Notes:
| Date | Topic and Slides | Recommended Readings | Assignments |
|---|---|---|---|
| Week 1 | |||
| 09/25/2024 | Course overview [slides] | ||
| 09/27/2024 | Introduction to security, threat modeling [slides] | Optional: Security Engineering Chapter 1 |
|
| Week 2 | |||
| 09/30/2024 | Software security: Buffer overflows [slides] | Recommended: Review Linux tips from CSE 351 |
Sign the ethics form (11:59pm) |
| 10/02/2024 | Software security: Buffer overflows continued [slides] | Strongly recommended: Smashing the Stack for Fun and Profit and Exploiting Format String Vulnerabilities and Once Upon a free() |
|
| 10/04/2024 | Software security: Buffer overflows + defenses [slides] | Homework 1 due (11:59pm) | |
| Week 3 | |||
| 10/07/2024 | Software security: Misc [slides] | ||
| 10/09/2024 | Cryptography: Introduction [slides] | Optional: Security Engineering Chapter 5 |
|
| 10/11/2024 | Cryptography: Randomness and symmetric crypto [slides] | (Keep reading the previous one) | |
| Week 4 | |||
| 10/14/2024 | Cryptography: Symmetric crypto [slides] | Lab 1A due (11:59pm) | |
| 10/16/2024 | Cryptography: Hash functions and MACs [slides] | ||
| 10/18/2024 | Guest lecture: Gennie Gebhart (Electronic Frontier Foundation) | ||
| Week 5 | |||
| 10/21/2024 | Cryptography: Asymmetric crypto [slides] | ||
| 10/23/2024 | Cryptography: Asymmetric crypto [slides] | Lab 1B due (11:59pm) | |
| 10/25/2024 | Web security: Certificates, Browser security model [slides] | ||
| Week 6 | |||
| 10/28/2024 | Web security: Browser security model, XSS [slides] | ||
| 10/30/2024 | Guest lecture: Emily McReynolds on Security and Law/Policy | ||
| 11/01/2024 | Web security: SQL injection and CSRF [slides] | Strongly recommended: Advanced SQL Injection, XSS Cheat Sheet |
Homework 2 due (11:59pm) |
| Week 7 | |||
| 11/04/2024 | Web security: Wrap-up [slides] | ||
| 11/06/2024 | Web privacy [slides] | ||
| 11/08/2024 | Authentication [slides] | Optional (funny): "This World of Ours" by James Mickens |
|
| Week 8 | |||
| 11/11/2024 | No class: Veterans Day | ||
| 11/13/2024 | Usable security [slides] | ||
| 11/15/2024 | Guest lecture: Charlie Reis (Google) | Lab 2 due (11:59pm) | |
| Week 9 | |||
| 11/18/2024 | Root cause analysis and patching [slides] | Project Zero Root Cause Analyses | |
| 11/20/2024 | Mobile platform security [slides] | ||
| 11/22/2024 | Anonymity [slides] | Homework 3 due (11:59pm) | |
| Week 10 | |||
| 11/25/2024 | Side channels [slides] | ||
| 11/27/2024 | No class: Thanksgiving | ||
| 11/29/2024 | No class: Thanksgiving | ||
| Week 11 | |||
| 12/02/2024 | Emerging technologies 1 [slides] | ||
| 12/03/2024 (Tuesday) |
(Not a class day) | Final project Part A due (11:59pm) | |
| 12/04/2024 | Physical security (not recorded!) [partial slides] | Optional: Cryptology and Physical Security: Rights Amplification in Master-Keyed Mechanical Locks | |
| 12/06/2024 | Emerging technologies 2 / Wrap-up [slides] | ||
| Finals Week | |||
| 12/10/2024 (Tuesday) |
No class: Finals week | Final project Parts B+C due (11:59pm) (no late days can be used) |