Tìm kiếm tài liệu miễn phí

Trang 5 - An ninh - Bảo mật (5.214)

Lecture notes on Computer and network security: Lecture 23 - Avinash Kak

Lecture 23, port and vulnerability scanning, packet sniffing, intrusion detection, and penetration testing. After studying this chapter you will be able to understand: Port scanners, the nmap port scanner, vulnerability scanners, the nessus vulnerability scanner, packet sniffers, intrusion detection, the metasploit framework, the netcat utility.


Lecture notes on Computer and network security: Lecture 29 - Avinash Kak

Lecture 29 - Bots, botnets, and the DDoS attacks. In this chapter, the learning objectives are: Bots and bot masters, command and communication needs of a botnet, the IRC protocol and a command-line IRC client, freenode IRC network for open-source projects and the WeeChat IRC client, a mini bot for spewing out third-party spam, DDoS attacks and strategies for mitigating against them, some well-known bots and their exploits.


Lecture notes on Computer and network security: Lecture 30 - Avinash Kak

Lecture 30, mounting targeted attacks with trojans and social engineering - Cyber espionage. The goals of this chapter are: Can a well-engineered network be broken into? Socially engineered email lures, trojans and the gh0stRAT trojan, cyber espionage, exploiting browser vulnerabilities.


Lecture notes on Computer and network security: Lecture 7 - Avinash Kak

Lecture 7, finite fields (Part 4: Finite fields of the form GF(2n ) - Theoretical underpinnings of modern cryptography). The goals of this chapter are: To review finite fields of the form GF(2n), to show how arithmetic operations can be carried out by directly operating on the bit patterns for the elements of GF(2n), Perl and Python implementations for arithmetic in a Galois Field using my BitVector modules.


Lecture notes on Computer and network security: Lecture 9 - Avinash Kak

Lecture 9, using block and stream ciphers for secure wired and wifi communications. The goals of this chapter are: To present 2DES and its vulnerability to the meet-in-the-middle attack, to present two-key 3DES and three-key 3DES, to present the five different modes in which a block cipher can be used in practical systems for secure communications,...


Lecture notes on Computer and network security: Lecture 20 - Avinash Kak

Lecture 20: PGP, IPSec, SSL/TLS, and Tor Protocols. After studying this chapter you will be able to understand: PGP: A case study in email security, key management issues in PGP, packet-level security with IPSec, transport Layer Security with SSL/TLS, heartbeat extension to the SSL/TLS protocol, the tor protocol for anonymized routing.


Lecture notes on Computer and network security: Lecture 25 - Avinash Kak

Lecture 25, security issues in structured peer-to-peer networks. This topic will describe: What are peer-to-peer (P2P) overlay networks, distributed hash tables (DHT), the chord protocol, the pastry protocol, the kademlia protocol, the bittorrent file sharing protocol, security aspects of structured DHT-based P2P protocols.


Lecture notes on Computer and network security: Lecture 26 - Avinash Kak

Lecture 26, small-world peer-to-peer networks and their security issues. This chapter include objectives: differences between structured P2P and small-world P2P, freenet as originally envisioned by Ian Clarke, the small-world phenomenon, demonstration of the small-world phenomenon by computer simulation, decentralized routing in small-world networks,...


Lecture notes on Computer and network security: Lecture 31 - Avinash Kak

Lecture 31, filtering out spam. After studying this chapter you will be able to understand: Spam and computer security; how i read my email; the acronyms MTA, MSA, MDA, MUA, etc; structure of email messages; how spammers alter email headers; a very brief introduction to regular expressions; an overview of procmail based spam filtering; writing procmail recipes.


Lecture notes on Computer and network security: Lecture 3 - Avinash Kak

Lecture 3, block ciphers and the data encryption standard. This chapter include objectives: To introduce the notion of a block cipher in the modern context, to talk about the infeasibility of ideal block ciphers, to introduce the notion of the feistel cipher structure, to go over DES and the data encryption standard.


Lecture notes on Computer and network security: Lecture 8 - Avinash Kak

Lecture 8 - AES: The advanced encryption standard. In this chapter you will learn: Salient features of AES, the encryption key and its expansion, the overall structure of AES, the four steps in each round of processing, the substitution bytes step: subbytes and invsubbytes, the shift rows step: shiftrows and invshiftrows, the mix columns step: mixcolumns and invmixcolumns, the key expansion algorithm.


Lecture notes on Computer and network security: Lecture 11 - Avinash Kak

Lecture 11, prime numbers and discrete logarithms. The goals of this chapter are: Primality testing, fermat’s little theorem, the totient of a number, the miller-rabin probabilistic algorithm for testing for primality, python and perl implementations for the miller-rabin primality test, the AKS deterministic algorithm for testing for primality, chinese remainder theorem for modular arithmetic with large composite moduli, discrete logarithms.


Lecture notes on Computer and network security: Lecture 12 - Avinash Kak

Lecture 12, public-key cryptography and the RSA algorithm. In this chapter, the learning objectives are: To review public-key cryptography, to demonstrate that confidentiality and sender-authentication can be achieved simultaneously with public-key cryptography, to review the RSA algorithm for public-key cryptography,...


Lecture notes on Computer and network security: Lecture 14 - Avinash Kak

Lecture 14, elliptic curve cryptography and digital rights management. The goals of this chapter are: Introduction to elliptic curves, a group structure imposed on the points on an elliptic curve, geometric and algebraic interpretations of the group operator, elliptic curves on prime finite fields, Perl and Python implementations for elliptic curves on prime finite fields,...


Lecture notes on Computer and network security: Lecture 16 - Avinash Kak

Lecture 16 - TCP/IP vulnerabilities and DoS attacks: IP spoofing, SYN flooding, and the shrew DoS attack. The goals of this chapter are: To review the IP and TCP packet headers, controlling TCP traffic congestion and the shrew DoS attack, the TCP SYN flood attack for denial of service, IP source address spoofing attacks,...


Lecture notes on Computer and network security: Lecture 18 - Avinash Kak

Lecture 18, packet filtering firewalls (Linux). The goals of this chapter are: Packet-filtering vs. proxy-server firewalls; the four iptables supported by the Linux kernel: filter, nat, mangle, and raw; creating and installing new firewall rules; structure of the filter table, connection tracking and extension modules, designing your own filtering firewall.


Lecture notes on Computer and network security: Lecture 4 - Avinash Kak

Lecture 4: Finite fields (Part 1: Groups, rings, and fields theoretical underpinnings of modern cryptography). This chapter includes contents: Why study finite fields? What does it take for a set of objects to? infinite groups and abelian groups, rings, integral domain, fields.


Lecture notes on Computer and network security: Lecture 5 - Avinash Kak

Lecture 5, finite fields (Part 2: Modular arithmetic theoretical underpinnings of modern cryptography). This chapter include objectives: To review modular arithmetic, to present Euclid’s GCD algorithms, to present the prime finite field Zp, to show how Euclid’s GCD algorithm can be extended to find multiplicative inverses, Perl and Python implementations for calculating GCD and multiplicative inverses.


Lecture notes on Computer and network security: Lecture 10 - Avinash Kak

Lecture 10, key distribution for symmetric key cryptography and generating random numbers. The goals of this chapter are: Why might we need key distribution centers? Master key vs. session key, hierarchical and decentralized key distributions, generating pseudorandom numbers.


Lecture notes on Computer and network security: Lecture 15 - Avinash Kak

Lecture 15, hashing for message authentication. The goals of this chapter are: What is a hash function? Different ways to use hashing for message authentication, the one-way and collision-resistance properties of secure hash functions, the birthday paradox and the birthday attack, structure of cryptographically secure hash functions,...


Lecture notes on Computer and network security: Lecture 22 - Avinash Kak

Lecture 22 - Malware: Viruses and worms. After studying this chapter you will be able to understand: Attributes of a virus, educational examples of a virus in Perl and Python, attributes of a worm, educational examples of a worm in Perl and Python, some well-known worms of the past, the conficker and stuxnet worms, how afraid should we be of viruses and worms?


Lecture notes on Computer and network security: Lecture 27 - Avinash Kak

Lecture 27 - Web security: PHP exploits, SQL injection, and the slowloris attack. In this chapter, students will be able to understand: What do we mean by web security? PHP and its system program execution functions, an example of a PHP exploit that spews out third-party spam, MySQL with row-level security, SQL injection attack, the slowloris attack, protecting your web server with mod-security.


Lecture notes on Computer and network security: Lecture 28 - Avinash Kak

Lecture 28 - Web security: Cross-site scripting and other browser-side exploits. The goals of this chapter are: JavaScript for handling cookies in your browser, server-side cross-site scripting vs. client-side cross-site scripting, client-side cross-site scripting attacks, heap spray attacks, the w3af framework for testing web applications.


Lecture notes on Computer and network security: Lecture 2 - Avinash Kak

Lecture 2, classical encryption techniques. This chapter includes contents: Basic vocabulary of encryption and decryption, building blocks of classical encryption techniques, caesar cipher, the swahili angle, monoalphabetic ciphers, the all-fearsome statistical attack, multiple-character encryption to mask plaintext structure, another multi-letter cipher, polyalphabetic ciphers,...


Lecture notes on Computer and network security: Lecture 13 - Avinash Kak

Lecture 13 - Certificates, digital signatures, and the diffie-hellman key exchange algorithm. The goals of this chapter are: Authenticating users and their public keys with certificates signed by Certificate Authorities (CA), exchanging session keys with public-key cryptography, X.509 certificates, Perl and Python code for harvesting RSA moduli from X.509 certificates, the Diffie-Hellman algorithm for exchanging session keys.


Lecture notes on Computer and network security: Lecture 17 - Avinash Kak

Lecture 17, DNS and the DNS cache poisoning attack. After studying this chapter you will be able to understand: The domain name system, BIND, configuring BIND, running BIND on your Ubuntu laptop, light-weight nameservers (and how to install them), DNS cache poisoning attack, writing perl and python code for cache poisoning attacks.


Lecture notes on Computer and network security: Lecture 24 - Avinash Kak

Lecture 24, the dictionary attack and the rainbow-table attack on password protected systems. The goals of this chapter are: The dictionary attack, thwarting a dictionary attack with log scanning, cracking passwords with direct table lookup, cracking passwords with hash chains, cracking password with rainbow tables.


Lecture notes on Computer and network security: Lecture 21 - Avinash Kak

Lecture 21, buffer overflow attack. After studying this chapter you will be able to understand: Services and ports; a case study on buffer overflow vulnerabilities: the telnet service; buffer overflow attack: understanding the call stack; overrunning the allocated memory in a call stack; demonstration of program misbehavior because of buffer overflow; using gdb to craft program inputs for exploiting buffer-overflow vulnerability.


Lecture notes on Computer and network security: Lecture 32 - Avinash Kak

Lecture 32, security vulnerabilities of mobile devices. The learning objectives for this chapter include: What makes mobile devices less vulnerable to malware (to the extent that is the case) and Android’s “Verify Apps” security scanner, protection provided by sandboxing the apps, security (or lack thereof) provided by over-the-air encryption for cellular communications with a Python implementation of A5/1 cipher,...


Lecture notes on Computer and network security: Lecture 6 - Avinash Kak

Lecture 6, finite fields (Part 3: Polynomial arithmetic theoretical underpinnings of modern cryptography). The goals of this chapter are: To review polynomial arithmetic, polynomial arithmetic when the coefficients are drawn from a finite field, the concept of an irreducible polynomial, polynomials over the GF(2) finite field.


Tài liệu mới download

Pháp Luật Đại Cương - Bài 7
  • 26/02/2011
  • 79.150
  • 479
Pháp Luật Đại Cương - Bài 6
  • 26/02/2011
  • 12.485
  • 768

Từ khóa được quan tâm

Có thể bạn quan tâm

Bộ sưu tập

Danh mục tài liệu