EECS 388 - Course Schedule

Course Schedule Fall 2023

Part 1. Security Fundamentals

Lectures		Lab
HALDERMAN/ENSAFI Tuesday, Aug. 29 1. The Security Mindset Quiz Threat models, vulnerabilities, attacks; how to think like an attacker and a defender	HALDERMAN Thursday, Aug. 31 2. Message Integrity Quiz Alice and Bob, crypto games, Kerckhoffs’s principle, hashes and MACs Crypto Project available Lab 1 available	Sep. 1/Sep. 4 Only pre-recorded video Introduce project Python tutorial
HALDERMAN Tuesday, Sep. 5 3. Randomness and Pseudorandomness Quiz Generating randomness, PRGs, one-time pads	HALDERMAN Thursday, Sep. 7 4. Confidentiality Quiz Simple ciphers, AES, block cipher modes Lab 1 due 6 p.m.	Sep. 8/Sep. 11 Length extension Hash collisions
HALDERMAN Tuesday, Sep. 12 5. Combining Confidentiality and Integrity Quiz Confidentiality attacks, authenticated encryption	HALDERMAN Thursday, Sep. 14 6. Key Exchange, Public-Key Cryptography Quiz Diffie-Hellman, RSA encryption, digital signatures Crypto Project, Part 1 due 6 p.m.	Sep. 15/Sep. 18 Review Part 1 Padding oracles Bleichenbacher attacks

Part 2. Web and Network Security

Lectures		Lab
ENSAFI Tuesday, Sep. 19 7. The Web Platform Quiz Intro to the web platform; HTTP, cookies, Javascript, etc.	ENSAFI Thursday, Sep. 21 8. Web Attacks and Defenses Quiz Cookies; XSS, CSRF, and SQL-injection attacks and defenses Crypto Project, Part 2 due 6 p.m. Web Project available Lab 2 available	Sep. 22/Sep. 25 Review Crypto Project Introduce Web Project SQL tutorial SQL injection mechanics
HALDERMAN Tuesday, Sep. 26 9. HTTPS and the Web PKI Quiz The TLS protocol and the CA ecosystem	HALDERMAN Thursday, Sep. 28 10. HTTPS Attacks and Defenses Quiz Implementation flaws, social engineering attacks, and crypto failures Lab 2 due 6 p.m.	Sep. 29/Oct. 2 HTML and JavaScript tutorial XSS and CSRF mechanics
ENSAFI Tuesday, Oct. 3 11. Networking 101 Quiz Protocol layers, Ethernet, IP, route hijacking, ARP spoofing	ENSAFI Thursday, Oct. 5 12. Networking 102 Quiz UDP, TCP, and DNS attacks Web Project due 6 p.m. Networking Project available Lab 3 available	Oct. 6/Oct. 9 Review Web Project Introduce Networking Project Python sockets tutorial Wireshark tutorial
ENSAFI Tuesday, Oct. 10 13. Network Defense Quiz Denial of service; firewalls, IDSes, VPNs, zero-trust	ENSAFI Thursday, Oct. 12 14. Authentication and Passwords Quiz Passwords, online and offline guessing Lab 3 due 6 p.m.	Oct. 13/Oct. 16 No Lab
Tuesday, Oct. 17 No Lecture Study break	STAFF Thursday, Oct. 19 Midterm Review Session Midterm Exam, Friday, Oct. 20, 7–8:30 p.m.	Oct. 20/Oct. 23 No Lab

Part 3. Host and Application Security

Lectures		Lab
STAFF Tuesday, Oct. 24 15. Control Hijacking, Part 1 Quiz Software architecture and a simple buffer overflow	STAFF Thursday, Oct. 26 16. Control Hijacking, Part 2 Quiz Common exploitable application bugs, shellcode Networking Project due 6 p.m. AppSec Project available Lab 4 available	Oct. 27/Oct. 30 Introduce AppSec Project Binary exploitation primer Go over midterm exam
ENSAFI Tuesday, Oct. 31 17. Malware Quiz Viruses and worms, spyware, key loggers, and botnets; defenses	ENSAFI Thursday, Nov. 2 18. Access Control and Isolation Quiz Isolation, sandboxing, virtual machines, SGX, containers Lab 4 due 6 p.m.	Nov. 3/Nov. 6 Shellcode ROP exploitation Ghidra tutorial
HALDERMAN Tuesday, Nov. 7 19. Election Cybersecurity Quiz Vulnerabilities, defenses, policy	Only via Zoom (Check Piazza for link) ENSAFI Thursday, Nov. 9 20. Machine Learning Security Guest lecture by Kexin Pei	Nov. 10/Nov. 13 Project help
ENSAFI Tuesday, Nov. 14 21. Censorship and Circumvention Quiz Internet censorship, geoblocking, censorship measurement, circumvention	HALDERMAN Thursday, Nov. 16 22. Digital Forensics Quiz Data collection, forensic analysis, anti-forensic techniques AppSec Project due 6 p.m. Forensics Project available Lab 5 available	Nov. 17/Nov. 20 Review AppSec Project Introduce Forensics Project Autopsy tutorial

Part 4. Security in Context

Lectures		Lab
ENSAFI Tuesday, Nov. 21 23. Privacy and Anonymity Quiz Online tracking; Tor, Signal, etc.	Thursday, Nov. 23 No lecture Thanksgiving break	Nov. 24/Nov. 27 No Lab
Only via Zoom (Check Piazza for link) GUEST Tuesday, Nov. 28 24. Side Channels Guest Lecture by Andrew Kwong	HALDERMAN Thursday, Nov. 30 25. Physical Security Quiz Locks and safes, lock picking techniques; defenses (We recommend attending in person for hands-on demos) Lab 5 due 6 p.m.	Dec. 1/Dec. 4 Final review, Part 1
STAFF Tuesday, Dec. 5 Final Review, Part 2	Thursday, Dec. 7 Study Day Forensics Project due 6 p.m.
Tuesday, Dec. 12 Exam Period	Thursday, Dec. 14 Final Exam, 7–9 p.m.