Course Schedule Spring 2018
This schedule is subject to change. Please check back frequently.
Introduction
| Monday Lecture | Wednesday Lecture | Thursday Discussion |
|---|---|---|
|
Jan. 17 Preliminaries Class Overview; Threat models, vulnerabilities, attacks; how to think like an attacker and a defender |
Canceled |
Jan. 22 Ethics and the Law Normative ethics, community standards; CFAA, wiretap laws, university policy |
Systems Security
| Monday Lecture | Wednesday Lecture | Thursday Discussion |
|---|---|---|
|
Jan. 24 Control hijacking, Part 1 Software architecture and a simple buffer overflow |
Introduce Operating Systems |
Jan. 29 Control hijacking, Part 2 Common exploitable application bugs, shellcode |
Jan. 31 Malware, Part 1 Drive-by downloads, spyware, key loggers |
Introduce AppSec Project, Checkpoint 1 Introduce AppSec Project, Checkpoint 2 MP1 Walkthrough |
Feb. 5 Malware, Part 2 Malware Defenses, Finding Bugs AppSec Project, Checkpoint 1 due 6pm
|
Feb. 7 Authentication and passwords Strong and weak passwords, salting, password cracking, online vs. offline guessing |
Introduction to the Web |
Feb. 12 Access Control and Isolation Policy, ACLs, Isolation, sandboxing, virtual machines |
Feb. 14 Web attacks and defenses Cookies; XSS, CSRF, and SQL-injection attacks and defenses AppSec Project, Checkpoint 2 due 6pm
|
Introduce Web Project, Checkpoint 1 Introduce Web Project, Checkpoint 2 MP2 Walkthrough |
Feb. 19 Make up lecture, no new material |
Cryptography
| Monday Lecture | Wednesday Lecture | Thursday Discussion |
|---|---|---|
|
Feb. 21 Message integrity, pseudorandom functions Alice and Bob, crypto games, Kerckhoffs's principle, hashes and MACs Web Project, Checkpoint 1 due 6pm
|
Review OS Security |
Feb. 26 Randomness and pseudorandomness, Block Ciphers Generating randomness, PRGs, one-time pads, Simple ciphers, AES, block cipher modes |
Feb. 28 Randomness and pseudorandomness, Block Ciphers Generating randomness, PRGs, one-time pads, Simple ciphers, AES, block cipher modes |
Introduce Networking |
Mar. 5 Key exchange and key management Diffie-Hellman key exchange, man-in-the-middle attacks Web Project, Checkpoint 2 due 6pm
|
Mar. 7 No Class, Exam |
Introduce Crypto Project, Checkpoint 1 Introduce Crypto Project, Checkpoint 2 MP3 Walkthrough |
Networking and Distributed Systems Security
| Monday Lecture | Wednesday Lecture | Thursday Discussion |
|---|---|---|
|
Mar. 12 Key exchange and key management Diffie-Hellman key exchange, man-in-the-middle attacks Crypto Project, Checkpoint 1 due 6pm
|
Mar. 14 HTTPS The HTTPS PKI, SSL certificates and CAs |
Review Cryptography |
Mar. 26 Network attacks Hijacking, eavesdropping, DoS, DNS, BGP |
Mar. 28 Networking Attacks in Practice NTP Amplification attacks, Booters Crypto Project, Checkpoint 2 due 6pm
|
Introduce Networking Project, Checkpoint 1 Introduce Networking Project, Checkpoint 2 MP4 Walkthrough |
Apr. 2 Mirai Botnet Zakir, Zakir, Zakir |
Apr. 4 Networking Defenses TLS, IPSec, Wep, IDS, Firewall Networking Project, Checkpoint 1 due 6pm
|
Review Networking |
Apr. 9 Worms Botnet Evolution Techniques, Measurements, Ecosystem |
Security in Context
| Monday Lecture | Wednesday Lecture | Thursday Discussion |
|---|---|---|
|
Apr. 11 Bitcoin and cryptocurrency Andrew, Andrew, Andrew |
Canceled |
Apr. 16 Anonymity Need for privacy, Proxies, Tor Networking Project, Checkpoint 2 due 6pm
|
Apr. 18 Physical security Locks and safes, lock picking techniques; defenses |
Introduce Forensics Project, Checkpoint 1 Introduce Forensics Project, Checkpoint 2 Review Networking |
Apr. 23 Side and Covert Channels Cold Boot, Row Hammer, Cloud Forensics Project, Checkpoint 1 due 6pm
|
Apr. 25 How Bailey Defends Himself A topic selected by class vote |
Final Exam Review |
Apr. 30 Dark Web A topic selected by class vote |
May. 2 Final Thoughts Unsolicited words of wisdom from Bailey Forensics Project, Checkpoint 2 due 6pm
|
