Cyber Security Diploma Course At CDAC 2013

Cyber Security Diploma Course At CDAC 2013

India ranks fifth among countries reporting maximum number of cyber crimes, according to the latest report released by Internet Crime Complaint Centre of the United States. All major active botnets like Grum, Lethic, and Mega-D are all reported by having their infected hosts in India which is contributing to major spam generation.

Cyber crime is now big business. Attackers are accessing and using credit card and other financial information. Smartphone attacks are expected to increase multiple folds. With the growth of 3G services and business transactions using mobile phones we expect substantial increase in the mobile malware. The risk of data theft has become a major concern in the last few years. Phishing attempts are no longer easily detected based on misspelled words or claims of large sums of money. All these show the growing importance of cyber security in the IT landscape. The global Internet and the World Wide Web (WWW) have added new dimensions to the way computers are being used. The prolific use of Internet for applications such as e-Governance, e-Commerce, e-Banking, e-Learning, etc. has made e-Security an important aspect of computers and networks.

Sensing the gravity of growing security concerns and the need for significant indigenous effort due to the sensitivity of the area, C-DAC has been actively pursuing R&D in a number of aspects of cyber security. Different centres of C-DAC are focusing on different sub-areas from biometrics to cyber forensics. Major R&D efforts and a sample of the solutions currently available are listed below

Current Focus Areas:

E-Security algorithmic and computational challenges: Computational analysis of e-Security challenges involves study of techniques to defeat security algorithms and approaches. Such complex problems need vast computing resources. Param systems, Grid infrastructure, use of GPUs, and reconfigurable hardware are useful candidates for such work

Intrusion Detection & Prevention: Intrusion Detection & Prevention is concerned with identifying intrusion into a target network or system as early as possible, and prevent such situation as much as possible. C-DAC is focusing on adaptive Intrusion Detection using advanced concepts in artificial intelligence and data mining. This will enable the Intrusion Detection Systems to learn new attack patterns by continuously analyzing the network traffic and deducing the behavior. Presently, research is also being carried out to extend this approach to build Intrusion Prevention System (IPS) so that it becomes more proactive, intelligent and preventive.

SCADA Security: As SCADA Systems get larger, they necessarily become connected to various networks for both economic and technical reasons, which are finally integrated into the Internet. This advancement in technology brought new kinds of threats to the critical infrastructures operated by SCADA systems. It is very important to define, classify and study the various threats and vulnerabilities and build counter measures against them.

Smart Grid Security: The evolution of Smart Grid Technology has led to the need for ensuring high level security and reliability to the smart Grid infrastructure. Smart Grid Security measures are designed to protect the electrical grid from attacks, as well as strengthening its resilience against natural disasters and inadvertent threats such as equipment failures and user errors.

Mobile Security: With the penetration of mobiles, it is becoming very important to secure mobile devices. C-DAC is developing mobile device security solutions to provide features like secure storage, application monitoring & control, local & remote secure device backup & restore Remote Erase / Lock and Call & SMS Black listing/White listing, etc. Such solutions need to support offline application analyzer and kernel level enforcer.

Web Security: The main objective is to scan the vulnerabilities of a given target web application / website and assess the risk associated with each vulnerability. Thus with this objective the development of the framework is initiated under which various open source tools are utilized and customization of the output to remove false positives, false negatives etc are planned and implemented.

Cloud Security: C-DAC is working to minimize the security risk associated in using cloud computing and storage services for achieving privacy, integrity and availability with elastic load balancing. C-DAC is working on strong isolation and access control mechanisms, data encryption, and DDOS attack detection mechanisms.

Biometrics: Biometric Identification refers to the identification of individuals using biological traits such as fingerprint and Iris pattern. C-DAC has a solution suite using Level-III features (pores, ridge contours, and edgeoscopic features) for high security applications. C-DAC is also collaborating with UIDAI for biometric solutions deployment.

Malware Analysis and Prevention: Various tools and solutions for malware analysis and prevention are being developed. These use behavior heuristics as well as applications behavior whitelisting. As web based malware infections are emerging as another major threat, efforts are also being made to address attacks through browsers on desktops and mobiles.

Cyber Forensics: Cyber Forensics is the scientific processes of identification, seizure, acquisition, authentication, analysis, documentation and preservation of digital evidence involved in cyber crimes committed using computer systems, computer network, mobile devices and other peripheral devices and reporting the evidence to a court of law.

Honeynet Technologies: A Distributed Honeynet System is a collection of Honeynets that are distributed throughout the Internet or other large network and sends data to a central analysis point. A system that detects large-scale coordinated attacks and distinguishes between manual / targeted attacks & automated attacks will play a critical intelligence-gathering role for network defenders.

End Point Security:

Services Offered

• Penetration Testing and Security Audits
• Malware Analysis
• Cyber Forensic Analysis
• Web application Security Testing
• Wireless Security Assessment

Training Program Offered

Full Time Post-Graduate Diploma in Information Security	6 Months
CNSS - Certificate Course on Networking and System Security	22 Weeks
Advanced Diploma in Networking & System Security	26 Weeks
Post Graduate Diploma Programme in Information security	12 Months
Certificate course in Information Security	6 Months

And Short courses (1day - 1month) on topics such as Database Security, Ethical Hacking, Perimeter Security, Security Engineering, Web Application Security, Wireless Security, Security Administration Linux, Cyber Forensics, etc.