This schedule is subject to change. Please check back frequently.
Following lecture, we recommend reviewing the provided Supplemental Content (book sections , articles , podcasts , and videos ) to further your understanding of the lecture material. To access these, toggle the ▶ button located beneath each lecture description.
Tuesday Meeting | Thursday Meeting | Weekly Quiz |
---|---|---|
Aug. 20 Course Intro & The Security Mindset (slides) Threats, vulnerabilities, attacks, and defenses. Supplemental Content: |
Aug. 22 Course Setup and Python Review (slides) VM setup, Python fundamentals, debugging code. Supplemental Content: Finish registering your PollEverywhere account
|
Due 8/26 via Canvas |
Tuesday Meeting | Thursday Meeting | Weekly Quiz |
---|---|---|
Aug. 27 Message Integrity (slides) Kerckhoffs's principles, PRFs, hashes, MACs. Supplemental Content: Crypto Project released
|
Aug. 29 (hybrid lecture 🏈) Message Confidentiality (slides) Caesar and Vigenère ciphers, cryptanalysis. Supplemental Content: |
Due 9/02 via Canvas |
Sep. 03 Improved Cipher Designs (slides) PRGs, serial and transposition ciphers, cipher metrics. Supplemental Content: |
Sep. 05 Block Ciphers (slides) Block ciphers, DES, AES, secure channels. Supplemental Content: |
Due 9/09 via Canvas |
Sep. 10 Public Key Crypto (slides) Key exchange, RSA, attacks, key management. Supplemental Content: |
Sep. 12 Security in Practice: Cryptocurrency (slides) Decentralized digital currency. Supplemental Content: |
Due 9/16 via Canvas |
Tuesday Meeting | Thursday Meeting | Weekly Quiz |
---|---|---|
Sep. 17 All About Applications (slides) Process execution, virtual memory, and the stack. Supplemental Content: AppSec Project released
|
Sep. 19 Attacking Applications (slides) Redirecting execution, shellcode, exploit writing. Supplemental Content: Crypto Project due by 11:59pm via Canvas
|
Due 9/23 via Canvas |
Sep. 24 Defending Applications (slides) ASLR, DEP, and workarounds; secure coding practices. Supplemental Content: |
Sep. 26 (guest lecture 😎) Automated Bug Finding (slides) Fuzzing, symbolic execution, taint tracking. Supplemental Content: |
Due 9/30 via Canvas |
Oct. 01 Access Control and Isolation (slides) Permissions, sandboxing, containers, virtual machines. Supplemental Content: |
Oct. 03 Security in Practice: Malware (slides) Viruses, worms, spyware, botnets, and defenses. Supplemental Content: |
Due 10/14 via Canvas |
Oct. 08 No Class (Fall break) |
Oct. 10 No Class (Fall break) |
No Quiz |
Tuesday Meeting | Thursday Meeting | Weekly Quiz |
---|---|---|
Oct. 15 The Web Platform (slides) HTTP and HTML, cookies, JavaScript, and SQL. Supplemental Content: WebSec Project released
|
Oct. 17 Web Attacks and Defenses (slides) SQL injection, CSRF and XSS attacks, and defenses. Supplemental Content: AppSec Project due by 11:59pm via Canvas
|
Due 10/21 via Canvas |
Oct. 22 Client-side Web Security and HTTPS (slides) Sandboxing, Same Origin Policy, SSL/TLS, certificates. Supplemental Content: |
Oct. 24 Networking 101 (slides) The physical, link, network, transport, and app layers. Supplemental Content: |
Due 10/28 via Canvas |
Oct. 29 Attacking Network Applications (slides) HTML injection, E-mail spoofing, DNS hijacking, packets. Supplemental Content: |
Oct. 31 Denial of Service Attacks (slides) Botnets and DDoS; SYN, ICMP, and ARP attacks. Supplemental Content: |
Due 11/04 via Canvas |
Nov. 05 Secure Authentication (slides) Multi-factor authentication, passwords, rainbow tables. Supplemental Content: NetSec Project released
|
Nov. 07 Security in Practice: Tor (slides) Privacy, anonymity, and censorship resistance. Supplemental Content: WebSec Project due by 11:59pm via Canvas
|
Due 11/11 via Canvas |
Tuesday Meeting | Thursday Meeting | Weekly Quiz |
---|---|---|
Nov. 12 Software Reverse Engineering (slides) Binary disassembly, decompilation, and RE challenges. Supplemental Content: |
Nov. 14 (guest lecture 😎) Attacking Large Language Models (slides) LLMs, jailbreaking, and backdoor attacks. Supplemental Content: |
Due 11/18 via Canvas |
Nov. 19 Side Channels and Hardware (slides) Side channel attacks, hardware supply chain attacks. Supplemental Content: |
Nov. 21 Election Cybersecurity (slides) Computerized voting systems, attacks and defenses. Supplemental Content: Practice Exam released
|
Due 12/02 via Canvas |
Nov. 26 No Class (Thanksgiving Break) |
Nov. 28 No Class (Thanksgiving Break) |
No Quiz |
Tuesday Meeting | Thursday Meeting | Weekly Quiz |
---|---|---|
Dec. 03 What's Next? Life After CS 4440 (slides) Bug bounties, CTF, cybersecurity careers. |
Dec. 05 Final Exam Review Session (slides) Practice exam solutions discussed in-class. NetSec Project due by 11:59pm via Canvas
|
No Quiz |