Course Schedule Fall 2019
This schedule is subject to change. Please check back frequently.
Part 1. Security Fundamentals
| Tuesday Lecture | Thursday Lecture | Lab |
|---|---|---|
|
Sep. 3 The security mindset Threat models, vulnerabilities, attacks; how to think like an attacker and a defender Homework 1 available
|
Sep. 5 Message integrity, pseudorandom functions Alice and Bob, crypto games, Kerckhoffs's principle, hashes and MACs |
Introduce Homework 1 Intro and Python tutorial |
Sep. 10 Randomness and pseudorandomness Generating randomness, PRGs, one-time pads Homework 1 due 6pm
Homework 2 available
Crypto Project available
|
Sep. 12 Message confidentiality and block ciphers Simple ciphers, AES, block cipher modes |
Review Homework 1 Introduce Crypto Project Introduce Homework 2 Crypto means cryptography |
Sep. 17 Confidentiality attacks, key exchanges Diffie-Hellman key exchange, man-in-the-middle attacks |
Sep. 19 Public-key crypto RSA encryption, digital signatures, secret sharing |
Project Help |
Part 2. Web and Network Security
| Tuesday Lecture | Thursday Lecture | Lab |
|---|---|---|
|
Sep. 24 Web architecture Intro to the web platform; HTTP, cookies, Javascript, etc. |
Sep. 26 Web attacks and defenses Cookies; XSS, CSRF, and SQL-injection attacks and defenses Crypto Project due 6pm
Web Project available
|
Review Crypto Project Introduce Web Project Web Tutorial |
Oct. 1 HTTPS The SSL/TLS protocol and the CA ecosystem Homework 2 due 6pm
|
Oct. 3 Attacking HTTPS Implementation flaws, social engineering attacks, and crypto failures Homework 3 available
|
Review Homework 2 Introduce Homework 3 Project Help |
Oct. 8 Networking 101 IP, forwarding, routing, DNS, BGP |
Oct. 10 Networking 102 IP, forwarding, routing, DNS, BGP Web Project due 6pm
Networking Project available
|
Introduce Networking Project Review Web Project Project intro and homework help |
Oct. 15 Fall study break |
Oct. 17 Network attacks and defenses Too many to list Homework 3 due 6pm
Homework 4 available
|
Review Homework 3 Introduce Homework 4 Project Help |
Part 3. Host and Application Security
| Tuesday Lecture | Thursday Lecture | Lab |
|---|---|---|
|
Oct. 22 Authentication and passwords Password attacks and defenses, CAPTCHAs, multifactor authentication |
Oct. 24 Control hijacking, Part 1 Software architecture and a simple buffer overflow Networking Project due 6pm
AppSec Project available
|
Review Networking Project Introduce AppSec Project Buffer Overflow Tutorial |
Oct. 29 Control hijacking, Part 2 Common exploitable application bugs, shellcode |
Oct. 31 Digital Forensics Taint and blur, data recovery, incident response Homework 4 due 6pm
|
Review Homework 4 Project Help |
Nov. 5 Election Cybersecurity Analysis, vulnerabilities, viruses, defenses, auditing, policy |
Nov. 7 Isolation and sandboxing Processes, sandboxing, virtual machines, containers, SGX |
Project Help |
Nov. 12 Side-Channel Analysis Timing attacks, power analysis, cold-boot attacks, defenses Homework 5 available
|
Nov. 14 Malware Spyware, ransomware, botnets, viruses, etc.; defenses AppSec Project due 6pm
|
Introduce Homework 5 Review AppSec Project Forensics Tutorial |
Part 4. Security in Context
| Tuesday Lecture | Thursday Lecture | Lab |
|---|---|---|
|
Nov. 19 Cyberconflict The second crypto war, cyberwarfare, advanced persistent threats Forensics Project available
|
Nov. 21 Privacy and anonymity Online tracking and surveillance; defenses: TOR, Signal, etc. |
Introduce Forensics Project Forensics Tutorial |
Nov. 26 Spectre, Meltdown, etc. Hardware vulnerabilities |
Nov. 28 Thanksgiving |
Project Help |
Dec. 3 Physical security Locks and keys, lock picking techniques; defenses Homework 5 due 6pm
|
Dec. 5 Life in the post-Snowden era Government spying and implications for security and crypto |
Review Homework 5 Project Help |
Dec. 10 Final Exam Review TA led exam review session Forensics Project due 6pm
|
Dec. 12 Final Exam Study Day |
Review Forensics Project No Lab or Classes – Study! |