Transcript 電腦攻擊與防禦 The Attack and Defense of Computers

電腦攻擊與防禦
The Attack and Defense of
Computers
CEA036
許富皓
• 本系設立宗旨：
– 培育具有開創性之資訊人才。
– 訓練具有專業性之技術人才。
– 研發具有前瞻性之資訊科技。
• 本系之教育目標為：
–
–
–
–
–
訓練獨立思考之專業能力。
養成團隊合作之互助精神。
建立開放多元之學習態度。
培養服務關懷之人文素養。
拓展創新前瞻之國際視野。
Reference Books
• Hacking Exposed, Fifth Edition
– Authors: Stuart McClure, Joel Scambray, and
George Kurtz
– Publisher: Mc Graw Hill
• Practical Unix & Internet Security, 3rd
Edition
– Authors: Simson Garfinkel and Gene Spafford
– Publisher: O Reilly
Contents:
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
Hacking Unix
Buffer Overflow Attacks/Return Into Libc Attacks
Internet Worm
Botnet
Format String Attacks
Input Validation Attacks
Integer Overflow and Integer Sign Attacks
TCP session Hijackng
Denial of Service Attacks/Distributed DoS
Malware: Virus, Trojan Horse, Spyware, Rootkit, Dialer, Key logger
Cross Site Script (XSS)
Cross Site Request Forgert
SQL Injection
Footprinting
Scanning
Port-Scanning
OS fingerprinting
Grading:
• Midterm 30%
• Final 35%
• Project 30%
• Attendance: 5%