Schedule for CSE 565 (A) Computer Security (Spring 2025)

Back to course page

[Status: Draft; Subject to change]

For the abbreviation of recommend readings, see the Textbook section in the course page.

Date Topic Note Assignment Release
(00:00 EST time)
Assignment Deadline
(23:59 EST time)
Thu 01/23 Syllabus, Policy, and Course overview [slides];
[SB] Chap 1; [An] Chap 1-2, 4;
The Security Mindset by Bruce Schneier
Tue 01/28 Cryptography I: Overview; Algorithm analysis & discrete probability recap; [slides];
[SB] Chap 2.1 & 20.1; [An] Chap 5.1-5.2; [FS] Chap 1-2
Thu 01/30 Cryptography II: Symmetric Encryption: Stream Ciphers & Block Ciphers overview slides;
[SB] Chap 20.4; [An] Chap 5.4;
Communication Theory of Secrecy Systems by Shannon
Tue 02/04 Cryptography III: Symmetric Encryption: Block Ciphers; DES & AES; Block Cipher modes. [slides];
[SB] Chap 20.2, 20.3, 20.5; [An] Chap 5.5; [FS] Chap 3-4
HW1 & Lab1 release
Thu 02/06 Cryptography IV: Message Integrity; Authenticated Encryption; Hash Functions [slides];
[SB] Chap 21.1 - 21.3; [An] Chap 5.6; [FS] Chap 5-6
Tue 02/11 Cryptography V: Key Exchange; Public Key algorithms; Digital signature; Certificate. [slides];
[SB] Chap 21.4 - 21.5; [An] Chap 5.7; [FS] Chap 11-12; New Directions in Cryptography by Whitfield Diffie and Martin E. Hellman
Thu 02/13 Authentication I: Password-based Auth [slides];
[SB] Chap 3; [An] Chap 4.1-4.3
Tue 02/18 Authentication II: Token & Biometric-based Auth [slides];
[SB] Chap 3; [An] Chap 17
HW1 & Lab1 Due (02/19)
Thu 02/20 Access Control I [slides];
[SB] Chap 4.1-4.4; [An] Chap 6.2
Tue 02/25 Access Control II [slides];
[SB] Chap 4.5-4.10; [An] Chap 9
HW2 & Lab2 Release
Thu 02/27 Web Security I: HTTP Basics; Cookies & Sessions; Same-Origin Policy. [slides];
[Du] Chap 11; Browser Security Handbook by Google
Tue 03/04 Web Security II: Same-Origin Policy Cont'; Cross-Site Request Forgery (CSRF); Cross-Site Scripting (XSS) [slides];
[Du] Chap 12-13
Thu 03/06 Web Security III: Command Injection; SQL Injection. [slides];
[Du] Chap 14; [SB] Chap 5.1-5.4
Hacking Google Bard
Tue 03/11 Midterm Review [slides] HW2 & Lab2 Due
Thu 03/13 (In Class) Midterm Exam
Tue 03/18 Spring break: No class
Thu 03/20 Spring break: No class
Tue 03/25 Network Security I: Basic Concepts; Ethernet; IP; ARP. [slides];
[Du] Chap 19
Thu 03/27 Network Security II: TCP and DNS [slides];
[Du] Chap 20, 23;
Security problems in the TCP/IP protocol suite by Steven Bellovin;
A Look Back at "Security Problems in the TCP/IP Protocol Suite by Steven Bellovin;
SAD DNS Explained
HW3 & Lab3 Release
Tue 04/01 Network Security III: DDoS [slides];
[SB] Chap 7; IP spoofing for large DDoS
Thu 04/03 Network Security IV: Network Defense: IPSec, VPN, TLS, and Firewall [slides];
TLS illustrated;
The TLS chapter of HPBN book;
[SB] Chap 8-9; [Du] Chap 21, 22
Tue 04/08 Network Security V: Privacy and Anonymity [slides];
[ Tor paper ]; [ The AdTech Book ];
The Off-the-Record Communication paper, and an expository blog post;
SoK: Secure Messaging
Thu 04/10 Software Security I: Linux Process Basics [slides];
[Du] Chap 1; What Every Programmer Should Know About Memory
HW3 & Lab3 Due
Tue 04/15 Software Security II: Assembly basics and Intro to Memory Errors [slides]; [Du] Chap 3-4; The SoK paper; What Every Programmer Should Know About Memory HW4 & Lab4 Release
Thu 04/17 Software Security III: Stack-based Buffer Overflow [slides];
[Du] Chap 4; The Stack smashing paper;
Buffer Overflows: Attacks and Defenses for the Vulnerability of the Decade
Tue 04/22 Software Security IV: Return-Oriented Programming (ROP) [slides];
[Du] Chap 5;
ROP paper I
Thu 04/24 Software Security V: Return-Oriented Programming Cont' [slides];
[Du] Chap 5;
ROP paper II;
Blind ROP
Tue 04/29 Micro-architecture Security I: Basics [slides];
[Du] Chap 17;
Tutorials by Intel: I, II
HW4 & Lab4 Due
Thu 05/01 Micro-architecture Security II: Meltdown and Spectre. [slides];
[Du] Chap 17, 18; Meltdown and Spectre paper
Tue 05/06 Final Review
Tue 05/13 Final Exam Time: 8:00-11:00 AM. Location: Davis 101