Introduction to Computer Security,

Spring 2017

Instructor: Prof. Ying-Dar Lin, ydlin@cs.nctu.edu.tw,www.cs.nctu.edu.tw/~ydlin

Lecture hours: 10:10-12:00AM Mon. & 9:00-9:50AM Wed., at ED117

Course homepage: http://speed.cis.nctu.edu.tw/~ydlin/course/cn/ics.html


Course Objectives:

Ever since the first worm, Morris Worm, released through the Internet in 1988, the attack-defense game between hackers and administrators never ends. To better protect our ICT (Information and Communications Technology) systems, we need to understand first what hacking techniques have been developed over the years and then see their countermeasures. This course first prepares students with background on data security (with cryptography), access security, and system security. After that, a practical textbook is used to illustrate how hackers attack the systems, which falls in the scope of system security. We begin from how hackers understand the target systems with scanning and enumeration, but left with their footprints. Then we see how hackers penetrate clients and servers running Windows and UNIX. The most recent hacking technique with malware inside exchanged documents, Advanced Persistent Threat (APT), is covered herein. Next we see how hackers hijack a system from outside, through the network traffic or external interfaces. The targets include wireline and wireless infrastructure, VoIP systems, and handheld devices. At the end, we see how hackers attack applications and their databases behind, with techniques like buffer overflow and SQL injection. How Android and iOS applications become victims or vehicles are also covered. Countermeasures are interleaved with hacking techniques and summarized at the end. Throughout the course, you could learn tools packed in Kali Linux https://www.kali.org/ , including wget, teleport, dirbuster, privoxy, nslookup, traceroute, nmap, tor, socat, proxychains, havij, sqlmap, burpsuite, hackbar, xerxes, android-sdk, netcat, telnet, grendel-scan, johntheripper, cain, metasploit, logclean-ng, nta-monitor, ikeprobe, sivus, sipvicious, poisonivy, aircrack-ng, etc.


Loading:

The loading for students includes (1) 6 homework sets (hand-writing and hands-on with screen dumps), (2) a per-person term project report (one-page proposal dues after midterm, 8-page, excluding screen dumps but including figures and tables, report due before the final exam), (3) 5-8 quizzes (5-min with 3-5 questions) randomly distributed among the lectures, and (4) midterm and final exams. The final homework is heavier and more like a term project where students are expected to use as many tools as possible to hack a system. The textbook does not come with presentation slides, and the lectures will be using limited slides and blackboard. Thus, students are expected to read the textbook.


Textbook:

Stuart McClure, Joel Scambray, George Kurtz, “Hacking Exposed 7: Network Security Secrets & Solutions,” McGraw-Hill, July 2012. (available at books.com.tw (博客來) at http://www.books.com.tw/products/F012670826, 1750 NT; paperback also available at amazon.com, 30.43 USD plus shipping and handling)


Reference:

  1. Ying-Dar Lin, Ren-Hung Hwang, Fred Baker, “Computer Networks: An Open Source Approach,” Chapter 8 Network Security, McGraw-Hill, Feb 2011. (hardcover at 100 USD available at Amazon.com; paperback international student edition available at 1000 NT at開發圖書, www.kaifabook.com.tw, kf.book@msa.hinet.net, TEL: 02-8242-3988)

  2. William Stallings, “Cryptography and Network Security, 6th edition,” Prentice Hall, March 2013.


Grading:

Homework (x6) 30%, Project 10%, Quiz (x5-8) 10%, Midterm 25%, Final 25%.


Course Outline: