Textbook on
Computer System Security Basic Concepts and Applications
Dr. Rakesh Kumar Yadav Dr. Dolly Sharma Vanshika Rastogi Prabhakar Sharma
Textbook on
COMPUTER SYSTEM SECURITY Basic Concepts and Applications Rakesh Kumar Yadav Ph.D. (IIT), M. Tech. & B.Tech Director KCC Institute of Technology & Management, Greater Noida Dolly Sharma Ph.D., M. Tech. & B.Tech Associate Professor Amity School of Engineering and Technology, Amity University, Noida Vanshika Rastogi M.Tech & B.Tech Assistant Professor KCC Institute of Technology & Management, Greater Noida Prabhakar Sharma M.Tech (CDAC-Mohali) & B. Tech Assistant Professor ITS Engineering College, Greater Noida
Vayu Education of India 2/25, Ansari Road, Darya Ganj, New Delhi-110 002
Textbook on Computer System Security Copyright © VAYU EDUCATION OF INDIA
ISBN: 978-93-89769-01-2
First Edition: 2020
All rights reserved. No part of this publication may be reproduced, stored in a retrieval system, or transmitted, in any form or by any means, electronic, mechanical, photocopying, recording or otherwise, without the prior permission of the Author and Publisher.
Printed & bound in India
Published by: AN ISO 9001:2008 CERTIFIED COMPANY
VAYU EDUCATION OF INDIA 2/25, Ansari Road, Darya Ganj, New Delhi-110 002 Ph.: 91-11-43526600, 41564445 Fax: 91-11-41564440 E-mail:
[email protected],
[email protected] Website: www.veiindia.com
PREFACE We are extremely happy to come out with this book entitled “Computer System Security – Basic Concept and Applications”. This book is for B.Tech (CSE/IT) and MCA students of Dr. A.P. J. Abdul Kalam Technical University, Uttar Pradesh, Lucknow. This book can also be followed by Engineering and MCA students of other Universities. Postgraduates and Researchers will be the equal beneficiaries. This book will help them to comprehend the basic concepts of Cyber Security. Technology is a set of tools to improve the productivity, quality, and joy that they get from their work. Security is an essential part of today’s cyber world. Everything, from chat to shopping is on the internet today and thus, whatever we do online needs to be protected and made secure. In this book, we have tried to emphasise on the importance of security, various types of attacks, threats, vulnerabilities and security at different levels. The topics have been presented in a form that is easy to read and understand. This book addresses the answer to the following questions related to computer security:
• • • • • • • •
What are the different security architectures? What are the marketplaces for vulnerabilities? How can we defend against Control Hijacking? What is the Confinement principle? What are the various Access Control mechanisms? How can we have a secure web environment? What is Cryptography?
How do we provide security at various levels of networking? The book is divided into small chapters to make the concept clear. After each chapter, exercise has been given to apply the knowledge gained. In the book, each chapter contains exemplary problems and images to make the understanding better. We hope, the book provides you a good knowledge about the world of Computer System Security. We have tried to make every concept easy to read and understand.
SYLLABUS KNC-301: COMPUTER SYSTEM SECURITY UNIT-I Computer System Security Introduction: Introduction, What is computer security and what to l earn?, Sample Attacks, The Marketplace for vulnerabilities, Error 404 Hacking digital India part 1 chase. Hijacking & Defense: Control Hijacking, More Control Hijacking attacks integer overflow, More Control Hijacking attacks format string vulnerabilities, Defense against Control Hijacking - Platform Defenses, Defense against Control Hijacking - Run-time Defenses, Advanced Control Hijacking attacks. UNIT-II Confidentiality Policies: Confinement Principle, Detour Unix user IDs process IDs and privileges, More on confinement techniques, System call interposition, Error 404 digital Hacking in India part 2 chase, VM based isolation, Confinement principle, Software fault isolation, Rootkits, Intrusion Detection Systems UNIT-III Secure architecture principles isolation and leas: Access Control Concepts, Unix and windows access control summary, Other issues in access control, Introduction to browser isolation. Web security landscape: Web security definitions goals and threat models, HTTP content rendering. Browser isolation. Security interface, Cookies frames and frame busting, Major web server threats, Cross site request forgery, Cross site scripting, Defenses and protections against XSS, Finding vulnerabilities, Secure development. UNIT-IV Basic cryptography: Public key cryptography, RSA public key crypto, Digital signature Hash functions, Public key distribution, Real world protocols, Basic terminologies, Email security certificates, Transport Layer security TLS, IP security, DNS security. UNIT-V Internet Infrastructure: Basic security problems, Routing security, DNS revisited, Summary of weaknesses of internet security, Link layer connectivity and TCP IP connectivity, Packet filtering firewall, Intrusion detection.
SYLLABUS KNC-301: COMPUTER SYSTEM SECURITY CHAPTER-I Computer System Security: Introduction, Computer Security and Architecture, The OSI Architecture, Security Attacks, The Marketplace for Vulnerabilities, Common Computer Security Vulnerabilities, Causes and Harms of Computer Security Vulnerabilities, A Model for Network Security, Case Study: Hacking Digital India Part 1 Chase. CHAPTER-II Hijacking & Defense: Control Hijacking, Buffer Overflow Attacks, Control Hijacking Attacks from String Vulnerabilities, Defense against Control Hijacking, Platform Defenses, Run-Time Defenses. CHAPTER-III Confidentiality Policies: Confinement Principle, Detour Unix User IDs Process IDs and Privileges, Basic Concepts of UNIX User IDs, Basic Permission Bits on Files and Directories, UNIX-Access Control, System Call Interposition, Initial Implementation-JANUS, ptrace, systrace, VM Based Isolation, Software Fault Isolation, Root Kits, Intrusion Detection Systems. CHAPTER-IV Secure Architecture Principles Isolation and Leas: Access Control Concepts, Discretionary Access Control (DAC), Mandatory Access Control (MAC), Role-Based Access Control (RBAC), Issues in Access Control, Browser Isolation, How does it work, Advantages, CASE STUDY- Access Control in Unix and Windows. CHAPTER-V Web security Landscape: Overview, HTTP, Features of HTTP, Architecture, Cookies, Major Web Server Threats, Cross Site Request, Forgery, Cross Site Scripting, Defenses and Protections against XSS, Finding Vulnerabilities, Secure Development. CHAPTER-VI Basic Cryptography: Public key Cryptography, RSA Public Key Cryptography, Generation of RSA Key Pair, RSA Encryption, RSA Decryption, Digital Signature, Model of Digital Signature, Encryption with Digital Signature, Importance of Digital Signature, Public Key Distribution, Email Security Certificates, How does it work, Advantages, Transport Layer Security, TLS Advantages, TLS Disadvantages, Working of TLS, IP Security, Components of IP Security, Working of IP Security, Advantages, DNS Security, Types of Attacks, Measures against DNS Attacks. CHAPTER-VII Internet Infrastructure: Basic Security Problems, Routing Security, Weakness of Internet Security, Common Security Problems, Means of Protection, Firewalls, Types of Firewalls, How Firewalls work?
ACKNOWLEDGEMENTS We are obliged to Almighty for everything that we have. We wish to express our profound thanks to all those who helped in making this book a reality. We are greatly thankful to Prof. J.P. Saini, Vice Chancellor (NSUT-Delhi), Prof. KV Arya, Professor (IIITM-Gwalior), Prof. DS Yadav, Professor (IET-Lucknow), Prof. Raghuraj Singh, Professor (HBTU-Kanpur), Prof. Vinay Rishiwal, Professor (Rohilkhand University, Bareilly), Prof. P.K. Bharti, Vice Chancellor (SVU-Gajraula), Prof. K.P. Yadav, Vice Chancellor (Sangam University-Bhilwara) and Prof. Deepak Garg, Professor (Bennett University-Greater Noida) for their guidance while writing this book. We would like to give our sincere thanks to Mr. Deepak Gupta (Chairman of KCC Institutes) for his support. We are thankful to Dr. R.K. Jain and all other staff members of JBC Press for making this book a great reality. Best wishes to our students, enjoy learning “Computer System Security”. We are Thankful to Prof. R S Nirjar EX-Chairman, AICTE, Delhi Prof. R P Yadav EX-VC, RTU, Kota Prof. Brahmjit Singh Professor, NIT, Kurushetra Prof. G S Yadava EX-Pro VC, Lingaya University, Faridabad Prof. Sushrut Das Associate Professor, IIT, Dhanbad Prof. Sudhir Kumar Director, Greater Noida College of Technology, Greater Noida Prof. Ashish Gupta Professor, ITS Engg. College, Greater Noida Prof. Sunil Kumar Director, IEC, Greater Noida Prof. R L Yadav Professor, Galgotias College of Engineering Technology, Greater Noida Prof. Pankaj Jha Associate Professor, IIMT, Greater Noida Prof. C S Yadav Professor, NIET, Greater Noida Prof. Kamlesh Rana Director, Accurate ITM, Greater Noida Prof. R K Raghuvanshi Director, JIIMS, Greater Noida Prof. Ghazala Naaz Professor, NIET, Greater Noida Prof. Parmanand Dean, Sharda University Prof. Rohit Garg Director, MIT, Moradabad Prof. Ajay Kumar Director, Graphic Era University, Dehradun Prof. Sanjay Singh Professor, ABES, Ghaziabad Prof. Sapna Katiyar Professor, ABIT, Ghaziabad Prof. Dharmendra Kumar Ass. Prof., Delhi Technical Campus, Greater Noida Prof. Shivani Kaul Ass. Prof., KCC ITM, Greater Noida Prof. Huma Khan Asst. Prof., KCC ITM, Greater Noida Prof. Srinivas Aruonda Ass. Prof., KCC ITM, Greater Noida Prof. Monu Singh Asst. Prof., KCC ITM, Greater Noida Prof. Seema Srivastava Ass. Prof., KCC ITM, Greater Noida Prof. Ravi B Singh Ass. Prof., KCC ITM, Greater Noida Prof. Abhishek Swami Associate Professor, SGT University, Gurugram Prof. Dilip Yadav Associate Professor, Galgotias University, Greater Noida And all others who taught us, suggested us and helped us directly or indirectly.
CONTENTS CHAPTER 1 COMPUTER SYSTEM SECURITY 1.1 INTRODUCTION 1.2 COMPUTER SECURITY AND ARCHITECTURE 1.2.1 The OSI Security Architecture 1.2.2 Threat 1.2.3 Attack 1.2.4 Security Attacks, Services and Mechanisms 1.3 SECURITY ATTACKS 1.3.1 Passive attack 1.3.2 Active attacks 1.4 THE MARKETPLACE FOR VULNERABILITIES 1.4.1 Common Computer Security Vulnerabilities 1.4.2 Causes and Harms of Computer Security Vulnerabilities 1.5 A MODEL FOR NETWORK SECURITY 1.6 CASE STUDY: Hacking Digital India Part 1 Chase Exercise
1–12 1 2 2 2 3 3 4 4 6 8 8 8 9 10 11
CHAPTER 2 HIJACKING AND DEFENSE 2.1 CONTROL HIJACKING 2.1.1 Buffer Overflow attacks 2.1.2 Control Hijacking attack format string vulnerabilities 2.2 DEFENSE AGAINST CONTROL HIJACKING 2.2.1 Platform Defenses 2.2.2 Run-time Defenses Exercise
13–20 13 13 14 15 16 17 19
x
Computer System Security
CHAPTER 3 CONFIDENTIALITY POLICIES 3.1 CONFINEMET PRINCIPLE 3.2 DETOUR OF UNIX USER IDs, PROCESS IDs AND PRIVILIGES 3.2.1 Basic concepts of UNIX IDs 3.2.2 Basic Permission Bits on Files and Directories 3.2.3 UNIX-Access Control 3.3 SYSTEM CALL INTERPOSITION 3.3.1 Initial implementation-JANUS 3.3.2 Ptrace 3.3.3 Systrace 3.4 VIRTUAL MACHINE BASED ISOLATION 3.5 SOFTWARE BASED FAULT ISOLATION 3.6 ROOTKITS 3.7 INTRUSION DETECTION SYSTEM Exercise
21–34 22 22 23 23 23 26 27 29 29 30 31 31 32 33
CHAPTER 4 SECURE ARCHITECTURE (PRINCIPLES, ISOLATION AND LEAS) 4.1 ACCESS CONTROL CONCEPTS 4.1.1 Discretionary Access Control (DAC) 4.1.2 Mandatory Access Control (MAC) 4.1.3 Role-Based Access Control (RBAC) 4.2 ISSUES IN ACCESS CONTROL 4.2.1 Appropriate role-based access 4.2.2 Poor password management 4.2.3 Poor user education 4.3 BROWSER ISOLATION 4.3.1 How does it work? 4.3.2 Advantages 4.4 CASE STUDY - ACCESS CONTROL IN UNIX AND WINDOWS Exercise
35–42 35 35 36 36 36 36 37 37 37 37 38 39 42
CHAPTER 5 WEB SECURITY LANDSCAPE 5.1 OVERVIEW 5.2 HTTP
43–56 43 44
Computer System Security
5.3 5.4 5.5 5.6 5.7
5.8 5.9
xi
5.2.1 Features of HTTP 5.2.2 Architecture COOKIES MAJOR WEB SERVER THREATS CROSS SITE REQUEST FORGERY CROSS SITE SCRIPTING DEFENSES AND PROTECTION AGAINST XSS 5.7.1 Escaping 5.7.2 Validating Input 5.7.3 Sanitizing FINDING VULNERABILITY SECURE DEVELOPMENT Exercise
44 45 45 47 49 51 52 53 53 54 54 55 56
CHAPTER 6 BASIC CRYPTOGRAPHY 6.1 PUBLIC KEY CRYPTOGRAPHY 6.1.1 Components of Public Key Encryption 6.1.2 Weakness of the Public Key Encryption 6.1.3 Applications 6.2 RSA PUBLIC KEY CRYPTOGRAPHY 6.2.1 Generation of RSA Key Pair 6.2.2 Generate the RSA modulus(n) 6.2.3 Find Derived Number(e) 6.2.4 Form the public key 6.2.5 Generate the private key 6.2.6 RSA Encryption 6.2.7 RSA Decryption 6.3 DIGITAL SIGNATURE 6.3.1 Model of Digital Signature 6.3.2 Encryption with Digital Signature 6.3.3 Importance of Digital Signature 6.4 PUBLIC KEY DISTRIBUTION 6.4.1 Public Announcement of Public Keys 6.4.2 Publicly Available Directory 6.4.3 Public-Key Authority 6.4.4 Public Key Certificates
57–74 57 58 59 59 59 60 60 60 61 61 61 61 62 62 63 64 65 65 65 66 66
xii
Computer System Security
6.5 E-MAIL SECURITY CERTIFICATES 6.5.1 How does it work? 6.5.2 Advantages 6.6 TRANSPORT LAYER SECURITY 6.6.1 TLS advantages 6.6.2 TLS disadvantages 6.6.3 Working of TLS 6.7 IP SECURITY 6.7.1 Components of IP Security 6.7.2 Working of IP Security 6.7.3 Advantages 6.8 DNS SECURITY 6.8.1 Types of Attacks 6.8.2 Measures against DNS attacks Exercise
67 67 67 68 68 68 69 69 70 71 71 72 72 73 73
CHAPTER 7 INTERNET INFRASTRUCTURE 7.1 BASIC SECURITY PROBLEMS 7.1.1 Code Injection 7.1.2 Data Breach 7.1.3 Malware Infection 7.1.4 Distributed Denial Service of attack 7.2 ROUTING SECURITY 7.3 WEAKNESS OF INTERNET SECURITY 7.3.1 Common Security Problems 7.3.2 Means of protection 7.4 FIREWALLS 7.4.1 Types of Firewalls 7.4.2 How Firewalls work? Exercise Appendix Model Question Paper Glossary References
75–84 75 75 76 76 76 76 80 80 81 82 82 83 84 85 89 91 93
1 Computer System Security Learning Objectives • • • • •
Computer Security CIA Triangle OSI Security Architecture Security Attacks-Categories Active and Passive Attacks
• Common computer system vulnerabilities • Causes and harm of vulnerabilities • A network security model • Case Study: Hacking Digital India
We live in a digital era which understands that our private information is more vulnerable than ever before. We all live in a world which is networked together, from internet banking to government infrastructure, where data is stored on computers and other devices. A portion of that data can be sensitive information, whether that is intellectual property, financial data, personal information, or other types of data for which unauthorized access or exposure could have negative consequences. 1.1 INTRODUCTION Until the time, media publicized the data security; computer security was confined to the physical security. Traditionally, computer facilities have been protected for the following reasons: i. To avoid theft or damage of the hardware. ii. To avoid disruption of service. iii. To avoid theft of the information. Computer data often travels from one computer to another, leaving the safety of its protected physical surroundings. Once the data is out of hand, people with bad intention could modify or forge your data, either for amusement or for their own benefit. Computer security basically is the protection of computer systems and information from harm, theft, and unauthorized use. It is the process of preventing and detecting unauthorized use of your computer system. It is the protection offered to an automated information system in order to attain the applicable objectives.
computer security is the protection of computing systems and the data that they store or access.
2
Computer System Security
1.2 COMPUTER SECURITY AND ARCHITECTURE When we talk about “computer security”, we mean that we are addressing three very important aspects of any computer-related system namely, Fig 1.1.
• Confidentiality: access (reading, viewing, printing, knowing, etc.) • Integrity: modification (includes writing, changing, changing status, deleting, and creating).
en t fid Co n
y rit eg Int
ial ity
• Availability: Denial of service
Information Security
Availability
Fig. 1.1 The CIA triangle
1.2.1 The OSI Security Architecture
In any organization, the manager is responsible for the security measures. Thus, requires some systematic way of defining the requirements of security and characterizing the approaches to satisfy those requirements. Usage of LAN, WAN and centralized data processing environment make it a tough task. The OSI architecture helps the managers with a way of organizing the task of providing security. The Open System Interconnect (OSI) security architecture was designated by the ITU-T (International Telecommunication Union - Telecommunication). The OSI security architecture was developed in the context of the OSI protocol architecture. The OSI Security Architecture is a framework that provides a systematic way of defining the requirements for security and characterizing the approaches to satisfying those requirements. However, for our purposes in this chapter, an understanding of the OSI protocol architecture is not required. For our purposes, the OSI security architecture provides a useful, if abstract, overview of many of the concepts. The OSI security architecture focuses on security attacks, mechanisms, and services. These can be defined briefly as follows: 1.2.2 Threat
A computer system threat is anything that leads to loss or corruption of data or physical damage to the hardware and/or infrastructure. It has a potential for violation of security, which exists when there is a circumstance, capability, action, or event
Computer System Security
3
that could breach security and cause harm. That is, a threat is a possible danger that might exploit vulnerability. They can put individuals’ computer systems and business computers at risk, so vulnerabilities have to be fixed so that attackers cannot infiltrate the system and cause damage. Threats can include everything from viruses, trojans, back doors to outright attacks from hackers. Often, the term blended threat is more accurate, as the majority of threats involve multiple exploits. For example, a hacker might use a phishing attack to gain information about a network and break into a network. 1.2.3 Attack
An assault on system security that derives from an intelligent threat; that is, an intelligent act that is a deliberate attempt (especially in the sense of a method or technique) to evade security services and violate the security policy of a system. 1.2.4 Security Attacks, Services and Mechanisms
To assess the security needs of an organization effectively, the manager responsible for security needs some systematic way of defining the requirements for security and characterization of approaches to satisfy those requirements. One approach is to consider three aspects of information security: Security attack – Any action that compromises the security of information owned by an organization. It includes exploitation of computer systems and networks. It uses malicious code to alter computer code, logic or data and lead to cybercrimes, such as information and identity theft. Security mechanism – A mechanism that is designed to detect, prevent or recover from a security attack. One of the most specific security mechanisms in use is cryptographic techniques. Encryption or encryption-like transformations of information are the most common means of providing security. Some of the mechanisms are: i. Encipherment ii. Digital Signature iii. Access Control Security service – A service that enhances the security of the data processing systems and the information transfers of an organization. The services are intended to counter security attacks and they make use of one or more security mechanisms to provide the service. The classification of security services are as follows: i. Confidentiality: Ensures that the information in a computer system and transmitted information are accessible only for reading by authorized parties. Eg., printing, displaying and other forms of disclosure.
4
Computer System Security
ii. Authentication: Ensures that the origin of a message or electronic document is correctly identified, with an assurance that the identity is not false. iii. Integrity: Ensures that only authorized parties are able to modify computer system assets and transmitted information. Modification includes writing, changing status, deleting, creating and delaying or replaying of transmitted messages, the receiver of a message be able to deny the transmission. iv. Access control: Requires that access to information resources may be controlled by or for the target system. v. Availability: Requires that computer system assets be available to authorized parties when needed. 1.3 SECURITY ATTACKS There are four general categories of attack which are listed below: i. Interruption An asset of the system is destroyed or becomes unavailable or unusable. This is an attack on availability. e.g. destruction of piece of hardware, cutting of a communication line or disabling of file management system. ii. Interception An unauthorized party gains access to an asset. This is an attack on confidentiality. Unauthorized party could be a person, a program or a computer.e.g., wire tapping to capture data in the network, illicit copying of files iii. Modification An unauthorized party not only gains access to but tampers with an asset. This is an attack on integrity. e.g., changing values in data file, altering a program, modifying the contents of messages being transmitted in a network. iv. Fabrication An unauthorized party inserts counterfeit objects into the system. This is an attack on authenticity. e.g., insertion of spurious message in a network or addition of records to a file. A useful categorization of these attacks is in terms of i. Passive attacks ii. Active attacks 1.3.1 Passive attack
Passive attacks are in the nature of eavesdropping on, or monitoring of, transmissions. The goal of the opponent is to obtain information that is being
Computer System Security
5
transmitted. Passive attacks are of two types: i. Release of message contents: A telephone conversation, an e-mail message and a transferred file may contain sensitive or confidential information. We would like to prevent the opponent from learning the contents of these transmissions. The process is shown in Fig. 1.2. BOB BOB reads the content of message which Lily sends to John
LILY
Internet
JOHN
Fig. 1.2 Release of Message Content
ii. Traffic analysis: If we had encryption protection in place, an opponent might still be able to observe the pattern of the message. The opponent could determine the location and identity of communication hosts and could observe the frequency and length of messages being exchanged, as shown in Fig 1.3. This information might be useful in guessing the nature of communication that was taking place. BOB BOB observes the pattern of messages exchanged between LILY and JOHN
LILY
Internet
Fig. 1.3 Traffic Analysis
JOHN
Textbook on
Computer System Security Basic Concepts and Applications About the Book The aim of this text book is to discover software bugs that pose cyber security threats and to explain how to fix the bugs to mitigate such threats. It elaborates cyber attack scenarios in web browsers and web servers and explains mitigation of such threats. It focuses on mobile software bugs posing cyber security threats and mitigation techniques. The purpose of this book is to articulate the urgent need for cyber security in critical computer systems, networks, and World Wide Web, and to explain various threat scenarios. The book articulates well known cyber attack incidents, explains the attack scenarios, and explores mitigation techniques. About the Authors Dr. Rakesh K. Yadav is presently working as Director at KCC Institute of Technology & Management, Greater Noida, Uttar Pradesh, India. He received the Engineering degree (B. TECH. in Electronics & Communication Engineering) from Uttar Pradesh Technical University, Lucknow, UP, India and Masters degree (M.TECH. in Electronics & Communication Engineering) from Gautam Budha Technical University (Previously known as UPTU), UP, India. Dr. Yadav has earned Ph.D. (Electronics Engineering) degree from IIT(ISM), Dhanbad, Jharkhand, India. His primary research interests are in Microwave, Antennas & Rectennas. He is author of several research publications (Patent, Journals, and National/International conferences). He has also written Books for internationally/nationally reputed publishers. He is also associated with many international journals as Reviewer and Member. He has more than 16 years of working experience in academic as well as administration. He is guiding Ph.D. scholar from IIT (ISM), Dhanbad. He has received grant from AICTE and AKTU to conduct Seminars and Faculty Development Programme. Dr. Yadav has delivered Expert Talks and Chaired Sessions in various Conferences and Workshops. Dr. Dolly Sharma graduated in Computer Science & Engineering from Kurukshetra University in 2004 and received Masters in Information Technology with honours from Panjab University, Chandigarh in 2007. She was the second University topper. She has been awarded Ph.D. in Computer Science and Engineering from Punjab Engineering College, formerly PEC University of Technology, Chandigarh. Her area of interests includes Bioinformatics, Grid Computing and Cyber Security. She has published a number of research papers indexed in SCI and SCOPUS. He has a rich teaching experience of around 15 years. She has contributed as a reviewer in important conferences and Journals and also chaired various International Conferences. Vanshika Rastogi has done her B.Tech. in Computer Science and Engineering from AKTU, Lucknow in 2008 and received Masters in Information Technology with Honours from Banasthali University, Rajasthan in 2010. She was the Gold Medalist and University topper. She is currently pursuing Ph.D. from Banasthali University, Rajasthan. She has published papers in various International journals. Her area of interests includes Data Mining, Web Technology and Cyber Security. She has a teaching experience of 6 years. Currently she is working as Assistant Professor in the Department of Computer Science and Engineering in KCC Institute of Technology and Management, Greater Noida Mr. Prabhakar Sharma received his M.Tech in VLSI Design from CDAC Mohali in 2009 and B.Tech in ECE from UPTU, Lucknow in 2004. At present, he is working as an Assistant Professor at ITS engineering college Greater Noida. He has teaching experience of more than 15 years. He has published a number of research papers in national and international conferences and journals. He has contributed as a reviewer in important conferences and Journals. He has published several books on Digital Electronics, Antenna, Wireless Communication, Non-conventional Energy resources and Electromagnetic Field Theory.
978-93-89769-01-2
9 789389 769012
MRP: ` 115.00