Course Schedule Winter 2025
Part 1. Security Fundamentals
| Lectures | Lab | |
|---|---|---|
|
GRUBBS
Wednesday, Jan. 8 1. The Security Mindset Quiz Threat models, vulnerabilities, attacks; how to think like an attacker and a defender |
Jan. 7/Jan. 9/Jan. 10 Only pre-recorded video Introduce project Python tutorial |
|
|
GRUBBS
Monday, Jan. 13 2. Message Integrity Quiz Alice and Bob, crypto games, Kerckhoffs’s principle, hashes and MACs |
GRUBBS
Wednesday, Jan. 15 3. Randomness and Pseudorandomness Quiz Generating randomness, PRGs, one-time pads |
Jan. 14/Jan. 16/Jan. 17 Length extension Hash collisions |
|
Monday, Jan. 20 No Lecture, MLK Day |
GRUBBS
Wednesday, Jan. 22 4. Confidentiality Quiz Simple ciphers, AES, block cipher modes |
Jan. 21/Jan. 23/Jan. 24 Review Part 1 Padding oracles Bleichenbacher attacks |
|
GRUBBS
Monday, Jan. 27 5. Combining Confidentiality and Integrity Quiz Confidentiality attacks, authenticated encryption |
GRUBBS
Wednesday, Jan. 29 6. Key Exchange, Public-Key Cryptography Quiz Diffie-Hellman, RSA encryption, digital signatures Web Project available
Lab 2 available
|
Jan. 28/Jan. 30/Jan. 31 Introduce Web Project SQL tutorial SQL injection mechanics |
Part 2. Web and Network Security
| Lectures | Lab | |
|---|---|---|
|
GRUBBS
Monday, Feb. 3 7. The Web Platform Quiz Intro to the web platform; HTTP, cookies, Javascript, etc. |
GRUBBS
Wednesday, Feb. 5 8. Web Attacks and Defenses Quiz Cookies; XSS, CSRF, and SQL-injection attacks and defenses |
Feb. 4/Feb. 6/Feb. 7 HTML and JavaScript tutorial XSS and CSRF mechanics |
|
GRUBBS
Monday, Feb. 10 9. HTTPS and the Web PKI Quiz The TLS protocol and the CA ecosystem |
GRUBBS
Wednesday, Feb. 12 10. HTTPS Attacks and Defenses Quiz Implementation flaws, social engineering attacks, and crypto failures Lab 2 due 6 p.m.
Networking Project available
Lab 3 available
|
Feb. 11/Feb. 13/Feb. 14 Introduce Networking Project Python sockets tutorial Wireshark tutorial |
|
ROY CHOWDHURY
Monday, Feb. 17 11. Networking 101 Quiz Protocol layers, Ethernet, IP, route hijacking, ARP spoofing |
ROY CHOWDHURY
Wednesday, Feb. 19 12. Networking 102 Quiz UDP, TCP, and DNS attacks Web Project due 6 p.m.
|
Feb. 18/Feb. 20/Feb. 21 Midterm review |
|
ROY CHOWDHURY
Monday, Feb. 24 13. Network Defense Quiz Denial of service; firewalls, IDSes, VPNs, zero-trust |
STAFF
Wednesday, Feb. 26 Midterm Review Session Lab 3 due 6 p.m.
Midterm Exam, Thursday, Feb. 27, 5–6:30 p.m.
|
Feb. 25/Feb. 27/Feb. 28 No Lab |
|
Monday, Mar. 3 Spring Break |
Wednesday, Mar. 5 Spring Break |
Mar. 4/Mar. 6/Mar. 7 Spring Break |
Part 3. Host and Application Security
| Lectures | Lab | |
|---|---|---|
|
ROY CHOWDHURY
Monday, Mar. 10 14. Authentication and Passwords Quiz Passwords, online and offline guessing |
STAFF
Wednesday, Mar. 12 15. Control Hijacking, Part 1 Quiz Software architecture and a simple buffer overflow Networking Project due 6 p.m.
AppSec Project available
Lab 4 available
|
Mar. 11/Mar. 13/Mar. 14 Review Web Project Introduce AppSec Project Binary exploitation primer Go over midterm exam |
|
STAFF
Monday, Mar. 17 16. Control Hijacking, Part 2 Quiz Common exploitable application bugs, shellcode |
ROY CHOWDHURY
Wednesday, Mar. 19 17. Access Control and Isolation Quiz Isolation, sandboxing, virtual machines, SGX, containers Lab 4 due 6 p.m.
|
Mar. 18/Mar. 20/Mar. 21 Shellcode ROP exploitation Ghidra tutorial |
Part 4. Privacy and Security in Context
| Lectures | Lab | |
|---|---|---|
|
ROY CHOWDHURY
Monday, Mar. 24 18. Privacy, Part 1 |
ROY CHOWDHURY
Wednesday, Mar. 26 19. Privacy, Part 2 |
Mar. 25/Mar. 27/Mar. 28 Project help |
|
ROY CHOWDHURY
Monday, Mar. 31 20. Privacy, Part 3 Forensics Project available
Lab 5 available
|
ROY CHOWDHURY
Wednesday, Apr. 2 21. Digital Forensics Quiz Data collection, forensic analysis, anti-forensic techniques AppSec Project due 6 p.m.
|
Apr. 1/Apr. 3/Apr. 4 Introduce Forensics Project Introduce Lab 5 Autopsy tutorial |
|
ROY CHOWDHURY
Monday, Apr. 7 22. Malware Quiz Viruses and worms, spyware, key loggers, and botnets; defenses |
GUEST
Wednesday, Apr. 9 23. Guest Lecture 1 Lab 5 due 6 p.m.
|
Apr. 8/Apr. 10/Apr. 11 No Lab |
|
GUEST
Monday, Apr. 14 24. Guest Lecture 2 |
ROY CHOWDHURY
Wednesday, Apr. 16 25. Physical Security Quiz Locks and safes, lock picking techniques; defenses (We recommend attending in person for hands-on demos) |
Apr. 15/Apr. 17/Apr. 18 Final review, Part 1 |
|
STAFF
Monday, Apr. 21 Final Review, Part 2 Forensics Project due 6 p.m.
|
Wednesday, Apr. 23 Study Day Final Exam, Friday, April 25th at 7–9 p.m.
|
|