技术每天都在发展,随着它的发展,它改变了我们的数字世界。互联网的使用呈指数级增长,使我们相应地更容易受到网络攻击。通过
计算机安全涉及保护计算机系统和信息免受损害、盗窃和未经授权的使用。用户经常受到攻击的主要原因是他们缺乏足够的防御措施来阻止入侵者,而网络犯罪分子很快就会利用这些弱点。计算机安全确保您的计算机及其存储数据的机密性、完整性和可用性。
计算机安全职业和工作
安全软件开发人员
安全软件开发人员负责构建软件并将安全性集成到应用程序中。他们的角色可能包括制定软件安全策略、在安全工具开发期间监督团队、参与软件的生命周期开发、测试漏洞以及参与向客户部署软件。
安全架构师
安全架构师为组织构建和执行完整的网络和计算机安全。他们创建复杂的安全框架并确保其功能。他们负责设计能够抵御黑客攻击、恶意软件和 DDoS 攻击的安全系统。
安全顾问
这些网络安全专家评估威胁、风险、问题,并为组织提出有效的安全解决方案。网络安全顾问 建议组织保护其有形资本和信息。在安全评估期间,他们必须处理广泛的变量。
信息安全分析师
将信息安全分析师视为网络的前线防御。他们负责设置防火墙和加密以防止安全漏洞,并持续监控和审核系统以发现可疑活动。
首席信息安全官
首席信息安全官或 CISO 管理公司 IT 安全部门的事务。他们计划、协调和监督所有计算机、网络和数据安全要求。它们决定了组织的网络安全需求。
IT安全顾问
IT 安全顾问就如何有效地保护他们的系统向客户提供建议。他们通常受雇于预算较小的小型公司和机构,有时甚至是大公司,以帮助其内部安全团队为系统挑战提供公正的外部视角。
安全系统管理员
安全系统管理员的工作包括数据、计算机和网络安全系统的安装、管理、维护和故障排除。他们负责安全系统的日常运作。例如监控系统、确保定期备份和管理个人用户帐户。
计算机安全代写案例: Computer Security Assignment CSE 127
For this assignment, you will implement an in-path network attack similar to China’s Great Cannon. The goal is to implement a man-in-the-middle attack that injects a specific iframe into certain targeted HTML pages. Unlike an arbitrarily-powerful in-path attacker, you will not be able to inject new packets, but you are able to decide whether to alter packets or allow them to pass through unmodified. You will write a Python function that inspects IP packets flying by on the wire and modifies them as it sees fit. Your solution is due on June 4, 2018 no later than 10:00 P.M. PDT. You may work with one other person in the class on this assignment; if you do so, you should only submit one solution for the two of you. You may not discuss your solution with anyone except your partner until seven days after the assignment deadline.
1 Overview
Here is the network topology:
[host] —— [switch] —– [Internet]
\
\________ [controller]
Both the host and the switch are emulated by Mininet, a popular network emulator, in the VM we provide. Since the switch connects the host to the Internet, it will see all traffic from and to the host. The switch is controlled by a controller via OpenFlow protocol. That is, the switch will send every packet it receives to the controller and does whatever the controller tells it. The controller is written using POX, a Python framework for writing OpenFlow controllers. In this project, you need to implement a function named manipulate packet in class Cannon (it can be found at /home/mininet/pox/pox/triton/cannon.py), which is called by the controller. Specifically, the controller passes every IP packet it receives from the switch to this function. This function needs to decide if the packet should be allowed to pass through unmodified, modified, or dropped.
2 Requirements
You must implement a function named manipulate packet in /home/mininet/pox/pox/triton/cannon.py. This function modifies certain HTTP replies to inject an iframe into the HTML of Web pages being loaded from the host. Which HTTP replies to modify and what iframe source to inject are provided in the Cannon class’s constructor arguments:
1. target domain re: a compiled regular expression. This argument specifies the domains which are candidates for attack.
2. url path re: a compiled regular expression. This regex specifies the URL paths that are candidates for attack.
3. iframe url: a string. If the Webpage load is subject to iframe injection, inject an iframe into its body tag with the src attribute equal to iframe url.
The caller always passes an IP packet object (an instance of class ipv4 in pox.lib.packet.ipv4) to Cannon.manipulate packet, and it is supposed to either return an IP packet object (either a modified packet or the one passed in as an argument), or None (a Python None object). A None object tells the caller that the packet in question should be dropped. If the Triton Cannon observes an HTTP response from a matching target domain with a matching URL path, then the cannon should inject an iframe as the last element before the
<iframe src=”%iframe url%”></iframe>
where %iframe url% is IFRAME URL defined in cannon.py. Do not add any bytes before or after the opening and closing iframe tags. In other words, the length of the modified Webpage should increase only by 24 plus the length of the iframe URL’s encoding, since 24 is the length of the string “”. Your code should not modify an HTTP reply if it does not belong to both the target domain and target URL path. If your code modifies a packet, its contents should only be based on the contents of packets observed up to that point; let’s say you are processing packet n, you should make a decision about packet n based on previous packets (packet 1 to n). You cannot cache packet n first and then decide to modify it based on, say packet n+ 1. Also, you code should NOT serve as a proxy that downloads the requested Web page on its own (e.g., via urllib) and serves it back to the client, with or without modifications to the page. Do not modify the name of the Cannon class or the signatures of the Cannon. init or Cannon.manipulate packet methods. Other than that, feel free to modify cannon.py in any way you find useful, or add new files to the triton package (/home/mininet/pox/pox/triton/).
3 The Environment
3.1 POX
The controller used in this project is in /home/mininet/pox/pox/forwarding/dummy.py. When it sees an IP
packet, it will pass it to manipulate packet. Based on the return value of manipulate packet, it may ask
the switch to route the packet returned from manipulate packet, or do nothing (drop the packet). Notice
the regexes for the target domain and URL paths are defined in this file.
Since the code you will write is inside POX, and POX has many useful data structures and library functions (e.g parsing TCP), you may want to look at what POX can provide you for free.
