Class Schedule

Notes:


Date Topic and Slides Recommended Readings Assignments
Week 1
09/27/2023 Course overview [slides]
09/29/2023 Introduction to security, threat modeling [slides] Optional:
Security Engineering Chapter 1
Week 2
10/02/2023 Software security: Buffer overflows [slides] Sign the ethics form (11:59pm)
10/04/2023 Software security: Buffer overflows continued [slides] Strongly recommended:
Smashing the Stack for Fun and Profit and Exploiting Format String Vulnerabilities and Once Upon a free()
10/06/2023 Software security: Buffer overflows + defenses [slides] Homework 1 due (11:59pm)
Week 3
10/09/2023 Software security: Misc [slides]
10/11/2023 Cryptography: Introduction [slides] Optional:
Security Engineering Chapter 5
10/13/2023 Cryptography: Randomness and symmetric crypto [slides] (Keep reading the previous one) Lab #1a due (11:59pm)
Week 4
10/16/2023 Cryptography: Symmetric crypto [slides]
10/18/2023 Cryptography: Finish symmetric encryption + Start hash functions [slides]
10/20/2023 Cryptography: Finish hash functions and MACs [slides]

Guest lecture: Matthias Fassl (CISPA)
Optional:
Investigating Security Folklore: A Case Study on the Tor over VPN Phenomenon
Week 5
10/23/2023 Cryptography: Asymmetric crypto [slides]
10/25/2023 Cryptography: Asymmetric crypto [slides] Lab #1b due (11:59pm)
10/27/2023 Web security: Certificates and Browser security model [slides]
Week 6
10/30/2023 Web security: Same origin policy and XSS [slides]
11/01/2023 Web security: XSS and SQL injection [slides] Strongly recommended:
Advanced SQL Injection,
XSS Cheat Sheet
11/03/2023 Guest lecture: Alex Gantman Homework 2 due (11:59pm)
Week 7
11/06/2023 Web security: CSRF and browser security model revisited [slides]
11/08/2023 Web privacy [slides]
11/10/2023 No class: Veterans Day
Week 8
11/13/2023 Authentication [slides] Optional (funny):
"This World of Ours" by James Mickens
11/15/2023 Usable security [slides]
11/17/2023 Mobile platform security [slides] Lab #2 due (11:59pm)
Week 9
11/20/2023 Anonymity [slides]
11/22/2023 No class: Thanksgiving
11/24/2023 No class: Thanksgiving
Week 10
11/27/2023 Root cause analysis and patching [slides] Project Zero Root Cause Analyses
11/29/2023 Guest lecture: Emily McReynolds on Security and Law/Policy Homework #3 due (11:59pm)
12/01/2023 Side channels [slides]
Week 11
12/04/2023 Emerging technologies 1 [slides]
12/06/2023 Physical security (not recorded!) [partial slides] Optional: Cryptology and Physical Security: Rights Amplification in Master-Keyed Mechanical Locks
12/08/2023 Emerging technologies 2 / Wrap-up [slides]
Finals Week
12/12/2023
(Tuesday)
No class: Finals week Final project due (11:59pm)
(no late days can be used)