Course Schedule Fall 2023
Part 1. System Security
|
Monday, Aug. 21 |
GENKIN
Tuesday, Aug. 22 1. The Security Mindset Course overview, thinking like an attacker, threat models |
GENKIN
Thursday, Aug. 24 2. Software Security 1 Machine organization, basic stack smashing |
Friday, Aug. 25 |
|
Monday, Aug. 28 |
GENKIN
Tuesday, Aug. 29 3. Software Security 2 Advanced stack smashing and countermeasures |
GENKIN
Thursday, Aug. 31 4. OS Security and Access Control Secure system principles, access control, process and memory isolation Quiz 0 due 11:59 p.m.
Lab 1: GDB due 11:59 p.m.
|
Friday, Sep. 1 |
|
Monday, Sep. 4 Labor Day |
GENKIN
Tuesday, Sep. 5 5. Isolation and Sandboxing Syscalls and interposition, jails, Docker, VMs, hypervisors Application Security Project (Part 1) due 11:59 p.m.
Quiz 1 due 11:59 p.m.
|
GENKIN
Thursday, Sep. 7 6. Authentication Passwords, CAPTCHAs, 2FA, biometrics |
Friday, Sep. 8 |
|
Monday, Sep. 11 Quiz 2 due 11:59 p.m.
|
GENKIN
Tuesday, Sep. 12 7. Malicious Software Types of malware, infection methods, C&C, case studies |
Part 2. Cryptography
|
GENKIN
Thursday, Sep. 14 8. Hashing Applications, definitions, birthday, life cycle, common examples |
Friday, Sep. 15 Application Security Project (Part 2) due 11:59 p.m.
|
||
|
Monday, Sep. 18 Quiz 3 due 11:59 p.m.
|
GENKIN
Tuesday, Sep. 19 9. Integrity MAC, HMAC, length extension attacks |
GENKIN
Thursday, Sep. 21 10. Symmetric Crypto OTP, block ciphers, DES history, AES internals Lab 2: Docker and Python due 11:59 p.m.
|
Friday, Sep. 22 |
|
Monday, Sep. 25 Quiz 4 due 11:59 p.m.
|
GENKIN
Tuesday, Sep. 26 11. Combining Integrity and Confidentiality Block cipher modes, malleability, padding oracles, AEAD |
GENKIN
Thursday, Sep. 28 12. DH and Key Exchange Modular arithmetic, DH, key management, MITM attacks Cryptography Project (Part 1) due 11:59 p.m.
|
Friday, Sep. 29 |
|
Monday, Oct. 2 Quiz 5 due 11:59 p.m.
|
GENKIN
Tuesday, Oct. 3 13. RSA and Attacks on Protocols, Building a Secure Channel RSA encryption and signatures, attacks on RSA, combining primitives |
GENKIN
Thursday, Oct. 5 14. Side-Channel Analysis Physical side channels, micro-architectural issues, Spectre and Meltdown |
Friday, Oct. 6 |
Part 3. Web and Networking
|
Monday, Oct. 9 Fall Break |
Tuesday, Oct. 10 Fall Break |
STAFF
Thursday, Oct. 12 Exam Review Cryptography Project (Part 2) due 11:59 p.m.
Quiz 6 due 11:59 p.m.
|
Friday, Oct. 13 |
|
Monday, Oct. 16 |
Tuesday, Oct. 17 Exam 1, Online
|
Thursday, Oct. 19 No Lecture |
Friday, Oct. 20 |
|
Monday, Oct. 23 |
GENKIN
Tuesday, Oct. 24 15. Networking 101 OSI model, link- through transport-layer attacks Lab 3: Go due 11:59 p.m.
|
GENKIN
Thursday, Oct. 26 16. Networking 102 TCP/UDP, application-layer protocols and attacks |
Friday, Oct. 27 |
|
Monday, Oct. 30 |
GENKIN
Tuesday, Oct. 31 17. Network Defenses DoS techniques and defenses, network monitoring |
GENKIN
Thursday, Nov. 2 18. The Web Platform HTTP, HTML, DOM, JavaScript, same-origin policy |
Friday, Nov. 3 |
|
Monday, Nov. 6 Quiz 7 due 11:59 p.m.
|
GENKIN
Tuesday, Nov. 7 19. Web Attacks and Defenses CSRF, SQL injection, XSS attacks and defenses |
GENKIN
Thursday, Nov. 9 20. HTTPS and the Web PKI TLS, certificates, PKI Networking Project due 11:59 p.m.
|
Friday, Nov. 10 |
|
Monday, Nov. 13 Quiz 8 due 11:59 p.m.
|
GENKIN
Tuesday, Nov. 14 21. HTTPS Attacks and Defenses Social engineering, attacks on CAs, protocol & implementation issues |
Part 4. Security in Context
|
GENKIN
Thursday, Nov. 16 22. Privacy & Anonymity, Law & Ethics Fingerprinting, k-anonymity, Tor, CFAA, ethics Lab 4: Browser DevTools due 11:59 p.m.
|
Friday, Nov. 17 |
||
|
Monday, Nov. 20 Quiz 9 due 11:59 p.m.
|
GENKIN
Tuesday, Nov. 21 23. Physical Security Types of physical locks and how to defeat them via lockpicking |
Thursday, Nov. 23 Thanksgiving Break |
Friday, Nov. 24 Thanksgiving Break |
|
Monday, Nov. 27 Quiz 10 due 11:59 p.m.
|
STAFF
Tuesday, Nov. 28 Exam Review |
Thursday, Nov. 30 Exam 2, Online
|
Friday, Dec. 1 |
|
Monday, Dec. 4 |
Tuesday, Dec. 5 |
Thursday, Dec. 7 |
Friday, Dec. 8 Web Security Project due 11:59 p.m.
|