1、内容内容l正文lIntrusion Detection Systems and Intrusion Response MechanismlAn Introduction to Information Securityl阅读材料lIntroduction to FirewalllInternet Security Architecture1 Intrusion Detection Systems and Intrusion Response Mechanisml1.Introductionl2.Intrusion responsesl2.1.Why Automatic Intrusion Res
2、ponse l2.2 The key factor of development of automatic intrusion response systemKey Wordslintrusion detection system入侵检测系统lanomalyn.异常lintrusion response system入侵反应系统lorifice n.漏洞NoteslThere are many solutions for the first problem,such as using new detection algorithms,improvement of old algorithms,
3、fusion of multiple classifiers and extending detection range of systems etc.l第一个问题有很多种解决方案,比如使用新的检测算法、改进已有的算法、融合多种分类器并扩展检测范围等等。lIntrusion responses are a series actions and countermeasures when an intrusion is detected.These actions and measures can prevent further attacks or restore the system to a
4、 normal state.l入侵响应是当检测到入侵后采取的一系列的行动和对策,这些行动和对策可以防止进一步的攻击或者恢复系统到正常状态。2 An Introduction to Information Securityl1.Information Security and Cryptographic Systems l1.1 What is Information Security?l1.2 What Services do Cryptographic Systems Provide?l2.Types of Cryptographic Systems l3.Security Services
5、 using Public-Key Cryptosystems l3.1 Public-Key Encryption Confidentialityl3.2 Digital Signaturesl3.3 Signed Challenges l3.4 Certification Authorities Key Wordslinformation security信息安全lconfidentialityn.机密性lconcealmentn.隐藏lauditn.审计lauthenticationn.验证lrepudiatev.否认lplaintextn.明文lciphertextn.加密文本lsym
6、metric-key cryptosystem对称密码体制lpublic-key cryptosystem公钥密码体制Key Wordsldivulgev.泄露lhash function散列函数lmessage digest信息摘要lchallengen.挑战lmutual authentication双向认证lsubtletyn.微妙之处,精华lcertificaten.证书lCertification Authority证书颁发机构lrevokev.撤销lreapv.获得NoteslSimply put,information security describes all measure
7、s taken to prevent unauthorized use of electronic data-whether this unauthorized use takes the form of disclosure,alteration,substitution,or destruction of the data concerned.l简而言之,信息安全描述了所有用于防止未经授权使用电子数据的方法。无论这个未授权所采用的是公开、修改、替代还是破坏相关数据的形式。lThat is,the receiver of a transaction is able to demonstrat
8、e to a neutral third party that the claimed sender did indeed send the transaction.l也就是说,事务的接收方能够向中立的第三方证明发送方的确发送了事务。NoteslReal-world applications are rarely straightforward,so a typical implementation will require that various services provided by a cryptosystem be combined to provide a variety of
9、services simultaneously.l用于实际生活的应用很少是简单的,所以一个典型的实现通常需要密码系统同时提供多种服务。lThe essential difference between the use of a public-key cryptosystem for signing and its use for encrypting is that the order in which the keys are used is reversed.l使用公钥加密技术进行签名和加密的根本区别在于使用密钥的顺序是相反的。NoteslSuppose that Eve is also
10、able to place a public key of her choice into this public directory,claiming that the key belongs to Bob.When Alice now encrypts confidential information and sends it to Bob,Eve intercepts the ciphertext and decrypts the information herself.l假设Eve也可以将自己选的公钥放入这个公共号码簿,并且声明这个密钥是Bob的。当Alice将经过加密的保密信息发给B
11、ob时,Eve可以截取加密文本并自己解密信息。Reading Material 1 Introduction to FirewallProtocols ApplicationsOSI Model LayerOSI Model DescriptionFirewall GenerationDNS,FTP,HTTP,etc.7ApplicationApplication Proxy6Presentation5SessionTCP/UDP4TransportPacket FilterIP3NetworkPacket Filter2Data Link1PhysicalTodays Firewall So
12、lution MatrixReading Material 1 Introduction to FirewallFirewall ArchitectureReading Material 2 Internet Security Architecture1.Introduction2.IP Security3.Transport Layer Security4.Key Management5.Domain Name System Security ExtensionsExercises 1.IDS stands for _.2._ are a series actions and counter
13、measures when an intrusion is detected.3.AIRS stands for _.4.Current intrusion response systems can be categorized as _,_,or _.5.Cryptographic systems(or cryptosystems)potentially provide all three objectives of information security:_,_,and _.6.In a cryptographic system,_ assurance that the parties involved in a real-time transaction are who they say they are.7.There are two broad classes of cryptosystems,known as _ cryptosystems and _ cryptosystems.8.In a cryptographic system,certificates are issued by a _,which is a third party trusted by all users.
