Note: Dates in the future are tenative and subject to slight changes (e.g., as guest lectures are scheduled). Please check back often.
Also note: Research reading deadlines for CSE M 584 students are not listed on this calendar. You can find them here.
| Date | Topic and Slides | Readings | Assignments |
|---|---|---|---|
| 03/30/2015 | Course overview [slides] | None | |
| 04/01/2015 | Introduction to security [slides] | Daswani, Chapter 1 | |
| 04/03/2015 | Software security: Buffer overflows [slides] | Daswani, Chapter 6 | |
| 04/06/2015 | Software security: Buffer overflows continued [slides] | Daswani, Chapter 6 Recommended: Smashing the Stack for Fun and Profit and Exploiting Format String Vulnerabilities and Once Upon a free() |
|
| 04/08/2015 | Software security: Miscellaneous [slides] | Daswani, Chapter 3 | Sign the Ethics Form by 5pm! |
| 04/10/2015 | Guest lecture: David Aucsmith | None | |
| 04/13/2015 | Cryptography: Intro [slides] | None | |
| 04/15/2015 | Cryptography: Symmetric encryption (start) [slides] | Daswani, Chapter 12 | |
| 04/17/2015 | Cryptography: Symmetric encryption (finish), Hash functions, Message authentication codes [slides] | Daswani, Chapter 15 | Homework #1 due (5pm) |
| 04/20/2015 | Cryptography: Hash functions and MACs (finish), Asymmetric key crypto (start) [slides] | Daswani, Chapter 13 | Lab #1 checkpoint due (5pm) |
| 04/22/2015 | Cryptography: Asymmetric key crypto (finish) [slides] | Daswani, Chapter 14 | |
| 04/24/2015 | Cryptography + Web security: Certificates [slides] |
None | |
| 04/27/2015 | Web security: SSL/TLS, Basic web security model (start) [slides] | Daswani, Chapter 7 | |
| 04/29/2015 | Web security: Basic web security model (finish) [slides] | Daswani, Chapter 10 | |
| 05/01/2015 | Guest lecture: Chris Hansen | Lab #1 due (5pm) | |
| 05/04/2015 | Web security: Web application security (XSRF, XSS) [slides] | Daswani, Chapters 8 and 10 Recommended: Advanced SQL Injection, XSS Cheat Sheet |
|
| 05/06/2015 | Web security: Web application security (SQL injection, session management) [slides] | None | |
| 05/08/2015 | Guest lecture: Ben Livshits, Microsoft Research [slides] | None | Homework #2 due (5pm) |
| 05/11/2015 | Web privacy: Third-party tracking [slides] | None | |
| 05/13/2015 | Authentication and passwords [slides] | Daswani, Chapter 9 Recommended: James Mickens on passwords |
|
| 05/15/2015 | Class today will be held in a different location: PCAR 290! Malware [slides] |
None | |
| 05/18/2015 | Mobile platform security (start) [slides] | Understanding Android Security | |
| 05/20/2015 | Guest lecture: Emily McReynolds, UW Tech Policy Lab | None | Lab #2 due |
| 05/22/2015 | Guest lecture: Ian Smith [slides] | None | |
| 05/25/2015 | No class (holiday) | None | |
| 05/27/2015 | Mobile platform security (finish), CAPTCHAs [slides] | None | |
| 05/29/2015 | Usable security [slides] | None | Homework #3 due |
| 06/01/2015 | Anonymity [slides] | None | |
| 06/03/2015 | Social engineering and physical security [slides] | None | |
| 06/05/2015 | Loose ends: Side channels, Surveillance, Targeted attacks [slides] | None | Lab #3 due |
| 06/09/2015 | Final exam: 8:30-10:20am in MGH 241 |