CS 3235 - Course Schedule

Course Schedule Spring 2025

Part 1. System Security

Monday, Jan. 6	PAUL Tuesday, Jan. 7 1. The Security Mindset Course overview, thinking like an attacker, threat models Application Security Project available Quiz 0 - Course Logistics available Lab 1: GDB available	Wednesday, Jan. 8	PAUL Thursday, Jan. 9 2. Software Security 1 Machine organization, basic stack smashing	Friday, Jan. 10 Quiz 1 - Security Mindset and Software Security available
Monday, Jan. 13	PAUL Tuesday, Jan. 14 3. Software Security 2 Advanced stack smashing and countermeasures Lab 1: GDB due 11:59 p.m.	Wednesday, Jan. 15	MIKE Thursday, Jan. 16 4. OS Security and Access Control Secure system principles, access control, process and memory isolation Application Security Project (Part 1) due 11:59 p.m. Quiz 0 - Course Logistics due 11:59 p.m.	Friday, Jan. 17 Quiz 2 - Operating System Security and Access Control available
Monday, Jan. 20 MLK Jr Day	MIKE Tuesday, Jan. 21 5. Isolation and Sandboxing Syscalls and interposition, jails, Docker, VMs, hypervisors Quiz 1 - Security Mindset and Software Security due 11:59 p.m.	Wednesday, Jan. 22

Part 2. Cryptography

			MIKE Thursday, Jan. 23 6. Hashing Applications, definitions, birthday, life cycle, common examples	Friday, Jan. 24
Monday, Jan. 27 Quiz 2 - Operating System Security and Access Control due 11:59 p.m.	MIKE Tuesday, Jan. 28 7. Integrity MAC, HMAC, length extension attacks Application Security Project (Part 2) due 11:59 p.m.	Wednesday, Jan. 29 Cryptography Project available Lab 2: Docker and Python available	MIKE Thursday, Jan. 30 8. Symmetric Crypto OTP, block ciphers, DES history, AES internals	Friday, Jan. 31 Quiz 3 - Isolation, Hashing, and Integrity available
Monday, Feb. 3	MIKE Tuesday, Feb. 4 9. Combining Integrity and Confidentiality Block cipher modes, malleability, padding oracles, AEAD Lab 2: Docker and Python due 11:59 p.m.	Wednesday, Feb. 5	MIKE Thursday, Feb. 6 10. DH and Key Exchange Modular arithmetic, DH, key management, MITM attacks Cryptography Project (Part 1) due 11:59 p.m.	Friday, Feb. 7 Quiz 4 - Symmetric Crypto available
Monday, Feb. 10 Quiz 3 - Isolation, Hashing, and Integrity due 11:59 p.m.	MIKE Tuesday, Feb. 11 11. RSA and Attacks on Protocols, Building a Secure Channel RSA encryption and signatures, attacks on RSA, combining primitives	Wednesday, Feb. 12

Part 3. Web and Networking

			PAUL Thursday, Feb. 13 12. The Web Platform HTTP, HTML, DOM, JavaScript, same-origin policy	Friday, Feb. 14 Quiz 5 - DH Key Exchange & RSA available
Monday, Feb. 17 Quiz 4 - Symmetric Crypto due 11:59 p.m.	PAUL Tuesday, Feb. 18 13. Web Attacks and Defenses CSRF, SQL injection, XSS attacks and defenses Cryptography Project (Part 2) due 11:59 p.m.	Wednesday, Feb. 19 Web Security Project available Lab 3: Browser DevTools available	STAFF Thursday, Feb. 20 Exam Review	Friday, Feb. 21 Quiz 6 - Web Security available
Monday, Feb. 24 Quiz 5 - DH Key Exchange & RSA due 11:59 p.m.	Tuesday, Feb. 25 Exam 1, Online	Wednesday, Feb. 26	PAUL Thursday, Feb. 27 14. HTTPS and the Web PKI TLS, certificates, PKI Lab 3: Browser DevTools due 11:59 p.m.	Friday, Feb. 28
Monday, Mar. 3 Quiz 6 - Web Security due 11:59 p.m.	PAUL Tuesday, Mar. 4 15. HTTPS Attacks and Defenses TLS, certificates, PKI	Wednesday, Mar. 5	PAUL Thursday, Mar. 6 16. Networking 101 Social engineering, attacks on CAs, protocol & implementation issues	Friday, Mar. 7 Quiz 7 - HTTPS, Web PKI, Attacks, and Defenses available
Monday, Mar. 10	PAUL Tuesday, Mar. 11 17. Networking 102 OSI model, link- through transport-layer attacks Web Security Project due 11:59 p.m.	Wednesday, Mar. 12 Networking Project available Lab 4: Python Sockets available	PAUL Thursday, Mar. 13 18. Network Defenses TCP/UDP, application-layer protocols and attacks	Friday, Mar. 14 Quiz 8 - Networking & Networking Defenses available
Monday, Mar. 17 Spring Break	Tuesday, Mar. 18 Spring Break	Wednesday, Mar. 19 Spring Break	Thursday, Mar. 20 Spring Break	Friday, Mar. 21 Spring Break

Part 4. Security in Context

Monday, Mar. 24 Quiz 7 - HTTPS, Web PKI, Attacks, and Defenses due 11:59 p.m.	PAUL Tuesday, Mar. 25 19. Malware Types of malware, infection methods, C&C, case studies Lab 4: Python Sockets due 11:59 p.m.	Wednesday, Mar. 26	MIKE Thursday, Mar. 27 20. Authentication Passwords, CAPTCHAs, 2FA, biometrics	Friday, Mar. 28 Quiz 9 - Malware and Authentication available
Monday, Mar. 31 Quiz 8 - Networking & Networking Defenses due 11:59 p.m.	PAUL Tuesday, Apr. 1 21. Privacy and Anonymity Fingerprinting, k-anonymity, Tor, CFAA, ethics Networking Project due 11:59 p.m.	Wednesday, Apr. 2 Forensics Project available Lab 5: Autopsy available	MIKE Thursday, Apr. 3 22. Digital Forensics Imaging, techniques for analysis, countermeasures for forensics	Friday, Apr. 4 Quiz 10 - Privacy and Digital Forensics available
Monday, Apr. 7 Quiz 9 - Malware and Authentication due 11:59 p.m.	MIKE Tuesday, Apr. 8 23. Physical Security Types of physical locks and how to defeat them via lockpicking Lab 5: Autopsy due 11:59 p.m.	Wednesday, Apr. 9	MIKE Thursday, Apr. 10 24. Ethics Guest lecture about security in Machine Learning	Friday, Apr. 11
Monday, Apr. 14 Quiz 10 - Privacy and Digital Forensics due 11:59 p.m.	STAFF Tuesday, Apr. 15 25. Exam Review	Wednesday, Apr. 16	Thursday, Apr. 17 Exam 2, Online	Friday, Apr. 18
Monday, Apr. 21	TBD Tuesday, Apr. 22 26. Guest Lecture TBD	Wednesday, Apr. 23	Thursday, Apr. 24 Forensics Project due 11:59 p.m.