Undergraduate Course Syllabus

Transcription

1 College of Software Engineering Undergraduate Course Syllabus Course ID Course Name Development Project for security product Course Attribute Compulsory Selective Course Language English Chinese Credit Hour 4 Period 64 Semester First Fall First Spring Second Fall Second Spring Instructors Description Third Fall Third Spring Fourth Fall Fourth Spring Liang Gang,Hu Xiao-qin This course will make students who select this course grasp the basic concepts, principles and technologies of computer network attack and defense, and help them understand the computer network attack and defense methods, tools, and technical characteristics. Make them to have the ability of constructing the application of network security. Therefore lay a foundation of further work and study on the network security. Prerequisites C Language Programming Operating System Computer Network Linux Network Security Textbook Course Webpage: cs.scu.edu.cn/~lianggang cs.scu.edu.cn/~huxiaoqing All vital information will appear on the course webpage, including lecture notes and programming assignments. Resource Mailing list: [email protected] [email protected] 1. William Stallings. Computer Security Principles and Practice.Beijing: China Machine Press,2008

2 2. William Stallings. Cryptography and Network Security Principles and Practices(Fourth Edition.Beijing:Publishing House of Electronics Indusity, Charles P. Pfleeger. Security in Computing(Fourth Edition. Beijing:Publishing House of Electronics Industry, Dieter Gollmann. Computer Security(Second Edition..Beijing:China Machine Press, W.Richard Stevens. Bill Fenner, Andrew M.Rudoff. UNIX Network Programming Volume 1:Sockets and XT1(Second Edition.Beijing:Tshinghua Ptress, Ed Skoudis. Counter Hack Reload(Second 2).Beijing:Publishing Houses of Electronics Industry, Wang Chun-hai. Virtual Machine Technology and exercise. Beijing:China Machine Ptress, W.Richard Stevens. TCP/IP Disseration Vol I:Protocol. Beijing: China, W.Richard Stevens. Advanced Programming in Unix Environment.. Beijing : China Machine Ptress, Douglas E.Comer, David L. Stevens.Internetworking With TCP/IP Vol III:Client-Server Programmng and Application.. Beijing:Publishing House of Electronics Industry, Dai Ying-xia. System Security and Intrusion Detection. Beijing:Tshinghua Press, John Shapley Gray. Unix Networking Programming Vol 2:Interprocess Communications (Second Edition).Beijing:Tshinghua Press, Zhu Yan-hui. Windows Firewall and Network Packet Capture technology. Beijing: Publishing Houses of Electronics Industry, Greg Holden. FireWall and Network Security Intrusion Detection and VPNS. Beiing: Tshinghua Press,2004 Grading Curriculum Design (30%), Class assignments (70%) 1. Overview (Theory: 2 Period, Topics 1.1 Significance of course, the course content and curriculum requirements; 1.2 The Overview of Virtual Machine; 2

3 1.2.1 The Installation of the VMWARE; The network settings of the VMWARE; How to Install Linux on VMWARE; The network settings of the Linux; The Data Exchange ways Between the Host and Guest 2. The Overview of Linux Development Environment (Theory: 2 Period, Experiment: 2 Period) 2.1 The overview of the VI; 2.2 How to use Gcc to Compile C program; 2.3 How to use Gdb to debug program; 2.4 The Overview of the Makefile; 3. An Introduction to Socket programming(theory :4 Period Experiment: 4 Period) 3.1 Socket Types and Protocols; 3.2 An Introduction to the function of the Socket; 3.4 How to use Socket to implement a Remote Control System; 4. Network Sniffer ( Theory:4 Period Experiment: 4 Period ) 4.1 An Overview of the Network Sniffer; 4.2 An introduction to Libpcap Library; 4.3 How to use Lipcap to Implement a Simple Network Sniffer; 4.4 How to use Lipcap to Implement a Simple Network Protocol Analyzer 5. The first report on the curriculum design ( Theory: 1 Period Experiment: 3 Period) 6. An introduction to Libnet( Theory: 4 Period Experiment: 4 Period) 6.1 An Overview of the Libnet; 6.2 How to use Libnet to Implement a Secret Port Scanner; 6.3 How to use Linnet to Implement a Dos Attacer; 7. IPTable(Theory:2 Period 3

4 7.1 An Overview of the IPTable; 7.2 The Installation and settings of the IPTables ; 7.3 How to use IPTable to implement a Simple Firewall; 8. The Second Report on the curriculum design ((Theory: 1 Period Experiment:3 Period) 9. An Introduction to Snort (Theory: 2 Period 9.1 An Overview of the Snort; 9.2 The introduction of the working ways of the Snort; 9.3 The installation and Settings of the snort; 9.4 Programming Self Rule On Snort; 9.5 How to use Snort to Act as a Intrusion Detection System; 10. An Introduction to the Libnids (Theory: 2 Period Experiment: 2 Period eriod) 10.1 An overview of the Libnids; 10.2 The Program Model to the Libnids; 10.3 How to Use Libnids to implement a Simple Intrusion Detection System; 11. An Intrusion to Openssh (Theory: 2 Period 11.1 An Overview of the Openssh; 11.2 An Introduction to the function of the Openssh; 11.3 How to Use Openssh to Implement a Safety Remote Access System; 12. Buffer Overflow (Theory: 2 Period Period 12.1 An Overview of the Buffer Overflow; 12.2 The Principle of the Buffer; 12.3 An introduction to Shellcode ; 12.4 How to Use Buffer Overflow to Get the right of the supervisor; 4

5 13. Virus Search Engine (Theory: 2 Period 13.1 The Working Principle of the Virus Search Engine; 13.2 How to implement a simple Virus Search Engine; 14. The Presentation of the Curriculum design (Theory: 1 Period Experiment:3 Period) Tools & Environment This course will require to use C/C++ analysis and design of software in linux Lab 1:The Data Exchange between Guest and Host Use u disk ssh vmtools and samba to exchange the data between the guest and host machine; Lab 2: Familiar Linux Development Environment Using Vi to generate the C code and Makefile; Using make and Makfile to compile the C code to elf file ; Using Gdb to debug the code. Projects Lab 3: Socket Program Using Udp protocol to implement a client and server program; The Client send i am client message to server; The server send hello client message to client after it receive the message from the client; Lab 4: Remote Control System 5

6 Using Tcp protocol to implement system client and server program; The server at least support 3 commands: list netlist route. If the server receives the list command, it will call list -al command and display the current directory files of the server on the client display. If the server receives the netlist command, it will call ifconfig -a command and display the settings of the network of the server on the client display. \ If the server receives the route command, it will call route a command sand display the information of the routing of the server on the client display. Lab 5: Network sniffer Using libpcap security package to achieve the basic function of sniffer Understanding the basic the role of the sniffer, capturing the packet by sniffer and understanding the message sent and monitoring capabilities of sniffer. Listening to all the packets of the host machine; Showing complete packet information. For example, the IP header, version, the length of header, type of service, packet length, type, ttl, source IP address, content options and etc;; Listening packet of the designated IP address, showing the complete content of the TCP packet considering the condition that a TCP packet may be divided into a number of IP packet transmission; Function verification: running ping,telnet and IE when starting sniffer program, to check program whether to return to the expected results, LAB 6 : A simple Network Protocols Analyzer Using libpcap security package to achieve the basic function of sniffer; Showing complete packet information. For example, the IP header, version, the length of header, type of service, packet length, type, ttl, source IP address, content options and etc; The Analyzer can print the type of the protocol of every capturing packet; 6

7 Lab 6: Using Libnet to Implement a DoS Attacker Familiar with the installation and settings of the libnet; Mastering the main function of the Libnet; Holding the basis, type and element of Dos; Holding the prevention and defence of DoS, and learning how to improve the ability what system resisting DoS attacking in simple network; Write your own code to implement a DoS attacking program based on the teacher s examples by C. Lab 7: A Secret Port Scanner Understanding the working principle of the port scanner; Using Libnet to implement a simple secret scanner and test it; Lab 8: A simple Firewall Understanding the working principle of the firewall; Mastering the instillation Setting and using of IPTable ; Using IPTable to construct a simple firewall and test it; Lab 9: Snort Understanding what is snort; Mastering the instillation Setting and using of Snort; Install and configure Snort on LINUX; Attacking the host which installed Snort by means of exploit programs which we study before, then inspecting whether Snort can detect the intrusion appeared more frequently; 7

8 Designing your own Snort rules, and validate your rules by experiment.. Lab 9: A Simple Intrusion Detection System Understanding the working principle of the intrusion detection system; Mastering the instillation Setting and using of libnids; Using the libnids to design and implement a simple intrusion detection system and test it ; Lab 10: Buffer overflow experiment Holding the elements of buffer overflow; Intrudeing remote host by using buffer overflow softwrae, and understanding the methods to defend and avoid buffer overflow; Write your own code to implement a buffer overflow program by C on previous basis. 8