CS 161: Computer Security

Announcements:

Homework 5 is due Friday, April 9, 11:59 PM PT.
Project 2 is due Friday, April 16, 11:59 PM PT (extended from April 9).

Instructor: Nicholas Weaver

Lecture: Tu/Th, 6:30pm-8:00pm PT

Date	Lecture	Readings	Discussion	HW
Tue 01/19	Introduction (Youtube, Kaltura)	Optional: 61C review Memory Safety notes, section 1 C, x86, and GDB cheatsheet Project 1 Q1 video walkthrough Optional: Review videos Optional: G&T § 1.1, Craft § 1-1.1, 1.3	No discussion	HW1
Thu 01/21	Security Principles (Youtube, Kaltura)	Security Principles notes Optional: Review videos Optional: G&T § 1.1.4, 3.4.6	No discussion
Mon 01/25	Project 1 released		61C Review, Security Principles (solutions) (Youtube, Kaltura)
Tue 01/26	Buffer Overflows (Youtube, Kaltura)	Memory Safety notes, section 2 Smashing The Stack For Fun And Profit Slides on a normal x86 function call, a crash, a control-flow diversion, and code injection. Optional: Review videos Optional: G&T § 3.4, Craft § 6.1-6.3
Thu 01/28	Buffer Overflow Defenses (Youtube, Kaltura)	Memory Safety notes, section 3 Pointer Authentication Real World Exploit Example Optional: Review videos Optional: G&T § 9.4-9.5; Craft § 6.5-6.7
Mon 02/01	Optional Lab 1 released		Memory Safety (solutions) (Youtube, Kaltura)	HW2
Tue 02/02	IND-CPA + One-Time Pads + Block Ciphers + Symmetric Key Encryption (Youtube, Kaltura)	Cryptography notes, sections 1-3 Enigma Machine Notebook Optional: Review videos Optional: G&T § 8.1.0-8.1.3, 8.1.6-8.1.7; Craft § 7.1, 7.3.2 - 7.3.3
Thu 02/04	Symmetric Key Encryption (cont.) + Hashing + Integrity (MACs) + Pseudorandom Generators (Youtube, Kaltura)	Cryptography notes, sections 4-6 AES Demo Optional: Review videos Optional: Stick figure guide to AES, G&T § 8.1.0-8.1.3, 8.1.6-8.1.7; Craft § 7.1, 7.3.2 - 7.3.3
Tue 02/09	Pseudorandom Generators (cont.) + Public Key Exchange (Youtube, Kaltura)	Cryptography notes, section 7 Optional: Review videos Optional: G&T § 1.3-1.3.1, 1.3.3, 8.2, 8.5.2; Craft § 7.5	Symmetric-Key Cryptography (solutions) (Youtube, Kaltura) Exam Prep (solutions)
Thu 02/11	Public Key Encryption + Digital Signatures (Youtube, Kaltura)	Cryptography notes, sections 8-9 Optional: Review videos Optional: G&T § 1.3-1.3.1, 1.3.3, 8.2, 8.5.2
Tue 02/16	Certificates (Youtube, Kaltura)	Cryptography notes, section 10 Optional: Review videos Optional: G&T § 1.3.2, 1.3.4, 8.2.3, 8.3, 8.4.1, 8.4.3; Craft § 7.4.2	Asymmetric Cryptography (solutions) (Youtube, Kaltura)	HW3
Thu 02/18	Password Hashing + Blockchain (Youtube, Kaltura)	Cryptography notes, sections 11-12 Risks of Cryptocurrencies How to make money with Bitcoin Optional: Review videos
Fri 02/19	Project 1 due (11:59pm PT)
Mon 02/22	Project 2 released		Public Key Cryptography (solutions) (Youtube, Kaltura)
Tue 02/23	Signal + Tor (Youtube, Kaltura)	Optional: Review videos
Thu 02/25	Command Injection + SQL Injection (Youtube, Kaltura)	Web notes, section 5 Squigler demo Optional: Review videos
Tue 03/02	Intro to Web + Cookies (Youtube, Kaltura)	Web notes, sections 1-4, 7 Optional: Review videos	Midterm Review	HW4
Thu 03/04	Cross-Site Request Forgery (CSRF) + Cross-Site Scripting (XSS) (Youtube, Kaltura)	Web notes, sections 6, 8 OWASP page on CSRF OWASP page on XSS Optional: Review videos
Fri 03/05	Midterm (5:00pm-7:00pm PT)
Tue 03/09	XSS (continued) + UI Attacks (Youtube, Kaltura)	Web notes, section 6 XSS Prevention Cheat Sheet Content Security Policy	SQL Injection and Cookies (solutions) (Youtube, Kaltura)
Thu 03/11	Captchas + Networking Background (Youtube, Kaltura)	Networking notes, section 1 Optional: Review videos	SQL Injection and Cookies (solutions) (Youtube, Kaltura)
Tue 03/16	Low-Level Network Attacks (Youtube, Kaltura)	Networking notes, sections 2-4	CSRF and XSS (solutions) (Youtube, Kaltura)
Thu 03/18	Layer 3 (IP) + BGP + DNS (Youtube, Kaltura)	Networking notes, sections 5, 8-9 Optional: Review videos
Fri 03/19	Optional Lab 1 due (11:59pm PT)
Fri 03/19	Project 2 design doc draft due (11:59pm PT)
Tue 03/23	Spring Break (No Lecture)		Spring Break (No discussion)
Thu 03/25	Spring Break (No Lecture)		Spring Break (No discussion)
Tue 03/30	TCP + TLS (Youtube, Kaltura)	Networking notes, sections 6-7 Optional: Review videos	UI Based Attacks and Privacy (solutions) (Youtube, Kaltura)	HW5
Thu 04/01	TLS (continued) + Denial of Service (Youtube, Kaltura)	Networking notes, section 7 Optional: Review videos	UI Based Attacks and Privacy (solutions) (Youtube, Kaltura)
Mon 04/05	Optional Lab 2 released		TLS and TCP (solutions) (Youtube, Kaltura)
Tue 04/06	DNSSEC (Youtube, Kaltura)	Networking notes, section 10 Optional: Review videos
Thu 04/08	Intrusion Detection (Youtube, Kaltura)	Optional: Review videos
Mon 04/12	Project 3 released		DNS	HW6
Tue 04/13	Abusing Intrusion Detection
Thu 04/15	Network Censorship + Malware
Fri 04/16	Project 2 due (11:59pm PT)
Tue 04/20	Malcode		Network Security III
Thu 04/22	Special Topics - Boeing 737-MAX + Quantum		Network Security III
Tue 04/27	Special Topics - Nukes + Tor + Side channels		Special Topics	HW7
Thu 04/29	Personal Security + Ask Nick Anything
Fri 04/30	Project 3 due (11:59pm PT)
Tue 05/04	RRR Week		Final Review
Thu 05/06	RRR Week
Fri 05/07	Optional Lab 2 due (11:59pm PT)
Fri 05/14	Final exam (11:30am-2:30pm PT)