网络信息安全教学大纲双语

1、课程编号：3001430400信息安全课 程 教 学 大 纲吉 林 财 经 大 学二五 年 八 月信息安全课程教学大纲（双语课）一、课程基本信息1课程编号：30014304002英文名称：Information Security3课程模块：专业限选课4课程学时：总计 54 学时，其中，实验（践）10 学时5学 分：36先（预）修课程：计算机网络7适用专业：计算机科学与技术8修订时间：2015.8二、课程简介This course usually can be divided into three parts. First part: EncryptionThis part introduces

2、 Classical encryption techniques and public-key encryption, such as RSA, DES, PGP, digital signatures and authentication protocols.Second part: Viruses and Intruders This part introduces Computer “Viruses” and related Other “Malicious Programs”, and introduces some attack techniques of network secur

3、ity in detail. There are five steps of concealing IP address, scanning object computer, acquiring administrators authority, planting back door, and clearing invade trace.Third part: Network Security ApplicationsThis part introduces Security Concerns, Kerberos and X.509 Authentication Service, at the

4、 same time, this part explains the defense technique of network safety, the safety project of Firewalls, IDS, and so on.三、课程教学目标Upon successful completion of this course, undergraduates should be able to:· explain various insecurity factors in the network;· understand some methods and tech

5、nologies for network attacks; · be able to solve some ordinary problems on network security independently;· be able to establish an appropriate safe strategy for protecting network security.四、教学内容与要求The course will include the following:First part: EncryptionChapter 1 Introduction【教学目的与要求】

6、Upon successful completion of this chapter, undergraduates should be able to:· remember Computer Security Concepts;· master Security Attacks; · master Security Services.【教学重点】1. Computer Security Concepts【教学难点】1. Security Attacks2. Security Services1.1 Computer Security Concepts1. A D

7、efinition of Computer Security Examples2. The Challenges of Computer Security3. The OSI Security Architecture1.2 Security Attacks1. Passive Attacks2. Active Attacks1.3 Security Services1. Authentication2. Access Control3. Data Confidentiality4. Data Integrity5. Nonrepudiation6. Availability Service1

8、.4 Security Mechanisms1.5 A Model for Network SecurityChapter 2 Symmetric Encryption Message Confidentiality 【教学目的与要求】Upon successful completion of this chapter, undergraduates should be able to :· remember Conventional Encryption Principles ;· master Cipher Block Modes of Operation; ·

9、; understand Conventional Encryption Algorithms;· understand Key Distribution Mechanism 【教学重点】1. Conventional Encryption Principles2. Conventional Encryption Algorithms【教学难点】1.Cipher Block Modes of Operation2. Location of Encryption Devices3. Key Distribution Mechanism.2.1 Symmetric Encryption

10、Principles1. Cryptography2. Cryptanalysis3. Feistel Cipher Structure2.2 Symmetric Block Encryption Algorithms1. Data Encryption Standard2. Triple DES3. Advanced Encryption Standard2.3 Random and Pseudorandom Numbers1. The Use of Random Numbers2. TRNGs, PRNGs, and PRFs2.4 Stream Ciphers and RC41. Str

11、eam Cipher Structure2. The RC4 Algorithm2.5 Cipher Block Modes of Operation1. Electronic Codebook Mode2. Cipher Block Chaining Mode3. Cipher Feedback Mode4. Counter ModeChapter 3 Public-Key Cryptography and Message Authentication 【教学目的与要求】Upon successful completion of this chapter, undergraduates sh

12、ould be able to:· understand Approaches to Message Authentication;· master Secure Hash Functions; · understand Public-Key Cryptography Principles· master Public-Key Cryptography Algorithms· master Digital Signatures· master Key Management. 【教学重点】1. Approaches to Message

13、 Authentication2. Secure Hash Functions;【教学难点】1.Public-Key Cryptography Principles2. Public-Key Cryptography Algorithms3. Digital Signatures4. Key Management.3.1 Approaches to Message Authentication1. Authentication Using Conventional Encryption2. Message Authentication without Message Encryption3.2

14、 Secure Hash Functions1. Hash Function Requirements2. Security of Hash Functions3. Simple Hash FunctionsThe SHA Secure Hash Function3.3 Message Authentication Codes1. HMAC2. MACs Based on Block Ciphers3.4 Public-Key Cryptography Principles1. Public-Key Encryption Structure2. Applications for Public-

15、Key Cryptosystems3. Requirements for Public-Key Cryptography3.5 Public-Key Cryptography Algorithms1. The RSA Public-Key Encryption Algorithm2. Diffie-Hellman Key Exchange3. Other Public-Key Cryptography Algorithms3.6 Digital Signatures Chapter 4 Key Distribution and User Authentication 【教学目的与要求】Upon

16、 successful completion of this chapter, undergraduates should be able to:· understand Kerberos;· understand X.509 Authentication Service【教学重点】1. X.509 Authentication Service.【教学难点】1.Kerberos;4.1 Symmetric Key Distribution Using Symmetric Encryption4.2 Kerberos1. Kerberos Version 42. Kerber

17、os Version 54.3 Key Distribution Using Asymmetric Encryption1. Public-Key Certificates2. Public-Key Distribution of Secret Keys4.4 X.509 Certificates1. Certificates2. X.509 Version 3Second part: Viruses and IntrudersChapter 5 The Computer “Viruses” and related Other “Malicious Programs”【教学目的与要求】Upon

18、 successful completion of this chapter, undergraduates should be able to:· remember Computer “Viruses” definitions· remember Computer “Viruses” definitions Phases· understand Computer “Viruses” Structure· understand Antivirus Approaches· understand Advanced Antivirus Techniq

19、ues· understand Trojan horse and related threats 【教学重点】1. Computer “Viruses” definitions2. Computer “Viruses” definitions Phases3. Computer “Viruses” Structure4. Types of Viruses;【教学难点】1. Antivirus Approaches2. Advanced Antivirus Techniques3. Trojan horse and related threats5.1 Types Of Malicio

20、us Software1. Backdoor2. Logic Bomb3. Trojan Horses4. Mobile Code5. Multiple-Threat Malware5.2 Viruses1. The Nature of Viruses2. Viruses Classification3. Virus Kits4. Macro Viruses5. E-Mail Viruses5.3 Virus Countermeasures1. Antivirus Approaches2. Advanced Antivirus Techniques5.4 Worms1. The Morris

21、Worm2. Worm Propagation Model3. Recent Worm Attacks4. State of Worm Technology5. Mobile Phone Worms6. Worm Countermeasures5.5 Distributed Denial Of Service Attacks1. DDoS Attack Description2. Constructing the Attack Network3. DDoS CountermeasuresChapter 6 Intruders【教学目的与要求】Upon successful completion

22、 of this chapter, undergraduates should be able to:· understand Network intrusion methods· remember the method of Password Management· understand Five Steps of Network Intrusion 【教学重点】1. Network intrusion methods2. Password Management【教学难点】1. Five Steps of Network Intrusion6.1 Intrude

23、rs1. Intruder Behavior Patterns2. Intrusion Techniques6.2 Password Management1. Password Protection2. Password Selection Strategies6.3 Five Steps of Network Intrusion1. Concealing IP address2. Scanning object computer3. Aacquiring administrators authority4. Planting back door5. Clearing invade trace

24、.6.4 Network Intrusion Methods1. Social engineering attacks2. Violence attacks3. Buffer overflow attacks4. Unicode attacksChapter7 The protocol foundation of information security 【教学目的与要求】Upon successful completion of this chapter, undergraduates should be able to:· understand the vulnerabiliti

25、es of ordinary network protocols· remember Ordinary network service ports· Remember Ordinary network diagnosis commands【教学重点】1. OSI reference model2. TCP/IP model3. Ordinary network service ports4. Ordinary network diagnosis commands【教学难点】1. The vulnerabilities of ordinary network protocol

26、s7.1 OSI reference model and TCP/IP model7.2 The vulnerabilities of ordinary network protocols1. The vulnerabilities of IP2. The vulnerabilities of TCP3. The vulnerabilities of ICMP4. The vulnerabilities of UDP5. The vulnerabilities of ARP7.3 Ordinary network services1. FTP service2. Telnet service3

27、. E-mail service 4. Web service7.4 Qrdinary network diagnosis commands1. Ping2. Ipconfig3. Netstat4. Net 5. AtThird part: Network Security ApplicationsChapter8 Firewall and IDS 【教学目的与要求】Upon successful completion of this chapter, undergraduates should be able to:· understand Firewall design pri

28、nciples· understand Firewall Location and Configurations 【教学重点】1. Firewall design principles【教学难点】1. Firewall Location and Configurations8.1 The Need for Firewalls8.2 Firewall Characteristics8.3 Types of Firewalls1. Packet Filtering Firewall2. Stateful Inspection Firewalls3. Application-Level G

29、ateway4. Circuit-Level Gateway8.4 Firewall Basing1. Bastion Host2. Host-Based Firewalls3. Personal Firewall8.5 Firewall Location and Configurations1. DMZ Networks2. Virtual Private Networks3. Distributed Firewalls4. Summary of Firewall Locations and TopologiesChapter9 IDS 【教学目的与要求】Upon successful co

30、mpletion of this chapter, undergraduates should be able to:· understand IDS design principles · understand Rule-Based Intrusion Detection System· understand Distributed Intrusion Detection System【 教学重点】1. IDS design principles【教学难点】1. Rule-Based Intrusion Detection2. Distributed Intru

31、sion Detection9.1 The introduction of IDS9.2 Intrusion Detection1. Audit Records2. Statistical Anomaly Detection3. Rule-Based Intrusion Detection4. Distributed Intrusion Detection9.3 Honeypots五、实践环节There are five experiments，as follow：1. DES algorithm；2. RSA algorithm；3. Authentication application;4

32、.The operation method of Trojan horse；5. DoS attack.六、教学方法与手段This course should be carried out in the network information security simulation laboratory.七、各教学环节学时分配序号教学章理论讲授学时实验（践）学时讨论、测验等学时1Chapter 1 Introduction42Chapter 2 Symmetric Encryption Message Confidentiality 623Chapter 3 Public-Key Cryptography and Message Authentication624Chapter 4 Key Distribution and User Authentication625Chapter 5 The Computer “Viruses” and related Other “Malicious Programs”426Chapter 6 Intruders 627Chapter 7 The protocol foundation of information security68Chapter 8 Firewall29Chapter