EECS 388 - Course Schedule

Course Schedule Winter 2025

Part 1. Security Fundamentals

Lectures		Lab
	GRUBBS Wednesday, Jan. 8 1. The Security Mindset Quiz Threat models, vulnerabilities, attacks; how to think like an attacker and a defender Crypto Project available Lab 1 available	Jan. 7/Jan. 9/Jan. 10 Only pre-recorded video Introduce project Python tutorial
GRUBBS Monday, Jan. 13 2. Message Integrity Quiz Alice and Bob, crypto games, Kerckhoffs’s principle, hashes and MACs	GRUBBS Wednesday, Jan. 15 3. Randomness and Pseudorandomness Quiz Generating randomness, PRGs, one-time pads Lab 1 due 6 p.m.	Jan. 14/Jan. 16/Jan. 17 Length extension Hash collisions
Monday, Jan. 20 No Lecture, MLK Day	GRUBBS Wednesday, Jan. 22 4. Confidentiality Quiz Simple ciphers, AES, block cipher modes Crypto Project, Part 1 due 6 p.m.	Jan. 21/Jan. 23/Jan. 24 Review Part 1 Padding oracles Bleichenbacher attacks
Pre-recorded GRUBBS Monday, Jan. 27 5. Combining Confidentiality and Integrity Quiz Confidentiality attacks, authenticated encryption	Pre-recorded GRUBBS Wednesday, Jan. 29 6. Key Exchange, Public-Key Cryptography Quiz Diffie-Hellman, RSA encryption, digital signatures Web Project available Lab 2 available	Jan. 28/Jan. 30/Jan. 31 Introduce Web Project SQL tutorial SQL injection mechanics

Part 2. Web and Network Security

Lectures		Lab
ROY CHOWDHURY Monday, Feb. 3 7. The Web Platform Quiz Intro to the web platform; HTTP, cookies, Javascript, etc.	ROY CHOWDHURY Wednesday, Feb. 5 8. Web Attacks and Defenses Quiz Cookies; XSS, CSRF, and SQL-injection attacks and defenses Crypto Project, Part 2 due 6 p.m.	Feb. 4/Feb. 6/Feb. 7 HTML and JavaScript tutorial XSS and CSRF mechanics
GRUBBS Monday, Feb. 10 9. HTTPS and the Web PKI Quiz The TLS protocol and the CA ecosystem	GRUBBS Wednesday, Feb. 12 10. HTTPS Attacks and Defenses Quiz Implementation flaws, social engineering attacks, and crypto failures Lab 2 due 6 p.m. Networking Project available Lab 3 available	Feb. 11/Feb. 13/Feb. 14 Introduce Networking Project Python sockets tutorial Wireshark tutorial
ROY CHOWDHURY Monday, Feb. 17 11. Networking 101 Quiz Protocol layers, Ethernet, IP, route hijacking, ARP spoofing	ROY CHOWDHURY Wednesday, Feb. 19 12. Networking 102 Quiz UDP, TCP, and DNS attacks Web Project due 6 p.m.	Feb. 18/Feb. 20/Feb. 21 Midterm review
ROY CHOWDHURY Monday, Feb. 24 13. Network Defense Quiz Denial of service; firewalls, IDSes, VPNs, zero-trust	STAFF Wednesday, Feb. 26 Midterm Review Session Lab 3 due 6 p.m. Midterm Exam, Thursday, Feb. 27, 5–6:30 p.m.	Feb. 25/Feb. 27/Feb. 28 No Lab
Monday, Mar. 3 Spring Break	Wednesday, Mar. 5 Spring Break	Mar. 4/Mar. 6/Mar. 7 Spring Break

Part 3. Host and Application Security

Lectures		Lab
ROY CHOWDHURY Monday, Mar. 10 14. Authentication and Passwords Quiz Passwords, online and offline guessing	STAFF Wednesday, Mar. 12 15. Control Hijacking, Part 1 Quiz Software architecture and a simple buffer overflow Networking Project due 6 p.m. AppSec Project available Lab 4 available	Mar. 11/Mar. 13/Mar. 14 Review Web Project Introduce AppSec Project Binary exploitation primer Go over midterm exam
STAFF Monday, Mar. 17 16. Control Hijacking, Part 2 Quiz Common exploitable application bugs, shellcode	ROY CHOWDHURY Wednesday, Mar. 19 17. Access Control and Isolation Quiz Isolation, sandboxing, virtual machines, SGX, containers Lab 4 due 6 p.m.	Mar. 18/Mar. 20/Mar. 21 Shellcode ROP exploitation Ghidra tutorial

Part 4. Privacy and Security in Context

Lectures		Lab
ROY CHOWDHURY Monday, Mar. 24 18. Privacy, Part 1	ROY CHOWDHURY Wednesday, Mar. 26 19. Privacy, Part 2	Mar. 25/Mar. 27/Mar. 28 Project help
ROY CHOWDHURY Monday, Mar. 31 20. Privacy, Part 3 Forensics Project available Lab 5 available	ROY CHOWDHURY Wednesday, Apr. 2 21. Digital Forensics Quiz Data collection, forensic analysis, anti-forensic techniques AppSec Project due 6 p.m.	Apr. 1/Apr. 3/Apr. 4 Introduce Forensics Project Introduce Lab 5 Autopsy tutorial
ROY CHOWDHURY Monday, Apr. 7 22. Malware Quiz Viruses and worms, spyware, key loggers, and botnets; defenses	GUEST Wednesday, Apr. 9 23. Censorship Guest lecture by Prof. Roya Ensafi Lab 5 due 6 p.m.	Apr. 8/Apr. 10/Apr. 11 No Lab
GUEST Monday, Apr. 14 24. Machine Learning Security Guest lecture by Prof. Eugene Bagdasarian	ROY CHOWDHURY Wednesday, Apr. 16 25. Physical Security Quiz Locks and safes, lock picking techniques; defenses (We recommend attending in person for hands-on demos)	Apr. 15/Apr. 17/Apr. 18 Final review, Part 1
STAFF Monday, Apr. 21 Final Review, Part 2 Forensics Project due 6 p.m.	Wednesday, Apr. 23 Study Day Final Exam, Friday, April 25th at 7–9 p.m.