CS 5435 - Fall 2022 Security and Privacy Concepts in the Wild

Lectures

Lecture Schedule (may be updated as needed)


Week Date Topic Notes Assignments
1 8/22 Course overview. slides
1 8/24 Authentication: passwords slides Homework 1 released
2 8/29 Authentication: MFA, biometrics, one-time passwords slides
2 8/31 Phishing slides
3 9/5 No class (Labor day)
3 9/7 Web security model slides
4 9/12 Web security: cross-origin communication (see 9/7)
4 9/14 Web security: authentication and session management slides Homework 1 due
5 9/19 Web security: confused deputy attacks -- cross-site and and server-side request forgery, clickjacking slides Homework 2 released
5 9/21 Web security: SQL injection and cross-site scripting slides
6 9/26 Computer fraud and abuse
6 9/28 Intro to symmetric cryptography: stream ciphers, block ciphers and modes, authenticated encryption slides
7 10/3 Intro to symmetric cryptography: padding-oracle attacks (See 9/28)
7 10/5 Attacks on TCP/IP. Denial of service. slides
8 10/10 No class (Fall break)
8 10/12 Security of BGP slides
9 10/17 Security of DNS slides Midterm released
9 10/19 Intro to public-key cryptography slides Midterm due
10 10/24 SSL/TLS and HTTPS slides Homework 3 released
10 10/26 PKI and certificates (See 10/24)
11 10/31 Memory corruption attacks slides
11 11/2 Return-oriented programming (See 10/31)
12 11/7 Memory protection techniques slides
12 11/9 Isolation and confinement slides Homework 3 due
13 11/14 Microarchitectural attacks: Spectre and Meltdown slides
13 11/16 Security on mobile devices slides
14 11/21 Security and privacy of machine learning systems
14 11/23 No class (Thanksgiving)
15 11/28 Software analysis methods for finding vulnerabilities slides
15 11/30 Anonymity networks and onion routing slides
16 12/5 Tor hidden services and "Dark Web", censorship-resistant communications
17 12/10 No class Final exam due