課程介紹
課程內容
項次 | 課程大綱 |
(1) | Course Introduction |
(2) | OSI Network Layer Security:網路安全架構、區域網路交換概念及交換器管理與安全 |
(3) | 路由安全:基本概念與安全設定、網際網路協定及IPv4 規劃與安全 |
(4) | 密碼學、個資保護法及去識別化概論 |
(5) | 風險評鑑作業簡介及資訊安全系統(防火牆及入侵偵測概論) |
(6) | 建立資訊安全管理組織、系統安全開發方法論(惡意程式、防毒、漏洞風險及通報流程簡介) (實務) |
(7) | 資訊網路、系統架構即資料庫安全簡介 |
(8) | 多層次(縱深)防禦架構簡介 |
(9) | Midterm Exam. Time and Place to be announced. |
(10) | 駭客入侵及數位鑑識 |
(11) | 物聯網及工控資安概論 |
(12) | AI應於資安導論 |
(13) | 惡意樣本特徵解析及流量監控導論 |
(14) | 網路守護基本概念及區域安全兵棋推演:資安篇 |
(15) | 網段基本概念及AI 資安:流量監控miniSOC |
(16) | 網路封包基本概念及AI 資安:惡意加密流量 |
(17) | 同學的期末報告及研討 |
考核方式與比例
2.期中測驗 30% (期刊論文報告或考試)
3.期末報告 40% (報告15分鐘/1-2人一組/繳交投影片及報告)
教材資訊
●參考資訊:
1.本堂老師整理的投影片
2.教育部資訊安全人才培育計畫的參考投影片
3.Kali Linux滲透測試工具(第三版)
4.潘天佑(2012),資訊安全概論及實務(第三版),碁峯出版社。
5.李華峰(2020),不會C也是資安高手,用Python和駭客大戰三百回合,深智數位。
6.Mike Chapple, Darril Gibson, & James Michael Stewart. (2021). (ISC)2 CISSP Certified Information Systems Security Professional Official Study Guide, 9th Edition. Sybex.
7.期刊文獻報告:
(1) Hijji, & Alam, G. (2021). A Multivocal Literature Review on Growing Social Engineering Based Cyber-Attacks/Threats During the COVID-19 Pandemic: Challenges and Prospective Solutions. IEEE Access, 9, 7152–7169.
(2) CÎRNU, ROTUNĂ, C. I., VEVERA, A. V., & BONCEA, R. (2018). Measures to Mitigate Cybersecurity Risks and Vulnerabilities in Service-Oriented Architecture. Studies in Informatics and Control, 27(3), 359–368.
(3) Modi, Patel, D., Borisaniya, B., Patel, H., Patel, A., & Rajarajan, M. (2013). A survey of intrusion detection techniques in Cloud. Journal of Network and Computer Applications, 36(1), 42–57.
(4) Aryanto, Oudkerk, M., & van Ooijen, P. M. A. (2015). Free DICOM de-identification tools in clinical research: functioning and safety of patient privacy. European Radiology, 25(12), 3685–3695.
(5) Husák, Sadlek, L., Špaček, S., Laštovička, M., Javorník, M., & Komárková, J. (2022). CRUSOE: A toolset for cyber situational awareness and decision support in incident handling. Computers & Security, 115, 102609–.
(6) Scott. (2020). Red teaming financial crime risks in the banking sector. Journal of Financial Crime, 28(1)
(7) Ahmed, Hassan, R., & Othman, N. E. (2017). IPv6 Neighbor Discovery Protocol Specifications, Threats and Countermeasures: A Survey. IEEE Access, 5, 18187–18210.
(8) Pastor, A., Mozo, A., Vakaruk, S., Canavese, D., Lopez, D. R., Regano, L., Gomez-Canaval, S., & Lioy, A. (2020). Detection of Encrypted Cryptomining Malware Connections With Machine and Deep Learning. IEEE Access, Access, IEEE, 8, 158036–158055.
(9) Xu, Dong, W., Xing, J., Lei, W., Liu, J., Gong, L., Feng, M., Zheng, X., & Liu, S. (2023). Delay-CJ: A novel cryptojacking covert attack method based on delayed strategy and its detection. Digital Communications and Networks.
其他說明
●此科目為單學期成績及格可取得學分證明課程,恕無法扺免本校正規學制畢業學分。