Lecture hours: 10:10-12:00AM Mon. & 9:00-9:50AM Wed., at ED117
Course homepage: http://speed.cis.nctu.edu.tw/~ydlin/course/cn/ics.html
Ever since the first worm, Morris Worm, released through the Internet in 1988, the attack-defense game between hackers and administrators never ends. To better protect our ICT (Information and Communications Technology) systems, we need to understand first what hacking techniques have been developed over the years and then see their countermeasures. This course first prepares students with background on data security (with cryptography), access security, and system security. After that, a practical textbook is used to illustrate how hackers attack the systems, which falls in the scope of system security. We begin from how hackers understand the target systems with scanning and enumeration, but left with their footprints. Then we see how hackers penetrate clients and servers running Windows and UNIX. The most recent hacking technique with malware inside exchanged documents, Advanced Persistent Threat (APT), is covered herein. Next we see how hackers hijack a system from outside, through the network traffic or external interfaces. The targets include wireline and wireless infrastructure, VoIP systems, and handheld devices. At the end, we see how hackers attack applications and their databases behind, with techniques like buffer overflow and SQL injection. How Android and iOS applications become victims or vehicles are also covered. Countermeasures are interleaved with hacking techniques and summarized at the end. Throughout the course, you could learn tools packed in Kali Linux https://www.kali.org/ , including wget, teleport, dirbuster, privoxy, nslookup, traceroute, nmap, tor, socat, proxychains, havij, sqlmap, burpsuite, hackbar, xerxes, android-sdk, netcat, telnet, grendel-scan, johntheripper, cain, metasploit, logclean-ng, nta-monitor, ikeprobe, sivus, sipvicious, poisonivy, aircrack-ng, etc.
The loading for students includes (1) 6 homework sets (hand-writing and hands-on with screen dumps), (2) a per-person term project report (one-page proposal dues after midterm, 8-page, excluding screen dumps but including figures and tables, report due before the final exam), (3) 5-8 quizzes (5-min with 3-5 questions) randomly distributed among the lectures, and (4) midterm and final exams. The final homework is heavier and more like a term project where students are expected to use as many tools as possible to hack a system. The textbook does not come with presentation slides, and the lectures will be using limited slides and blackboard. Thus, students are expected to read the textbook.
Stuart McClure, Joel Scambray, George Kurtz, “Hacking Exposed 7: Network Security Secrets & Solutions,” McGraw-Hill, July 2012. (available at books.com.tw (博客來) at http://www.books.com.tw/products/F012670826, 1750 NT; paperback also available at amazon.com, 30.43 USD plus shipping and handling)
Homework (x6) 30%, Project 10%, Quiz (x5-8) 10%, Midterm 25%, Final 25%.
1. Data Security
2. Access Security
3. System SecurityPart I Casing the Establishment
3. EnumerationPart II Endpoint and Server Hacking
4. Hacking Windows
5. Hacking UNIX
6. Cybercrime and Advanced Persistent ThreatsPart III Infrastructure Hacking
7. Remote Connectivity and VoIP Hacking
8. Wireless Hacking
9. Hacking HardwareIV Application and Data Hacking
10. Web and Database Hacking
11. Mobile Hacking
12. Countermeasures Cookbook