Notes:
Date | Topic and Slides | Recommended Readings | Assignments |
---|---|---|---|
Week 1 | |||
09/27/2023 | Course overview [slides] | ||
09/29/2023 | Introduction to security, threat modeling [slides] | Optional: Security Engineering Chapter 1 |
|
Week 2 | |||
10/02/2023 | Software security: Buffer overflows [slides] | Sign the ethics form (11:59pm) | |
10/04/2023 | Software security: Buffer overflows continued [slides] | Strongly recommended: Smashing the Stack for Fun and Profit and Exploiting Format String Vulnerabilities and Once Upon a free() |
|
10/06/2023 | Software security: Buffer overflows + defenses [slides] | Homework 1 due (11:59pm) | |
Week 3 | |||
10/09/2023 | Software security: Misc [slides] | ||
10/11/2023 | Cryptography: Introduction [slides] | Optional: Security Engineering Chapter 5 |
|
10/13/2023 | Cryptography: Randomness and symmetric crypto [slides] | (Keep reading the previous one) | Lab #1a due (11:59pm) |
Week 4 | |||
10/16/2023 | Cryptography: Symmetric crypto [slides] | ||
10/18/2023 | Cryptography: Finish symmetric encryption + Start hash functions [slides] | ||
10/20/2023 | Cryptography: Finish hash functions and MACs [slides] Guest lecture: Matthias Fassl (CISPA) |
Optional: Investigating Security Folklore: A Case Study on the Tor over VPN Phenomenon |
|
Week 5 | |||
10/23/2023 | Cryptography: Asymmetric crypto [slides] | ||
10/25/2023 | Cryptography: Asymmetric crypto [slides] | Lab #1b due (11:59pm) | |
10/27/2023 | Web security: Certificates and Browser security model [slides] | ||
Week 6 | |||
10/30/2023 | Web security: Same origin policy and XSS [slides] | ||
11/01/2023 | Web security: XSS and SQL injection [slides] | Strongly recommended: Advanced SQL Injection, XSS Cheat Sheet |
|
11/03/2023 | Guest lecture: Alex Gantman | Homework 2 due (11:59pm) | |
Week 7 | |||
11/06/2023 | Web security: CSRF and browser security model revisited [slides] | ||
11/08/2023 | Web privacy [slides] | ||
11/10/2023 | No class: Veterans Day | ||
Week 8 | |||
11/13/2023 | Authentication [slides] | Optional (funny): "This World of Ours" by James Mickens |
|
11/15/2023 | Usable security [slides] | ||
11/17/2023 | Mobile platform security [slides] | Lab #2 due (11:59pm) | |
Week 9 | |||
11/20/2023 | Anonymity [slides] | ||
11/22/2023 | No class: Thanksgiving | ||
11/24/2023 | No class: Thanksgiving | ||
Week 10 | |||
11/27/2023 | Root cause analysis and patching [slides] | Project Zero Root Cause Analyses | |
11/29/2023 | Guest lecture: Emily McReynolds on Security and Law/Policy | Homework #3 due (11:59pm) | |
12/01/2023 | Side channels [slides] | ||
Week 11 | |||
12/04/2023 | Emerging technologies 1 [slides] | ||
12/06/2023 | Physical security (not recorded!) [partial slides] | Optional: Cryptology and Physical Security: Rights Amplification in Master-Keyed Mechanical Locks | |
12/08/2023 | Emerging technologies 2 / Wrap-up [slides] | ||
Finals Week | |||
12/12/2023 (Tuesday) |
No class: Finals week | Final project due (11:59pm) (no late days can be used) |