Course Schedule Spring 2017

This schedule is subject to change. Please check back frequently.


Monday Lecture Wednesday Lecture Thursday Discussion
Jan. 18
Class Overview; Threat models, vulnerabilities, attacks; how to think like an attacker and a defender
Introduce Operating Systems
Jan. 23
Ethics and the Law
Normative ethics, community standards; CFAA, wiretap laws, university policy

Systems Security

Monday Lecture Wednesday Lecture Thursday Discussion
Jan. 25
Control hijacking, Part 1
Software architecture and a simple buffer overflow
Introduce AppSec Project, Checkpoint 1
Introduce AppSec Project, Checkpoint 2
Jan. 30
Control hijacking, Part 2
Common exploitable application bugs, shellcode
Feb. 1
Malware, Part 1
Drive-by downloads, spyware, key loggers
AppSec Project, Checkpoint 1 due 6pm
Feb. 6
Malware, Part 2
Malware Defenses, Finding Bugs
Feb. 8
Authentication and passwords
Strong and weak passwords, salting, password cracking, online vs. offline guessing
Introduce Web
Feb. 13
Access Control and Isolation
Policy, ACLs, Isolation, sandboxing, virtual machines
AppSec Project, Checkpoint 2 due 6pm
Feb. 15
Web attacks and defenses
Cookies; XSS, CSRF, and SQL-injection attacks and defenses
Introduce Web Project, Checkpoint 1
Introduce Web Project, Checkpoint 2
Feb. 20
Hot Topics In Systems Security
Reverse Engineering and Symbolic Execution, with Josh Mason
Web Project, Checkpoint 1 due 6pm


Monday Lecture Wednesday Lecture Thursday Discussion
Feb. 22
Message integrity, pseudorandom functions
Alice and Bob, crypto games, Kerckhoffs's principle, hashes and MACs
Review OS Security
Feb. 27
Randomness and pseudorandomness, Block Ciphers
Generating randomness, PRGs, one-time pads, Simple ciphers, AES, block cipher modes
Mar. 1
Key exchange, key management, Public key crypto
Diffie-Hellman key exchange, man-in-the-middle attacks, RSA
Web Project, Checkpoint 2 due 6pm
Introduce Crypto Project, Checkpoint 1
Introduce Crypto Project, Checkpoint 2
Mar. 6
The HTTPS PKI, SSL certificates and CAs
Mar. 8
Hot Topics in Cryptography
Bitcoin and Cryptocurrencies
Crypto Project, Checkpoint 1 due 6pm
Introduce Networking

Networking and Distributed Systems Security

Monday Lecture Wednesday Lecture Thursday Discussion
Mar. 13
Network attacks 1
Hijacking, eavesdropping, DoS, DNS, BGP
Mar. 15
Network attacks 2
Hijacking, eavesdropping, DoS, DNS, BGP
Review Crypto
Mar. 27
Networking Attacks in Practice
NTP Amplification attacks, Booters
Crypto Project, Checkpoint 2 due 6pm
Mar. 29
Networking Defenses
TLS, IPSec, Wep, IDS, Firewall
Introduce Networking Project, Checkpoint 1
Introduce Networking Project, Checkpoint 2
Apr. 3
Worms Botnet Evolution
Techniques, Measurements, Ecosystem
Networking Project, Checkpoint 1 due 6pm
Apr. 5
Hot Topics in Network Security
Apr. 10
Need for privacy, Proxies, Tor

Security in Context

Monday Lecture Wednesday Lecture Thursday Discussion
Apr. 12
Anonymity (cont.) / Botnets (cont.)
catch up day
Networking Project, Checkpoint 2 due 6pm
Introduce Forensics Project, Checkpoint 1
Introduce Forensics Project, Checkpoint 2
Apr. 17
Physical security
Locks and safes, lock picking techniques; defenses
Apr. 19
Side and Covert Channels
Cold Boot, Row Hammer, Cloud
Forensics Project, Checkpoint 1 due 6pm
Review Networking
Apr. 24
How Bailey Protects Himself
Apr. 26
Quantum and Post-Quantum Cryptography
Final Exam Review
May. 1
Jobs in Security
Forensics Project, Checkpoint 2 due 6pm
May. 3
Final Thoughts
Unsolicited words of wisdom from Bailey

Midterm Exam: 6:00–8:00 PM, Monday, March 6 (Location: 1002 ECEB) Midterm Fall '15, Midterm Spring '16, Midterm Fall '16

Final Exam: 01:30–04:30 PM, Friday, May 5th (Location: Gregory Hall 112) TENATIVE