Course Schedule Fall 2023

Part 1. Security Fundamentals

Lectures Lab
1. The Security Mindset Quiz
Threat models, vulnerabilities, attacks; how to think like an attacker and a defender
HALDERMAN Thursday, Aug. 31
2. Message Integrity Quiz
Alice and Bob, crypto games, Kerckhoffs’s principle, hashes and MACs
Sep. 1/Sep. 4
Only pre-recorded video Introduce project
Python tutorial
HALDERMAN Tuesday, Sep. 5
3. Randomness and Pseudorandomness Quiz
Generating randomness, PRGs, one-time pads
HALDERMAN Thursday, Sep. 7
4. Confidentiality Quiz
Simple ciphers, AES, block cipher modes
Sep. 8/Sep. 11
Length extension
Hash collisions
HALDERMAN Tuesday, Sep. 12
5. Combining Confidentiality and Integrity Quiz
Confidentiality attacks, authenticated encryption
HALDERMAN Thursday, Sep. 14
6. Key Exchange, Public-Key Cryptography Quiz
Diffie-Hellman, RSA encryption, digital signatures
Sep. 15/Sep. 18
Review Part 1
Padding oracles
Bleichenbacher attacks

Part 2. Web and Network Security

Lectures Lab
ENSAFI Tuesday, Sep. 19
7. The Web Platform Quiz
Intro to the web platform; HTTP, cookies, Javascript, etc.
ENSAFI Thursday, Sep. 21
8. Web Attacks and Defenses Quiz
Cookies; XSS, CSRF, and SQL-injection attacks and defenses
Sep. 22/Sep. 25
Review Crypto Project
Introduce Web Project
SQL tutorial
SQL injection mechanics
HALDERMAN Tuesday, Sep. 26
9. HTTPS and the Web PKI Quiz
The TLS protocol and the CA ecosystem
HALDERMAN Thursday, Sep. 28
10. HTTPS Attacks and Defenses Quiz
Implementation flaws, social engineering attacks, and crypto failures
Sep. 29/Oct. 2
HTML and JavaScript tutorial
XSS and CSRF mechanics
ENSAFI Tuesday, Oct. 3
11. Networking 101 Quiz
Protocol layers, Ethernet, IP, route hijacking, ARP spoofing
ENSAFI Thursday, Oct. 5
12. Networking 102 Quiz
UDP, TCP, and DNS attacks
Oct. 6/Oct. 9
Review Web Project
Introduce Networking Project
Python sockets tutorial
Wireshark tutorial
ENSAFI Tuesday, Oct. 10
13. Network Defense Quiz
Denial of service; firewalls, IDSes, VPNs, zero-trust
ENSAFI Thursday, Oct. 12
14. Authentication and Passwords Quiz
Passwords, online and offline guessing
Oct. 13/Oct. 16
No Lab
Tuesday, Oct. 17
No Lecture
Study break
STAFF Thursday, Oct. 19
Midterm Review Session
Midterm Exam, Friday, Oct. 20, 7–8:30 p.m.
Oct. 20/Oct. 23
No Lab

Part 3. Host and Application Security

Lectures Lab
STAFF Tuesday, Oct. 24
15. Control Hijacking, Part 1 Quiz
Software architecture and a simple buffer overflow
STAFF Thursday, Oct. 26
16. Control Hijacking, Part 2 Quiz
Common exploitable application bugs, shellcode
Oct. 27/Oct. 30
Introduce AppSec Project
Binary exploitation primer
Go over midterm exam
ENSAFI Tuesday, Oct. 31
17. Malware Quiz
Viruses and worms, spyware, key loggers, and botnets; defenses
ENSAFI Thursday, Nov. 2
18. Access Control and Isolation Quiz
Isolation, sandboxing, virtual machines, SGX, containers
Nov. 3/Nov. 6
ROP exploitation
Ghidra tutorial
HALDERMAN Tuesday, Nov. 7
19. Election Cybersecurity Quiz
Vulnerabilities, defenses, policy
Only via Zoom (Check Piazza for link) ENSAFI Thursday, Nov. 9
20. Machine Learning Security
Guest lecture by Kexin Pei
Nov. 10/Nov. 13
Project help
ENSAFI Tuesday, Nov. 14
21. Censorship and Circumvention Quiz
Internet censorship, geoblocking, censorship measurement, circumvention
HALDERMAN Thursday, Nov. 16
22. Digital Forensics Quiz
Data collection, forensic analysis, anti-forensic techniques
Nov. 17/Nov. 20
Review AppSec Project
Introduce Forensics Project
Autopsy tutorial

Part 4. Security in Context

Lectures Lab
ENSAFI Tuesday, Nov. 21
23. Privacy and Anonymity Quiz
Online tracking; Tor, Signal, etc.
Thursday, Nov. 23
No lecture
Thanksgiving break
Nov. 24/Nov. 27
No Lab
Only via Zoom (Check Piazza for link) GUEST Tuesday, Nov. 28
24. Side Channels
Guest Lecture by Andrew Kwong
HALDERMAN Thursday, Nov. 30
25. Physical Security Quiz
Locks and safes, lock picking techniques; defenses
(We recommend attending in person for hands-on demos)
Dec. 1/Dec. 4
Final review, Part 1
STAFF Tuesday, Dec. 5
Final Review, Part 2
Thursday, Dec. 7
Study Day
Tuesday, Dec. 12
Exam Period
Thursday, Dec. 14
Final Exam, 7–9 p.m.