This schedule may change as the course progresses.
| Monday |
Tuesday |
Wednesday |
Thursday |
Friday |
Jan 17
Martin Luther King Day
|
Jan 18: Course Introduction
LEC 1: Overview of the Course
Readings:
Information Security (Wikipedia)
|
Jan 19 |
Jan 20: Cryptography
LEC 2: Terminology & Classic Ciphers
Readings:
Cryptography,
One-Time Pad,
Information Theoretic Security
|
Jan 21 |
| Jan 24 |
Jan 25: Cryptography
LEC 3: Stream Ciphers, Block Ciphers, Perfect Secrecy, and IND-CPA Security
Readings:
Stream Cipher,
Pesudo-random Number Generator,
Initial Vector,
Semantic Security,
Block Cipher,
Block Cipher Modes of Operation,
Data Encryption Standard,
Advanced Encryption Standard
|
Jan 26 |
Jan 27: Cryptography
LEC 4: Cryptographic Hash Functions and Message Authentication Code
Readings:
Cryptographic Hash Function,
Message Authentication Code
|
Jan 28 |
| Jan 31 |
Feb 1: Cryptography
LEC 5: Public Key Encryption and Digital Signatures
Readings:
Public Key Cryptography,
New Directions in Cryptography
|
Feb 2 |
Feb 3
Class Cancelled (Weather Closing)
|
Feb 4 |
| Feb 7 |
Feb 8: Cryptography
LEC 5: Public Key Encryption and Digital Signatures
Readings:
RSA,
Diffie-Hellman,
ElGamal
|
Feb 9 |
Feb 10: Security Basics
LEC 6: User Authentication
Readings:
Password,
Password Strength,
Password Cracking,
Password Salts,
Trusted Path,
One-time Password
|
Feb 11
DUE: Homework 1 (11:59pm)
|
| Feb 14 |
Feb 15: Security Basics
LEC 7: Operating Systems Security Basics & UNIX Access Control
Readings:
Section IA of The Protection of Information in Computer Systems,
CPU Modes,
System Call,
File-system Permissions,
UNIX File and Directory Permissions and Modes,
Unix File Permissions
|
Feb 16 |
Feb 17: Security Basics / Software Security I
LEC 7: Operating Systems Security Basics & UNIX Access Control
LEC 8: Software Vulnerabilities
|
Feb 18 |
| Feb 21 |
Feb 22: Software Security I
LEC 8: Software Vulnerabilities
Readings:
Privilege Escalation,
Directory Traversal,
Time-of-Check-to-Time-of-Use,
Stack Buffer Overflow,
Buffer Overflow Protection,
Format String Attack,
Integer Overflow,
Smashing The Stack For Fun And Profit by Aleph One
|
Feb 23 |
Feb 24
Class Cancelled (Weather Closing)
|
Feb 25 |
Feb 28
DUE: Homework 2 (11:59pm)
|
Mar 1: Software Security I
LEC 8: Software Vulnerabilities
|
Mar 2 |
Mar 3: Malware
LEC 9: Malwares
Readings: Malware,
Computer Virus, Computer Worm,
Botnet, Spyware,
Rootkit
|
Mar 4 |
| Mar 7 |
Mar 8: Malware
LEC 9: Malwares
|
Mar 9 |
Mar 10: Mid-term Exam (10-11:15am, ECSW 1.365)
|
Mar 11 |
Mar 14
Spring Break
|
Mar 15
Spring Break
|
Mar 16
Spring Break
|
Mar 17
Spring Break
|
Mar 18
Spring Break
|
| Mar 21 |
Mar 22: Software Security II
LEC 10: Software Security Analysis
Readings:
Basic Block,
Control-Flow Graph,
Dependency Graph,
Call Graph,
Static Program Analysis,
Dynamic Program Analysis,
Fuzzing,
Taint Checking
|
Mar 23 |
Mar 24: Software Security II
LEC 10: Software Security Analysis
|
Mar 25
DUE: Project 1 (11:59pm)
|
| Mar 28 |
Mar 29: Web Security
LEC 11: Web Security
Readings:
HTTP Cookie,
Same Origin Policy,
Cross Site Scripting, Cross Site Request Forgery,
SQL Injection
|
Mar 30 |
Mar 31: Web Security
LEC 11: Web Security
|
Apr 1 |
| Apr 4 |
Apr 5: Secure Communication
LEC 12: Key Distribution & Agreement, Secure Communication
Readings:
Needham-Schroeder Protocol,
Public Key Certificate,
Transport Layer Security,
HTTPS
|
Apr 6 |
Apr 7: Web Security
Tutorial: Project 3
Tutorial: PHP
|
Apr 8 |
Apr 11
DUE: Project 2 (11:59pm)
|
Apr 12: Malware Defense & Secure Software
LEC 13: Malware Defense & Secure Software
|
Apr 13 |
Apr 14: Malware Defense & Secure Software
LEC 13: Malware Defense & Secure Software
|
Apr 15 |
| Apr 18 |
Apr 19: Access Control Models
LEC 14: Access Control Models
Readings:
Discretionary Access Control,
Confused Deputy,
Bell-LaPadula Model,
Looking Back at the Bell-La Padula Model,
Non-interference,
Security Policies and Security Models,
Biba Model,
Security Models and Information Flow
|
Apr 20 |
Apr 21: Access Control Models
LEC 14: Access Control Models
|
Apr 22 |
| Apr 25 |
Apr 26: Access Control Models
LEC 14: Access Control Models
|
Apr 27 |
Apr 28: Data Privacy
LEC 15: Data Privacy
Readings:
k-anonymity,
l-diversity,
t-closeness
|
Apr 29
DUE: Project 3 (11:59pm)
|
| May 2 |
May 3: Trusted Computing
LEC 16: Trusted Computing
Readings:
Trusted Computing Base,
Trusted Computing,
Microkernel,
Hypervisor,
Trusted Platform Module,
Trusted Execution Environment,
Intel SGX Explained,
ARM TrustZone Explained
|
May 4 |
May 5
Last Day of Classes (No Class)
|
May 6 |
| May 9 |
May 10
Final Exam Period (No Class)
|
May 11 |
May 12: Final Exam (11am-1pm, ECSW 1.365)
|
May 13
DUE: Homework 3 (Optional, 11:59pm)
|