Calendar

LEC # TOPICS KEY DATES
1 Introduction, Threat Models Lab 1 out
2 Control Hijacking Attacks  
3 Buffer Overflow Exploits and Defenses Lab 1 (parts 1 and 2) due two days after Lec 3
4 Privilege Separation  
5 Guest Lecture: Paul Youn from iSEC Partners

Lab 2 out

Lab 1 due two days after Lec 5

6 Capabilities  
7 Sandboxing Native Code Lab 2 (part 1) due two days after Lec 7
8 Web Security Model  
9 Securing Web Applications Lab 2 (parts 2 and 3) due two days after Lec 9
10 Symbolic Execution

Lab 3 out

Lab 2 due two days after Lec 10

11 Ur / Web

Lab 7 (Final Project) out

Lab 3 (part 1) due two days after Lec 11

12 Network Security  
13 Network Protocols

Lab 4 out

Lab 3 due two days after Lec 13

14 SSL and HTTPS Lab 5 out
Quiz 1

Covers lectures 1–14 and labs 1–3

Open Book and Notes

Lab 4 due two days after Quiz 1

Final Project Proposal Due two days after Quiz 1

15 Medical Software  
16 Side-Channel Attacks Lab 6 out
17 User Authentication Lab 5 due two days after Lec 17
18 Private Browsing  
19 Anonymous Communication

Lab 6 due two days after Lec 19

Final Project Status Update due two days after Lec 19

20 Mobile Phone Security  
21 Data Tracking  
Quiz 2

Covers lectures 15–21 and labs 4–6

Open Book and Notes

 
22 Guest Lecture: Mark Silis and David LaPorte from MIT IS&T  
23 Security Economics  
24 Project Presentations Final Project Writeup and Code due two days after Lec 24