CS536100 網路安全 Network Security 黃能富 教授 (Professor Nen-Fu Huang) 清大資工系, E-mail: nfhuang@cs.nthu.edu.tw 助教: 紀成璞, 清大資工系碩士班 axdc11239@gmail.com
Network Security Outline Introduction Layer 2 network security Switch security VLAN security Layer 3 network security Router security, Access Control List(ACL) Layer 4 network security Firewall, Flow classification technologies, Layer 7 network security Deep Packet Inspection (DPI) technologies, Intrusion Detection System (IDS), Snort Intrusion Prevention System (IPS), Anti-virus,
Network Security Outline Application identification technologies, Protocols headers, packet contents Encrypted packets Machine learning based traffic/Application identification Machine learning tools Attributes selection Botnet detection and prevention technologies, IRC, p2p, http, honey-pot Cloud security Virtual machine isolation, security cloud data center, Network Virtualization
課程進行方式 翻轉式教學, 自主學習, 線上預習, 練習, 複習 課程內容: www.sharecourse.net (每周開放內容) 請修課同學上網註冊, 選課 DoS/DDoS 網路攻擊與防禦演練 Botnet 佈建與經營演練 期末計畫 (Term project), Malware Snort rules generation and evaluation. (針對特定 惡意程式產生其 Snort rule, 並驗證之) 論文選讀報告 (Paper study and presentation) 每人一篇論文, 口頭 + 書面 報告 網路安全專家專題演講 (4-5 場次) 惡意程式分析 APT 攻擊受法分析 Botnet 分析與追蹤技術
Cloud + SRAGP + SDN (Snort Rule Generation) Rule Generation VMs Snort Rules Automatic Generation Platform Botnet Master Rules Malwares Malware Samples > 200,000 Snort Rules DB Malware Dispatcher Bot Security Rules Server DoS Attack SDN Switches (Pica8) SDN Controller
Cloud + SDN + Security (Attack Blocking) Rule Generation VMs Snort Rules Automatic Generation Platform Botnet Master Rules Malwares Malware Samples > 200,000 Snort Rules DB Malware Dispatcher Bot Security Rules Server DoS Attack Rules Rules SDN Switches (Pica8) SDN Controller
Network Security 成績考核方式 成績考核(Evaluation) 線上期中考 (Min-term test) 30% 線上期末考 (Final test) 30% DoS/DDoS 網路攻擊與防禦演練 10% Botnet 佈建與經營演練 10% 惡意程式分析期末計畫 (Term project) 10%, 網路安全相關論文報告 (Paper study and presentation) 10% (同儕評分) 平時成績 5% (課堂與專題演講出席等)