本课程主要介绍计算机安全的基本原理,以及常见的攻击手段和防御机制。为了更好的加深对真实世界网络攻击的理解,
本课程为学生提供一个可以动手测试的实时软件和网络系统环境。本课程将同时教授攻击手段和防御机制,这样让学生理
解现实生活中的攻防对抗。本课程教授的内容主要包括的攻击手段(例如:缓冲溢出、dirty COW、 格式字符串、跨站脚
本攻击、返回导向编程),黑客基础(例如:扫描和侦察),防御机制(例如:入侵检测系统、防火墙)。本课程将通过
高强度的实验,以及使用真实世界的恶意软件,漏洞利用,防御等来训练学生。
This course aims help students to learn the principles of computer security and understand how various security attacks
and countermeasures work. It provides hands-on experience in playing with security software and network systems in a
live laboratory environment, with the purpose of understating real-world threats. The course will take both offensive and
defense methods to help student explore security tools and attacks in practice. It will focus on attacks (e.g., buffer
overflow, dirty COW, format-string, XSS, and return oriented programming), hacking fundamentals (e.g., scanning and
reconnaissance), defenses (e.g., intrusion detection systems and firewalls). Students are expected to finish intensive lab
assignments that use real-world malware, exploits, and defenses.
本课程将提供真实世界攻防的深度体验。在课程完成时,学生于应该获得以下技能:
理解真实世界中的安全漏洞,攻击利用,以及防御体系。
具有网络和系统安全试验的动手经历。
学习到计算机安全的基本知识,现实安全问题,以及对应的解决方案。
This course offers an in-depth experience of real-world threats and defence. Upon successful completion of this class,
the student will gain experience in:
Understanding on real-world security vulnerabilities, exploits and defence.
Having hands-on labs in network and system security experiments.
Learning knowledge of practical security problems and their solutions.
课程内容及教学日历 (如授课语言以英文为主,则课程内容介绍可以用英文;如团队教学或模块教学,教学日历须注明
主讲人)
Course Contents (in Parts/Chapters/Sections/Weeks. Please notify name of instructor for course section(s), if
this is a team teaching or module course.)