steganography and watermarking.
 Demonstrate Models and algorithms of Steganography and watermarking.
 Possess the passion for acquiring knowledge and skill in preserving authentication of
Information.
 Implement watermarking techniques and Stenography techniques using code.

Course Content

Unit-1 8 hours
1. Steganography
1.1. Overview
1.2. Notation and terminology
1.3. History
1.4. Methods for hiding (text, images, audio, video etc.)
1.5. Issues: Security, Capacity, Imperceptibility and Robustness
1.6. Operating Domains: Spatial and Transform (Frequency)

11 | P a g e
 Unit-2 10 hours

2. Spatial and Transform domain Steganographic methods

2.1. Spatial Domain
2.1.1. Least Significant Bit (LSB) method
2.1.2. Pixel Value Differencing (PVD) method
2.1.3. Exploiting Modification Direction (EMD) method
2.2. Transform Domain
2.2.1. Steganographic Technique based on the following transformations:
 Discrete Fourier Transformation (DFT)
 Discrete Cosine Transformation (DCT)
 Discrete Wavelet Transformation (DWT)
2.3 Steganography Tools

Unit-3 10 hours

3. Steganography algorithms and evaluations

3.1. Steganography algorithms (adaptive and non-adaptive)
3.2. Practical steganographic methods
3.3. Minimizing the embedding impact
3.4. Metrics of Evaluations
3.4.1. Payload / Capacity
3.4.2. Peak Signal to Noise Ratio (PSNR)
3.4.3. Means Squared Error (MSE)
3.4.4. Structural Similarity index (SSIM)
3.4.5. Histogram and Standard Deviation analysis etc.
3.4.6. Steganalysis [such as Primary Sets, Sample pairs, Chi Square, Fusion (mean) and RS
Analysis, SR Net Analysis etc.]

Unit-4 13 hours

4. Digital Watermarking
4.1. Introduction
4.2. History
4.3. Difference between Watermarking, Steganography and Cryptography
4.4. Classification (Characteristics and Applications)
4.5. Types and techniques (Spatial-domain, Frequency-domain, and Vector quantization based
watermarking)
4.6. Attacks and Tools (Attacks by Filtering, Noise, Distortion, Geometric Compression,

12 | P a g e
 Linear Compression etc.)
4.7. Message errors
4.7.1. False positive errors
4.7.2. False negative errors
4.8. ROC curves and Effect of whitening on error rates
4.9. Watermark security & authentication
4.9.1. Selective authentication
4.9.2. Localization and Restoration

Unit-5 7 hours

5. Recent trends in Steganography and digital watermarking techniques

5.1. Edge based Steganography methods
5.2. Applications of Machine learning and Deep learning in Steganography
5.3. Dual Watermarking methods
5.4. Reversible watermarking

Text books:

1. Ingemar Cox, Matthew Miller, Jeffrey Bloom, and Jessica Fridrich . Digital Watermarking and
Steganography, 2nd Ed, (The Morgan Kaufmann Series in Multimedia Information and Systems).
2. Frank Y. Shih. Digital Watermarking and Steganography: Fundamentals and Techniques, CRC Press,

Reference books:
1. Stefan Katzenbeisser, Fabien, and A.P. Petitcolas. Information Hiding Techniques for Steganography
and Digital Watermarking, Artech House.
2. Neil F. Johnson; Zoran Duric; Sushil Jajodia. Information Hiding: Steganography and Watermarking
– Attacks and Countermeasures, Springer.
3. Gregory Kipper. Investigator’s Guide to Steganography, Auerbach Publications.

13 | P a g e
 Syllabus for Mobile Phone Security and Forensics (Theory)

Mobile Phone Security and Forensics

Course Title
(Program Elective – 2)
Course Code: PE2-CFS309 Semester: Fifth
Duration: Six Months Maximum Marks:100
Teaching Scheme Examination Scheme
Theory: 3 hrs./week Mid Semester Test: 20 Marks,
Quizzes, Viva-voce, Assignment: 10 Marks
Total hours: 48 Class Attendance: 10 Marks
Credit: 2.5 End Semester Exam.: 60 Marks
Pass Criterion: Students have to obtain at least 40% marks (pass marks) in both internal assessment
and end semester examination separately.
Pre-Requisites: Concepts of Networking, OS and Cyber Security

Aim:
 Have a thorough understanding of mobile device security.
 Have a thorough understanding of mobile forensics.

Course Outcomes: After completion of the course students will be able to learn the following major
themes:
 Identify mobile device risks.
 Gain a good understanding of mobile application security.
 Perform mobile forensics.

Course Content

Unit-1 4 Hours

1. Introduction
1.1. Internals of android architecture.
1.2. Android Security Concepts
1.3. Internals of iOS architecture.
1.4. iOS Security Concepts.

Unit-2 6 Hours

2. Android Application Security

2.1. Usage of ADB
2.2. Introduction with android Penetration testing tools.
2.3. APK file structure
2.4. APK security contents

14 | P a g e
 Unit-3 6 Hours

3. Reverse Engineering of Android Applications

3.1. Revering an APK
3.2. Understanding of AndroidManifest.xml
3.3. Understanding of Classes.dex
3.4. Understanding of META-INF Folder

Unit-4 12 Hours

4. Android Application Penetration Testing

4.1 Android Application Static Analysis
4.2 Android Application Dynamic Analysis
4.3 Source code review of Android Application
4.4 Log Analysis of Android Application
4.5 Database Encryption.

Unit-5 8 Hours

5. iOS Application Security Testing

5.1Concepts of iOS Security
5.2 Concepts of IOS jailbreaking
5.3 iOS privilege separation.
5.4 Reversing of IOS application
5.5 ipa file static analysis
5.6 ipa dynamic Analysis

Unit-6 12 Hours
6. Mobile Forensics
6.1 Define Mobile Forensics and Standards
6.2 Forensic standards for various mobile operating systems
6.3 Data Acquisition from Android Devices
6.4 Manual and Logical Examination of Android Devices
6.5 Data Acquisition from iOS Devices
6.6 Manual and Logical Examination of iOS Devices

Text books:
1. Himanshu Dwivedi, Chris Clark and David Thiel, ―Mobile Application Security‖, McGraw-Hill
Education.
2. HACKING EXPOSED: MOBILE SECURITY, BERGMAN, McGraw-Hill Education.

Reference books:
1. Nikolay Elenkov, ―Android Security Internals: An In-Depth Guide to Android's Security
Architecture‖, No Starch Press.
2. David Thiel, ―iOS Application Security: The Definitive Guide for Hackers and Developers‖,
No Starch Press.

15 | P a g e
 Syllabus for Cyber Security Vulnerabilities & Safeguards (Theory)

Cyber Security Vulnerabilities & Safeguards

Course Title
(Program Elective – 3)
Course Code: PE3-CFS311 Semester: Fifth
Duration: Six Months Maximum Marks:100
Teaching Scheme Examination Scheme
Theory: 3 hrs./week Mid Semester Test: 20 Marks,
Quizzes, Viva-voce, Assignment: 10 Marks
Total hours: 48 Class Attendance: 10 Marks
Credit: 2.5 End Semester Exam.: 60 Marks
Pass Criterion: Students have to obtain at least 40% marks (pass marks) in both internal assessment
and end semester examination separately.
Pre-Requisites: Concepts of Cyber Security, Operating Systems

Aim:
 Introduce the concepts of security vulnerabilities.
 Gain understanding of vulnerability categories and models.
 Be able to assess security vulnerabilities of cyber space.
 Gain understanding of relevant safeguards to protect against security vulnerabilities.

Course Outcome: After completion of the course students will be able to learn the following major
themes:
 Gain a good understanding of the core concepts related to vulnerabilities and their causes.
 Gain detailed knowledge of some Vulnerability Models.
 Gain a good understanding of the techniques of vulnerability assessment.
 Gain detailed knowledge of cyber security safeguards and standards.

Course Content

Unit-1 6 hours

1. Introduction
1.1 Principles of Cyber Security
1.2 Assets
1.3 Vulnerabilities
1.4 Threats (Virus and Malware)
1.5 Risks
1.6 Safeguards

Unit-2 6 hours

2. Security Vulnerability Categories

2.1 Technical Vulnerabilities
2.2 Configuration / Platform Vulnerabilities

16 | P a g e
 2.3 Security Policy Vulnerabilities
2.4 Managerial Vulnerabilities

Unit-3 8 hours

3. Vulnerability Models
3.1 RISOS
3.2 PA
3.3 NRL Taxonomy
3.4 Aslam’s Model

Unit-4 13 hours

4. Vulnerability Assessment
4.1 National Vulnerability Database (NVD), CVE and CWE
4.2 Assessment Methodology
4.2.1 Initial Planning
4.2.2 Scanning
4.2.3 Analysis
4.2.4 Implementation
4.3 Scanning Methods
4.3.1 Web Application Scanning
4.3.2 Network Scanning
4.3.3 Build Assessment
4.3.4 Database Assessment
4.3.5 Host-based Scanning
4.3.6 Platform Based Scanning
4.4 Fuzzing (Concept)

Unit-5 15 hours

5. Cyber Security Safeguards

5.1 Overview
5.2 Access Control
5.3 Audit
5.4 Authentication
5.5 Biometrics
5.6 Cryptography
5.7 Deception
5.8 Denial of Service Filters
5.9 Ethical Hacking
5.10 Firewalls
5.11 Intrusion Detection Systems
5.12 Intrusion Prevention Systems
5.13 Patching and OS vulnerability remediation
5.14 Security policy
5.15 Standards and Best Practices

17 | P a g e
Text books:
1. Sagar Rahalkar, ―Network Vulnerability Assessment‖, Packt Publishing.
2. Network Defense and Countermeasures: Principles and Practices, Easttom, Pearson
3. Enterprise Cybersecurity Study Guide: How to Build a Successful Cyberdefense Program
Against Advanced Threats, Donaldson, Apress
4. Privileged Attack Vectors: Building Effective Cyber-Defense Strategies to Protect
Organizations, 2nd Edition, Morey J. Haber, Apress, 2021
5. Thomas R. Peltier, ―Managing A Network Vulnerability Assessment‖, Auerbach Publications.

Reference books:
1. Michael Sutton, Adam Greene and Pedram Amini, ―Fuzzing: Brute Force Vulnerability
Discovery‖, Addison-Wesley Professional.
2. ―Information technology — Security techniques — Code of practice for information security
controls‖, ISO/IEC 27002, Edition 2
3. Information Security Theory and Practice, Patel, PHI Learning

List of open Source software/learning Websites:

National Vulnerability Database - https://nvd.nist.gov/

18 | P a g e
 Syllabus for Cloud Security (Theory)
Course Title Cloud Security (Program Elective 3)
Course Code: PE3-CFS313 Semester: Fifth
Duration: Six Months Maximum Marks: 100
Teaching Scheme: Examination Scheme:
Mid Semester Test: 20 Marks
Theory: 3 hrs./week
Quizzes, Viva-voce, Assignment: 10 Marks
Credit: 2.5 Class Attendance: 10 Marks
Total hours: 48 End Semester Exam. : 60 Marks
Pass Criterion: Students have to obtain at least 40% marks (pass marks) in both internal
assessment and end semester examination separately.
Pre-Requisites: Basic concepts of Operating Systems, Computer Networks, Database
Management Systems and Cryptography

Aim: Students can understand the fundamentals of Cloud Computing, its essential characteristics and
components as well as different models and its security aspects. This course mainly focuses on the
Security aspects in the cloud and its implementation, Maintenance of Cloud Security and
Troubleshooting Security Issues in the Cloud.

Course Objectives: After completion of the course students will be able to learn the following major
themes:
 Fundamentals of cloud computing architectures based on current standards, protocols, and best
practices
 Students will learn Cloud Security configurations, compliance controls and different Access
Control methods
 Design and Implementation of Cloud Security Architectures that assures secure isolation of
computer network and storage infrastructures, comprehensive data protection, end-to-end identity
and access management, monitoring and auditing processes and compliance with industry and
regulatory mandates.
 Students will also learn about the maintenance and ongoing operations of the cloud deployment
 Students will look into the Troubleshooting Security Issues in the Cloud

Course Content

Unit-1 8 hours

1. Cloud Computing Fundamentals

1.1 Cloud Computing overview, Distributed System in Cloud Computing Environment, Essential
Characteristics, Benefits of Cloud Computing
1.2 Cloud Reference Designs and Delivery Models (Public, Private, Community, Hybrid)
1.3 Cloud Service Models (SaaS, PaaS, IaaS), Concept of n-SaaS
1.4 Cloud Components (Applications, Automation, Computing, Networking, Security,
Virtualization)
1.5 Concepts of Cloud Data Centre

19 | P a g e
 Unit-2 10 hours

2. Security in the AWS Cloud

2.1 AWS Security Fundamentals and Docker
2.2 Overview of AWS Security Services
2.3 Centrally manage certificates on the AWS Cloud
2.4 Private certificate authority, Secure key management
2.5 Integration with other AWS cloud services
2.6 Industry-standard APIs
2.7 AWS-managed infrastructure
2.8 Group-based policies Single directory for all directory-aware workloads
2.9 Identify application security issues

Unit-3 12 hours

3. Azure Security Fundamentals

3.1 Manage Azure AD directory groups and users
3.2 Authentication (PTA), OAuth, and password-less
3.3 Configure Access Reviews and PIM
3.4 Implement Conditional Access policies including Multi-Factor Authentication
3.5 Manage API access to Azure subscriptions and resources
3.6 Manage Application and Infrastructure access
3.7 Configure resource group permissions

Unit-4 12 Hours

4 Cloud infrastructure security.

4.1 Managing and using a Web Access Control List (Web ACL)
4.2 Rule groups
4.3 AWS WAF rules
4.4 IP sets and regex pattern sets
4.5 Logging web ACL traffic information
4.6 Listing IP addresses blocked by rate-based rules
4.7 Working principle of AWS WAF with Amazon CloudFront/CloudFlare features
4.8 Security in AWS WAF
4.9 AWS WAF quotas.

Unit-5 6 Hours

5 Understanding Cloud Access Control

5.1 Physical Access, Infrastructure and Encryption
5.2 Network Access, DMZ, Infrastructure and Availability
5.3 Unencrypted Communication and Data
Text books:

20 | P a g e
 1. Secure Cloud Computing, Sushil Jajodia, Krishna Kant, Pierangela Samarati, Anoop Singhal,
Vipin Swarup, Cliff Wang, Springer
2. Practical Cloud Security, A Guide for Secure Design and Deployment, Chris Dotson, O’Reilly
3. Cloud Security-A Comprehensive Guide to Secure Cloud Computing, Ronald L. Krutz Russell
Dean Vines, Wiley Publishing

Reference books:
1. CompTIA Cloud+ Study Guide, Todd Montgomery, Stephen Olson, SYBEX
2. Cyber Security on Azure-An IT Professional’s Guide to Microsoft Azure Security Center, Marshall
Copeland, Apress
3. Certified Cloud Security Professional, Brian T. O’Hara Ben Malisow, SYBEX
4. Cloud Computing Black Book, Jayaswal, Wiley
5. Cloud Computing Theory and Practice, Dan C. Marinescu, Elsevier
6. Cloud Computing, Shailendra Singh, Oxford University Press
7. Cloud Computing based Project using Distributed Architecture, Dasgupta, PHI Learning
8. Cloud Computing, Pachghare, PHI Learning

21 | P a g e
 Syllabus for Cyber Crime Investigation and Cyber Forensics Lab

Course Title Cyber Crime Investigation and Cyber Forensics Lab

Course Code: Semester: Fifth
CFS315
Duration: Six Months Maximum Marks:100
Teaching Scheme Continuous Assessment-60 End Semester Assessment-40
Viva-voce
Assignments Assignment
Practical: 3 hrs./week Class Class (Before
( to be on the day of
Total hours: 48 Performance Attendance Board of
allotted) Viva-voce
Examiners)
Credit: 1.5 30 20 10 20 20
Pass Criterion: Students have to obtain at least 40% marks (pass marks) in both continuous
assessment and end semester Assessment separately.
Pre-Requisites: Concepts of Hardware, OS, Networking, Programming

Skills to be developed:
● Able to perform Cybercrime investigation process.
● Able to perform Computer and Mobile Forensics

List of Laboratory Experiments:

LAB-I: Introduction to different tools and techniques like Hexviewer, 10 Hours

EXIF data, file header analysis, recovery of deleted files (other
than Autopsy) etc. Cases Analysis using Free/ Open Source Tools
(Sample image will be provided)
LAB-II: Understanding the steps to Collect Email Evidence in Victim PC. 12 Hours
How to view last activity of your PC? Find Last Connected USB
on your system (USB Forensics).
LAB-III: Understanding Hashing and metadata analysis tools and procedure. 06 Hours
LAB-IV: Understanding Windows and Linux System Artifacts. 06 Hours
Understanding the steps to extract Browser Artifacts
LAB-V: Demonstration on packet capture and analysis; 4 Hours
LAB-VI: Understanding Mobile Forensics and Data Analysis using Free and 10 Hours
Open Source Tools

Tools may be used in the practical: FTK Imager, Volatility, CAIEN, Wireshark, EXIF Tool,
Cellebrite UFED, Oxygen Forensic Suite, DumpIt, EnCase etc.

Book:
1.BUILD YOUR OWN CYBERSECURITY LAB, RIC MESSIER, McGraw-Hill

22 | P a g e
 Syllabus for Intrusion Detection and Penetration Testing Lab

Course Title Intrusion Detection and Penetration Testing Lab

Course Code: Semester: Fifth

CFS317
Duration: Six Months Maximum Marks:100
Teaching Scheme Continuous Assessment-60 End Semester Assessment-40
Assignm
Assignment Viva-voce
Practical: 3 hrs./week ents Class Class
Total hours: 48 ( to be Performance Attendance on the day of (Before Board
Viva-voce of Examiners)
allotted)
Credit: 1.5 30 20 10 20 20
Pass Criterion: Students have to obtain at least 40% marks (pass marks) in both continuous
assessment and end semester Assessment separately.
Pre-Requisites: Networking and Communication Protocols, Operating Systems, Introduction to
Cyber Security.

Skills to be developed:
● Evaluate Intrusion Detection Systems for particular security requirements.
● Perform the entire penetration testing process including planning, reconnaissance, scanning,
exploitation, post-exploitation and result reporting.

List of Laboratory Experiments:

LAB-I: Discovery and Detection of Intrusion 8 Hours

LAB-II: Reconnaissance and Footprinting 8 Hours
LAB-III: Network Scanning and Enumeration. 8 Hours
LAB-IV: Application Software Exploitation using tools like Metasploit, 12 Hours
Netcat etc.
LAB-V: Social Engineering using Spear phishing, Credential harvesting, 12 Hours
Fake Flash updates, Back-doored PDF files etc.

References:
1. Stephen Northcutt and Judy Novak, ―Network Intrusion Detection: An Analysts' Handbook‖,
Sams Publishing.
2. Stuart McClure, Joel Scambray and George Kurtz, ―Hacking Exposed

23 | P a g e
 Syllabus for Steganography and Digital Watermarking Lab

Course Title Steganography and Digital Watermarking Lab (Program Elective-2)

Course Code: Semester: Fifth
PE2-CFS319
Duration: Six Months Maximum Marks:100
Teaching Scheme Continuous Assessment-60 End Semester Assessment-40
Practical: 3 hrs./week Viva-voce
Assignments Assignment
Total hours: 48 Class Class (Before
( to be on the day of
Performance Attendance Board of
allotted) Viva-voce
Examiners)
Credit: 1.5 30 20 10 20 20
Pass Criterion: Students have to obtain at least 40% marks (pass marks) in both continuous assessment
and end semester Assessment separately.
Pre-Requisites: Basic concepts of Mathematics, Algorithms and Programming languages (such as C,
Python)
List of Laboratory Experiments:

LAB-I: Implementation of spatial domain Steganography methods 15 Hours

LAB-II: Implementation of transform domain steganography methods 15 Hours
LAB-III: Implementation of popular metrics such as PSNR, MSE, SSIM, 8 Hours
Payload etc. for evaluating performance of a
Steganography/Watermarking method.
LAB-IV: Understanding the functionality and utility of common Steganography 5 Hours
Tools.
LAB-V: Understanding the functionality and utility of common Steganalysis 5 Hours
Tools.

24 | P a g e
 Syllabus for Mobile Phone Security and Forensics Lab

Course Title Mobile Phone Security and Forensics Lab

(Program Elective – 2)
Course Code: Semester: Fifth
PE2-CFS321
Duration: Six Months Maximum Marks:100
Teaching Scheme Continuous Assessment-60 End Semester Assessment-40
Practical: 3 hrs./week Viva-voce
Assignment
Total hours: 48 Assignments Class Class (Before
on the day of
( to be allotted) Performance Attendance Board of
Viva-voce
Examiners)
Credit: 1.5 30 20 10 20 20
Pass Criterion: Students have to obtain at least 40% marks (pass marks) in both continuous assessment
and end semester Assessment separately.
Pre-Requisites: Concepts of Cyber Security

List of Laboratory Experiments:

LAB-I: Set up Android Lab 6 Hours

LAB-II: Reversing 8 Hours
LAB-III: Android Application Penetration Testing 16 Hours
LAB-IV: iOS Application Security Testing 8 Hours
LAB-V: Mobile Forensics 10 Hours

25 | P a g e
 Syllabus for Cyber Security Vulnerabilities & Safeguards Lab

Course Title Cyber Security Vulnerabilities & Safeguards Lab

(Program Elective – 3)
Course Code: Semester: Fifth
PE3-CFS323
Duration: Maximum Marks:100
Six Months
Teaching Scheme Continuous Assessment-60 End Semester Assessment-40
Practical: 3 hrs./week Viva-voce
Assignments Assignment
Total hours: 48 Class Class (Before
( to be on the day of
Performance Attendance Board of
allotted) Viva-voce
Examiners)
Credit: 1.5 30 20 10 20 20
Pass Criterion: Students have to obtain at least 40% marks (pass marks) in both continuous
assessment and end semester Assessment separately.
Pre-Requisites: Concepts of Cyber Security, Database

Skills to be developed:
● Gain a good understanding of the techniques of vulnerability assessment.
● Gain detailed knowledge of cyber security safeguards and standards.

List of Laboratory Experiments:

List of Laboratory Experiments:

LAB-I: Web Application Scanning for Security Vulnerabilities 8 Hours

LAB-II: Network Scanning for Security Vulnerabilities 8 Hours
LAB-III: Database Assessment for Security Vulnerabilities 8 Hours
LAB-IV: Fuzzing. 8 Hours
LAB-V: Applying different approaches toward Cyber Security Safeguards 16 Hours

References:
1. Sagar Rahalkar, ―Network Vulnerability Assessment‖, Packt Publishing.
2. Thomas R. Peltier, ―Managing A Network Vulnerability Assessment‖, Auerbach Publications.
3. Michael Sutton, Adam Greene and Pedram Amini, ―Fuzzing: Brute Force Vulnerability
Discovery‖, Addison-Wesley Professional.
4. ―Information technology — Security techniques — Code of practice for information security
controls‖, ISO/IEC 27002,

26 | P a g e
 Syllabus for Cloud Security Lab

Course Title Cloud Security Lab (Program Elective 3)

Course Code: PE3-CFS325 Semester: Fifth
Duration: Six Months Maximum Marks:100
Teaching Scheme End Semester
Continuous Assessment-60 Assessment-40
Practical: 3 hrs./week
Total hours: 16 Assignment Viva-voce
Assignments
Class Class on the day (Before
( to be
Performance Attendance of Viva- Board of
allotted)
voce Examiners)
Credit: 1.5 30 20 10 20 20
Pass Criterion: Students have to obtain at least 40% marks (pass marks) in both continuous
assessment and end semester Assessment separately.
Pre-Requisites: Hands on experience on Operating Systems, Computer Networks, Database
Management Systems and Web Technology.

Course Learning Objectives:

This Cloud Security Lab course is intended to practice and do workshops on the concepts taught in
theory classes of ―Cloud Security‖ and gain insight into the functioning of different aspects of Cloud
Security. As this is a skill course, topics and tools taught in the class should be practiced in the Lab
same week and practiced regularly during the semester till students become confident on the subject.
Students should explore features of various tools and applications introduced in the course. Faculty
should assign weekly tasks to monitor the progress of the students.

Course outcomes:

1. Understanding about AWS Certificate Manager that lets us to provision, manage, and deploy public
and private SSL/TLS certificates for use with AWS services and internal connected resources.
2. Able to configure cloud-based hardware security module (HSM) and AWS Directory Service for
Microsoft Active Directory
3. Students also understand the function of GuardDuty which is a threat detection service that
continuously monitors for malicious activity and unauthorized behavior to protect users accounts,
workloads, and data stored in storage services (S3 etc.)
4. Learn how AWS Site-to-Site VPN and AWS Client VPN work to protect network traffic
5. Understand about the automated security assessment service that helps improve the security and
compliance of applications using Amazon Inspector.
6. Understand to identify application security issues, Manage access with fine-grained policies, Secure
and audit secrets centrally
7. Able to understand and setup AWS Single Sign-on service, how to manage and use of the Web
Access Control List
8. Students also learn about the AWS Shield which is a managed instruction detection and protection
service that safeguards applications running on AWS, and finally they will learn practically how
Firewall Manager allows to centrally configure and manage firewall rules to the accounts and
applications

27 | P a g e
List of Laboratory Experiments:

LAB-I: Fundamentals of Cloud AWS Lab 8 Hours

LAB-II: Cloud AWS Penetration testing concepts and methodologies 10 Hours
LAB-III: Azure Security Fundamentals 12 Hours
LAB-IV: Cloud Azure Penetration Testing concepts and methodologies 12 Hours
LAB-V: Cloud Audit Concepts 06 Hours

28 | P a g e
 Internship-II[Subject Code: CFS-SI-301]

Operating Systems and Networking Fundamentals

 Linux Fundamentals
 Tools in Kali Linux and System Security
 OS Security and Basics of Networking
 Network Security and Protocols.

Cryptography and Application Security

 Cryptography and Access Control
 Session Management and Web Security
 Web Technologies and Database Security
 File Security and Mobile Security

CyberSecurity and Ethical Hacking

 Secure Development Methodologies and Cyber Security
 Ethical Hacking
 Anonymity and Information Gathering
 Advanced Reconnaissance and Network Scanning
 Enumeration

Web Application Hacking and OWASP

 Vulnerability Analysis and Introduction to Web Application Hacking
 Advanced Web Application Hacking
 SQL Injection and Tools
 Session Hijacking and OWASP

Steganography and Watermarking

 Spatial domain Steganography
 Transform domain Steganography
 Edge-based Steganography
 Fragile/Semi-fragile/Robust Watermarking
 Authentication and Access control using Watermarking

Firewall Web Application

 Inspecting and cleaning of the HTTP traffic between web application andthe Internet
 Cross-site scripting
 File insertion

Blocking RFID
 Radio-frequency identification
 Software that prevents RFID readers from reading cards

Data leaks [Cloud Computing Environment]

 SQL injection in the database
 Safeguard the data and secure the privacy of the information from scammers

29 | P a g e
 Major Project for 5th and 6th semester [Code: CFS-PR302]
 Duration of the Project: Six months + Six months [Total approx. engagement 96 hours]
 All students must submit the project report duly signed by the project guide after completion of the
major project. Students must undergo the following phases while they are developing their
projects:

Project Plan

A project plan is a blueprint of the entire project. A well-designed project plan should determine the list
of activities, outcomes of the activities, the time frame, dependencies, constraints involved etc.

Making the project proposal

 Problems and solutions

 Framework
 List of equipment [Software and Hardware]

Design of the project

Title selection and overview of the project.

Project topics may be solicited from the Industries, Government Organizations and Research Institutes.

Project Execution
Project execution plan is to be developed that identifies, prioritizes, and assigns the tasks and resources
required to execute the activities of the project.

Monitoring and Controlling phase

In the monitoring and controlling phase the project guide or faculty member(s) monitors the overall
progress of the project through weekly meeting / discussion with the students and giving necessary
instructions.

Preparation of project report:

A project report can be defined as a written document that contains detailed information about the
project. It should include the table of contents, acknowledgement, and specific sections on the
motivation of the project, problem definition, related work, methodology undertaken for solving the
problem, implementation details, results and discussion, possible future work, and references. All
commented source code and / or circuit details are to be included.

30 | P a g e
Presentation of the Project:
Final phase of the project is to prepare and deliver a Power point Presentation about the entire project
followed by viva-voce.

Specific areas of interest in the Major Project include (but are not limited to):

1) Keylogging Attacks and Remedies

2) Packet Sniffing

3) Bug Bounties

4) Breaking Shift Cipher

5) SQL Injection Attacks and Remedies

6) Password Cracking and Strengthening

7) Blocking RFID

8) Hacking an Offline Device

9) Image Encryption and Steganography

10) Detection and Prevention of Malware

11) Study of Online Fund Transfer methods and relevant Encryption

12) Study of One-way Hash Function and Signature Generation

13) USB storage device Scanner

14) Web Application Firewall

15) Bug tracking

16) Secure File Storage System

17) Data Acquisition for Forensic Analysis

18) Reverse Engineering

31 | P a g e