Notes:
| Date | Topic and Slides | Recommended Readings | Assignments |
|---|---|---|---|
| Week 1 | |||
| 09/27/2023 | Course overview [slides] | ||
| 09/29/2023 | Introduction to security, threat modeling [slides] | Optional: Security Engineering Chapter 1 |
|
| Week 2 | |||
| 10/02/2023 | Software security: Buffer overflows [slides] | Sign the ethics form (11:59pm) | |
| 10/04/2023 | Software security: Buffer overflows continued [slides] | Strongly recommended: Smashing the Stack for Fun and Profit and Exploiting Format String Vulnerabilities and Once Upon a free() |
|
| 10/06/2023 | Software security: Buffer overflows + defenses [slides] | Homework 1 due (11:59pm) | |
| Week 3 | |||
| 10/09/2023 | Software security: Misc [slides] | ||
| 10/11/2023 | Cryptography: Introduction [slides] | Optional: Security Engineering Chapter 5 |
|
| 10/13/2023 | Cryptography: Randomness and symmetric crypto [slides] | (Keep reading the previous one) | Lab #1a due (11:59pm) |
| Week 4 | |||
| 10/16/2023 | Cryptography: Symmetric crypto [slides] | ||
| 10/18/2023 | Cryptography: Finish symmetric encryption + Start hash functions [slides] | ||
| 10/20/2023 | Cryptography: Finish hash functions and MACs [slides] Guest lecture: Matthias Fassl (CISPA) |
Optional: Investigating Security Folklore: A Case Study on the Tor over VPN Phenomenon |
|
| Week 5 | |||
| 10/23/2023 | Cryptography: Asymmetric crypto [slides] | ||
| 10/25/2023 | Cryptography: Asymmetric crypto [slides] | Lab #1b due (11:59pm) | |
| 10/27/2023 | Web security: Certificates and Browser security model [slides] | ||
| Week 6 | |||
| 10/30/2023 | Web security: Same origin policy and XSS [slides] | ||
| 11/01/2023 | Web security: XSS and SQL injection [slides] | Strongly recommended: Advanced SQL Injection, XSS Cheat Sheet |
|
| 11/03/2023 | Guest lecture: Alex Gantman | Homework 2 due (11:59pm) | |
| Week 7 | |||
| 11/06/2023 | Web security: CSRF and browser security model revisited [slides] | ||
| 11/08/2023 | Web privacy [slides] | ||
| 11/10/2023 | No class: Veterans Day | ||
| Week 8 | |||
| 11/13/2023 | Authentication [slides] | Optional (funny): "This World of Ours" by James Mickens |
|
| 11/15/2023 | Usable security [slides] | ||
| 11/17/2023 | Mobile platform security [slides] | Lab #2 due (11:59pm) | |
| Week 9 | |||
| 11/20/2023 | Anonymity [slides] | ||
| 11/22/2023 | No class: Thanksgiving | ||
| 11/24/2023 | No class: Thanksgiving | ||
| Week 10 | |||
| 11/27/2023 | Root cause analysis and patching [slides] | Project Zero Root Cause Analyses | |
| 11/29/2023 | Guest lecture: Emily McReynolds on Security and Law/Policy | Homework #3 due (11:59pm) | |
| 12/01/2023 | Side channels [slides] | ||
| Week 11 | |||
| 12/04/2023 | Emerging technologies 1 [slides] | ||
| 12/06/2023 | Physical security (not recorded!) [partial slides] | Optional: Cryptology and Physical Security: Rights Amplification in Master-Keyed Mechanical Locks | |
| 12/08/2023 | Emerging technologies 2 / Wrap-up [slides] | ||
| Finals Week | |||
| 12/12/2023 (Tuesday) |
No class: Finals week | Final project due (11:59pm) (no late days can be used) |