Notes:
| Date | Topic and Slides | Recommended Readings | Assignments |
|---|---|---|---|
| Week 1 | |||
| 09/28/2022 | Course overview [slides] | ||
| 09/30/2022 | Introduction to security [slides] | Optional: Security Engineering Chapter 1 |
|
| Week 2 | |||
| 10/03/2022 | Software security: Buffer overflows [slides] | Sign the ethics form (11:59pm) | |
| 10/05/2022 | Software security: Buffer overflows continued [slides] | Strongly recommended: Smashing the Stack for Fun and Profit [Corrected and reformatted, original] and Exploiting Format String Vulnerabilities and Once Upon a free() |
|
| 10/07/2022 | Software security: Buffer overflows + defenses [slides] | Homework #1 due (11:59pm) | |
| Week 3 | |||
| 10/10/2022 | Software security: Buffer overflows defenses and more [slides] | ||
| 10/12/2022 | Software security: Misc Cryptography: Introduction [slides] |
Optional: Security Engineering Chapter 5 |
|
| 10/14/2022 | Cryptography: Intro and randomness [slides] | (Keep reading the previous one) | Lab #1a due (11:59pm) -- Delayed 24 hours to Saturday, Oct 15 11:59pm (due to lab outage) |
| Week 4 | |||
| 10/17/2022 | Cryptography: Randomness and symmetric encryption [slides] | ||
| 10/19/2022 | Cryptography: Symmetric encryption [slides] | ||
| 10/21/2022 | Cryptography: Finish symmetric encryption, Start hash functions [slides] | ||
| Week 5 | |||
| 10/24/2022 | Cryptography: Finish hash functions, Start asymmetric cryptography [slides] | ||
| 10/26/2022 | Cryptography: Asymmetric cryptography [slides] | Lab #1b due (11:59pm) -- Delayed 24 hours to Thursday, Oct 27 11:59pm | |
| 10/28/2022 | Web security: Certificates and (start) browser security model [slides] | ||
| Week 6 | |||
| 10/31/2022 | Canceled | ||
| 11/02/2022 | Web security: Same origin policy and XSS [slides] | ||
| 11/04/2022 | Guest lecture: Yoshi Kohno (University of Washington) on "Ethical Frameworks and Computer Security" | Homework #2 due (11:59pm) | |
| Week 7 | |||
| 11/07/2022 | Web security: XSS and SQL injection [slides] | Strongly recommended: Advanced SQL Injection, XSS Cheat Sheet |
|
| 11/09/2022 | Web security: CSRF and Browser security model [slides] | ||
| 11/11/2022 | No class: Veterans Day | Final Project checkpoint #1 due (11:59pm) | |
| Week 8 | |||
| 11/14/2022 | Authentication [slides] | Optional (funny): "This World of Ours" by James Mickens |
|
| 11/16/2022 | Guest lecture: Emily McReynolds on Security and Law/Policy | ||
| 11/18/2022 | Usable security [slides] | ||
| Week 9 | |||
| 11/21/2022 | Guest lecture: Umar Iqbal (University of Washington) on web privacy [slides] | ||
| 11/23/2022 | No class: Thanksgiving | ||
| 11/25/2022 | No class: Thanksgiving | ||
| Week 10 | |||
| 11/28/2022 | Mobile platform security [slides] | ||
| 11/29/2022 (Tuesday) |
(not a class day) | Lab 2 due (11:59pm) | |
| 11/30/2022 | Anonymity [slides] | Final Project checkpoint #2 due (11:59pm) | |
| 12/02/2022 | Guest lecture: Charlie Reis (Google) | ||
| Week 11 | |||
| 12/05/2022 | Side channels [slides] | ||
| 12/07/2022 | Physical security (not recorded) [slides] | ||
| 12/09/2022 | Emerging technologies / Wrap-up [slides] | Homework #3 due (11:59pm) | |
| Finals Week | |||
| 12/12/2022 | (No meeting) | Final Project due (11:59pm) |