网络信息安全教学大纲双语.docx
《网络信息安全教学大纲双语.docx》由会员分享,可在线阅读,更多相关《网络信息安全教学大纲双语.docx(15页珍藏版)》请在冰豆网上搜索。
网络信息安全教学大纲双语
课程编号:
3001430400
《信息安全》
课程教学大纲
吉林财经大学
二○○五年八月
《信息安全》课程教学大纲(双语课)
一、课程基本信息
1.课程编号:
3001430400
2.英文名称:
InformationSecurity
3.课程模块:
专业限选课
4.课程学时:
总计54学时,其中,实验(践)10学时
5.学分:
3
6.先(预)修课程:
计算机网络
7.适用专业:
计算机科学与技术
8.修订时间:
2015.8
二、课程简介
Thiscourseusuallycanbedividedintothreeparts.
Firstpart:
Encryption
ThispartintroducesClassicalencryptiontechniquesandpublic-keyencryption,suchasRSA,DES,PGP,digitalsignaturesandauthenticationprotocols.
Secondpart:
VirusesandIntruders
ThispartintroducesComputer“Viruses”andrelatedOther“MaliciousPrograms”,andintroducessomeattacktechniquesofnetworksecurityindetail.TherearefivestepsofconcealingIPaddress,scanningobjectcomputer,acquiringadministrator’sauthority,plantingbackdoor,andclearinginvadetrace.
Thirdpart:
NetworkSecurityApplications
ThispartintroducesSecurityConcerns,KerberosandX.509AuthenticationService,atthesametime,thispartexplainsthedefensetechniqueofnetworksafety,thesafetyprojectofFirewalls,IDS,andsoon.
三、课程教学目标
Uponsuccessfulcompletionofthiscourse,undergraduatesshouldbeableto:
∙explainvariousinsecurityfactorsinthenetwork;
∙understandsomemethodsandtechnologiesfornetworkattacks;
∙beabletosolvesomeordinaryproblemsonnetworksecurityindependently;
∙beabletoestablishanappropriatesafestrategyforprotectingnetworksecurity.
四、教学内容与要求
Thecoursewillincludethefollowing:
Firstpart:
Encryption
Chapter1Introduction
【教学目的与要求】
Uponsuccessfulcompletionofthischapter,undergraduatesshouldbeableto:
∙rememberComputerSecurityConcepts;
∙masterSecurityAttacks;
∙masterSecurityServices.
【教学重点】
1.ComputerSecurityConcepts
【教学难点】
1.SecurityAttacks
2.SecurityServices
1.1ComputerSecurityConcepts
1.ADefinitionofComputerSecurityExamples
2.TheChallengesofComputerSecurity
3.TheOSISecurityArchitecture
1.2SecurityAttacks
1.PassiveAttacks
2.ActiveAttacks
1.3SecurityServices
1.Authentication
2.AccessControl
3.DataConfidentiality
4.DataIntegrity
5.Nonrepudiation
6.AvailabilityService
1.4SecurityMechanisms
1.5AModelforNetworkSecurity
Chapter2SymmetricEncryptionMessageConfidentiality
【教学目的与要求】
Uponsuccessfulcompletionofthischapter,undergraduatesshouldbeableto:
∙rememberConventionalEncryptionPrinciples;
∙masterCipherBlockModesofOperation;
∙understandConventionalEncryptionAlgorithms;
∙understandKeyDistributionMechanism
【教学重点】
1.ConventionalEncryptionPrinciples
2.ConventionalEncryptionAlgorithms
【教学难点】
1.CipherBlockModesofOperation
2.LocationofEncryptionDevices
3.KeyDistributionMechanism.
2.1SymmetricEncryptionPrinciples
1.Cryptography
2.Cryptanalysis
3.FeistelCipherStructure
2.2SymmetricBlockEncryptionAlgorithms
1.DataEncryptionStandard
2.TripleDES
3.AdvancedEncryptionStandard
2.3RandomandPseudorandomNumbers
1.TheUseofRandomNumbers
2.TRNGs,PRNGs,andPRFs
2.4StreamCiphersandRC4
1.StreamCipherStructure
2.TheRC4Algorithm
2.5CipherBlockModesofOperation
1.ElectronicCodebookMode
2.CipherBlockChainingMode
3.CipherFeedbackMode
4.CounterMode
Chapter3Public-KeyCryptographyandMessageAuthentication
【教学目的与要求】
Uponsuccessfulcompletionofthischapter,undergraduatesshouldbeableto:
∙understandApproachestoMessageAuthentication;
∙masterSecureHashFunctions;
∙understandPublic-KeyCryptographyPrinciples
∙masterPublic-KeyCryptographyAlgorithms
∙masterDigitalSignatures
∙masterKeyManagement.
【教学重点】
1.ApproachestoMessageAuthentication
2.SecureHashFunctions;
【教学难点】
1.Public-KeyCryptographyPrinciples
2.Public-KeyCryptographyAlgorithms
3.DigitalSignatures
4.KeyManagement.
3.1ApproachestoMessageAuthentication
1.AuthenticationUsingConventionalEncryption
2.MessageAuthenticationwithoutMessageEncryption
3.2SecureHashFunctions
1.HashFunctionRequirements
2.SecurityofHashFunctions
3.SimpleHashFunctions
TheSHASecureHashFunction
3.3MessageAuthenticationCodes
1.HMAC
2.MACsBasedonBlockCiphers
3.4Public-KeyCryptographyPrinciples
1.Public-KeyEncryptionStructure
2.ApplicationsforPublic-KeyCryptosystems
3.RequirementsforPublic-KeyCryptography
3.5Public-KeyCryptographyAlgorithms
1.TheRSAPublic-KeyEncryptionAlgorithm
2.Diffie-HellmanKeyExchange
3.OtherPublic-KeyCryptographyAlgorithms
3.6DigitalSignatures
Chapter4KeyDistributionandUserAuthentication
【教学目的与要求】
Uponsuccessfulcompletionofthischapter,undergraduatesshouldbeableto:
∙understandKerberos;
∙understandX.509AuthenticationService
【教学重点】
1.X.509AuthenticationService.
【教学难点】
1.Kerberos;
4.1SymmetricKeyDistributionUsingSymmetricEncryption
4.2Kerberos
1.KerberosVersion4
2.KerberosVersion5
4.3KeyDistributionUsingAsymmetricEncryption
1.Public-KeyCertificates
2.Public-KeyDistributionofSecretKeys
4.4X.509Certificates
1.Certificates
2.X.509Version3
Secondpart:
VirusesandIntruders
Chapter5TheComputer“Viruses”andrelatedOther“MaliciousPrograms”
【教学目的与要求】
Uponsuccessfulcompletionofthischapter,undergraduatesshouldbeableto:
∙rememberComputer“Viruses”definitions
∙rememberComputer“Viruses”definitionsPhases
∙understandComputer“Viruses”Structure
∙understandAntivirusApproaches
∙understandAdvancedAntivirusTechniques
∙understandTrojanhorseandrelatedthreats
【教学重点】
1.Computer“Viruses”definitions
2.Computer“Viruses”definitionsPhases
3.Computer“Viruses”Structure
4.TypesofViruses;
【教学难点】
1.AntivirusApproaches
2.AdvancedAntivirusTechniques
3.Trojanhorseandrelatedthreats
5.1TypesOfMaliciousSoftware
1.Backdoor
2.LogicBomb
3.TrojanHorses
4.MobileCode
5.Multiple-ThreatMalware
5.2Viruses
1.TheNatureofViruses
2.VirusesClassification
3.VirusKits
4.MacroViruses
5.E-MailViruses
5.3VirusCountermeasures
1.AntivirusApproaches
2.AdvancedAntivirusTechniques
5.4Worms
1.TheMorrisWorm
2.WormPropagationModel
3.RecentWormAttacks
4.StateofWormTechnology
5.MobilePhoneWorms
6.WormCountermeasures
5.5DistributedDenialOfServiceAttacks
1.DDoSAttackDescription
2.ConstructingtheAttackNetwork
3.DDoSCountermeasures
Chapter6Intruders
【教学目的与要求】
Uponsuccessfulcompletionofthischapter,undergraduatesshouldbeableto:
∙understandNetworkintrusionmethods
∙rememberthemethodofPasswordManagement
∙understandFiveStepsofNetworkIntrusion
【教学重点】
1.Networkintrusionmethods
2.PasswordManagement
【教学难点】
1.FiveStepsofNetworkIntrusion
6.1Intruders
1.IntruderBehaviorPatterns
2.IntrusionTechniques
6.2PasswordManagement
1.PasswordProtection
2.PasswordSelectionStrategies
6.3FiveStepsofNetworkIntrusion
1.ConcealingIPaddress
2.Scanningobjectcomputer
3.Aacquiringadministrator’sauthority
4.Plantingbackdoor
5.Clearinginvadetrace.
6.4NetworkIntrusionMethods
1.Socialengineeringattacks
2.Violenceattacks
3.Bufferoverflowattacks
4.Unicodeattacks
Chapter7Theprotocolfoundationofinformationsecurity
【教学目的与要求】
Uponsuccessfulcompletionofthischapter,undergraduatesshouldbeableto:
∙understandthevulnerabilitiesofordinarynetworkprotocols
∙rememberOrdinarynetworkserviceports
∙RememberOrdinarynetworkdiagnosiscommands
【教学重点】
1.OSIreferencemodel
2.TCP/IPmodel
3.Ordinarynetworkserviceports
4.Ordinarynetworkdiagnosiscommands
【教学难点】
1.Thevulnerabilitiesofordinarynetworkprotocols
7.1OSIreferencemodelandTCP/IPmodel
7.2Thevulnerabilitiesofordinarynetworkprotocols
1.ThevulnerabilitiesofIP
2.ThevulnerabilitiesofTCP
3.ThevulnerabilitiesofICMP
4.ThevulnerabilitiesofUDP
5.ThevulnerabilitiesofARP
7.3Ordinarynetworkservices
1.FTPservice
2.Telnetservice
3.E-mailservice
4.Webservice
7.4Qrdinarynetworkdiagnosiscommands
1.Ping
2.Ipconfig
3.Netstat
4.Net
5.At
Thirdpart:
NetworkSecurityApplications
Chapter8FirewallandIDS
【教学目的与要求】
Uponsuccessfulcompletionofthischapter,undergraduatesshouldbeableto:
∙understandFirewalldesignprinciples
∙understandFirewallLocationandConfigurations
【教学重点】
1.Firewalldesignprinciples
【教学难点】
1.FirewallLocationandConfigurations
8.1TheNeedforFirewalls
8.2FirewallCharacteristics
8.3TypesofFirewalls
1.PacketFilteringFirewall
2.StatefulInspectionFirewalls
3.Application-LevelGateway
4.Circuit-LevelGateway
8.4FirewallBasing
1.BastionHost
2.Host-BasedFirewalls
3.PersonalFirewall
8.5FirewallLocationandConfigurations
1.DMZNetworks
2.VirtualPrivateNetworks
3.DistributedFirewalls
4.SummaryofFirewallLocationsandTopologies
Chapter9IDS
【教学目的与要求】
Uponsuccessfulcompletionofthischapter,undergraduatesshouldbeableto:
∙understandIDSdesignprinciples
∙understandRule-BasedIntrusionDetectionSystem
∙understandDistributedIntrusionDetectionSystem
【教学重点】
1.IDSdesignprinciples
【教学难点】
1.Rule-BasedIntrusionDetection
2.DistributedIntrusionDetection
9.1TheintroductionofIDS
9.2IntrusionDetection
1.AuditRecords
2.StatisticalAnomalyDetection
3.Rule-BasedIntrusionDetection
4.DistributedIntrusionDetection
9.3Honeypots
五、实践环节
Therearefiveexperiments,asfollow:
1.DESalgorithm;
2.RSAalgorithm;
3.Authenticationapplication;
4.TheoperationmethodofTrojanhorse;
5.DoSattack.
六、教学方法与手段
Thiscourseshouldbecarriedoutinthenetworkinformationsecuritysimulationlaboratory.
七、各教学环节学时分配
序号
教学章
理论讲授学时
实验(践)
学时
讨论、测验等学时
1
Chap
升级会员 