Schedule and Assignments (Winter 2020)

This schedule is subject to change. Please check back frequently.

Week Date Topics Instructor Assignments & Reading Responses Readings (Everyone) Research Papers (CMSC 33250 only)
Week 1 1/6 Course Introduction and The Security Mindset [slides] Blase & David Reading Response 1 due 1/7 None
1/8 Threat Modeling and Security Architectures [slides] Blase & David --
1/10 Cryptography I [slides] David --
Week 2 1/13 Cryptography II [slides] David Reading Response 2 due 1/14 Due 1/13:
Checkoway et al. A Systematic Analysis of the Juniper Dual EC Incident, CCS 2016.
1/15 Cryptography III [slides] David Assignment 1 due 1/16
1/17 Digital Signatures, Certificates, and TLS[slides] David --
Week 3 1/20 No class (MLK day) -- Reading Response 3 due 1/21 None
1/22 How the Internet Works [slides] Blase Assignment 2 due 1/23
1/24 How the Web Works [slides] Blase --
Week 4 1/27 How the Web Works [slides were continued from 1/24] Blase Reading Response 4 due 1/28 Due 1/27:
Lauinger et al. Thou Shalt Not Depend on Me: Analysing the Use of Outdated JavaScript Libraries on the Web, NDSS 2017.
1/29 Web Security Attacks and Defenses [slides were continued from 1/24] Blase Assignment 3 due 1/30
1/31 Web Security Attacks and Defenses [slides] Blase --
Week 5 2/3 Web Tracking and Web Privacy [slides] Blase Reading Response 5 due 2/4 Due 2/3:
Ren et al. Information Exposure From Consumer IoT Devices: A Multidimensional, Network-Informed Measurement Approach, IMC 2019.
2/5 Web Trust and Network Security [slides] Blase Assignment 4 due 2/6
2/7 Network Security [slides] Blase --
Week 6 2/10 Authentication I [slides] Blase Reading Response 6 due 2/11 Due 2/10:
Liu et al. Reasoning Analytically About Password-Cracking Software. IEEE S&P, 2019.
2/12 Authentication II [slides were continued from 2/10] Blase --
2/14 No class (college break) -- --
Week 7 2/17 Data Privacy and Deanonymization David Assignment 5 due 2/17; Reading Response 7 due 2/18 Due 2/17:
Erlingsson et al. RAPPOR: Randomized Aggregatable Privacy-Preserving Ordinal Response, CCS 2014.
2/19 Differential Privacy and Database Encryption David --
2/21 OS Security [notes on Campuswire] David --
Week 8 2/24 Memory Vulnerabilities [notes on Campuswire] David Assignment 6 due 2/24; Reading Response 8 due 2/25 Due 2/24:
Cha et al. Unleashing MAYHEM on Binary Code, IEEE S&P 2012.
2/26 Memory Protection [notes on Campuswire] David --
2/28 Blockchains and Cryptocurrencies [slides] David --
Week 9 3/2 Communication Security and Anonymity David Assignment 7 due 3/2; Reading Response 9 due 3/3 Due 3/2:
Kocher et al. Spectre Attacks: Exploiting Speculative Execution, IEEE S&P 2019.
3/4 Hardware Security [slides] Blase --
3/6 Privacy and Ethics in Security [slides] Blase --
Week 10 3/9 Security & Privacy for IoT Devices / Formal Modeling & Dynamic Analysis for Security [slides] Weijia / Valerie Assignment 8 due 3/9; Reading Response 10 Due 3/10 Due 3/9:
Enck et al. TaintDroid: An Information-Flow Tracking System for Realtime Privacy Monitoring on Smartphones, OSDI 2010.
3/11 Security in Practice Guests Assignment 9 due
Final Exam 3/18 Open-book, final exam online on Canvas (due to COVID-19). You have 2 hours to take the exam once you begin. You must complete the exam between 3/18 at 10am and 3/19 at 10am Chicago time. -- -- -- --