Course Schedule Spring 2018

This schedule is subject to change. Please check back frequently.


Introduction

Monday Lecture Wednesday Lecture Thursday Discussion
Jan. 17
Preliminaries
Class Overview; Threat models, vulnerabilities, attacks; how to think like an attacker and a defender
Canceled
Jan. 22
Ethics and the Law
Normative ethics, community standards; CFAA, wiretap laws, university policy

Systems Security

Monday Lecture Wednesday Lecture Thursday Discussion
Jan. 24
Control hijacking, Part 1
Software architecture and a simple buffer overflow
Introduce Operating Systems
Jan. 29
Control hijacking, Part 2
Common exploitable application bugs, shellcode
Jan. 31
Malware, Part 1
Drive-by downloads, spyware, key loggers
Introduce AppSec Project, Checkpoint 1
Introduce AppSec Project, Checkpoint 2
MP1 Walkthrough
Feb. 5
Malware, Part 2
Malware Defenses, Finding Bugs
AppSec Project, Checkpoint 1 due 6pm
Feb. 7
Authentication and passwords
Strong and weak passwords, salting, password cracking, online vs. offline guessing
Introduction to the Web
Feb. 12
Access Control and Isolation
Policy, ACLs, Isolation, sandboxing, virtual machines
Feb. 14
Web attacks and defenses
Cookies; XSS, CSRF, and SQL-injection attacks and defenses
AppSec Project, Checkpoint 2 due 6pm
Introduce Web Project, Checkpoint 1
Introduce Web Project, Checkpoint 2
MP2 Walkthrough
Feb. 19
Hot Topics In Systems Security

Cryptography

Monday Lecture Wednesday Lecture Thursday Discussion
Feb. 21
Message integrity, pseudorandom functions
Alice and Bob, crypto games, Kerckhoffs's principle, hashes and MACs
Web Project, Checkpoint 1 due 6pm
Review OS Security
Feb. 26
Randomness and pseudorandomness, Block Ciphers
Generating randomness, PRGs, one-time pads, Simple ciphers, AES, block cipher modes
Feb. 28
Key exchange and key management
Diffie-Hellman key exchange, man-in-the-middle attacks
Introduce Networking
Mar. 5
HTTPS
The HTTPS PKI, SSL certificates and CAs
Web Project, Checkpoint 2 due 6pm
Mar. 7
Hot Topics in Cryptography
Introduce Crypto Project, Checkpoint 1
Introduce Crypto Project, Checkpoint 2
MP3 Walkthrough

Networking and Distributed Systems Security

Monday Lecture Wednesday Lecture Thursday Discussion
Mar. 12
Network attacks 1
Hijacking, eavesdropping, DoS, DNS, BGP
Crypto Project, Checkpoint 1 due 6pm
Mar. 14
Network attacks 2
Hijacking, eavesdropping, DoS, DNS, BGP
Review Cryptography
Mar. 26
Networking Attacks in Practice
NTP Amplification attacks, Booters
Mar. 28
Networking Defenses
TLS, IPSec, Wep, IDS, Firewall
Crypto Project, Checkpoint 2 due 6pm
Introduce Networking Project, Checkpoint 1
Introduce Networking Project, Checkpoint 2
MP4 Walkthrough
Apr. 2
Worms Botnet Evolution
Techniques, Measurements, Ecosystem
Apr. 4
Anonymity
Need for privacy, Proxies, Tor
Networking Project, Checkpoint 1 due 6pm
Review Networking
Apr. 9
Hot Topics in Network Security

Security in Context

Monday Lecture Wednesday Lecture Thursday Discussion
Apr. 11
Forensics
Logs, File carving, Offline analysis
Canceled
Apr. 16
Physical security
Locks and safes, lock picking techniques; defenses
Networking Project, Checkpoint 2 due 6pm
Apr. 18
Side and Covert Channels
Cold Boot, Row Hammer, Cloud
Introduce Forensics Project, Checkpoint 1
Introduce Forensics Project, Checkpoint 2
Review Networking
Apr. 23
U-PICK-EM
A topic selected by class vote
Forensics Project, Checkpoint 1 due 6pm
Apr. 25
U-PICK-EM
A topic selected by class vote
Final Exam Review
Apr. 30
U-PICK-EM
A topic selected by class vote
May. 2
Final Thoughts
Unsolicited words of wisdom from Bailey
Forensics Project, Checkpoint 2 due 6pm

Midterm Exam: 7:00–9:00 PM, Wednesday, March 7 (Location: 1002 ECEB) Midterm Fall '15, Midterm Spring '16, Midterm Fall '16, Midterm Spring '17

Final Exam: TBD