Course Schedule Winter 2024
Part 1. Security Fundamentals
Lectures | Lab | |
---|---|---|
HONEYMAN
Wednesday, Jan. 10 1. The Security Mindset Quiz Threat models, vulnerabilities, attacks; how to think like an attacker and a defender |
Jan. 11/Jan. 12 No Lab |
|
Monday, Jan. 15 No Lecture, MLK Day |
GRUBBS
Wednesday, Jan. 17 2. Message Integrity Quiz Alice and Bob, crypto games, Kerckhoffs’s principle, hashes and MACs |
Jan. 18/Jan. 19 Introduce project Python tutorial |
GRUBBS
Monday, Jan. 22 3. Randomness and Pseudorandomness Quiz Generating randomness, PRGs, one-time pads |
GRUBBS
Wednesday, Jan. 24 4. Confidentiality Quiz Simple ciphers, AES, block cipher modes |
Jan. 25/Jan. 26 Length extension Hash collisions |
GRUBBS
Monday, Jan. 29 5. Combining Confidentiality and Integrity Quiz Confidentiality attacks, authenticated encryption |
GRUBBS
Wednesday, Jan. 31 6. Key Exchange, Public-Key Cryptography Quiz Diffie-Hellman, RSA encryption, digital signatures |
Feb. 1/Feb. 2 Review Part 1 Padding oracles Bleichenbacher attacks |
Part 2. Web and Network Security
Lectures | Lab | |
---|---|---|
HONEYMAN
Monday, Feb. 5 7. The Web Platform Quiz Intro to the web platform; HTTP, cookies, Javascript, etc. |
HONEYMAN
Wednesday, Feb. 7 8. Web Attacks and Defenses Quiz Cookies; XSS, CSRF, and SQL-injection attacks and defenses |
Feb. 8/Feb. 9 Review Crypto Project Introduce Web Project SQL tutorial SQL injection mechanics |
HONEYMAN
Monday, Feb. 12 9. HTTPS and the Web PKI Quiz The TLS protocol and the CA ecosystem |
GUEST
Wednesday, Feb. 14 10. HTTPS Attacks and Defenses Quiz Implementation flaws, social engineering attacks, and crypto failures |
Feb. 15/Feb. 16 HTML and JavaScript tutorial XSS and CSRF mechanics |
HONEYMAN
Monday, Feb. 19 11. Networking 101 Quiz Protocol layers, Ethernet, IP, route hijacking, ARP spoofing |
HONEYMAN
Wednesday, Feb. 21 12. Networking 102 Quiz UDP, TCP, and DNS attacks |
Feb. 22/Feb. 23 Review Web Project Introduce Networking Project Python sockets tutorial Wireshark tutorial |
Monday, Feb. 26 Spring Break |
Wednesday, Feb. 28 Spring Break |
Feb. 29/Mar. 1 Spring Break |
HONEYMAN
Monday, Mar. 4 13. Network Defense Quiz Denial of service; firewalls, IDSes, VPNs, zero-trust |
STAFF
Wednesday, Mar. 6 Midterm Review Session |
Mar. 7/Mar. 8 No Lab |
Friday, Mar. 8 Midterm Exam, Friday, Mar. 8, 7–9 p.m.
|
Part 3. Host and Application Security
Lectures | Lab | |
---|---|---|
HONEYMAN
Monday, Mar. 11 15. Authentication and Passwords Quiz Passwords, online and offline guessing |
STAFF
Wednesday, Mar. 13 16. Control Hijacking, Part 1 Quiz Software architecture and a simple buffer overflow |
Mar. 14/Mar. 15 Introduce AppSec Project Binary exploitation primer |
STAFF
Monday, Mar. 18 17. Control Hijacking, Part 2 Quiz Common exploitable application bugs, shellcode |
HONEYMAN
Wednesday, Mar. 20 18. Malware Quiz Viruses and worms, spyware, key loggers, and botnets; defenses |
Mar. 21/Mar. 22 Shellcode ROP exploitation Ghidra tutorial Go over midterm exam |
Part 4. Security in Context
Lectures | Lab | |
---|---|---|
HONEYMAN
Monday, Mar. 25 19. Access Control and Isolation Quiz Isolation, sandboxing, virtual machines, SGX, containers |
HONEYMAN
Wednesday, Mar. 27 20. Steganography Hiding data in plain sight |
Mar. 28/Mar. 29 Project help |
GRUBBS
Monday, Apr. 1 21. Digital Forensics Quiz Data collection, forensic analysis, anti-forensic techniques |
TBD
Wednesday, Apr. 3 22. Censorship and Circumvention Quiz Internet censorship, geoblocking, censorship measurement, circumvention Forensics Project available
Lab 5 available
|
Apr. 4/Apr. 5 Review AppSec Project Introduce Forensics Project Autopsy tutorial |
Monday, Apr. 8 No Lecture, Total Solar Eclipse |
GRUBBS
Wednesday, Apr. 10 23. Machine Learning Security |
Apr. 11/Apr. 12 Discuss Privacy and Anonymity |
GRUBBS
Monday, Apr. 15 24. Side Channels Quiz Timing attacks, cache attacks, etc. |
GRUBBS
Wednesday, Apr. 17 25. Physical Security Quiz Locks and safes, lock picking techniques; defenses (We recommend attending in person for hands-on demos) Lab 5 due 6 p.m.
|
Apr. 18/Apr. 19 Final review, Part 1 |
STAFF
Monday, Apr. 22 Final Review, Part 2 |
Wednesday, Apr. 24 Study Day Forensics Project due 6 p.m.
|
|
Monday, Apr. 29 Study Day Final Exam, Friday, April 26th at 7–9 p.m.
|