Faculty Development Program on Cyber Security and Cyber War 2019, University of Petroleum and Energy Studies Dehradun, Faculty Development Program, Dehradun, Uttarakhand, 3rd - 7th June 2019

  • Category: Faculty Development Program
  • Start Date: 3rd June 2019
  • End Date: 7th June 2019
Visit Event Website
Faculty Development Program on Cyber Security and Cyber War 2019


The aim of this program is to promote research aspects in internet security, familiarize with tools available for network scanning (anti-virus, anti-spam and anti-spyware scans), identify and synthesize needs for internet security techniques (firewall, honeypots etc.), share information and practical awareness for data and system protection from cyber-attacks (prevent, detect and respond) etc. The FDP will start with an overview of cybersecurity, information security and cryptography aspects to help the audience understand importance of these aspects in real life scenarios. This FDP is planned into two parts: technical session and hands-on session. The technical session part of the FDP will focus on the most challenging contemporary issues in cybersecurity (cyber threat, cyber incidents, cyber threat sharing, cyber technology evolution etc.), data science (collection, analysis and visualisation) and cryptography. The hands-on session part will extend the discussion to address the practical evaluation of security tools and techniques, machine learning for data analysis and data forensics, and implementation of cryptography primitives and protocols. After each session, a small group breakout session will be conducted where key topics from the current session are addressed with participants helping identify recent trends and research gaps. At the end of FDP, summary of key findings and takeaways will be presented.


Day 1 (9:30 - 5:30): Data Scanning and Penetration Testing Tools
Expert Talk-1
(Speaker: Dr. Adarsh Kumar, UPES, Dehradun, India)
Overview of Cybersecurity, its security architectures, and security implications and adoption of evolving technology.
Wireshark: installation, data scanning, command based executions, data capturing, Python programming for captured data analysis, Tshark, running tcpdump, dumpcap, Monitoring cyber-attacks (DoS, DDoS, Port Scanning, Phising, web vulnerabilities, encrypted traffic, malware attack), I/O graphs, anomaly detection, traffic issues etc.
NMAP: scanning smaller to larger networks, scanning servers, running existing scripts, privilege escalation and RDP scanning etc.
Metasploit: port scanning, vulnerability scanning, exploitations (windows, website and network), meterpreter, meterpreter scripts, advanced exploitations (MSFencode attack, social engineering toolkits etc.), Bypassing UAC etc.
OpenVAS: installation, configuration, host discovery, port scanning, application and os detection, report generation and analysis etc.
Nessus: installation, configuration, host discovery, port scanning, application and os detection, report generation and analysis etc.
Maltego: creating project, data mining with Maltego, scanning information, listing vulnerabilities, exploring modules, network statistics with graphical representation etc.
Other Tools: Introduction and comparative analysis of following tools: IronWASP, Nikto, SQLMap, SQLNinja, Wapiti, AirCrack-ng, Reaver, Ettercap, Canvas etc.

Day 2 (9:30 - 5:30): Web Penetration Testing
Expert Talk-2
(Speaker: Dr. Adarsh Kumar, UPES, Dehradun, India)
Burp suite: environment setup, Burp Suite Example, threat modelling, web intrusion tests etc.
Linux web penetration testing: Web application brute forcing using OWASP DirBuster, OWASP Zed Attack Proxy (ZAP), spider a website, ZAP Spider, webscarab, hydra, manual vulnerability analysis using cookies, Damn vulnerable web app, shellshock, privilege escalation, and post exploitation etc.
Attack Scenarios: Server-side attacks, client-side attacks, authentication based attacks, session management and hijacking, web-attacks, BURP, OWASP-ZAP, Fimap, Low Orbit Ion Cannon etc.
Attack Defenses: Defense measurements, Environnment cloning, Protection against attacks (MiM, DoS, DDoS, Cookie, Clickjacking etc.
Automated web penetration testing using python, SQL injection attack, cross-site scripting attack, cross-site forgery attack, denial of service (DoS) attack etc.

Day 3: (9:30 - 5:30): Network Penetration Testing
Expert Talk-3
(Speaker: Dr. Adarsh Kumar, UPES, Dehradun, India and Mr. Saurabh Jain, UPES, Dehradun, India)
Lua Programming: basics, value types, array, functions, tables, meta-tables, modules, file i/o, object oriented programming, debugging, error and exception handling etc.
NSE Scripting: Data file handling (data discovery, brute force, web application auditing, DBMS auditing, jaba debug files etc.), advanced scripts (versioning, network sockets, binary data, vulnerability table etc).
Threat and Vulnerability Assessment: OSINT cycle, information collection websites, service enumeration, MASSCAN, web frontend and backend information gathering, Zenmap, Tripwire SeureCheq scanner etc.
Email tracing, mylast search, USB Device, Root-me challenges, wasitviewed, Burpsuite Scanner, Zenmap, Acunetix, SQL injection, Malicious SQL statements, Smart Script, SQL Injection(SQLI) Attack, Performing SQL Injection Attack (Hands On) through: Own Interface(Java based), MYSQL command Line client, Acunetix, Browser and SQL Injection Prevention Technology.

Day 4 (9:30 - 5:30): Mobile Penetration Testing, Blockchain and Cryptocurrency
Expert Talk-4 (Speaker: Prof. Neelu Jyoti Ahuja, UPES, Dehradun, India)
Expert Talk-5 (Speaker: Prof. Alok Aggarwal, UPES, Dehradun, India)
(Speaker: Dr. Adarsh Kumar, UPES, Dehradun, India)
Blockchain: introduction, advantage over conventional distributed database, blockchain network, mining mechanism, distributed consensus, Merkle Patricia Tree, Gas Limit Transactions and Fee, Anonymity, Reward, Chain Policy, Life of Blockchain application, Soft and Hard Fork, Private and Public Blockchain.
Cryptocurrency: history, distributed ledger, Bitcoin protocols-mining strategy and rewards, Ethereum- construction, DAOsmart contract, GHOST, vulnerability, attacks, sidechain, namecoin. Cryptocurrency Regulations: stakeholders, roots of bitcoin, legal aspects - cryptocurrency exchange, black market and global economy.
Pen testing on Android platform: Installing android sdk, android application writing, application forensics, environment setup, rooting and jailbreaking etc.
Pen testing on iOS platform:: installing Xcode and iOS simulator, writing iOS application, application forensics, environment setup, rooting and jailbreaking etc.

Day 5 (9:30 - 5:30): Data Forensics
Expert Talk-6 (Speaker: Prof. Mayank Dave, Department of Computer Engineering, National Institute of Technology, Kurukshetra, Haryana, India)
Tentative Title: Predictive Cyber Defence with Artificial Intelligence and Machine Learning
(Speaker: Dr. Adarsh Kumar, UPES, Dehradun, India)
Malware Analysis: Malware types, Malware Sources, Static Analysis, Malware Fingerprinting, File obfuscation, Exeinfo PE, pestudio, PPEE(puppy), Resource Hacker, Yara, Yara Rule basics, Dynamic analysis, Noriben, INetSim, Analysing malicious binaries, code injection and hooking, obfuscation techniques, memory forensics, advanced malware detection, Cuckoo malware analysis etc.
Python programming using pcapy and scapy, programming for listing directory, file, registry and application properties, capturing system logs, analysing window and linux memories etc.
Forensics Algorithms, creating and analysing window and linux logs, window registry analysis, virtualization forensics, Cryptography with python, python paramiko, juniper networks, pygal, pysnmp, PyHook, Pywin,
Data Science and Python Machine Learning for Time Series Analysis (cybersecurity datasets, designing packet sniffer, preparing datasets, training-validating-testing datasets, reading datasets for data frame analysis, applying data analytics, visualising network and attack statistics)


For more details, kindly check: http://tinyurl.com/y2aaq3hd


Paper Presentation Topics

For more details, kindly check: http://tinyurl.com/y2aaq3hd

Fest Guests

Professor M R Muralidharan, Chief Research Scientist, Indian Institute of Science, Banglore, Karnataka, India
Professor Anil Prabhakar, Department of EE, Indian Institute of Technology Madras, Chennai, India
Prof. Mayank Dave, NIT, Kurukshetra, Haryana, India



How to reach University of Petroleum and Energy Studies Dehradun

By Air
Jolly Grant Airport is a domestic airport which is situated at a distance of 25 kms from the centre of the city. The nearest International Airport is situated in New Delhi, at a distance of about 235 kms from Dehradun and provides approximately 7 daily flights to Dehradun.

By Rail
Dehradun Railway Station is the nearest rail head of the Northern Railways .The railway station is situated at a distance of about 2 kms from the center of the city. Major cities like Delhi, Kolkata, Varanasi, Ujjain and Indore are connected by regular as well as frequent train services from the main city. Regular buses as well as taxi are available right from the railway station.

By Road
State owned Uttarakhand Transport provides regular bus service (Deluxe A/C bus , Volvo, and various other categories of buses ) from the main city to all major destinations.

How to Reach UPES Campus from Dehradun City
By Taxi/Auto
After reaching the Airport / Railway Station / Bus Stand , Taxi / Auto will be available 24 Hours. The fare for taxi is approx Rs 1200/- (from Airport) and approx Rs. 500 (from Railway / Bus stand).

By Private Vehicle
From Bus Stand please follow the following sequence:

Bus Stand --> Niranjanpur Mandi (~ 3 KM) --> Rohan Motorts (~ 1 KM) --> Balliwala Chowk (~ 2 KM) ---> Ballupur Chowk (~ 2 KM) ---> IMA (~ 3 KM)---> Prem Nagar (~ 3 KM)---> Nanda Ki Chowki (~ 2 KM)---> Bidholi (~ 10 KM)----> UPES Campus

Event Sponsors in Dehradun

University of Petroleum and Energy Studies, Dehradun

Events in Dehradun

Events in Uttarakhand