Course Schedule Spring 2017
This schedule is subject to change. Please check back frequently.
Introduction
| Monday Lecture | Wednesday Lecture | Thursday Discussion |
|---|---|---|
|
Jan. 18 Preliminaries Class Overview; Threat models, vulnerabilities, attacks; how to think like an attacker and a defender |
Introduce Operating Systems |
Jan. 23 Ethics and the Law Normative ethics, community standards; CFAA, wiretap laws, university policy |
Systems Security
| Monday Lecture | Wednesday Lecture | Thursday Discussion |
|---|---|---|
|
Jan. 25 Control hijacking, Part 1 Software architecture and a simple buffer overflow |
Introduce AppSec Project, Checkpoint 1 Introduce AppSec Project, Checkpoint 2 |
Jan. 30 Control hijacking, Part 2 Common exploitable application bugs, shellcode |
Feb. 1 Malware, Part 1 Drive-by downloads, spyware, key loggers AppSec Project, Checkpoint 1 due 6pm
|
Feb. 6 Malware, Part 2 Malware Defenses, Finding Bugs |
Feb. 8 Authentication and passwords Strong and weak passwords, salting, password cracking, online vs. offline guessing |
Introduce Web |
Feb. 13 Access Control and Isolation Policy, ACLs, Isolation, sandboxing, virtual machines AppSec Project, Checkpoint 2 due 6pm
|
Feb. 15 Web attacks and defenses Cookies; XSS, CSRF, and SQL-injection attacks and defenses |
Introduce Web Project, Checkpoint 1 Introduce Web Project, Checkpoint 2 |
Feb. 20 Hot Topics In Systems Security Reverse Engineering and Symbolic Execution, with Josh Mason Web Project, Checkpoint 1 due 6pm
|
Cryptography
| Monday Lecture | Wednesday Lecture | Thursday Discussion |
|---|---|---|
|
Feb. 22 Message integrity, pseudorandom functions Alice and Bob, crypto games, Kerckhoffs's principle, hashes and MACs |
Review OS Security |
Feb. 27 Randomness and pseudorandomness, Block Ciphers Generating randomness, PRGs, one-time pads, Simple ciphers, AES, block cipher modes |
Mar. 1 Key exchange, key management, Public key crypto Diffie-Hellman key exchange, man-in-the-middle attacks, RSA Web Project, Checkpoint 2 due 6pm
|
Introduce Crypto Project, Checkpoint 1 Introduce Crypto Project, Checkpoint 2 |
Mar. 6 HTTPS The HTTPS PKI, SSL certificates and CAs |
Mar. 8 Hot Topics in Cryptography Bitcoin and Cryptocurrencies Crypto Project, Checkpoint 1 due 6pm
|
Introduce Networking |
Networking and Distributed Systems Security
| Monday Lecture | Wednesday Lecture | Thursday Discussion |
|---|---|---|
|
Mar. 13 Network attacks 1 Hijacking, eavesdropping, DoS, DNS, BGP |
Mar. 15 Network attacks 2 Hijacking, eavesdropping, DoS, DNS, BGP |
Review Crypto |
Mar. 27 Networking Attacks in Practice NTP Amplification attacks, Booters Crypto Project, Checkpoint 2 due 6pm
|
Mar. 29 Networking Defenses TLS, IPSec, Wep, IDS, Firewall |
Introduce Networking Project, Checkpoint 1 Introduce Networking Project, Checkpoint 2 |
Apr. 3 Worms Botnet Evolution Techniques, Measurements, Ecosystem Networking Project, Checkpoint 1 due 6pm
|
Apr. 5 Hot Topics in Network Security Scanning |
Apr. 10 Anonymity Need for privacy, Proxies, Tor |
Security in Context
| Monday Lecture | Wednesday Lecture | Thursday Discussion |
|---|---|---|
|
Apr. 12 Anonymity (cont.) / Botnets (cont.) catch up day Networking Project, Checkpoint 2 due 6pm
|
Introduce Forensics Project, Checkpoint 1 Introduce Forensics Project, Checkpoint 2 |
Apr. 17 Physical security Locks and safes, lock picking techniques; defenses |
Apr. 19 Side and Covert Channels Cold Boot, Row Hammer, Cloud Forensics Project, Checkpoint 1 due 6pm
|
Review Networking |
Apr. 24 U-PICK-EM How Bailey Protects Himself |
Apr. 26 U-PICK-EM Quantum and Post-Quantum Cryptography |
Final Exam Review |
May. 1 U-PICK-EM Jobs in Security Forensics Project, Checkpoint 2 due 6pm
|
May. 3 Final Thoughts Unsolicited words of wisdom from Bailey |
