Computer & Internet Security: A Hands-on Approach ,2e

Wenliang Du



Teaching computer and network security principles via hands-on activities
Unique among computer security texts, the Second Edition of the Computer & Internet Security: A Hands-on Approach builds on the author’s long tradition of teaching this complex subject through a hands-on approach. For each security principle, the book uses a series of hands-on activities to help explain the principle; readers can "touch", play with, and experiment with the principle, instead of just reading about it. The hands-on activities are based on the author's widely adopted SEED Labs, which have been used by over 1000 institutes in more than 65 countries. 

Topics covered in the book
- Software security: attacks and countermeasures
- Web security: attacks and countermeasures
- Network security: attacks on TCP/IP and DNS
- Packet sniffing and spoofing
- Firewall and Virtual Private Network (VPN)
- Newly discovered attacks, including Meltdown and Spectre attacks on CPUs, Dirty COW, Shellshock, Heartbleed, Hash collision, etc.
- Common hacking and defense techniques
- Cryptography, PKI, and TLS programming
- Bitcoin and Blockchain




- 軟體安全:攻擊和對策
- 網站安全:攻擊和對策
- 網路安全:針對TCP/IP和DNS的攻擊
- 封包嗅探和偽造
- 防火牆和虛擬私人網路(VPN)
- 新發現的攻擊,包括對CPU的Meltdown和Spectre攻擊,Dirty COW,Shellshock,Heartbleed,Hash碰撞等
- 常見的駭客和防禦技術
- 密碼學、PKI和TLS程式設計
- 比特幣和區塊鏈


Dr. Wenliang (Kevin) Du is the Laura J. and L. Douglas Meredith Professor of Teaching Excellence at Syracuse University. He received his bachelor's degree from the University of Science and Technology of China in 1993, and got his PhD degree from Purdue University in 2001. He became a tenure-track assistant professor at Syracuse University after the graduation. He is currently a full professor in the Department of Electrical Engineering and Computer Science. Professor Du has taught courses in cybersecurity at both undergraduate and graduate levels since 2001. He promotes experiential learning in cybersecurity education. To provide students with hands-on experiences, funded by multiple grants from National Science Foundation and over a period of 17 years, he has developed over 30 labs (called SEED labs). These labs are now being used by over 1000 universities, colleges, and high schools in 65 countries. In 2010, his SEED project was highlighted by the National Science Foundation in a report sent to the US Congress. The report highlights "17 projects that represent cutting-edge creativity in undergraduate STEM classes nationwide". Due to the impact of the SEED labs, he received the "2017 Academic Leadership" award from the 21st Colloquium for Information System Security Education. In 2019, Syracuse University awarded him the Meredith Professorship for Teaching Excellence. Professor Du conducts research in the area of computer and network security, with a specific interest in system security. He has published over 100 technical papers. As of April 2019, his research work has been cited for over 14,100 times (based on Google Scholar). He is a recipient of the ACM CCS Test-of-Time Award in 2013 due to the impact of one of his papers published in 2003. His current research focuses on mobile system security, aiming at developing novel mechanisms at the operating system and hardware levels to enhance the security of smartphones and mobile devices. He also conducts research in security education, with a focus on developing platforms for experiential learning in cybersecurity.


杜文亮(Kevin)博士是美國雪城大學的Laura J.和L. Douglas Meredith卓越教學教授。他於1993年畢業於中國科技大學,並於2001年獲得普渡大學的博士學位。畢業後,他成為雪城大學的助理教授,現在是電機工程與計算機科學系的正教授。自2001年以來,杜教授一直在本科和研究生課程中教授網絡安全相關的課程。他提倡在網絡安全教育中進行實踐性學習。通過多項來自美國國家科學基金會的資助,他在過去17年中開發了30多個實驗室(稱為SEED實驗室),為學生提供實踐經驗。目前,這些實驗室已經在65個國家的1000多所大學、學院和高中中使用。2010年,他的SEED項目被美國國家科學基金會在向美國國會發送的一份報告中突出展示,該報告強調了“代表全國本科STEM課程中尖端創意的17個項目”。由於SEED實驗室的影響,他獲得了第21屆信息系統安全教育研討會頒發的“2017年學術領導獎”。2019年,雪城大學授予他Meredith卓越教學教授職位。杜教授在計算機和網絡安全領域進行研究,專注於系統安全。他發表了100多篇技術論文。截至2019年4月,他的研究成果在Google Scholar上被引用了超過14,100次。由於他在2003年發表的一篇論文的影響,他獲得了2013年ACM CCS Test-of-Time獎。他目前的研究重點是移動系統安全,旨在開發操作系統和硬件層面的新機制,以增強智能手機和移動設備的安全性。他還在安全教育方面進行研究,重點是開發網絡安全實踐性學習平台。