Course Schedule Fall 2025

Part 1. Security Fundamentals

Lectures Lab
GRUBBS Tuesday, Aug. 26
1. The Security Mindset Quiz
Threat models, vulnerabilities, attacks; how to think like an attacker and a defender
GRUBBS Thursday, Aug. 28
2. Message Integrity Quiz
Alice and Bob, crypto games, Kerckhoffs’s principle, hashes and MACs
Aug. 29/Sep. 1
Only pre-recorded video Introduce project
Python tutorial
GRUBBS Tuesday, Sep. 2
3. Randomness and Pseudorandomness Quiz
Generating randomness, PRGs, one-time pads
GRUBBS Thursday, Sep. 4
4. Confidentiality Quiz
Simple ciphers, AES, block cipher modes
Sep. 5/Sep. 8
Length extension
Hash collisions
GRUBBS Tuesday, Sep. 9
5. Combining Confidentiality and Integrity Quiz
Confidentiality attacks, authenticated encryption
GRUBBS Thursday, Sep. 11
6. Key Exchange, Public-Key Cryptography Quiz
Diffie-Hellman, RSA encryption, digital signatures
Sep. 12/Sep. 15
Padding oracles
Bleichenbacher attacks

Part 2. Web and Network Security

Lectures Lab
ROY CHOWDHURY Tuesday, Sep. 16
7. The Web Platform Quiz
Intro to the web platform; HTTP, cookies, Javascript, etc.
ROY CHOWDHURY Thursday, Sep. 18
8. Web Attacks and Defenses Quiz
Cookies; XSS, CSRF, and SQL-injection attacks and defenses
Web Project available
Lab 2 available
Sep. 19/Sep. 22
SQL tutorial
SQL injection mechanics
GRUBBS Tuesday, Sep. 23
9. HTTPS and the Web PKI Quiz
The TLS protocol and the CA ecosystem
GRUBBS Thursday, Sep. 25
10. HTTPS Attacks and Defenses Quiz
Implementation flaws, social engineering attacks, and crypto failures
Lab 2 due 6 p.m.
Sep. 26/Sep. 29
HTML and JavaScript tutorial
XSS and CSRF mechanics
ROY CHOWDHURY Tuesday, Sep. 30
11. Networking 101 Quiz
Protocol layers, Ethernet, IP, route hijacking, ARP spoofing
ROY CHOWDHURY Thursday, Oct. 2
12. Networking 102 Quiz
UDP, TCP, and DNS attacks
Web Project due 6 p.m.
Networking Project available
Lab 3 available
Oct. 3/Oct. 6
Python sockets tutorial
Wireshark tutorial
ROY CHOWDHURY Tuesday, Oct. 7
13. Network Defense Quiz
Denial of service; firewalls, IDSes, VPNs, zero-trust
STAFF Thursday, Oct. 9
Midterm Review Session
Lab 3 due 6 p.m.
Oct. 10/Oct. 13
No Lab
Tuesday, Oct. 14
Fall Break
ROY CHOWDHURY Thursday, Oct. 16
14. Authentication and Passwords Quiz
Passwords, online and offline guessing
Midterm Exam, Friday, Oct. 17, 7–8:30 p.m.
Oct. 17/Oct. 20
No Lab

Part 3. Host and Application Security

Lectures Lab
STAFF Tuesday, Oct. 21
15. Control Hijacking, Part 1 Quiz
Software architecture and a simple buffer overflow
STAFF Thursday, Oct. 23
16. Control Hijacking, Part 2 Quiz
Common exploitable application bugs, shellcode
Networking Project due 6 p.m.
AppSec Project available
Lab 4 available
Oct. 24/Oct. 27
Introduce AppSec Project
Introduce Lab 4
Binary exploitation primer
Go over midterm exam

Part 4. Privacy and Security in Context

Lectures Lab
ROY CHOWDHURY Tuesday, Oct. 28
17. Access Control and Isolation Quiz
Isolation, sandboxing, virtual machines, SGX, containers
ROY CHOWDHURY Thursday, Oct. 30
18. Data Privacy, Part 1 Quiz
Privacy violations, privacy regulations
Lab 4 due 6 p.m.
Oct. 31/Nov. 3
Shellcode
ROP exploitation
Ghidra tutorial
ROY CHOWDHURY Tuesday, Nov. 4
19. Data Privacy, Part 2 Quiz
Data anonymization, data aggregation
ROY CHOWDHURY Thursday, Nov. 6
20. Data Privacy, Part 3 Quiz
Privacy/Utility tradeoff, differential privacy
Nov. 7/Nov. 10
No Lab
ROY CHOWDHURY Tuesday, Nov. 11
21. Digital Forensics Quiz
Data collection, forensic analysis, anti-forensic techniques
Forensics Project available
Lab 5 available
GRUBBS Thursday, Nov. 13
22. Malware Quiz
Viruses and worms, spyware, key loggers, and botnets; defenses
AppSec Project due 6 p.m.
Nov. 14/Nov. 17
Introduce Forensics Project
Introduce Lab 5
Autopsy tutorial
GUEST Tuesday, Nov. 18
23. Guest Lecture
Guest lecture by Prof. Roya Ensafi
GUEST Thursday, Nov. 20
24. Guest Lecture
TBD
Lab 5 due 6 p.m.
Nov. 21/Nov. 24
No Lab
GRUBBS Tuesday, Nov. 25
25. Physical Security Quiz
Locks and safes, lock picking techniques; defenses
(We recommend attending in person for hands-on demos)
Thursday, Nov. 27
Thanksgiving Break
Nov. 28/Dec. 1
No Lab
STAFF Tuesday, Dec. 2
Final Review, Part 1
STAFF Thursday, Dec. 4
Final Review, Part 2
Forensics Project due 6 p.m.
Dec. 5/Dec. 8
No Lab
Tuesday, Dec. 9
Study Day
Thursday, Dec. 11
Exam Period
Dec. 12/Dec. 15
No Lab
Tuesday, Dec. 16
Final Exam, Tuesday, December 16th, 7–9 p.m.