Department of Computer Science and Engineering (CSE)

Programme Name : Cyber Security (CY)

Modul

e ID

Module Title

Credit

Description/Objective

Content

CS961

Introduction to

Cryptography

The module covers the basics of finite field

Arithmetic, private and public-key cryptography,

existing cryptosystems and their security,

Cryptanalysis of existing systems and more.

● Basics of finite field Arithmetic

● Private and Public-key cryptography

● Existing cryptosystems and their security.

● Cryptanalysis of existing systems.

CS962

Operating

System

Principles

Practical understanding of operating system design

is desirable for application developers, system

software developers, security professionals and

system administrators. The goal of this course is to

provide better understanding of the OS from the

system programmer's perspective with emphasis

on security-related OS design principles such as

separation of privileges at different levels and

resource multiplexing with isolation guarantees.

● Introduction to OS, System call API for process,

working of a shell

● Address space and virtual memory and the APIs.

File management APIs

CS963

Computer

Networks I

The objective of this course is to introduce students

with the concepts of networking

Including protocols, LAN, WAN and wireless

networks.

● Introduction and Background

○ Basics of computer communication and

networking

○ TCP/IP layering

● Physical Layer

○ Basics of time/frequency domain

representation of signals, Bandwidth,

Data Rate, Channel capacity

○ Different types of transmission media,

errors in transmission: attenuation, noise,

Repeaters,

Amplifiers, Gain, Path loss

○ Encoding (NRZ, NRZI, Manchester,

4B/5B etc.) and Modulation (Amplitude

and angle modulation)

○ Multiplexing (TDM, FDM), Spread

spectrum

● Link Layer

○ Aloha, CSMA, CSMA/CD, CSMA/CA

protocols

○ Ethernet, including Gigabit Ethernet and

WiFi (802.11) a quick exposure to Token

Ring, Sliding Window, Stop and Wait

protocols

○ Error detection and correction (Parity,

CRC), Checksum

○ Sliding Window, Stop and Wait protocols

○ Design, specifications of popular

technologies, switching

CS964

Introduction to

Application

Security, Mobile

Security and

Critical

Infrastructure

Security

Discover software bugs that pose cyber security

threats, explain and recreate exploits of such bugs

in realizing a cyber attack on such software and

explain how to fix the bugs to mitigate such threats.

Articulate the urgent need for cyber security in

critical computer systems, networks and world wide

web and explain various threat scenarios.

Articulate the issues of Cyber Security in Mobile

Computing Systems such as

Android.

Articulate the well-known cyber-attack incidents,

explain the attack scenarios,

and explain mitigation techniques.

Articulate the cyber threats to critical infrastructures.

● Application Security

○ Control hijacking attacks – buffer

overflow, integer overflow, bypassing

browser memory protection

○ Sandboxing and Isolation

○ Privilege, access control and Operating

System Security

○ Tools and techniques for writing robust

application software

● Security in Mobile Platforms

○ Android vs. iOS security model, threat

models, information tracking, rootkits

○ Threats to mobile applications, analysers

for Mobile Applications to discover

Security vulnerabilities

○ Android Security Architecture, Trust Zone

Architecture, SE Linux

● Issues of Critical Infrastructure Security and

SCADA Security

○ Security Issues in Industrial Control

Systems (ICS) and Operational

○ Technology (OT)

○ NIST Cyber Security Framework for ICS

○ SCADA Security and Threat Models

○ Intrusion Detection in ICS/OT systems

CS971

Computer

Networks II

The objective of this course is to introduce students

with the concepts of network,

transport and application layer protocols of the

TCP/IP protocol stack.

● Network Layer

○ Network layer functions, Router

architecture, Internet protocols IPv4 and

IPv6, NAT, ARP

○ Routing algorithms i.e. Link State and

Distance vector protocols, Intra and inter-

AS routing protocols i.e. OSPF and BGP,

ICMP, SDN architecture

● Transport Layer

○ UDP, TCP: Connection establishment

and termination

○ TCP flow and congestion control, timers,

retransmission, TCP extensions

○ Introduction to sockets and socket

programming

● Application Layer

○ Application layer details, client-server vs

P2P, HTTP, email service, web caching,

DNS

● Network Security (may be)

○ Concepts of symmetric and asymmetric

key cryptography, Public vs private key

cryptosystem, Authentication protocols,

Message integrity

CS972

Introduction to

Linear Algebra

Matrices and Gaussian Elimination: Geometry of

Linear Equations, Matrix Notation and matrix

● Matrices, Geometry of Linear Equations, Matrix

notations, Gaussian elimination

multiplication, Gaussian elimination, Row

transformations, row exchanges, triangular factors,

Inverses, transposes, solving Ax=b, A=LU

decomposition.

Vector Spaces: Vector spaces, subspaces, solving

Ax=0 and Ax=b, Linear independence, Basis, bases

and dimension. Four fundamental subspaces of a

matrix. Linear Transformations.

Orthogonality: Orthogonal vectors, orthogonal

subspaces, Projections onto lines, projections onto

subspaces and least squares, Gram-Schmidt.

Example: Fast Fourier Transform, Fourier series.

Determinants: Introductions, properties of the

Determinant, Formulas for the

Determinant,Applications.

Eigenvalues and Eigenvectors: Diagonalization

of Matrix, Powers A^k, Complex Matrices, Similarity

Transformation, *Difference Equations and powers

A^k, *Differential Equations and e^{At}.

Positive Definite Matrices: Minima, Maxima,

Saddle points, Tests for Positive definiteness,

Singular Value Decomposition SVD.

*Matrix norm, Condition number, Iterative methods

for Ax=b, Linear Programming

*represents optional topics.

● Row exchanges, Triangular factors,

LU=b,inverses, transposes, intro to vector space,

solving Ax=0

● Solving Ax=b, linear independence , basis,

dimension, four subspaces. Orthogonality

definition, projections onto lines

● Projections onto subspaces, Least squares

minimization, orthogonal bases, Gram-Schmidt,

FFT, Fourier transforms

● Determinants, Properties, formulas, applications,

area, volume etc.

● Eigenvalues and e-vectors:diagonalization,

Complex matrices,similarity transformations. *

A^k, e^{At}

● Positive Definite Matrices, minima-maxima,

saddle pt, tests of psd, SVD,

● Reserved for overflow. Additional topics: Matrix

norm, condition no, Linear Programming

CS973

Machine

Learning for

Cyber Security

1. Articulate and explain which problems in

Cyber Security may be solvable with

Machine Learning.

2. Understand and implement machine

learning algorithms and models for Cyber

Security problems such as malware

analysis, intrusion detection, spam filtering,

fraud detection, online behavior analysis

etc.

3. Get basic hands-on experience with

● Basic Probability theory and Distributions

● Linear Regression (uni- and multi-variate) and

Logistic Regression

● Basic Classification Techniques

○ Bayesian Classification

○ Other Classification Techniques

● Unsupervised Learning

○ Spectral Embedding, Manifold detection

and Anomaly Detection

● Supervised Learning

supervised, unsupervised learning

methods.

4. Understand basic theory of supervised and

unsupervised machine learning.

5. Understand feature extraction from data.

Even though we will not make it mandatory to

implement machine learning models for a cyber

security problem, more advanced students with

programming skills may also be able to develop

tools for cyber defense using machine learning

having taken this course. However, that will not be

evaluated.

○ Decision Trees

○ Ensemble learning

○ Random Forest

● Cyber Security problems that can be solved

using Machine learning

● Malware Analysis, Intrusion Detection, Spam

detection, Phishing detection,

● Financial Fraud detection, Denial of Service

Detection

CS974

Introduction to

Web Security,

Network

Security, and

Defenses

To understand and discover security vulnerabilities

on browser side web

applications and corresponding security threats.

To understand and discover vulnerabilities on t web

server-side and corresponding security threats.

To understand and discover mitigation techniques

to reduce the risk of cyber-attacks on web

applications.

To understand and discover security vulnerabilities

in Networked Systems,

Protocols and the Internet.

To Understand and discover security vulnerabilities

in Wireless LAN and defence.mechanisms against

such vulnerabilities.

● Network Security

○ Security Issues in TCP/IP – TCP, DNS,

Routing (Topics such as basic problems

of security in TCP/IP, IPSEC, BGP

Security, DNS Cache poisoning etc)

○ Network Défense tools – Firewalls,

Intrusion Detection, Filtering

○ DNSSec, S-BGP, IPSec

○ Threat Models, Denial of Service Attacks,

DOS-proof network architecture

○ Wireless-LAN Security – WEP, WPA,

WPA2 and WPA3

○ Threat Modelling, Attack Surfaces, and

other comprehensive approaches to

network design for security

● Web Security

○ Security architecture of World Wide Web,

Security Architecture of Web

○ Servers, and Web Clients

○ Web Application Security – Cross Site

Scripting Attacks, Cross Site Request

Forgery, SQL Injection Attacks

○ Content Security Policies (CSP) in web

○ Session Management and User

Authentication, Session Integrity

○ Https, SSL/TL

CS980

Cyber Laws,

Case Studies

and Trends

The importance of cyber Laws and Extant Cyber

Laws in India. Comparison between CyberLaws

regime in India and US/Europe.

● The importance of Cyber Laws and Extant Cyber

Laws in India

● Comparison between Cyber Law regime in India

and US/Europe

● Cyber Security Regulation

● Cyber Security Standards

● Cyber Security Policies, Architecture, and

Compliance

● Compliance Automation

● Case Studies from the field

CS981

Advanced

Topics on

Cryptography

This course focuses on some recent advanced

topics on cryptography. The first part of this course

would focus on public key cryptography and the

impact of quantum computing on cryptographic

applications. Public key cryptography plays a major

role in maintaining the security and integrity of

communication channels. However, due to the

advent of quantum computing, existing public-key

cryptographic algorithms like RSA or elliptic curve

cryptography will cease to remain secure. Shor’s

algorithm can find prime factors of integer numbers

efficiently on quantum computers, thus

undermining the basic security assumption of RSA

and elliptic curve cryptography. In this course, we

will cover the basic concepts and traditional attacks

on public key cryptography, followed by some

concepts on quantum computing and Shor’s

algorithm. Additionally, we would also describe very

briefly a post-quantum secure public key algorithm,

based on lattice-based cryptography. The second

part of the course would focus on advanced

● Public Key Cryptography

○ RSA and Elliptic Curve Cryptography

(ECC)

○ Attack on RSA and ECC

● Quantum Computing

○ Quantum Gates, Multi Qubit States

○ Deutsch ’s Algorithm

○ Bernstein-Vazirani Algorithm

○ Quantum Fourier Transformation

○ Shor’s algorithm

● Lattice Based Cryptography

○ Learning with error

○ CRYSTALS-Kyber

● Security Protocols

○ Authentication, Attestation, Bit

Commitment and Oblivious Transfer

○ PUF Based Authentication

○ Remote Attestation

cryptographic protocols like authentication,

attestation, bit-commitment protocols and oblivious

transfer etc. The contents selected for the course

are based on research papers from top-tier journals

and conferences such as IEEE TIFS, IACR TCHES,

IEEE TC, ACM TECS, IEEE TVLSI, DAC, DATE

etc.

CS982

Computational

Number Theory

for

Cryptographers

The module covers Elementary Operations,

Polynomials, Integer Lattices, Elliptic Curves and

more.

The module covers Elementary Operations, Polynomials,

Integer Lattices, Elliptic Curves and more.

CS983

Embedded,

Cyber Physical

Systems and

IoT Security

To understand different IoT system architecture and

related components.

To know various sensors and actuators used in IoT

applications.

To develop an IoT system in a simulated

environment.

To obtain the knowledge of various communication

protocols and networking strategies used in IoT

systems

To understand security threats in IoT systems,

attack detection methodologies and digital

forensics of IoT systems.

To get an overview of new trends and applications

in various domains.

● Introduction to IoT

○ New trends and applications

○ IoT architecture – 3,5,7 layers approach

○ Middleware

○ Fog computing

○ Sensors and actuators

● IoT communication protocols

○ NFC, RFID

○ Bluetooth, Zigbee, Wifi etc

○ MQTT, HTTP etc

● IoT sensor networks

○ Network topologies

○ Challenges in designing wireless sensor

networks

○ Optimization techniques

○ Routing protocols

○ Network structure

● IoT security

○ Device security

○ Communication security

○ Attack detection techniques

○ Digital Forensics

● IoT applications using AI/ML/DL methods

○ Smart cities

○ Healthcare

○ Agriculture

○ Manufacturing

CS984

Introduction to

Hardware

Security

To understand and discover security vulnerabilities

of physical implementation of cryptographic

algorithms .

Will get to know about different hardware security

threats like side channel attacks, hardware

Trojans, fault attacks.

Will obtain knowledge about passive side channel

attacks(power and electromagnetic attacks) and

corresponding countermeasures.

Will obtain knowledge about fault attacks and

corresponding countermeasures.

To understand and discover security vulnerabilities

of different micro- architectural attacks.

Will get to know hardware security primitives like

Physically Unclonable functions (PUF), True

Random Number Generator (TRNG), Logic locking

and security Protocol.

● Passive Side Channel Attacks

○ Introduction to Side Channel Attacks

○ Power Side Channel Attacks: Simple

Power Attack

○ Power Side Channel Attacks: Difference

of Mean and Correlation Power Attack

○ Evaluation of Side Channel Attacks:

TVLA and Success rate

○ Power Attack Countermeasures

● Fault Attacks and Hardware Trojan

○ Introduction to Fault Attacks

○ Fault Attacks on AES

○ Fault Attacks on ECC

○ Introduction to Hardware Trojan

○ Hardware Trojan Examples

● Micro-Architectural Attacks

○ Introduction to Cache Attacks

○ Spectre and Meltdown

○ Performance Counter based Attacks

● Hardware Security Primitives

○ Introduction to Physically Unclonable

Functions (PUF)

○ Example of PUFs

○ Introduction to True Random Number

Generators (TRNGs)

○ TRNG examples

○ Logic Locking: Attacks and

Countermeasure

○ Security Protocols

CS985

Introduction to

The module covers malware classification, types,

● Malware classification, types, and platform

Malware

Analysis

and platform-specific issues with malware, Intrusion

into IT and operational network (OT) and their

signs, manual malware infection analysis,

signature-based malware detection and

classification – pros and cons, and need for

machine learning-based techniques, and more.

specific issues with malware, Intrusion into IT

and operational network (OT) and their signs.

● Manual Malware Infection analysis, signature-

based malware detection and classification –pros

and cons and need for machine learning based

techniques.

● Static Analysis, Dynamic Analysis and Hybrid

Analysis of Windows Malware, Linux Malware

and Android Malware Case Studies of Malware

Analysis from most recent conferences,

Presentations and Discussions and

Implementations

CS986

Game Theory

The module covers non-cooperative game theory,

complete information sequential move games,

complete information simultaneous move games,

incomplete information games, cooperative Game

Theory, and more.

● Non-cooperative game theory

○ Quantitative models of strategic

interaction: rationality, intelligence,

common knowledge

○ Complete information simultaneous move

games – normal form representation

○ Ideas of equilibria: domination of

strategies, Nash equilibrium

○ Existence results for mixed and pure

Nash equilibrium

○ Correlated equilibrium.

● Complete information sequential move

games – extensive form representation

○ Perfect and imperfect information

extensive form games

○ Equilibria concepts – subgame perfect

equilibrium, perfect Bayesian equilibrium,

analogies

○ with pure and mixed Nash equilibrium

● Incomplete information games

○ Bayesian games

○ Equilibria concepts tied to the belief

system

○ Nash and Bayesian equilibria in

incomplete information games

● Cooperative Game Theory

○ Utility representation in form of coalition

○ Transferable utilities game

○ Imputation, core, Shapley value,

nucleolus

CS987

Advanced

Critical

Infrastructure

Security

To Identify the key research questions in cyber-

security of critical infrastructure.

To apply research methods which includes survey,

experiments, and articulation of

research problems in this area and methods for

finding solutions to selected problems.

To become adept at the use of machine learning for

cyber security.

To present in written and/or verbal form key findings

in the specific subject area of the course from

contemporary research papers.

To read and analyze research papers from journals

and conferences in the specific subject area of the

course

● Critical Infrastructure and Cyber Physical

Systems

● Introduction to PLC/SCADA/OT

● Dynamics of CPS and Attack Surfaces

● IT-OT Convergence and enhanced Attack

surfaces

● Intrusion to Affect Physical Dynamics

● Intrusion Detection Methods – Rule Base

● Intrusion Detection Methods – Machine Learning

Based

● Modeling of Cyber Physical Systems and Cyber

Attacks

● Risk Aware Cyber Security of Cyber Physical

Systems

CS988

Honeypots and

Deception

Technologies

for Advanced

Protection

The module covers Cyber Threat Intelligence

Collection Techniques, OSINT, Deception

Technology for Monitoring Cyber Threat, Client-

Side Deception Techniques, Service side

Deception techniques, IT honeypots, OT honeypot,

ICS Honeypots and more.

● Cyber Threat Intelligence Collection Techniques

● OSINT

● Deception Technology for Monitoring Cyber

Threat

● Client-Side Deception Techniques – Honey

Tokens, Honey Credentials, Honey Files etc

● Service side Deception techniques – IT

Honeypots, OT Honeypots, and ICS honeypots

● IT honeypots – for services such as SQL DB,

Web, SSH, Telnet and other services

● OT honeypot – SCADA Honeypots

● ICS Honeypots – Conpot and IoT Honeypots

CS989

Introduction to

Blockchain

Technology

The module covers Basic Cryptographic primitives

used in Blockchain Secure, Collision-resistant hash

functions, digital signature, public-key

cryptosystems, zero-knowledge proof systems,

basic Distributed System concepts, Blockchain 2.0,

Blockchain 3.0, E-Governance and other contract

enforcement mechanisms, and more.

● Basic Cryptographic primitives used in

Blockchain – Secure, Collision-resistant hash

functions,digital signature, public key

cryptosystems, zero-knowledge proof systems

● Basic Distributed System concepts – distributed

consensus and atomic broadcast, Byzantine

fault-tolerant consensus methods

● Basic Blockchain (Blockchain 1.0) – concepts

germane to Bitcoin and contemporary proof-of-

work based consensus mechanisms, operations

of Bitcoin blockchain, crypto-currency as

application of blockchain technology

● Blockchain 2.0 – Blockchains with smart

contracts and Turing complete blockchain

scripting –issues of correctness and verifiability,

Ethereum platform and its smart contract

mechanism

● Blockchain 3.0 – Plug-and-play mechanisms for

consensus and smart contract evaluation

engines, Hyperledger fabric platform

● Beyond Cryptocurrency – applications of

blockchain in cyber security, integrity of

information,

● E-Governance and other contract enforcement

mechanisms

● Limitations of blockchain as a technology and

myths vs. reality of blockchain technology