CSE 484 / CSE M 584: Computer Security (Spring 2015)


Class Schedule


Note: Dates in the future are tenative and subject to slight changes (e.g., as guest lectures are scheduled). Please check back often.
Also note: Research reading deadlines for CSE M 584 students are not listed on this calendar. You can find them here.


Date Topic and Slides Readings Assignments
03/30/2015 Course overview [slides] None
04/01/2015 Introduction to security [slides] Daswani, Chapter 1
04/03/2015 Software security: Buffer overflows [slides] Daswani, Chapter 6
04/06/2015 Software security: Buffer overflows continued [slides] Daswani, Chapter 6

Recommended: Smashing the Stack for Fun and Profit and Exploiting Format String Vulnerabilities and Once Upon a free()
04/08/2015 Software security: Miscellaneous [slides] Daswani, Chapter 3 Sign the Ethics Form by 5pm!
04/10/2015 Guest lecture: David Aucsmith None
04/13/2015 Cryptography: Intro [slides] None
04/15/2015 Cryptography: Symmetric encryption (start) [slides] Daswani, Chapter 12
04/17/2015 Cryptography: Symmetric encryption (finish), Hash functions, Message authentication codes [slides] Daswani, Chapter 15 Homework #1 due (5pm)
04/20/2015 Cryptography: Hash functions and MACs (finish), Asymmetric key crypto (start) [slides] Daswani, Chapter 13 Lab #1 checkpoint due (5pm)
04/22/2015 Cryptography: Asymmetric key crypto (finish) [slides] Daswani, Chapter 14
04/24/2015 Cryptography + Web security: Certificates
[slides]
None
04/27/2015 Web security: SSL/TLS, Basic web security model (start) [slides] Daswani, Chapter 7
04/29/2015 Web security: Basic web security model (finish) [slides] Daswani, Chapter 10
05/01/2015 Guest lecture: Chris Hansen Lab #1 due (5pm)
05/04/2015 Web security: Web application security (XSRF, XSS) [slides] Daswani, Chapters 8 and 10

Recommended: Advanced SQL Injection, XSS Cheat Sheet
05/06/2015 Web security: Web application security (SQL injection, session management) [slides] None
05/08/2015 Guest lecture: Ben Livshits, Microsoft Research [slides] None Homework #2 due (5pm)
05/11/2015 Web privacy: Third-party tracking [slides] None
05/13/2015 Authentication and passwords [slides] Daswani, Chapter 9

Recommended: James Mickens on passwords
05/15/2015 Class today will be held in a different location: PCAR 290!
Malware [slides]
None
05/18/2015 Mobile platform security (start) [slides] Understanding Android Security
05/20/2015 Guest lecture: Emily McReynolds, UW Tech Policy Lab None Lab #2 due
05/22/2015 Guest lecture: Ian Smith [slides] None
05/25/2015 No class (holiday) None
05/27/2015 Mobile platform security (finish), CAPTCHAs [slides] None
05/29/2015 Usable security [slides] None Homework #3 due
06/01/2015 Anonymity [slides] None
06/03/2015 Social engineering and physical security [slides] None
06/05/2015 Loose ends: Side channels, Surveillance, Targeted attacks [slides] None Lab #3 due
06/09/2015 Final exam: 8:30-10:20am in MGH 241