[Status: Draft; Subject to change]
For the abbreviation of recommend readings, see the Textbook section in the course page.
Date | Topic | Note | Assignment Release (00:00 EST time) |
Assignment Deadline (23:59 EST time) |
---|---|---|---|---|
Thu 01/23 | Syllabus, Policy, and Course overview | [slides]; [SB] Chap 1; [An] Chap 1-2, 4; The Security Mindset by Bruce Schneier |
||
Tue 01/28 | Cryptography I: Overview; Algorithm analysis & discrete probability recap; | [slides]; [SB] Chap 2.1 & 20.1; [An] Chap 5.1-5.2; [FS] Chap 1-2 |
||
Thu 01/30 | Cryptography II: Symmetric Encryption: Stream Ciphers & Block Ciphers overview | slides; [SB] Chap 20.4; [An] Chap 5.4; Communication Theory of Secrecy Systems by Shannon |
||
Tue 02/04 | Cryptography III: Symmetric Encryption: Block Ciphers; DES & AES; Block Cipher modes. | [slides]; [SB] Chap 20.2, 20.3, 20.5; [An] Chap 5.5; [FS] Chap 3-4 |
HW1 & Lab1 release | |
Thu 02/06 | Cryptography IV: Message Integrity; Authenticated Encryption; Hash Functions | [slides]; [SB] Chap 21.1 - 21.3; [An] Chap 5.6; [FS] Chap 5-6 |
||
Tue 02/11 | Cryptography V: Key Exchange; Public Key algorithms; Digital signature; Certificate. | [slides]; [SB] Chap 21.4 - 21.5; [An] Chap 5.7; [FS] Chap 11-12; New Directions in Cryptography by Whitfield Diffie and Martin E. Hellman |
||
Thu 02/13 | Authentication I: Password-based Auth | [slides]; [SB] Chap 3; [An] Chap 4.1-4.3 |
||
Tue 02/18 | Authentication II: Token & Biometric-based Auth | [slides]; [SB] Chap 3; [An] Chap 17 |
HW1 & Lab1 Due (02/19) | |
Thu 02/20 | Access Control I | [slides]; [SB] Chap 4.1-4.4; [An] Chap 6.2 |
||
Tue 02/25 | Access Control II | [slides]; [SB] Chap 4.5-4.10; [An] Chap 9 |
HW2 & Lab2 Release | |
Thu 02/27 | Web Security I: HTTP Basics; Cookies & Sessions; Same-Origin Policy. | [slides]; [Du] Chap 11; Browser Security Handbook by Google |
||
Tue 03/04 | Web Security II: Same-Origin Policy Cont'; Cross-Site Request Forgery (CSRF); Cross-Site Scripting (XSS) | [slides]; [Du] Chap 12-13 |
||
Thu 03/06 | Web Security III: Command Injection; SQL Injection. | [slides]; [Du] Chap 14; [SB] Chap 5.1-5.4 Hacking Google Bard |
||
Tue 03/11 | Midterm Review | [slides] | HW2 & Lab2 Due | |
Thu 03/13 | (In Class) Midterm Exam | |||
Tue 03/18 | Spring break: No class | |||
Thu 03/20 | Spring break: No class | |||
Tue 03/25 | Network Security I: Basic Concepts; Ethernet; IP; ARP. | [slides]; [Du] Chap 19 |
||
Thu 03/27 | Network Security II: TCP and DNS | [slides]; [Du] Chap 20, 23; Security problems in the TCP/IP protocol suite by Steven Bellovin; A Look Back at "Security Problems in the TCP/IP Protocol Suite by Steven Bellovin; SAD DNS Explained |
HW3 & Lab3 Release | |
Tue 04/01 | Network Security III: DDoS | [slides]; [SB] Chap 7; IP spoofing for large DDoS |
||
Thu 04/03 | Network Security IV: Network Defense: IPSec, VPN, TLS, and Firewall | [slides]; TLS illustrated; The TLS chapter of HPBN book; [SB] Chap 8-9; [Du] Chap 21, 22 |
||
Tue 04/08 | Network Security V: Privacy and Anonymity | [slides]; [ Tor paper ]; [ The AdTech Book ]; The Off-the-Record Communication paper, and an expository blog post; SoK: Secure Messaging |
||
Thu 04/10 | Software Security I: Linux Process Basics | [slides]; [Du] Chap 1; What Every Programmer Should Know About Memory |
HW3 & Lab3 Due | |
Tue 04/15 | Software Security II: Assembly basics and Intro to Memory Errors | [slides]; [Du] Chap 3-4; The SoK paper; What Every Programmer Should Know About Memory | HW4 & Lab4 Release | |
Thu 04/17 | Software Security III: Stack-based Buffer Overflow | [slides]; [Du] Chap 4; The Stack smashing paper; Buffer Overflows: Attacks and Defenses for the Vulnerability of the Decade |
||
Tue 04/22 | Software Security IV: Return-Oriented Programming (ROP) | [slides]; [Du] Chap 5; ROP paper I |
||
Thu 04/24 | Software Security V: Return-Oriented Programming Cont' | [slides]; [Du] Chap 5; ROP paper II; Blind ROP |
||
Tue 04/29 | Micro-architecture Security I: Basics | [slides]; [Du] Chap 17; Tutorials by Intel: I, II |
HW4 & Lab4 Due | |
Thu 05/01 | Micro-architecture Security II: Meltdown and Spectre. | [slides]; [Du] Chap 17, 18; Meltdown and Spectre paper |
||
Tue 05/06 | Final Review | |||
Tue 05/13 | Final Exam | Time: 8:00-11:00 AM. Location: Davis 101 |