| Jan 7 |
Overview and introduction
Optional reading: Chapter 0x200 of Hacking |
| Jan 9 |
Security foundations
Reading: Thompson's Reflections on Trusting Trust, Ch 1, and Ch 4.1-4.2 |
| Jan 14 |
Security foundations (in-class discussion) Kirill's slides |
| Jan 16 |
Stack buffer-overflows
Reading: Aleph One's Smashing the Stack for Fun and Profit
Optional reading: 0x300-0x320 from Hacking. 0x200-0x270 if you don't have a strong C background. |
| Jan 21 |
MLK - no class |
| Jan 23 |
ASLR and W^X
Reading: Eternal War in Memory by Szekeres et al., ASLR, and NOEXEC |
| Jan 28 |
Return-oriented programming
Reading: On the Effectiveness of Address-Space Randomization by Shacham et al., The Geometry of Innocent Flesh on the Bone: Return-into-libc without Function Calls (on the x86) by Shacham, and Hacking BLind by Bittau et al. |
| Jan 30 |
Control flow integrity
Reading: Control-Flow Integrity by Abadi et al., Control-Flow Bending: On the Effectiveness of Control-Flow Integrity by Carlini et al. and Control-Flow Integrity: Precision, Security, and Performance by Burow et al. |
| Feb 4 |
Memory safety
Reading: SoftBound: Highly Compatible and CompleteSpatial Memory Safety for C by Nagarakatte et al., Oscar: A Practical Page-Permissions-Based Scheme for Thwarting Dangling Pointers by Dang et al., and Bringing Memory Safety to WebAssembly by Disselkoen et al. |
| Feb 6 |
Least privilege and privilege separation
Reading: Operating Systems Security by Jaeger |
| Feb 11 |
Isolation and short review
Reading: Efficient Software-Based Fault Isolation by Wahbe et al. |
| Feb 12 |
Midterm review |
| Feb 13 |
Midterm exam (in-class) |
| Feb 18 |
President's day - no class |
| Feb 20 |
Page tables, VMs, and side channels
Reading: Remote Timing Attacks are Practical by Brumley and Boneh |
| Feb 25 |
Web security model and CSRF
Reading: CSRF and Same Origin Policy
Lecture code: CSRF simple app |
| Feb 27 |
CSRF, XSS, SQLi
Reading: XSS Game and SQL Injection |
| Mar 4 |
Modern client-side security mechanisms
Reading CSP, iframe sandbox, CORS, SRI, Mixed content, Busting Frame Busting:a Study of Clickjacking Vulnerabilities on Popular Site by Rydstedt et al. |
| Mar 6 |
Intro to cryptography
Reading: Security Engineering, Ch 5, BREACH |
| Mar 11 |
PKI, HTTPS, and CT
Reading: Ten Risks of PKI by Ellison and Schneier, Towards Short-Lived Certificates by Topalovic et al., The New Illustrated TLS Connection, CT log searches, and CRLite: a Scalable System for Pushing all TLS Revocations to All Browsers by Larisch et al. |
| Mar 13 |
Network security
Reading: A Look Back at Security Problems in the TCP/IP Protocol Suite by Bellovin, An Illustrated Guide to the Kaminsky DNS Vulnerability by Friedl |
| Mar 20 |
Final exam in Solis 104 @ 7-10PM |