CS 4235/6035 - Course Schedule

Course Schedule Spring 2024

Part 1. System Security

Monday, Jan. 8	GENKIN Tuesday, Jan. 9 1. The Security Mindset Course overview, thinking like an attacker, threat models Application Security Project available Quiz 0 - Course Logistics available Lab 1: GDB available	GENKIN Thursday, Jan. 11 2. Software Security 1 Machine organization, basic stack smashing	Friday, Jan. 12 Quiz 1 - Security Mindset and Software Security available
Monday, Jan. 15	GENKIN Tuesday, Jan. 16 3. Software Security 2 Advanced stack smashing and countermeasures Lab 1: GDB due 11:59 p.m.	GENKIN Thursday, Jan. 18 4. OS Security and Access Control Secure system principles, access control, process and memory isolation Application Security Project (Part 1) due 11:59 p.m. Quiz 0 - Course Logistics due 11:59 p.m.	Friday, Jan. 19 Quiz 2 - Operating System Security and Access Control available
Monday, Jan. 22 Quiz 1 - Security Mindset and Software Security due 11:59 p.m.	GENKIN Tuesday, Jan. 23 5. Isolation and Sandboxing Syscalls and interposition, jails, Docker, VMs, hypervisors	GENKIN Thursday, Jan. 25 6. Authentication Passwords, CAPTCHAs, 2FA, biometrics	Friday, Jan. 26 Quiz 3 - Isolation and Authentication available

Part 2. Cryptography

Monday, Jan. 29 Quiz 2 - Operating System Security and Access Control due 11:59 p.m.	GENKIN Tuesday, Jan. 30 7. Hashing Applications, definitions, birthday, life cycle, common examples Application Security Project (Part 2) due 11:59 p.m. Cryptography Project available Lab 2: Docker and Python available	GENKIN Thursday, Feb. 1 8. Integrity MAC, HMAC, length extension attacks	Friday, Feb. 2 Quiz 4 - Hashing and Integrity available
Monday, Feb. 5 Quiz 3 - Isolation and Authentication due 11:59 p.m.	GENKIN Tuesday, Feb. 6 9. Symmetric Crypto OTP, block ciphers, DES history, AES internals Lab 2: Docker and Python due 11:59 p.m.	GENKIN Thursday, Feb. 8 10. Combining Integrity and Confidentiality Block cipher modes, malleability, padding oracles, AEAD	Friday, Feb. 9 Quiz 5 - Symmetric Cryptography available
Monday, Feb. 12 Quiz 4 - Hashing and Integrity due 11:59 p.m.	GENKIN Tuesday, Feb. 13 11. DH and Key Exchange Modular arithmetic, DH, key management, MITM attacks Cryptography Project (Part 1) due 11:59 p.m.	GENKIN Thursday, Feb. 15 12. RSA and Attacks on Protocols, Building a Secure Channel RSA encryption and signatures, attacks on RSA, combining primitives	Friday, Feb. 16 Quiz 6 - DH Key Exchange and RSA available

Part 3. Web and Networking

Monday, Feb. 19 Quiz 5 - Symmetric Cryptography due 11:59 p.m.	GENKIN Tuesday, Feb. 20 13. The Web Platform HTTP, HTML, DOM, JavaScript, same-origin policy	GENKIN Thursday, Feb. 22 14. Web Attacks and Defenses CSRF, SQL injection, XSS attacks and defenses Cryptography Project (Part 2) due 11:59 p.m. Web Security Project available Lab 3: Browser DevTools available	Friday, Feb. 23 Quiz 7 - Web Security available
Monday, Feb. 26 Quiz 6 - DH Key Exchange and RSA due 11:59 p.m.	STAFF Tuesday, Feb. 27 Exam Review	Thursday, Feb. 29 Exam 1, Online	Friday, Mar. 1
Monday, Mar. 4 Quiz 7 - Web Security due 11:59 p.m.	GENKIN Tuesday, Mar. 5 15. HTTPS and the Web PKI TLS, certificates, PKI Lab 3: Browser DevTools due 11:59 p.m.	GENKIN Thursday, Mar. 7 16. HTTPS Attacks and Defenses Social engineering, attacks on CAs, protocol & implementation issues	Friday, Mar. 8 Quiz 8 - HTTPS and the Web PKI available
Monday, Mar. 11	GENKIN Tuesday, Mar. 12 17. Networking 101 OSI model, link- through transport-layer attacks	GENKIN Thursday, Mar. 14 18. Networking 102 TCP/UDP, application-layer protocols and attacks Web Security Project due 11:59 p.m. Networking Project available Lab 4: Python Sockets available	Friday, Mar. 15
Monday, Mar. 18 Spring Break	Tuesday, Mar. 19 Spring Break	Thursday, Mar. 21 Spring Break	Friday, Mar. 22 Spring Break
Monday, Mar. 25 Quiz 8 - HTTPS and the Web PKI due 11:59 p.m.	GENKIN Tuesday, Mar. 26 19. Network Defenses DoS techniques and defenses, network monitoring Lab 4: Python Sockets due 11:59 p.m.	GENKIN Thursday, Mar. 28 20. Malware Types of malware, infection methods, C&C, case studies	Friday, Mar. 29 Quiz 9 - Networking and Network Defenses available

Part 4. Security in Context

Monday, Apr. 1	GENKIN Tuesday, Apr. 2 21. Digital Forensics Imaging, techniques for analysis, countermeasures for forensics	GENKIN Thursday, Apr. 4 22. Side-Channel Analysis Physical side channels, microarchitectural issues, Spectre and Meltdown Networking Project due 11:59 p.m. Forensics Project available Lab 5: Autopsy available	Friday, Apr. 5 Quiz 10 - Digital Forensics and Malware available
Monday, Apr. 8 Quiz 9 - Networking and Network Defenses due 11:59 p.m.	GENKIN Tuesday, Apr. 9 23. Privacy & Anonymity Fingerprinting, k-anonymity, Tor, CFAA, ethics	GENKIN Thursday, Apr. 11 24. Physical Security Types of physical locks and how to defeat them via lockpicking Lab 5: Autopsy due 11:59 p.m.	Friday, Apr. 12
Monday, Apr. 15 Quiz 10 - Digital Forensics and Malware due 11:59 p.m.	STAFF Tuesday, Apr. 16 Exam Review	Thursday, Apr. 18 Exam 2, Online	Friday, Apr. 19
Monday, Apr. 22	Tuesday, Apr. 23	Thursday, Apr. 25 Forensics Project due 11:59 p.m.