Department: Computer Science and
Engineering
Semester
:
Course
Code
Course Name
Security
Threats
Trusted Systems
Prerequisi
te:
and
Programme:
M.Tech.
Information
Security
Category
: TA
Hours /
Credit
Maximum
Week
Marks
L T
P
C
CA SE
TM
3 1
4
40
60
100
Computer Networks
To introduce the various types of threats to security, the
approaches to threat modeling and threat containment.
Objectives
To familiarize the vulnerability scanning process and the tools
:
available.
To introduce the concept of trusted Systems.
On successful completion of the course, the students will be able
to:
Understand the various threats to security and their relation to
vulnerabilities.
Outcome:
Perform threat modeling to identify, prioritize and mitigate
threats.
Understand the operation of trusted systems.
UNIT – I
Introduction
Hours:
12
Sources of security threats, Motives, Consequences of Threats, Target assets and
vulnerabilities, Vulnerability Assessment, Vulnerability Assessment Tools,
Vulnerability Databases, Network Scanning Tools, Penetration Testing, Insider
Threats, Environmental Threats.
UNIT – II
Network Security Threats
Hours:
12
Worms, Spams, Ad ware, Spy ware, Trojans and covert channels, Backdoors, Bots,
Spoofing Attacks, Session Hijacking, Computer Sabotage, DoS and DDoS,
Pharming Attacks, Phishing, Buffer Overflow, Format String Attacks, Cross - Site
Scripting, Cross Site Request Forgery, SQL Injection, Wardialing, WarFlying,
Wardriving, War Chalking, Network Reconnaisance, Cloud Threats.
UNIT – III
Threat Modeling
Hours:
12
Approaches to threat modeling, Threat Identification, STRIDE method, Attack
Trees, Managing and Addressing Threats, Threat Elicitation Approaches, Threat
Prioritization, Threat Modeling Tools.
UNIT – IV
Trusted Computing
Hours:
12
Introduction to Trusted Computing, Secure Co processors, Cryptographic
accelerators, Dongles, Trusted platform modules, Motivating scenarios,
UNIT – V
Design Goals and Implementation
Hours:
12
Design goals of Trusted Computing modules, Trusted computing and Secure
Storage, Trusted Computing and Secure Identification, Administration of Trusted
Devices.
Total
contact
Hours: 45
Text Books:
Total
15
Tutorials:
Total
Practical
Classes:
Total Hours: 60
1. John Vacca, “Managing Information Security”, 2 nd Edition, Syngress, 2014.
2. Adam Shostack, “Threat Modeling, Designing for Security”, John Wiley and
Sons, 2014.
3. David Challener, Kent Yoder, Ryan Catherman, David Safford, Leendert Van
Doorn , “A Practical Guide to Trusted Computing”, Pearson Education, 2007.
Reference Books:
1. EC-Council, “Network Defense: Security Policy and Threats”, Cengage
Learning, 2010.
2. Sean Smith,” Trusted Computing Platforms: Design and Applications”, Springer
Science & Business Media, 2006.