課程資訊
課程名稱
網路攻防實習
Practicum of Attacking and Defense of Network Security 
開課學期
107-1 
授課對象
電機資訊學院  電機工程學研究所  
授課教師
余子吉 
課號
EE5188 
課程識別碼
921 U2660 
班次
 
學分
3.0 
全/半年
半年 
必/選修
選修 
上課時間
星期三2,3,4(9:10~12:10) 
上課地點
電二225 
備註
總人數上限:40人 
Ceiba 課程網頁
http://ceiba.ntu.edu.tw/1071EE5188_ 
課程簡介影片
 
核心能力關聯
本課程尚未建立核心能力關連
課程大綱
為確保您我的權利,請尊重智慧財產權及不得非法影印
課程概述

Course Description:
Practicum is traditionally referenced as a course of supervised study in a professional field. In
the context of computing education, it is also used for practices at a lab environment which
emulates the real world situation. With the advancement of computing technology, a lab
environment could be a physical lab or a virtual lab.
This is a practicum course of computer network security where students will learn to create a
virtual computing network environment. Students will then use open source tools to create
different attacking scenarios and then implement defense solutions to protect the network from
those attacks. A major learning outcome is to design an enterprise network with security
consideration to protect from various hacking and intrusion attacks. The course starts with a
brief review of security requirements and then emerges students in various security tools to
experiment on various attacking and defense scenarios.
Approach:
The course adopts the learning-by-doing principle and follows the guideline provided by the
SEcurity EDucation (SEED) project where all the lab exercises are from the SEED project with
modification for clarification and more in-depth traffic analysis. Students will learn how
hackers launch network attacks by practicing these attacks in a Virtual Machine (VM)
environment. Students will then apply defense countermeasures to prevent or mitigate these
attacks.
According to its web site, the SEED project is adopted by hundreds of universities worldwide.
Lab Environment:
Students may download the virtual machines on their personal computing environment and
perform the labs on it. Some labs will require multiple physical computers and students may
team together to do those labs; however, each student submit their own lab report.
Students may also use the computing lab machines where the VMs are preinstalled. [Needs
verification if students could install VMs at a school computing lab.]
Policy on Academic Integrity
Strictly follows the school 

課程目標
1. Specify security requirements in an enterprise environment. Distinguish and classify
security attacks in four major categories: eavesdropping, authentication, integrity, and
availability.
2. Design the enterprise network for maximal security protection
3. Identify vulnerabilities in network protocols.
4. Practice Open-Source tools to emulate various security attacks.
5. Configure network device (e.g., firewall) to protect and defend security attacks.
6. Design, configure, and build Virtual Private Network (VPN) which can be adopted in a
real enterprise environment. Experiment with different encryption algorithms to
evaluate the effectiveness of security protection. 
課程要求
PREREQUISITE (knowledge):
1. TCP/IP protocols,
2. Linux operating system, and
3. One programming language course (C++ or Python is preferred)
GRADING:
1. Each Lab Exercise is 5%, total 14×5% = 70%
2. Midterm and final examination:
if Average (midterm, final) > 60, Lab Exercises 70%, Midterm 15%, Final 15%
if Average(midterm, final) is between 40 and 60, Lab Exercises 40%, Midterm 30%, Final 30%
if Average(midterm, final) < 40, Lab Exercises: 20%, Midterm 40%, Final 40% 
Office Hours
 
參考書目
教科書:
Wenliang Du, Computer Security: A Hands-on Approach,
CreateSpace Independent Publishing Platform; 2017
http://www.cis.syr.edu/~wedu/seed/book.html
,
參考書目:
1. William Stallings, Cryptography and Network Security: Principles and Practice, 7th ed.
Prentice Hall (2015)
2. Omar Santos and John Stuppi, CCNA Security 210-260 Official Cert Guide, Cisco Press,
(2015) 
指定閱讀
 
評量方式
(僅供參考)
   
課程進度
週次
日期
單元主題
第1週
09/12/2018  Introduction 
第2週
09/19/2018  Sniffing and Spoofing