系统安全大纲

助教

1. 课程时间安排
   
   • 校历
   • 理论上一共要上16次课程，除去节假日，实际应只有15次
   • 每周五下午，每次3学时
   • 第一次课为3月3日
   • 第三次课(3月17日)吴老师不在

国外相关课程大纲

1. MIT(Computer Systems Security) ，有教案、无ppt

   • Introduction, Threat Models; Control Hijacking Attacks; Buffer Overflow Exploits and Defenses; Privilege Separation
   • Capabilities; Sandboxing Native Code
   • Web Security Model; Securing Web Applications;
   • Symbolic Execution; Ur / Web
   • Network Security; Network Protocols; SSL and HTTPS
   • Medical Software; Side-Channel Attacks; User Authentication;
   • Private Browsing; Anonymous Communication;
   • Mobile Phone Security
   • Data Tracking; Security Economics

2. CMU(Introduction to Computer Security, Network Security, and Applied Cryptography)

   • Trusting Trust; Control flow attacks; Control flow attack defenses
   • Introduction to cryptography
   • Web Security 1 (Jonathan) ; Web Security 2 (Jonathan)
   • Mobile Security
   • IDS and Detection Theory
   • Block ciphers (Ed Schwartz); MACs and hashes; Authenticated encryption

3. STANFORD(Computer and Network Security)

   • Part 1: Basics (Control hijacking attacks: exploits and defenses; Principle of least privilege, access control, and operating systems security; Tools for writing robust application code; Dealing with legacy code: sandboxing and isolation )
   • Part 2: Web Security(Basic web security model; Web application security; Session management and user authentication; Overview of cryptography; HTTPS: goals and pitfalls; Content Security Policies (CSP), Web workers, and extensions)
   • Part 3: Network security(Security issues in Internet protocols: TCP, DNS, and routing; Network defense tools: Firewalls, VPNs, Intrusion Detection, and filters; Unwanted traffic: denial of service attacks; Intel Software Guard Extensions (SGX) )
   • Part 4: Security of mobile platforms

4. BERKELEY(Security in Computer Systems )

   • Intro + memory safety; Intro + memory safety; Network security; Building systems with crypto & computing on encrypted data
   • Web security; Anonymous communication (Tor); Privacy
   • Trusted computing
   • Symbolic execution
   • Mobile security
   • Side channels
   • Security ethics and economics

5. PRINCETON(Information Security)

   • Message integrity and pseudorandom functions; Public-key cryptography
   • Network security
   • E-commerce security
   • Bitcoin
   • Privacy technologies (Web security and privacy; Web security and privacy)
   • Economics of security; Ethics of security
   • Anonymous communication
   • Spam

相关教材大纲

1. Network and System Security

   • Detecting-System-Intrusions
   • Preventing-System-Intrusions
   • Guarding-Against-Network-Intrusions
   • Securing-Cloud-Computing-Systems
   • Unix-and-Linux-Security
   • Eliminating-the-Security-Weakness-of-Linux-and-Unix-Operating-Systems
   • Internet-Security
   • Intranet-Security
   • Local-Area-Network-Security
   • Wireless-Network-Security
   • Cellular-Network-Security
   • RFID-Security
   • Optical-Wireless-Security
   • 每课之后都有习题

2. 计算机安全原理与实现

   • 教师可获取教辅资料

3. 计算机系统安全原理与技术

   • 教师可下载到免费的ppt电子教案

4. 计算机系统安全

   • 教师可下载到免费的ppt教案

大纲内容

• 网络安全：ssl/tls, https，匿名访问，tor
• web安全
• 入侵检测、入侵防御:
• 操作系统安全：
• 云安全（虚拟化安全）：
• 数据库安全（大数据）：
• 可信计算与多级安全、IT安全管理与风险评估、IT安全控制、计划和规程：
• 管理安全(问题): 物理安全、人力资源安全、安全审计、法律与道德问题、国内立法(《计算机安全原理与实现》)
• 手机安全、无线网络安全、移动设备安全

成绩

1. 6-7次课后作业 ？
2. 大的PJ ？
3. 期末阐述提 ？

习题

缓冲区溢出
写一个缓冲区溢出的程序

模拟ddos攻击的例子