Course Schedule Fall 2025

Part 1. System Security

DANIEL Monday, Aug. 18
1. The Security Mindset
Course overview, thinking like an attacker, threat models
Tuesday, Aug. 19
DANIEL Wednesday, Aug. 20
2. Software Security 1
Machine organization, basic stack smashing
Thursday, Aug. 21
Friday, Aug. 22
DANIEL Monday, Aug. 25
3. Software Security 2
Advanced stack smashing and countermeasures
Quiz 0 - Course Logistics due 11:59 p.m.
Lab 1: GDB due 11:59 p.m.
Tuesday, Aug. 26
DANIEL Wednesday, Aug. 27
4. OS Security and Access Control
Secure system principles, access control, process and memory isolation
Application Security Project (Part 1) due 11:59 p.m.
Thursday, Aug. 28
Quiz 1 - Security Mindset and Software Security due 11:59 p.m.
Friday, Aug. 29
Monday, Sep. 1
Labor Day
Tuesday, Sep. 2
DANIEL Wednesday, Sep. 3
5. Isolation and Sandboxing
Syscalls and interposition, jails, Docker, VMs, hypervisors
Thursday, Sep. 4
Quiz 2 - Operating System Security and Access Control due 11:59 p.m.
Friday, Sep. 5

Part 2. Cryptography

DANIEL Monday, Sep. 8
6. Hashing
Applications, definitions, birthday, life cycle, common examples
Tuesday, Sep. 9
DANIEL Wednesday, Sep. 10
7. Integrity
MAC, HMAC, length extension attacks
Application Security Project (Part 2) due 11:59 p.m.
Thursday, Sep. 11
Cryptography Project available
Lab 2: Docker and Python available
Friday, Sep. 12
DANIEL Monday, Sep. 15
8. Symmetric Crypto
OTP, block ciphers, DES history, AES internals
Tuesday, Sep. 16
DANIEL Wednesday, Sep. 17
9. Combining Integrity and Confidentiality
Block cipher modes, malleability, padding oracles, AEAD
Lab 2: Docker and Python due 11:59 p.m.
Thursday, Sep. 18
Quiz 3 - Isolation, Hashing, and Integrity due 11:59 p.m.
Friday, Sep. 19
GLEN Monday, Sep. 22
10. DH and Key Exchange
Modular arithmetic, DH, key management, MITM attacks
Cryptography Project (Part 1) due 11:59 p.m.
Tuesday, Sep. 23
DANIEL Wednesday, Sep. 24
11. RSA and Attacks on Protocols, Building a Secure Channel
RSA encryption and signatures, attacks on RSA, combining primitives
Thursday, Sep. 25
Quiz 4 - Symmetric Crypto due 11:59 p.m.
Friday, Sep. 26

Part 3. Web and Networking

DANIEL Monday, Sep. 29
12. The Web Platform
HTTP, HTML, DOM, JavaScript, same-origin policy
Tuesday, Sep. 30
DANIEL Wednesday, Oct. 1
13. Web Attacks and Defenses
CSRF, SQL injection, XSS attacks and defenses
Cryptography Project (Part 2) due 11:59 p.m.
Thursday, Oct. 2
Quiz 5 - DH Key Exchange & RSA due 11:59 p.m.
Web Security Project available
Lab 3: Browser DevTools available
Friday, Oct. 3
Monday, Oct. 6
Fall Break
Tuesday, Oct. 7
Fall Break
STAFF Wednesday, Oct. 8
Exam Review
Lab 3: Browser DevTools due 11:59 p.m.
Thursday, Oct. 9
Quiz 6 - Web Security due 11:59 p.m.
Friday, Oct. 10
Monday, Oct. 13
Exam 1, In-person
Tuesday, Oct. 14
GLEN Wednesday, Oct. 15
14. HTTPS and the Web PKI
TLS, certificates, PKI
Thursday, Oct. 16
Friday, Oct. 17
GLEN Monday, Oct. 20
15. HTTPS Attacks and Defenses
TLS, certificates, PKI
Tuesday, Oct. 21
GLEN Wednesday, Oct. 22
16. Networking 101
Social engineering, attacks on CAs, protocol & implementation issues
Web Security Project due 11:59 p.m.
Thursday, Oct. 23
Networking Project available
Lab 4: Python Sockets available
Friday, Oct. 24
GLEN Monday, Oct. 27
17. Networking 102
OSI model, link- through transport-layer attacks
Tuesday, Oct. 28
GLEN Wednesday, Oct. 29
18. Network Defenses
TCP/UDP, application-layer protocols and attacks
Lab 4: Python Sockets due 11:59 p.m.
Thursday, Oct. 30
Quiz 7 - HTTPS, Web PKI, Attacks, and Defenses due 11:59 p.m.
Friday, Oct. 31

Part 4. Security in Context

GLEN Monday, Nov. 3
19. Malware
Types of malware, infection methods, C&C, case studies
Tuesday, Nov. 4
GLEN Wednesday, Nov. 5
20. Authentication
Passwords, CAPTCHAs, 2FA, biometrics
Thursday, Nov. 6
Quiz 8 - Networking & Networking Defenses due 11:59 p.m.
Friday, Nov. 7
GLEN Monday, Nov. 10
21. Privacy and Anonymity
Fingerprinting, k-anonymity, Tor, CFAA, ethics
Tuesday, Nov. 11
GLEN Wednesday, Nov. 12
22. Digital Forensics
Imaging, techniques for analysis, countermeasures for forensics
Networking Project due 11:59 p.m.
Thursday, Nov. 13
Quiz 9 - Malware and Authentication due 11:59 p.m.
Forensics Project available
Lab 5: Autopsy available
Friday, Nov. 14
DANIEL Monday, Nov. 17
23. Side-Channel Analysis
Physical side channels, microarchitectural issues, Spectre and Meltdown
Tuesday, Nov. 18
GLEN Wednesday, Nov. 19
24. Glen stuff
TBD
Lab 5: Autopsy due 11:59 p.m.
Thursday, Nov. 20
Quiz 10 - Privacy and Digital Forensics due 11:59 p.m.
Friday, Nov. 21
DANIEL Monday, Nov. 24
25. Physical Security
Types of physical locks and how to defeat them via lockpicking
Tuesday, Nov. 25
Wednesday, Nov. 26
Thanksgiving
Thursday, Nov. 27
Friday, Nov. 28
STAFF Monday, Dec. 1
26. Exam Review
Tuesday, Dec. 2
Wednesday, Dec. 3
Forensics Project due 11:59 p.m.
Thursday, Dec. 4
Friday, Dec. 5
Monday, Dec. 8
Tuesday, Dec. 9
Wednesday, Dec. 10
Exam 2, In-person
Thursday, Dec. 11