網(wǎng)絡信息安全教學大綱雙語

1、課程編號：3001430400信息安全課 程 教 學 大 綱吉 林 財 經(jīng) 大 學二五 年 八 月信息安全課程教學大綱（雙語課）一、課程基本信息1課程編號：30014304002英文名稱：Information Security3課程模塊：專業(yè)限選課4課程學時：總計 54 學時，其中，實驗（踐）10 學時5學 分：36先（預）修課程：計算機網(wǎng)絡7適用專業(yè)：計算機科學與技術8修訂時間：2015.8二、課程簡介This course usually can be divided into three parts. First part: EncryptionThis part introduces

2、 Classical encryption techniques and public-key encryption, such as RSA, DES, PGP, digital signatures and authentication protocols.Second part: Viruses and Intruders This part introduces Computer “Viruses” and related Other “Malicious Programs”, and introduces some attack techniques of network secur

3、ity in detail. There are five steps of concealing IP address, scanning object computer, acquiring administrators authority, planting back door, and clearing invade trace.Third part: Network Security ApplicationsThis part introduces Security Concerns, Kerberos and X.509 Authentication Service, at the

4、 same time, this part explains the defense technique of network safety, the safety project of Firewalls, IDS, and so on.三、課程教學目標Upon successful completion of this course, undergraduates should be able to:· explain various insecurity factors in the network;· understand some methods and tech

5、nologies for network attacks; · be able to solve some ordinary problems on network security independently;· be able to establish an appropriate safe strategy for protecting network security.四、教學內(nèi)容與要求The course will include the following:First part: EncryptionChapter 1 Introduction【教學目的與要求】

6、Upon successful completion of this chapter, undergraduates should be able to:· remember Computer Security Concepts;· master Security Attacks; · master Security Services.【教學重點】1. Computer Security Concepts【教學難點】1. Security Attacks2. Security Services1.1 Computer Security Concepts1. A D

7、efinition of Computer Security Examples2. The Challenges of Computer Security3. The OSI Security Architecture1.2 Security Attacks1. Passive Attacks2. Active Attacks1.3 Security Services1. Authentication2. Access Control3. Data Confidentiality4. Data Integrity5. Nonrepudiation6. Availability Service1

8、.4 Security Mechanisms1.5 A Model for Network SecurityChapter 2 Symmetric Encryption Message Confidentiality 【教學目的與要求】Upon successful completion of this chapter, undergraduates should be able to :· remember Conventional Encryption Principles ;· master Cipher Block Modes of Operation; ·

9、; understand Conventional Encryption Algorithms;· understand Key Distribution Mechanism 【教學重點】1. Conventional Encryption Principles2. Conventional Encryption Algorithms【教學難點】1.Cipher Block Modes of Operation2. Location of Encryption Devices3. Key Distribution Mechanism.2.1 Symmetric Encryption

10、Principles1. Cryptography2. Cryptanalysis3. Feistel Cipher Structure2.2 Symmetric Block Encryption Algorithms1. Data Encryption Standard2. Triple DES3. Advanced Encryption Standard2.3 Random and Pseudorandom Numbers1. The Use of Random Numbers2. TRNGs, PRNGs, and PRFs2.4 Stream Ciphers and RC41. Str

11、eam Cipher Structure2. The RC4 Algorithm2.5 Cipher Block Modes of Operation1. Electronic Codebook Mode2. Cipher Block Chaining Mode3. Cipher Feedback Mode4. Counter ModeChapter 3 Public-Key Cryptography and Message Authentication 【教學目的與要求】Upon successful completion of this chapter, undergraduates sh

12、ould be able to:· understand Approaches to Message Authentication;· master Secure Hash Functions; · understand Public-Key Cryptography Principles· master Public-Key Cryptography Algorithms· master Digital Signatures· master Key Management. 【教學重點】1. Approaches to Message

13、 Authentication2. Secure Hash Functions;【教學難點】1.Public-Key Cryptography Principles2. Public-Key Cryptography Algorithms3. Digital Signatures4. Key Management.3.1 Approaches to Message Authentication1. Authentication Using Conventional Encryption2. Message Authentication without Message Encryption3.2

14、 Secure Hash Functions1. Hash Function Requirements2. Security of Hash Functions3. Simple Hash FunctionsThe SHA Secure Hash Function3.3 Message Authentication Codes1. HMAC2. MACs Based on Block Ciphers3.4 Public-Key Cryptography Principles1. Public-Key Encryption Structure2. Applications for Public-

15、Key Cryptosystems3. Requirements for Public-Key Cryptography3.5 Public-Key Cryptography Algorithms1. The RSA Public-Key Encryption Algorithm2. Diffie-Hellman Key Exchange3. Other Public-Key Cryptography Algorithms3.6 Digital Signatures Chapter 4 Key Distribution and User Authentication 【教學目的與要求】Upon

16、 successful completion of this chapter, undergraduates should be able to:· understand Kerberos;· understand X.509 Authentication Service【教學重點】1. X.509 Authentication Service.【教學難點】1.Kerberos;4.1 Symmetric Key Distribution Using Symmetric Encryption4.2 Kerberos1. Kerberos Version 42. Kerber

17、os Version 54.3 Key Distribution Using Asymmetric Encryption1. Public-Key Certificates2. Public-Key Distribution of Secret Keys4.4 X.509 Certificates1. Certificates2. X.509 Version 3Second part: Viruses and IntrudersChapter 5 The Computer “Viruses” and related Other “Malicious Programs”【教學目的與要求】Upon

18、 successful completion of this chapter, undergraduates should be able to:· remember Computer “Viruses” definitions· remember Computer “Viruses” definitions Phases· understand Computer “Viruses” Structure· understand Antivirus Approaches· understand Advanced Antivirus Techniq

19、ues· understand Trojan horse and related threats 【教學重點】1. Computer “Viruses” definitions2. Computer “Viruses” definitions Phases3. Computer “Viruses” Structure4. Types of Viruses;【教學難點】1. Antivirus Approaches2. Advanced Antivirus Techniques3. Trojan horse and related threats5.1 Types Of Malicio

20、us Software1. Backdoor2. Logic Bomb3. Trojan Horses4. Mobile Code5. Multiple-Threat Malware5.2 Viruses1. The Nature of Viruses2. Viruses Classification3. Virus Kits4. Macro Viruses5. E-Mail Viruses5.3 Virus Countermeasures1. Antivirus Approaches2. Advanced Antivirus Techniques5.4 Worms1. The Morris

21、Worm2. Worm Propagation Model3. Recent Worm Attacks4. State of Worm Technology5. Mobile Phone Worms6. Worm Countermeasures5.5 Distributed Denial Of Service Attacks1. DDoS Attack Description2. Constructing the Attack Network3. DDoS CountermeasuresChapter 6 Intruders【教學目的與要求】Upon successful completion

22、 of this chapter, undergraduates should be able to:· understand Network intrusion methods· remember the method of Password Management· understand Five Steps of Network Intrusion 【教學重點】1. Network intrusion methods2. Password Management【教學難點】1. Five Steps of Network Intrusion6.1 Intrude

23、rs1. Intruder Behavior Patterns2. Intrusion Techniques6.2 Password Management1. Password Protection2. Password Selection Strategies6.3 Five Steps of Network Intrusion1. Concealing IP address2. Scanning object computer3. Aacquiring administrators authority4. Planting back door5. Clearing invade trace

24、.6.4 Network Intrusion Methods1. Social engineering attacks2. Violence attacks3. Buffer overflow attacks4. Unicode attacksChapter7 The protocol foundation of information security 【教學目的與要求】Upon successful completion of this chapter, undergraduates should be able to:· understand the vulnerabiliti

25、es of ordinary network protocols· remember Ordinary network service ports· Remember Ordinary network diagnosis commands【教學重點】1. OSI reference model2. TCP/IP model3. Ordinary network service ports4. Ordinary network diagnosis commands【教學難點】1. The vulnerabilities of ordinary network protocol

26、s7.1 OSI reference model and TCP/IP model7.2 The vulnerabilities of ordinary network protocols1. The vulnerabilities of IP2. The vulnerabilities of TCP3. The vulnerabilities of ICMP4. The vulnerabilities of UDP5. The vulnerabilities of ARP7.3 Ordinary network services1. FTP service2. Telnet service3

27、. E-mail service 4. Web service7.4 Qrdinary network diagnosis commands1. Ping2. Ipconfig3. Netstat4. Net 5. AtThird part: Network Security ApplicationsChapter8 Firewall and IDS 【教學目的與要求】Upon successful completion of this chapter, undergraduates should be able to:· understand Firewall design pri

28、nciples· understand Firewall Location and Configurations 【教學重點】1. Firewall design principles【教學難點】1. Firewall Location and Configurations8.1 The Need for Firewalls8.2 Firewall Characteristics8.3 Types of Firewalls1. Packet Filtering Firewall2. Stateful Inspection Firewalls3. Application-Level G

29、ateway4. Circuit-Level Gateway8.4 Firewall Basing1. Bastion Host2. Host-Based Firewalls3. Personal Firewall8.5 Firewall Location and Configurations1. DMZ Networks2. Virtual Private Networks3. Distributed Firewalls4. Summary of Firewall Locations and TopologiesChapter9 IDS 【教學目的與要求】Upon successful co

30、mpletion of this chapter, undergraduates should be able to:· understand IDS design principles · understand Rule-Based Intrusion Detection System· understand Distributed Intrusion Detection System【 教學重點】1. IDS design principles【教學難點】1. Rule-Based Intrusion Detection2. Distributed Intru

31、sion Detection9.1 The introduction of IDS9.2 Intrusion Detection1. Audit Records2. Statistical Anomaly Detection3. Rule-Based Intrusion Detection4. Distributed Intrusion Detection9.3 Honeypots五、實踐環(huán)節(jié)There are five experiments，as follow：1. DES algorithm；2. RSA algorithm；3. Authentication application;4

32、.The operation method of Trojan horse；5. DoS attack.六、教學方法與手段This course should be carried out in the network information security simulation laboratory.七、各教學環(huán)節(jié)學時分配序號教學章理論講授學時實驗（踐）學時討論、測驗等學時1Chapter 1 Introduction42Chapter 2 Symmetric Encryption Message Confidentiality 623Chapter 3 Public-Key Cryptography and Message Authentication624Chapter 4 Key Distribution and User Authentication625Chapter 5 The Computer “Viruses” and related Other “Malicious Programs”426Chapter 6 Intruders 627Chapter 7 The protocol foundation of information security68Chapter 8 Firewall29Chapter