Syllabus
Date |
Topic |
---|---|
Sept 24 | Intro and Overview Note: no discussion section on Monday 9/26. |
Sep 29 |
Security Principals Go watch Johnny Long's No Tech Hacking talk. |
Oct 1 |
Basic Cryptography I Read Anderson's Security Engineering chapter on cryptography. Finish by next Tuesday. |
Oct 6 |
Asymmetric Crypto (guest lecture: Kirill Levchenko) |
Oct 8 |
Authentication and key distribution |
Oct 13 |
User authentication Read Anderson's Security Engineering chapter on Usability and Psychology. |
/td>
Oct 15 |
Side Channels |
Oct 20 |
Software Security I
Start reading Erlingsson et al's "Low-level Software Security by Example" Optional, Smashing the Stack for Fun and Profit by Aleph One. |
Oct 22 |
Software Security II |
Oct 27 |
Web Security I: SQL injection |
Oct 29 |
Midterm today (here is a sample midterm with solutions) |
Nov 3 |
Web Security II: XSS, CSRF |
Nov 10 |
Malware I: Viruses
Read Anderson's Security Engineering section 21.3 in the Chapter on Network Attack and Defense. |
Nov 10 |
Malware II: Worms and Botnets |
Nov 12 |
Network security I |
Nov 17 |
Network security II |
Nov 19 |
Botnets and Internet criminology |
Nov 26 |
Thanksgiving Holiday. No class |
Dec 1 |
Botnets and Internet criminology (cont) |
Dec 3 |
Covert Channels and Information Hiding |
Dec 7 |
Final. Will focus on second half of course (since midterm) but questions can touch on entire course material. Sample final with solutions here |