LEC # | TOPICS | KEY DATES |
---|---|---|
1 | Introduction, Threat Models | Lab 1 out |
2 | Control Hijacking Attacks | |
3 | Buffer Overflow Exploits and Defenses | Lab 1 (parts 1 and 2) due two days after Lec 3 |
4 | Privilege Separation | |
5 | Guest Lecture: Paul Youn from iSEC Partners |
Lab 2 out Lab 1 due two days after Lec 5 |
6 | Capabilities | |
7 | Sandboxing Native Code | Lab 2 (part 1) due two days after Lec 7 |
8 | Web Security Model | |
9 | Securing Web Applications | Lab 2 (parts 2 and 3) due two days after Lec 9 |
10 | Symbolic Execution |
Lab 3 out Lab 2 due two days after Lec 10 |
11 | Ur / Web |
Lab 7 (Final Project) out Lab 3 (part 1) due two days after Lec 11 |
12 | Network Security | |
13 | Network Protocols |
Lab 4 out Lab 3 due two days after Lec 13 |
14 | SSL and HTTPS | Lab 5 out |
Quiz 1 |
Covers lectures 1–14 and labs 1–3 Open Book and Notes |
Lab 4 due two days after Quiz 1 Final Project Proposal Due two days after Quiz 1 |
15 | Medical Software | |
16 | Side-Channel Attacks | Lab 6 out |
17 | User Authentication | Lab 5 due two days after Lec 17 |
18 | Private Browsing | |
19 | Anonymous Communication |
Lab 6 due two days after Lec 19 Final Project Status Update due two days after Lec 19 |
20 | Mobile Phone Security | |
21 | Data Tracking | |
Quiz 2 |
Covers lectures 15–21 and labs 4–6 Open Book and Notes | |
22 | Guest Lecture: Mark Silis and David LaPorte from MIT IS&T | |
23 | Security Economics | |
24 | Project Presentations | Final Project Writeup and Code due two days after Lec 24 |