CS 3235 - Course Schedule

Course Schedule Fall 2024

Part 1. System Security

GENKIN Monday, Aug. 19 1. The Security Mindset Course overview, thinking like an attacker, threat models Application Security Project available Quiz 0 - Course Logistics available Lab 1: GDB available	Tuesday, Aug. 20	GENKIN Wednesday, Aug. 21 2. Software Security 1 Machine organization, basic stack smashing	Thursday, Aug. 22	Friday, Aug. 23 Quiz 1 - Security Mindset and Software Security available
GENKIN Monday, Aug. 26 3. Software Security 2 Advanced stack smashing and countermeasures Lab 1: GDB due 11:59 p.m.	Tuesday, Aug. 27	GENKIN Wednesday, Aug. 28 4. OS Security and Access Control Secure system principles, access control, process and memory isolation Application Security Project (Part 1) due 11:59 p.m. Quiz 0 - Course Logistics due 11:59 p.m.	Thursday, Aug. 29	Friday, Aug. 30 Quiz 2 - Operating System Security and Access Control available
Monday, Sep. 2 Labor Day	Tuesday, Sep. 3 Quiz 1 - Security Mindset and Software Security due 11:59 p.m.	GENKIN Wednesday, Sep. 4 5. Isolation and Sandboxing Syscalls and interposition, jails, Docker, VMs, hypervisors	Thursday, Sep. 5	Friday, Sep. 6

Part 2. Cryptography

GENKIN Monday, Sep. 9 6. Hashing Applications, definitions, birthday, life cycle, common examples	Tuesday, Sep. 10 Quiz 2 - Operating System Security and Access Control due 11:59 p.m.	GENKIN Wednesday, Sep. 11 7. Integrity MAC, HMAC, length extension attacks Application Security Project (Part 2) due 11:59 p.m. Cryptography Project available Lab 2: Docker and Python available	Thursday, Sep. 12	Friday, Sep. 13 Quiz 3 - Isolation, Hashing, and Integrity available
GENKIN Monday, Sep. 16 8. Symmetric Crypto OTP, block ciphers, DES history, AES internals	Tuesday, Sep. 17	GENKIN Wednesday, Sep. 18 9. Combining Integrity and Confidentiality Block cipher modes, malleability, padding oracles, AEAD Lab 2: Docker and Python due 11:59 p.m.	Thursday, Sep. 19	Friday, Sep. 20 Quiz 4 - Symmetric Crypto available
GENKIN Monday, Sep. 23 10. DH and Key Exchange Modular arithmetic, DH, key management, MITM attacks Cryptography Project (Part 1) due 11:59 p.m.	Tuesday, Sep. 24 Quiz 3 - Isolation, Hashing, and Integrity due 11:59 p.m.	GENKIN Wednesday, Sep. 25 11. RSA and Attacks on Protocols, Building a Secure Channel RSA encryption and signatures, attacks on RSA, combining primitives	Thursday, Sep. 26	Friday, Sep. 27 Quiz 5 - DH Key Exchange & RSA available

Part 3. Web and Networking

GENKIN Monday, Sep. 30 12. The Web Platform HTTP, HTML, DOM, JavaScript, same-origin policy	Tuesday, Oct. 1 Quiz 4 - Symmetric Crypto due 11:59 p.m.	GENKIN Wednesday, Oct. 2 13. Web Attacks and Defenses CSRF, SQL injection, XSS attacks and defenses Cryptography Project (Part 2) due 11:59 p.m.	Thursday, Oct. 3 Web Security Project available Lab 3: Browser DevTools available	Friday, Oct. 4 Quiz 6 - Web Security available
STAFF Monday, Oct. 7 Exam Review	Tuesday, Oct. 8 Quiz 5 - DH Key Exchange & RSA due 11:59 p.m.	Wednesday, Oct. 9 Exam 1, Online	Thursday, Oct. 10	Friday, Oct. 11 Lab 3: Browser DevTools due 11:59 p.m.
Monday, Oct. 14 Fall Break	Tuesday, Oct. 15 Fall Break	GENKIN Wednesday, Oct. 16 14. HTTPS and the Web PKI TLS, certificates, PKI Quiz 6 - Web Security due 11:59 p.m.	Thursday, Oct. 17	Friday, Oct. 18 Quiz 7 - HTTPS, Web PKI, Attacks, and Defenses available
GENKIN Monday, Oct. 21 15. HTTPS Attacks and Defenses Social engineering, attacks on CAs, protocol & implementation issues	Tuesday, Oct. 22	GENKIN Wednesday, Oct. 23 16. Networking 101 OSI model, link- through transport-layer attacks Web Security Project due 11:59 p.m.	Thursday, Oct. 24 Networking Project available Lab 4: Python Sockets available	Friday, Oct. 25
GENKIN Monday, Oct. 28 17. Networking 102 TCP/UDP, application-layer protocols and attacks	Tuesday, Oct. 29 Quiz 7 - HTTPS, Web PKI, Attacks, and Defenses due 11:59 p.m.	GENKIN Wednesday, Oct. 30 18. Network Defenses DoS techniques and defenses, network monitoring Lab 4: Python Sockets due 11:59 p.m.	Thursday, Oct. 31	Friday, Nov. 1 Quiz 8 - Networking & Networking Defenses available

Part 4. Security in Context

GENKIN Monday, Nov. 4 19. Malware Types of malware, infection methods, C&C, case studies	Tuesday, Nov. 5	GENKIN Wednesday, Nov. 6 20. Authentication Passwords, CAPTCHAs, 2FA, biometrics	Thursday, Nov. 7	Friday, Nov. 8 Quiz 9 - Malware and Authentication available
GENKIN Monday, Nov. 11 21. Side-Channel Analysis Physical side channels, microarchitectural issues, Spectre and Meltdown	Tuesday, Nov. 12 Quiz 8 - Networking & Networking Defenses due 11:59 p.m.	GENKIN Wednesday, Nov. 13 22. Digital Forensics Imaging, techniques for analysis, countermeasures for forensics Networking Project due 11:59 p.m.	Thursday, Nov. 14 Forensics Project available Lab 5: Autopsy available	Friday, Nov. 15 Quiz 10 - Privacy and Digital Forensics available
GENKIN Monday, Nov. 18 23. Privacy & Anonymity Fingerprinting, k-anonymity, Tor, CFAA, ethics	Tuesday, Nov. 19 Quiz 9 - Malware and Authentication due 11:59 p.m.	BALUTA Wednesday, Nov. 20 24. Machine Learning Security Guest lecture about security in Machine Learning Lab 5: Autopsy due 11:59 p.m.	Thursday, Nov. 21	Friday, Nov. 22
GENKIN Monday, Nov. 25 25. Physical Security Types of physical locks and how to defeat them via lockpicking	Tuesday, Nov. 26 Quiz 10 - Privacy and Digital Forensics due 11:59 p.m.	Wednesday, Nov. 27 Thanksgiving	Thursday, Nov. 28 Thanksgiving	Friday, Nov. 29 Thanksgiving
STAFF Monday, Dec. 2 Exam Review	Tuesday, Dec. 3	Wednesday, Dec. 4 Forensics Project due 11:59 p.m.	Thursday, Dec. 5	Friday, Dec. 6 Exam 2, Online