This schedule is subject to change. Please check back frequently.
Week | Date | Topics | Instructor | Assignments & Reading Responses | Readings (Everyone) | Research Papers (CMSC 33250 only) |
---|---|---|---|---|---|---|
Week 1 | 1/6 | Course Introduction and The Security Mindset [slides] | Blase & David | Reading Response 1 due 1/7 |
|
None |
1/8 | Threat Modeling and Security Architectures [slides] | Blase & David | -- | |||
1/10 | Cryptography I [slides] | David | -- | |||
Week 2 | 1/13 | Cryptography II [slides] | David | Reading Response 2 due 1/14 |
|
Due 1/13: Checkoway et al. A Systematic Analysis of the Juniper Dual EC Incident, CCS 2016. |
1/15 | Cryptography III [slides] | David | Assignment 1 due 1/16 | |||
1/17 | Digital Signatures, Certificates, and TLS[slides] | David | -- | |||
Week 3 | 1/20 | No class (MLK day) | -- | Reading Response 3 due 1/21 | None | |
1/22 | How the Internet Works [slides] | Blase | Assignment 2 due 1/23 | |||
1/24 | How the Web Works [slides] | Blase | -- | |||
Week 4 | 1/27 | How the Web Works [slides were continued from 1/24] | Blase | Reading Response 4 due 1/28 |
|
Due 1/27: Lauinger et al. Thou Shalt Not Depend on Me: Analysing the Use of Outdated JavaScript Libraries on the Web, NDSS 2017. |
1/29 | Web Security Attacks and Defenses [slides were continued from 1/24] | Blase | Assignment 3 due 1/30 | |||
1/31 | Web Security Attacks and Defenses [slides] | Blase | -- | |||
Week 5 | 2/3 | Web Tracking and Web Privacy [slides] | Blase | Reading Response 5 due 2/4 |
|
Due 2/3: Ren et al. Information Exposure From Consumer IoT Devices: A Multidimensional, Network-Informed Measurement Approach, IMC 2019. |
2/5 | Web Trust and Network Security [slides] | Blase | Assignment 4 due 2/6 | |||
2/7 | Network Security [slides] | Blase | -- | |||
Week 6 | 2/10 | Authentication I [slides] | Blase | Reading Response 6 due 2/11 |
|
Due 2/10: Liu et al. Reasoning Analytically About Password-Cracking Software. IEEE S&P, 2019. |
2/12 | Authentication II [slides were continued from 2/10] | Blase | -- | |||
2/14 | No class (college break) | -- | -- | |||
Week 7 | 2/17 | Data Privacy and Deanonymization | David | Assignment 5 due 2/17; Reading Response 7 due 2/18 |
|
Due 2/17: Erlingsson et al. RAPPOR: Randomized Aggregatable Privacy-Preserving Ordinal Response, CCS 2014. |
2/19 | Differential Privacy and Database Encryption | David | -- | |||
2/21 | OS Security [notes on Campuswire] | David | -- | |||
Week 8 | 2/24 | Memory Vulnerabilities [notes on Campuswire] | David | Assignment 6 due 2/24; Reading Response 8 due 2/25 |
|
Due 2/24: Cha et al. Unleashing MAYHEM on Binary Code, IEEE S&P 2012. |
2/26 | Memory Protection [notes on Campuswire] | David | -- | |||
2/28 | Blockchains and Cryptocurrencies [slides] | David | -- | |||
Week 9 | 3/2 | Communication Security and Anonymity | David | Assignment 7 due 3/2; Reading Response 9 due 3/3 | Due 3/2: Kocher et al. Spectre Attacks: Exploiting Speculative Execution, IEEE S&P 2019. |
|
3/4 | Hardware Security [slides] | Blase | -- | |||
3/6 | Privacy and Ethics in Security [slides] | Blase | -- | |||
Week 10 | 3/9 | Security & Privacy for IoT Devices / Formal Modeling & Dynamic Analysis for Security [slides] | Weijia / Valerie | Assignment 8 due 3/9; Reading Response 10 Due 3/10 |
|
Due 3/9: Enck et al. TaintDroid: An Information-Flow Tracking System for Realtime Privacy Monitoring on Smartphones, OSDI 2010. |
3/11 | Security in Practice | Guests | Assignment 9 due | |||
Final Exam | 3/18 | Open-book, final exam online on Canvas (due to COVID-19). You have 2 hours to take the exam once you begin. You must complete the exam between 3/18 at 10am and 3/19 at 10am Chicago time. | -- | -- | -- | -- |