Course Schedule Fall 2016
This schedule is subject to change. Please check back frequently.
Introduction
| Wednesday Lecture | Friday Lecture | Thursday Discussion |
|---|---|---|
|
Aug. 24 Preliminaries Class Overview; Threat models, vulnerabilities, attacks; how to think like an attacker and a defender |
Aug. 26 Ethics and the Law Normative ethics, community standards; CFAA, wiretap laws, university policy |
Introduce Operating Systems (Gene) |
Systems Security
| Wednesday Lecture | Friday Lecture | Thursday Discussion |
|---|---|---|
|
Aug. 31 Control hijacking, Part 1 Software architecture and a simple buffer overflow |
Sep. 2 Control hijacking, Part 2 Common exploitable application bugs, shellcode |
Introduce AppSec Project, Checkpoint 1 Introduce AppSec Project, Checkpoint 2 (Gene) |
Sep. 7 Malware, Part 1 Drive-by downloads, spyware, key loggers |
Sep. 9 Malware, Part 2 Malware Defenses, Finding Bugs AppSec Project, Checkpoint 1 due 6pm
|
(Gene) |
Sep. 14 Authentication and passwords Strong and weak passwords, salting, password cracking, online vs. offline guessing |
Sep. 16 Access Control and Isolation Policy, ACLs, Isolation, sandboxing, virtual machines |
Introduce Web (Atul) |
Sep. 21 Web attacks and defenses Cookies; XSS, CSRF, and SQL-injection attacks and defenses AppSec Project, Checkpoint 2 due 6pm
|
Sep. 23 Catch Up Day Missed lectures on Isolation and Testing |
Introduce Web Project, Checkpoint 1 Introduce Web Project, Checkpoint 2 (Atul) |
Cryptography
| Wednesday Lecture | Friday Lecture | Thursday Discussion |
|---|---|---|
|
Sep. 28 Message integrity, pseudorandom functions Alice and Bob, crypto games, Kerckhoffs's principle, hashes and MACs Web Project, Checkpoint 1 due 6pm
|
Sep. 30 Randomness and pseudorandomness, Block Ciphers Generating randomness, PRGs, one-time pads, Simple ciphers, AES, block cipher modes |
Review OS Security (Gene) |
Oct. 5 Key exchange and key management Diffie-Hellman key exchange, man-in-the-middle attacks |
Oct. 7 HTTPS The HTTPS PKI, SSL certificates and CAs Web Project, Checkpoint 2 due 6pm
|
Introduce Crypto Project, Checkpoint 1 Introduce Crypto Project, Checkpoint 2 (Siddharth) |
Oct. 12 Hot Topics in Cryptography Mining Your Ps and Qs: Detection of Widespread Weak Keys in Network Devices |
Networking and Distributed Systems Security
| Wednesday Lecture | Friday Lecture | Thursday Discussion |
|---|---|---|
|
Oct. 14 Network attacks Hijacking, eavesdropping, DoS, DNS, BGP Crypto Project, Checkpoint 1 due 6pm
|
Introduce Networking (Simon) |
Oct. 19 Network attacks Hijacking, eavesdropping, DoS, DNS, BGP |
Oct. 21 Networking Attacks in Practice NTP Amplification attacks, Booters |
Review Crypto (Siddharth) |
Oct. 26 Networking Defenses TLS, IPSec, Wep, IDS, Firewall Crypto Project, Checkpoint 2 due 6pm
|
Oct. 28 Day Off !!! CS Department says, no Siebel for you! |
Introduce Networking Project, Checkpoint 1 Introduce Networking Project, Checkpoint 2 (Simon) |
Nov. 2 Worms Botnet Evolution Techniques, Measurements, Ecosystem Networking Project, Checkpoint 1 due 6pm
|
Nov. 4 Anonymity Need for privacy, Proxies, Tor |
(Simon) |
Nov. 9 Hot Topics in Network Security Scanning |
Security in Context
| Wednesday Lecture | Friday Lecture | Thursday Discussion |
|---|---|---|
|
Nov. 11 Forensics Logs, File carving, Offline analysis Networking Project, Checkpoint 2 due 6pm
|
Introduce Forensics Project, Checkpoint 1 Introduce Forensics Project, Checkpoint 2 (Atul, Siddharth) |
Nov. 16 Physical security Locks and safes, lock picking techniques; defenses |
Nov. 18 Side and Covert Channels Cold Boot, Row Hammer, Cloud Forensics Project, Checkpoint 1 due 6pm
|
Review Networking (Simon) |
Nov. 23 Fall Break |
Nov. 25 Fall Break |
Nov. 30 How Bailey Secures Himself A topic selected by class vote |
Dec. 2 DarkWeb A topic selected by class vote Forensics Project, Checkpoint 2 due 6pm
|
Final Exam Review (Atul, Siddharth) |
Dec. 7 Final Thoughts Unsolicited words of wisdom from Bailey |
