This schedule is subject to change. Please check back frequently.
Monday Lecture | Wednesday Lecture | Thursday Discussion |
---|---|---|
Jan. 18 No Class, Martin Luther King, Jr. birthday |
Jan. 20 Preliminaries Class Overview; Threat models, vulnerabilities, attacks; how to think like an attacker and a defender |
Introduce Operating Systems (Gene) |
Jan. 25 Ethics and the Law Normative ethics, community standards; CFAA, wiretap laws, university policy |
Monday Lecture | Wednesday Lecture | Thursday Discussion |
---|---|---|
Jan. 27 Control hijacking, Part 1 Software architecture and a simple buffer overflow |
(Gene) |
Feb. 1 Control hijacking, Part 2 Common exploitable application bugs, shellcode |
Feb. 3 Malware, Part 1 Drive-by downloads, spyware, key loggers |
Introduce AppSec Project, Checkpoint 1 Introduce AppSec Project, Checkpoint 2 (Gene) |
Feb. 8 Malware, Part 2 (continued) AppSec Project, Checkpoint 1 due 6pm
|
Feb. 10 Defending weak applications Isolation, sandboxing, virtual machines |
Introduce Web (HB) |
Feb. 15 Authentication and passwords Strong and weak passwords, salting, password cracking, online vs. offline guessing |
Feb. 17 Web attacks and defenses Cookies; XSS, CSRF, and SQL-injection attacks and defenses AppSec Project, Checkpoint 2 due 6pm
|
Introduce Web Project, Checkpoint 1 Introduce Web Project, Checkpoint 2 (HB) |
Feb. 22 Catch up! Finish remaining OS topics |
Monday Lecture | Wednesday Lecture | Thursday Discussion |
---|---|---|
Feb. 24 Message integrity, pseudorandom functions Alice and Bob, crypto games, Kerckhoffs's principle, hashes and MACs Web Project, Checkpoint 1 due 6pm
|
Review OS Security (Gene) |
Feb. 29 Randomness and pseudorandomness, Block Ciphers Generating randomness, PRGs, one-time pads, Simple ciphers, AES, block cipher modes |
Mar. 2 Key exchange and key management Diffie-Hellman key exchange, man-in-the-middle attacks |
(Due) |
Mar. 7 HTTPS The HTTPS PKI, SSL certificates and CAs Web Project, Checkpoint 2 due 6pm
|
Mar. 9 Hot Topics in Cryptography Mining Your Ps and Qs: Detection of Widespread Weak Keys in Network Devices |
Introduce Crypto Project, Checkpoint 1 Introduce Crypto Project, Checkpoint 2 Review Crypto (Due) |
Monday Lecture | Wednesday Lecture | Thursday Discussion |
---|---|---|
Mar. 14 Networking 101 Everything you wanted to know about networks but were afraid to ask Crypto Project, Checkpoint 1 due 6pm
|
Mar. 16 Network attacks Hijacking, eavesdropping, DoS, DNS, BGP |
Introduce Networking (Simon) |
Mar. 21 No Class, Spring Vacation |
Mar. 23 No Class, Spring Vacation |
Mar. 28 Network attacks Hijacking, eavesdropping, DoS, DNS, BGP |
Mar. 30 Networking Attacks in Practice NTP Amplification attacks, Booters Crypto Project, Checkpoint 2 due 6pm
|
Introduce Networking Project, Checkpoint 1 Introduce Networking Project, Checkpoint 2 (Simon) |
Apr. 4 Networking Defenses TLS, IPSec, Wep, IDS, Firewall |
Apr. 6 Anonymity Need for privacy, Proxies, Tor Networking Project, Checkpoint 1 due 6pm
|
(Simon) |
Apr. 11 Worms Botnet Evolution Techniques, Measurements, Ecosystem |
Apr. 13 Worms Botnet Evolution (cont) Techniques, Measurements, Ecosystem |
Review Networking (Simon) |
Apr. 18 Hot Topics in Network Security Heartbleed and SMTP Security Networking Project, Checkpoint 2 due 6pm
|
Monday Lecture | Wednesday Lecture | Thursday Discussion |
---|---|---|
Apr. 20 Cloud Computing Security Data breaches, Compromised credenals, Hacked interfaces and APIs, Exploited system vulnerabilities, ... |
Introduce Forensics Project, Checkpoint 1 Introduce Forensics Project, Checkpoint 2 (Leslie) |
Apr. 25 Bitcoin Andrew Miller gives you ten dollars Forensics Project, Checkpoint 1 due 6pm
|
Apr. 27 Physical security Locks and safes, lock picking techniques; defenses |
Final Exam Review (Leslie) |
May. 2 DarkWeb A topic selected by class vote |
May. 4 Final Thoughts Unsolicited words of wisdom from Bailey Forensics Project, Checkpoint 2 due 6pm
|