Syllabus
| Date | |
|---|---|
| Sep 30 | Intro/Threat Modeling Optional reading: James Mickens' This World of Ours and USENIX Security 2018 Keynote |
| Assignment 1: Intro | |
| Oct 2 | Buffer overflow attacks Reading: Aleph One's Smashing the Stack for Fun and Profit Optional reading: 0x300-0x320 from Hacking. 0x200-0x270 if you don't have a strong C background. |
| Oct 7 | Buffer overflow defenses (Stack canaries/W^X/ASLR) Reading: Eternal War in Memory by Szekeres et al., ASLR, and NOEXEC |
| Assignment 2: Buffer Overflows | |
| Oct 9 | More memory safety attacks and defenses |
| Oct 14 | OS Security/Isolation |
| Assignment 3: Side Channels | |
| Oct 16 | Malware |
| Oct 21 | Web security model |
| Oct 23 | Web attacks and defenses |
| Assignment 4: Web | |
| Oct 28 | Modern client-side web defenses |
| Oct 30 | Midterm |
| Nov 4 | Network intro |
| Nov 6 | Network attacks |
| Assignment 5: Networks | |
| Nov 11 | Veterans day (no class) |
| Nov 13 | Network defenses |
| Nov 18 | Symmetric-key crypto |
| Nov 20 | Public-key crypto |
| Nov 25 | TLS and PKI |
| Nov 27 | Side channels |
| Assignment 6: Crypto | |
| Dec 2 | Privacy/Anonymity |
| Dec 4 | Ethics/Law/Policy |