Course Schedule Fall 2024

Part 1. Security Fundamentals

Lectures Lab
HALDERMAN/CHEN Tuesday, Aug. 27
1. The Security Mindset Quiz
Threat models, vulnerabilities, attacks; how to think like an attacker and a defender 		HALDERMAN Thursday, Aug. 29
2. Message Integrity Quiz
Alice and Bob, crypto games, Kerckhoffs’s principle, hashes and MACs
Crypto Project available
Lab 1 available
 Aug. 30/Sep. 2
Only pre-recorded video Introduce project
Python tutorial
HALDERMAN Tuesday, Sep. 3
3. Randomness and Pseudorandomness Quiz
Generating randomness, PRGs, one-time pads 		HALDERMAN Thursday, Sep. 5
4. Confidentiality Quiz
Simple ciphers, AES, block cipher modes
Lab 1 due 6 p.m.
 Sep. 6/Sep. 9
Length extension
Hash collisions
HALDERMAN Tuesday, Sep. 10
5. Combining Confidentiality and Integrity Quiz
Confidentiality attacks, authenticated encryption 		HALDERMAN Thursday, Sep. 12
6. Key Exchange, Public-Key Cryptography Quiz
Diffie-Hellman, RSA encryption, digital signatures
Crypto Project, Part 1 due 6 p.m.
 Sep. 13/Sep. 16
Padding oracles
Bleichenbacher attacks

Part 2. Web and Network Security

Lectures Lab
CHEN Tuesday, Sep. 17
7. The Web Platform Quiz
Intro to the web platform; HTTP, cookies, Javascript, etc. 		CHEN Thursday, Sep. 19
8. Web Attacks and Defenses Quiz
Cookies; XSS, CSRF, and SQL-injection attacks and defenses
Crypto Project, Part 2 due 6 p.m.
Web Project available
Lab 2 available
 Sep. 20/Sep. 23
Introduce Web Project
SQL tutorial
SQL injection mechanics
HALDERMAN Tuesday, Sep. 24
9. HTTPS and the Web PKI Quiz
The TLS protocol and the CA ecosystem 		HALDERMAN Thursday, Sep. 26
10. HTTPS Attacks and Defenses Quiz
Implementation flaws, social engineering attacks, and crypto failures
Lab 2 due 6 p.m.
 Sep. 27/Sep. 30
Review Crypto Project
HTML and JavaScript tutorial
XSS and CSRF mechanics
CHEN Tuesday, Oct. 1
11. Networking 101 Quiz
Protocol layers, Ethernet, IP, route hijacking, ARP spoofing 		CHEN Thursday, Oct. 3
12. Networking 102 Quiz
UDP, TCP, and DNS attacks
Web Project due 6 p.m.
Networking Project available
Lab 3 available
 Oct. 4/Oct. 7
Introduce Networking Project
Python sockets tutorial
Wireshark tutorial
CHEN Tuesday, Oct. 8
13. Network Defense Quiz
Denial of service; firewalls, IDSes, VPNs, zero-trust 		CHEN Thursday, Oct. 10
14. Authentication and Passwords Quiz
Passwords, online and offline guessing
Lab 3 due 6 p.m.
 Oct. 11/Oct. 14
No Lab
Tuesday, Oct. 15
No Lecture
Study break 		STAFF Thursday, Oct. 17
Midterm Review Session
Midterm Exam, Friday, Oct. 18, 7–8:30 p.m.
 Oct. 18/Oct. 21
No Lab

Part 3. Host and Application Security

Lectures Lab
STAFF Tuesday, Oct. 22
15. Control Hijacking, Part 1 Quiz
Software architecture and a simple buffer overflow 		STAFF Thursday, Oct. 24
16. Control Hijacking, Part 2 Quiz
Common exploitable application bugs, shellcode
Networking Project due 6 p.m.
AppSec Project available
Lab 4 available
 Oct. 25/Oct. 28
Introduce AppSec Project
Binary exploitation primer
Go over midterm exam
CHEN Tuesday, Oct. 29
17. Malware Quiz
Viruses and worms, spyware, key loggers, and botnets; defenses 		CHEN Thursday, Oct. 31
18. Access Control and Isolation Quiz
Isolation, sandboxing, virtual machines, SGX, containers
Lab 4 due 6 p.m.
 Nov. 1/Nov. 4
Review Networking Project
Shellcode
ROP exploitation
Ghidra tutorial
HALDERMAN Tuesday, Nov. 5
19. Election Cybersecurity Quiz
Vulnerabilities, defenses, policy 		CHEN Thursday, Nov. 7
20. Programmable in-network security
Programmable networks, match/action processing, in-network defenses 		Nov. 8/Nov. 11
Project help
GUEST Tuesday, Nov. 12
21. Censorship Quiz
Guest Lecture by Prof. Roya Ensafi 		HALDERMAN Thursday, Nov. 14
22. Digital Forensics Quiz
Data collection, forensic analysis, anti-forensic techniques
AppSec Project due 6 p.m.
Forensics Project available
Lab 5 available
 Nov. 15/Nov. 18
Introduce Forensics Project
Autopsy tutorial

Part 4. Security in Context

Lectures Lab
GUEST Tuesday, Nov. 19
23. Privacy Quiz
Guest Lecture by Prof. Amrita Chowdhury 		CHEN Thursday, Nov. 21
24. Data center security
Remote direct memory access, kernel bypass, access control; memory introspection.
Lab 5 due 6 p.m.
 Nov. 22/Nov. 25
No Lab
GUEST Tuesday, Nov. 26
25. Machine Learning Security
Guest Lecture by Prof. Kexin Pei 		Thursday, Nov. 28
Thanksgiving Break
Nov. 29/Dec. 2
No Lab
HALDERMAN Tuesday, Dec. 3
26. Physical Security Quiz
Locks and safes, lock picking techniques; defenses
(We recommend attending in person for hands-on demos) 		STAFF Thursday, Dec. 5
Final Review, Part 1
Forensics Project due 6 p.m.
 Dec. 6/Dec. 9
Final review, Part 2
Tuesday, Dec. 10
Study Day
Thursday, Dec. 12
Exam Period
Tuesday, Dec. 17
Final Exam, 7–9 p.m.