電腦攻擊與防禦
The Attack and Defense of
Computers
CE6107
許富皓
Reference Books
• Hacking Exposed, Fifth Edition
– Authors: Stuart McClure, Joel Scambray, and
George Kurtz
– Publisher: Mc Graw Hill
• Practical Unix & Internet Security, 3rd
Edition
– Authors: Simson Garfinkel and Gene Spafford
– Publisher: O Reilly
Contents:
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
Footprinting
Scanning
Enumeration
Port-Scanning
OS fingerprinting.
Hacking Unix
Buffer Overflow Attacks/Return Into Libc Attacks
Internet Worm
Format String Attacks
Input Validation Attacks
Integer Overflow and Integer Sign Attacks
TCP session Hijackng
Denial of Service Attacks/Distributed DoS
Malware: Virus, Trojan Horse, Spyware, Rootkit, Dialer, Key logger
Cross Site Script (XSS)
SQL Injection
Important Security Conferences:
• http://www.cl.cam.ac.uk/Research/Security/conferences/all.html
• IEEE Symposium on Security and Privacy
• USENIX Security Symposium ACM Conference on
•
•
•
•
•
Computer and Communications Security (CCS)
International Symposium on Recent Advances in
Intrusion Detection (RAID)
Sigcomm (http://www.acm.org/sigs/sigcomm/)
Infocom (http://www.ieee-infocom.org/)
ICDCS
ACSAC
Grading:
• Final 40%
• Assignment 55%
• Attendance: 5%