This schedule is subject to change. Please check back frequently.
Following lecture, we recommend reviewing the provided Supplemental Content (book sections , articles , podcasts , and videos ) to further your understanding of the lecture material. To access these, toggle the ▶ button located beneath each lecture description.
Tuesday Meeting | Thursday Meeting | Weekly Quiz |
---|---|---|
Aug. 20 Course Intro & The Security Mindset Threats, vulnerabilities, attacks, and defenses. Supplemental Content: |
Aug. 22 Course Setup and Python Review VM setup, Python fundamentals, debugging code. Supplemental Content: Finish registering your PollEverywhere account
|
Due 8/26 via Grade scope |
Tuesday Meeting | Thursday Meeting | Weekly Quiz |
---|---|---|
Aug. 27 Message Integrity Kerckhoffs's principles, PRFs, hashes, MACs. Supplemental Content: Crypto Project released
|
Aug. 29 Message Confidentiality Caesar and Vigenère ciphers, cryptanalysis. Supplemental Content: |
Due 9/02 via Grade scope |
Sep. 03 Improved Cipher Designs PRGs, serial and transposition ciphers, cipher metrics. Supplemental Content: |
Sep. 05 Block Ciphers Block ciphers, DES, AES, secure channels. Supplemental Content: |
Due 9/09 via Grade scope |
Sep. 10 Public Key Crypto Key exchange, RSA, attacks, key management. Supplemental Content: |
Sep. 12 Security in Practice: Cryptocurrency Decentralized digital currency. Supplemental Content: |
Due 9/16 via Grade scope |
Tuesday Meeting | Thursday Meeting | Weekly Quiz |
---|---|---|
Sep. 17 All About Applications Process execution, virtual memory, and the stack. Supplemental Content: AppSec Project released
|
Sep. 19 Attacking Applications Redirecting execution, shellcode, exploit writing. Supplemental Content: Crypto Project due by 11:59pm via Canvas
|
Due 9/23 via Grade scope |
Sep. 24 Defending Applications ASLR, DEP, and workarounds; secure coding practices. Supplemental Content: |
Sep. 26 Automated Bug Finding (guest lecture) Fuzzing, symbolic execution, taint tracking. Supplemental Content: |
Due 9/30 via Grade scope |
Oct. 01 Access Control and Isolation Permissions, sandboxing, containers, virtual machines. Supplemental Content: |
Oct. 03 Security in Practice: Malware Viruses, worms, spyware, botnets, and defenses. Supplemental Content: |
Due 10/14 via Grade scope |
Oct. 08 No Class (Fall break) |
Oct. 10 No Class (Fall break) |
No Quiz |
Tuesday Meeting | Thursday Meeting | Weekly Quiz |
---|---|---|
Oct. 15 The Web Platform HTTP and HTML, cookies, JavaScript, and SQL. Supplemental Content: WebSec Project released
|
Oct. 17 Web Attacks and Defenses SQL injection, CSRF and XSS attacks, and defenses. Supplemental Content: AppSec Project due by 11:59pm via Canvas
|
Due 10/21 via Grade scope |
Oct. 22 Client-side Web Security and HTTPS Sandboxing, Same Origin Policy, SSL/TLS, certificates. Supplemental Content: |
Oct. 24 Networking 101 The physical, link, network, transport, and app layers. Supplemental Content: |
Due 10/28 via Grade scope |
Oct. 29 Attacking Network Applications HTML injection, E-mail spoofing, DNS hijacking, packets. Supplemental Content: |
Oct. 31 Denial of Service Attacks Botnets and DDoS; SYN, ICMP, and ARP attacks. Supplemental Content: |
Due 11/04 via Grade scope |
Nov. 05 Secure Authentication Multi-factor authentication, passwords, rainbow tables. Supplemental Content: NetSec Project released
|
Nov. 07 Security in Practice: Tor Privacy, anonymity, and censorship resistance. Supplemental Content: WebSec Project due by 11:59pm via Canvas
|
Due 11/11 via Grade scope |
Tuesday Meeting | Thursday Meeting | Weekly Quiz |
---|---|---|
Nov. 12 Software Reverse Engineering Binary disassembly, decompilation, and rewriting. Supplemental Content: |
Nov. 14 Adversarial Machine Learning (guest lecture) Evasion and data poisoning attacks, ML ethics. Supplemental Content: |
Due 11/18 via Grade scope |
Nov. 19 Side Channels and Hardware Side channel attacks, hardware supply chain attacks. Supplemental Content: |
Nov. 21 Election Cybersecurity Computerized voting systems, attacks and defenses. Supplemental Content: Practice Exam released
|
Due 12/02 via Grade scope |
Nov. 26 No Class (Thanksgiving Break) |
Nov. 28 No Class (Thanksgiving Break) |
No Quiz |
Tuesday Meeting | Thursday Meeting | Weekly Quiz |
---|---|---|
Dec. 03 What's Next? Life After CS 4440 Bug bounties, CTF, cybersecurity careers. |
Dec. 05 Final Exam Review Session Practice exam solutions discussed in-class. NetSec Project due by 11:59pm via Canvas
|
No Quiz |