Thu
08/27 |
Introduction (recording) |
Optional: CS61C review
Optional: G&T § 1.1, Craft § 1-1.1, 1.3
|
No discussion!
| HW1 |
Mon
08/31 |
Project 1 released
|
x86, GDB, and Security Principles
(solutions)
(recording) |
Tue
09/01 |
Security Principles (recording) |
Notes (Principles)
Notes (Design Patterns)
Optional: G&T § 1.1.4, 3.4.6
|
Thu
09/03 |
Buffer Overflows (recording) |
Notes, sections 1-6
Smashing The Stack For Fun And Profit
Slides on a normal x86 function call, a crash, a control-flow diversion, and code injection
Optional: G&T § 3.4, Craft § 6.1-6.3
|
Tue
09/08 |
Buffer Overflow Defenses (recording) |
Notes
Pointer Authentication
Real World Exploit Example
Optional: G&T § 9.4-9.5; Craft § 6.5-6.7
|
Software Security
(solutions)
(recording) |
Thu
09/10 |
Cryptography - IND-CPA + One-Time Pads (recording) |
Notes, sections 1-4
Enigma Machine Notebook
Optional: G&T § 8.1.0-8.1.3, 8.1.6-8.1.7; Craft § 7.1, 7.3.2 - 7.3.3
|
Tue
09/15 |
Block Ciphers + Symmetric Key Encryption (recording) |
Notes, sections 5-6
AES Demo
|
Cryptography I
(solutions)
(recording) | HW2 |
Thu
09/17 |
Integrity (MACs) + Pseudorandom Generators (recording) |
Notes, sections 1-2
Optional: G&T § 1.3-1.3.1, 1.3.3, 8.2, 8.5.2; Craft § 7.5
|
Tue
09/22 |
Public Key Exchange (recording) |
Notes, section 1
Optional: G&T § 1.3-1.3.1, 1.3.3, 8.2, 8.5.2
|
Cryptography II
(solutions)
(recording) |
Thu
09/24 |
Public Key Encryption (recording) |
Notes, section 2
Optional: G&T § 1.3.2, 1.3.4, 8.2.3, 8.3, 8.4.1, 8.4.3; Craft § 7.4.2
|
Fri
09/25 |
Project 1 due (11:59pm PT)
|
Mon
09/28 |
Optional Lab 1 released
|
Cryptography III
(solutions)
(recording) | HW3 |
Tue
09/29 |
Voting + Blockchain (recording) |
Risks of Cryptocurrencies
How to make money with Bitcoin
|
Thu
10/01 |
Password Hashing + Signal + Tor (recording) |
Notes (Passwords)
Notes (Key Management)
|
Mon
10/05 |
Project 2 soft release
|
Midterm Review
|
Tue
10/06 |
Command Injection + SQL Injection (recording) |
Web notes, section 5
Squigler demo
|
Thu
10/08 |
Intro to Web + Cookies (recording) |
Web notes, section 1-3, 7
|
Fri
10/09 |
Midterm (5:00pm-7:00pm PT)
|
Tue
10/13 |
CSRF + Stored XSS (recording) |
Notes, section 6, 8
OWASP page on CSRF
OWASP page on XSS
|
Web Security I
(solutions)
(recording) | HW4 |
Thu
10/15 |
Reflected XSS + UI Attacks (recording) |
Web notes, section 6
XSS Prevention Cheat Sheet
Content Security Policy
|
Tue
10/20 |
Captchas + Networking Background (recording) |
Networking notes, sections 1-3
|
Web Security II
(solutions)
(recording) |
Thu
10/22 |
Low-Level Network Attacks (recording) |
Networking notes, sections 1-3
|
Tue
10/27 |
DNS (recording) |
Networking notes, sections 6-7
|
Web Security III
(solutions)
(recording) | HW5 |
Wed
10/28 |
Project 2 design doc due (11:59pm PT)
|
Thu
10/29 |
TCP + TLS (recording) |
Networking notes, sections 4-5
|
Tue
11/03 |
(Optional) Boeing 737-MAX + Quantum (recording) |
|
Election Week (optional)
|
Thu
11/05 |
(Optional) Nukes + Tor + Sidechannels (recording) |
|
Fri
11/06 |
Optional Lab 1 due (11:59pm PT)
|
Tue
11/10 |
TLS (continued) + Denial of Service (recording) |
Networking notes, section 5
|
Network Security I
(solutions)
(recording) | HW6 |
Thu
11/12 |
DNSSEC (recording) |
Networking notes, section 8
|
Mon
11/16 |
Optional Lab 2 released
|
Network Security II
(solutions)
(recording) |
Mon
11/16 |
Project 3 released
|
Tue
11/17 |
Intrusion Detection (recording) |
|
Wed
11/18 |
Project 2 due (11:59pm PT)
|
Thu
11/19 |
Abusing Intrusion Detection (recording) |
|
Tue
11/24 |
Network Censorship + Hardware Attacks (recording) |
|
No discussion (Thanksgiving)
| HW7 |
Thu
11/26 |
Thanksgiving (No Lecture) |
|
Tue
12/01 |
Personal Security |
|
Network Security III
|
Thu
12/03 |
Malcode + Reflections on Trusting Trust |
|
Fri
12/04 |
Project 3 due (11:59pm PT)
|
Fri
12/04 |
Optional Lab 2 due (11:59pm PT)
|
Thu
12/17 |
Final exam (11:30am-2:30pm PT)
|
|
CS 161