Course Schedule Winter 2023
Part 1. Security Fundamentals
Lectures | Lab | |
---|---|---|
GRUBBS
Wednesday, Jan. 4 1. The Security Mindset Quiz Threat models, vulnerabilities, attacks; how to think like an attacker and a defender |
Jan. 5/Jan. 6 Introduce project Python tutorial |
|
GRUBBS
Monday, Jan. 9 2. Message Integrity Quiz Alice and Bob, crypto games, Kerckhoffs's principle, hashes and MACs |
GRUBBS
Wednesday, Jan. 11 3. Randomness and Pseudorandomness Quiz Generating randomness, PRGs, one-time pads |
Jan. 12/Jan. 13 Length extension Hash collisions |
Monday, Jan. 16 No Lecture Martin Luther King Jr. Day |
GRUBBS
Wednesday, Jan. 18 4. Confidentiality Quiz Simple ciphers, AES, block cipher modes |
Jan. 19/Jan. 20 Review Part 1 Padding oracles |
GRUBBS
Monday, Jan. 23 5. Combining Confidentiality and Integrity Quiz Confidentiality attacks, authenticated encryption |
GRUBBS
Wednesday, Jan. 25 6. Key Exchange, Public-Key Cryptography Quiz Diffie-Hellman, RSA encryption, digital signatures |
Jan. 26/Jan. 27 Bleichenbacher attacks |
Part 2. Web and Network Security
Lectures | Lab | |
---|---|---|
HALDERMAN
Monday, Jan. 30 7. The Web Platform Quiz Intro to the web platform; HTTP, cookies, Javascript, etc. |
HALDERMAN
Wednesday, Feb. 1 8. Web Attacks and Defenses Quiz Cookies; XSS, CSRF, and SQL-injection attacks and defenses |
Feb. 2/Feb. 3 Review Crypto Project Introduce Web Project SQL tutorial SQL injection mechanics |
HALDERMAN
Monday, Feb. 6 9. HTTPS and the Web PKI Quiz The TLS protocol and the CA ecosystem |
HALDERMAN
Wednesday, Feb. 8 10. HTTPS Attacks and Defenses Quiz Implementation flaws, social engineering attacks, and crypto failures |
Feb. 9/Feb. 10 HTML and JavaScript tutorial XSS and CSRF mechanics |
HALDERMAN
Monday, Feb. 13 11. Networking 101 Quiz Protocol layers, Ethernet, IP, route hijacking, ARP spoofing |
HALDERMAN
Wednesday, Feb. 15 12. Networking 102 Quiz UDP, TCP, and DNS attacks |
Feb. 16/Feb. 17 Review Web Project Introduce Networking Project Python sockets tutorial Wireshark tutorial |
HALDERMAN
Monday, Feb. 20 13. Network Defense Quiz Denial of service; firewalls, IDSes, VPNs, zero-trust |
STAFF
Wednesday, Feb. 22 Midterm Review Session Midterm Exam, Thursday, Feb. 23, 7–8:30 p.m.
|
Feb. 23/Feb. 24 No Lab |
“Spring” Break
Feb. 25–Mar. 5 |
Part 3. Host and Application Security
Lectures | Lab | |
---|---|---|
GRUBBS
Monday, Mar. 6 14. Authentication and Passwords Quiz Passwords, online and offline guessing |
GRUBBS
Wednesday, Mar. 8 15. Malware Quiz Viruses and worms, spyware, key loggers, and botnets; defenses |
Mar. 9/Mar. 10 Midterm exam discussion Project help |
STAFF
Monday, Mar. 13 16. Control Hijacking, Part 1 Quiz Software architecture and a simple buffer overflow |
STAFF
Wednesday, Mar. 15 17. Control Hijacking, Part 2 Quiz Common exploitable application bugs, shellcode |
Mar. 16/Mar. 17 Introduce AppSec Project Binary exploitation primer |
GRUBBS
Monday, Mar. 20 18. Access Control and Isolation Quiz Isolation, sandboxing, virtual machines, SGX, containers |
Only via Zoom
GUEST
Wednesday, Mar. 22 19. Machine Learning Security Guest lecture by Prof. Nicolas Papernot |
Mar. 23/Mar. 24 Shellcode ROP exploitation Ghidra tutorial |
GRUBBS
Monday, Mar. 27 20. Privacy and Anonymity Quiz Online tracking; Tor, Signal, etc. |
HALDERMAN
Wednesday, Mar. 29 21. Digital Forensics Quiz Data collection, forensic analysis, anti-forensic techniques |
Mar. 30/Mar. 31 Review AppSec Project Introduce Forensics Project Autopsy tutorial |
Part 4. Security in Context
Lectures | Lab | |
---|---|---|
GUEST
Monday, Apr. 3 22. Censorship and Circumvention Quiz Internet censorship, geoblocking, censorship measurement, circumvention Guest lecture by Prof. Roya Ensafi |
GUEST
Wednesday, Apr. 5 23. Hacking, the Law, and Public Policy Guest lecture by Brian Klein of Waymaker Law |
Apr. 6/Apr. 7 No Lab |
HALDERMAN
Monday, Apr. 10 24. Election Cybersecurity Quiz Vulnerabilities, defenses, policy |
HALDERMAN
Wednesday, Apr. 12 25. Physical Security Quiz Locks and safes, lock picking techniques; defenses |
Apr. 13/Apr. 14 Exam review |
STAFF
Monday, Apr. 17 Final Review Session |
Wednesday, Apr. 19 Study Day Final Exam, Friday, Apr. 21, 7–9 p.m.
|