网络信息安全教学大纲(双语).doc

《网络信息安全教学大纲(双语).doc》由会员分享，可在线阅读，更多相关《网络信息安全教学大纲(双语).doc（46页珍藏版）》请在淘文阁 - 分享文档赚钱的网站上搜索。

1、Four short words sum up what has lifted most successful individuals above the crowd: a little bit more.-author-date网络信息安全教学大纲(双语)网络信息安全教学大纲(双语)课程编号：3001430400信息安全课 程 教 学 大 纲吉 林 财 经 大 学二五 年 八 月信息安全课程教学大纲（双语课）一、课程基本信息1课程编号：30014304002英文名称：Information Security3课程模块：专业限选课4课程学时：总计 54 学时，其中，实验（践）10 学时5学 分

2、：36先（预）修课程：计算机网络7适用专业：计算机科学与技术8修订时间：2015.8二、课程简介This course usually can be divided into three parts. First part: EncryptionThis part introduces Classical encryption techniques and public-key encryption, such as RSA, DES, PGP, digital signatures and authentication protocols.Second part: Viruses and I

3、ntruders This part introduces Computer “Viruses” and related Other “Malicious Programs”, and introduces some attack techniques of network security in detail. There are five steps of concealing IP address, scanning object computer, acquiring administrators authority, planting back door, and clearing

4、invade trace.Third part: Network Security ApplicationsThis part introduces Security Concerns, Kerberos and X.509 Authentication Service, at the same time, this part explains the defense technique of network safety, the safety project of Firewalls, IDS, and so on.三、课程教学目标Upon successful completion of

5、 this course, undergraduates should be able to: explain various insecurity factors in the network; understand some methods and technologies for network attacks; be able to solve some ordinary problems on network security independently; be able to establish an appropriate safe strategy for protecting

6、 network security.四、教学内容与要求The course will include the following:First part: EncryptionChapter 1 Introduction【教学目的与要求】Upon successful completion of this chapter, undergraduates should be able to: remember Computer Security Concepts; master Security Attacks; master Security Services.【教学重点】1. Computer

7、 Security Concepts【教学难点】1. Security Attacks2. Security Services1.1 Computer Security Concepts1. A Definition of Computer Security Examples2. The Challenges of Computer Security3. The OSI Security Architecture1.2 Security Attacks1. Passive Attacks2. Active Attacks1.3 Security Services1. Authenticatio

8、n2. Access Control3. Data Confidentiality4. Data Integrity5. Nonrepudiation6. Availability Service1.4 Security Mechanisms1.5 A Model for Network SecurityChapter 2 Symmetric Encryption Message Confidentiality 【教学目的与要求】Upon successful completion of this chapter, undergraduates should be able to : reme

9、mber Conventional Encryption Principles ; master Cipher Block Modes of Operation; understand Conventional Encryption Algorithms; understand Key Distribution Mechanism 【教学重点】1. Conventional Encryption Principles2. Conventional Encryption Algorithms【教学难点】1.Cipher Block Modes of Operation2. Location of

10、 Encryption Devices3. Key Distribution Mechanism.2.1 Symmetric Encryption Principles1. Cryptography2. Cryptanalysis3. Feistel Cipher Structure2.2 Symmetric Block Encryption Algorithms1. Data Encryption Standard2. Triple DES3. Advanced Encryption Standard2.3 Random and Pseudorandom Numbers1. The Use

11、of Random Numbers2. TRNGs, PRNGs, and PRFs2.4 Stream Ciphers and RC41. Stream Cipher Structure2. The RC4 Algorithm2.5 Cipher Block Modes of Operation1. Electronic Codebook Mode2. Cipher Block Chaining Mode3. Cipher Feedback Mode4. Counter ModeChapter 3 Public-Key Cryptography and Message Authenticat

12、ion 【教学目的与要求】Upon successful completion of this chapter, undergraduates should be able to: understand Approaches to Message Authentication; master Secure Hash Functions; understand Public-Key Cryptography Principles master Public-Key Cryptography Algorithms master Digital Signatures master Key Manag

13、ement. 【教学重点】1. Approaches to Message Authentication2. Secure Hash Functions;【教学难点】1.Public-Key Cryptography Principles2. Public-Key Cryptography Algorithms3. Digital Signatures4. Key Management.3.1 Approaches to Message Authentication1. Authentication Using Conventional Encryption2. Message Authent

14、ication without Message Encryption3.2 Secure Hash Functions1. Hash Function Requirements2. Security of Hash Functions3. Simple Hash FunctionsThe SHA Secure Hash Function3.3 Message Authentication Codes1. HMAC2. MACs Based on Block Ciphers3.4 Public-Key Cryptography Principles1. Public-Key Encryption

15、 Structure2. Applications for Public-Key Cryptosystems3. Requirements for Public-Key Cryptography3.5 Public-Key Cryptography Algorithms1. The RSA Public-Key Encryption Algorithm2. Diffie-Hellman Key Exchange3. Other Public-Key Cryptography Algorithms3.6 Digital Signatures Chapter 4 Key Distribution

16、and User Authentication 【教学目的与要求】Upon successful completion of this chapter, undergraduates should be able to: understand Kerberos; understand X.509 Authentication Service【教学重点】1. X.509 Authentication Service.【教学难点】1.Kerberos;4.1 Symmetric Key Distribution Using Symmetric Encryption4.2 Kerberos1. Ke

17、rberos Version 42. Kerberos Version 54.3 Key Distribution Using Asymmetric Encryption1. Public-Key Certificates2. Public-Key Distribution of Secret Keys4.4 X.509 Certificates1. Certificates2. X.509 Version 3Second part: Viruses and IntrudersChapter 5 The Computer “Viruses” and related Other “Malicio

18、us Programs”【教学目的与要求】Upon successful completion of this chapter, undergraduates should be able to: remember Computer “Viruses” definitions remember Computer “Viruses” definitions Phases understand Computer “Viruses” Structure understand Antivirus Approaches understand Advanced Antivirus Techniques u

19、nderstand Trojan horse and related threats 【教学重点】1. Computer “Viruses” definitions2. Computer “Viruses” definitions Phases3. Computer “Viruses” Structure4. Types of Viruses;【教学难点】1. Antivirus Approaches2. Advanced Antivirus Techniques3. Trojan horse and related threats5.1 Types Of Malicious Software

20、1. Backdoor2. Logic Bomb3. Trojan Horses4. Mobile Code5. Multiple-Threat Malware5.2 Viruses1. The Nature of Viruses2. Viruses Classification3. Virus Kits4. Macro Viruses5. E-Mail Viruses5.3 Virus Countermeasures1. Antivirus Approaches2. Advanced Antivirus Techniques5.4 Worms1. The Morris Worm2. Worm

21、 Propagation Model3. Recent Worm Attacks4. State of Worm Technology5. Mobile Phone Worms6. Worm Countermeasures5.5 Distributed Denial Of Service Attacks1. DDoS Attack Description2. Constructing the Attack Network3. DDoS CountermeasuresChapter 6 Intruders【教学目的与要求】Upon successful completion of this ch

22、apter, undergraduates should be able to: understand Network intrusion methods remember the method of Password Management understand Five Steps of Network Intrusion 【教学重点】1. Network intrusion methods2. Password Management【教学难点】1. Five Steps of Network Intrusion6.1 Intruders1. Intruder Behavior Patter

23、ns2. Intrusion Techniques6.2 Password Management1. Password Protection2. Password Selection Strategies6.3 Five Steps of Network Intrusion1. Concealing IP address2. Scanning object computer3. Aacquiring administrators authority4. Planting back door5. Clearing invade trace.6.4 Network Intrusion Method

24、s1. Social engineering attacks2. Violence attacks3. Buffer overflow attacks4. Unicode attacksChapter7 The protocol foundation of information security 【教学目的与要求】Upon successful completion of this chapter, undergraduates should be able to: understand the vulnerabilities of ordinary network protocols re

25、member Ordinary network service ports Remember Ordinary network diagnosis commands【教学重点】1. OSI reference model2. TCP/IP model3. Ordinary network service ports4. Ordinary network diagnosis commands【教学难点】1. The vulnerabilities of ordinary network protocols7.1 OSI reference model and TCP/IP model7.2 Th

26、e vulnerabilities of ordinary network protocols1. The vulnerabilities of IP2. The vulnerabilities of TCP3. The vulnerabilities of ICMP4. The vulnerabilities of UDP5. The vulnerabilities of ARP7.3 Ordinary network services1. FTP service2. Telnet service3. E-mail service 4. Web service7.4 Qrdinary net

27、work diagnosis commands1. Ping2. Ipconfig3. Netstat4. Net 5. AtThird part: Network Security ApplicationsChapter8 Firewall and IDS 【教学目的与要求】Upon successful completion of this chapter, undergraduates should be able to: understand Firewall design principles understand Firewall Location and Configuratio

28、ns 【教学重点】1. Firewall design principles【教学难点】1. Firewall Location and Configurations8.1 The Need for Firewalls8.2 Firewall Characteristics8.3 Types of Firewalls1. Packet Filtering Firewall2. Stateful Inspection Firewalls3. Application-Level Gateway4. Circuit-Level Gateway8.4 Firewall Basing1. Bastion

29、 Host2. Host-Based Firewalls3. Personal Firewall8.5 Firewall Location and Configurations1. DMZ Networks2. Virtual Private Networks3. Distributed Firewalls4. Summary of Firewall Locations and TopologiesChapter9 IDS 【教学目的与要求】Upon successful completion of this chapter, undergraduates should be able to:

30、 understand IDS design principles understand Rule-Based Intrusion Detection System understand Distributed Intrusion Detection System【 教学重点】1. IDS design principles【教学难点】1. Rule-Based Intrusion Detection2. Distributed Intrusion Detection9.1 The introduction of IDS9.2 Intrusion Detection1. Audit Recor

31、ds2. Statistical Anomaly Detection3. Rule-Based Intrusion Detection4. Distributed Intrusion Detection9.3 Honeypots五、实践环节There are five experiments，as follow：1. DES algorithm；2. RSA algorithm；3. Authentication application;4.The operation method of Trojan horse；5. DoS attack.六、教学方法与手段This course shoul

32、d be carried out in the network information security simulation laboratory.七、各教学环节学时分配序号教学章理论讲授学时实验（践）学时讨论、测验等学时1Chapter 1 Introduction42Chapter 2 Symmetric Encryption Message Confidentiality 623Chapter 3 Public-Key Cryptography and Message Authentication624Chapter 4 Key Distribution and User Authen

33、tication625Chapter 5 The Computer “Viruses” and related Other “Malicious Programs”426Chapter 6 Intruders 627Chapter 7 The protocol foundation of information security68Chapter 8 Firewall29Chapter 9 IDS 22八、考核方式The final examination will be a two-hour, closed book examination. The experiment reports i

34、n this course will be worth a total value of 50% and a final examination worth 50%.In order to pass this course, undergraduates must satisfy both the following requirements: Undergraduates must pass the final examination; and Undergraduates must accomplish all experiment reports.九、推荐教材及参考资料1推荐教材1Wil

35、liam Stallings. Network Security Essentials: Applications and Standards (5rd Edition).Prentice Hall , 2013.2SHI Zhi-guo, XUE Wei-ming, JIANG Li.Teaching Material of ComputerNetwork Security.Tsinghua university press, 2011.2.2参考资料1 William Stallings. Cryptography and Network Security: Principles and

36、Practices. Publishing house of electronics industry, 2006.2 Wm.Arthur Conklin, Gregory B.White, Chuck Cothren, Dwayne Williams, Roger L.Davis. Principles of Computer Security: Security +TM and Beyond. Higher education press, 2005.3 YANG Mao-yun. Practical Teaching Book of Information and Network Security. Publishing house of electronics industry, 2007.大纲制定人：信息安全课程组大纲审定人：-