Syllabus

Date
Topics
Jan 6 Intro/Threat Modeling
Optional reading: James Mickens' This World of Ours and USENIX Security 2018 Keynote
Assignment 1: Intro
Jan 8 Buffer overflow attacks
Reading: Aleph One's Smashing the Stack for Fun and Profit
Optional reading: 0x300-0x320 from Hacking. 0x200-0x270 if you don't have a strong C background.
Jan 13 Buffer overflow defenses (Stack canaries/W^X/ASLR)
Reading: Eternal War in Memory by Szekeres et al., ASLR, and NOEXEC
Assignment 2: Buffer overflows
Jan 15 More memory safety attacks and defenses
Reading: The Geometry of Innocent Flesh on the Bone:Return-into-libc without Function Calls (on the x86) by Shacham and Control-Flow Integrity by Abadi et al.
Jan 20 Martin Luther King, Jr. Holiday
Jan 22 More memory safety attacks and defenses (cont)
Jan 27 Isolation and side channels
Reading: Efficient Cache Attacks on AES, and Countermeasures by Tromer, Osvik, and Shamir.
Assignment 3: Side channels
Jan 29 Web security model
Feb 3 Web attacks and defenses
Assignment 4: Web
Feb 5 Modern client-side web defenses
Feb 10 Midterm review
Feb 12 Midterm
Feb 17 Presidents' Day Holiday
Feb 19 Network intro
Assignment 5: Networks
Feb 24 Network attacks
Feb 26 Network defenses
Mar 2 Symmetric-key crypto
Mar 5 Public-key crypto (TLS and PKI)
Assignment 6: Crypto
Mar 9 Side channels
Mar 11 Privacy/Anonymity