CS 5435 - Fall 2021 Security and Privacy Concepts in the Wild

Lectures

Lecture Schedule (may be updated as needed)


Week Date Topic Notes Assignments
1 8/30 Course overview. slides
1 9/1 Authentication: passwords, security questions. slides Homework 1 released
2 9/6 No class (Labor Day).
2 9/8 Authentication: biometrics. slides
3 9/13 Authentication: multi-factor authentication, challenge-response. Phishing. slides
3 9/15 Computer fraud and abuse. slides
4 9/20 Web security model. slides
4 9/22 Web authentication and session management. slides
5 9/27 Confused deputy: cross-site request forgery, server-side request forgery, clickjacking. slides
5 9/29 SQL injection and cross-site scripting. slides
6 10/4 Logic vulnerabilities in Web applications. slides Homework 2 released
6 10/6 TCP/IP attacks and denial of service. slides
7 10/11 No class (Fall break).
7 10/13 BGP security. slides
8 10/18 DNS security. slides
8 10/20 Basics of symmetric cryptography. Padding-oracle attacks. slides
9 10/25 Basics of public-key cryptography. slides Midterm released
9 10/27 TLS and HTTPS. slides
10 11/1 Certificates and PKI ecosystem. slides Homework 3 released
10 11/3 OS access control and isolation. Virtualization. slides
11 11/8 Security on mobile devices. slides
11 11/10 Control hijacking attacks. slides
12 11/15 Defenses against memory attacks. slides
12 11/17 Return-oriented programming. Control-flow integrity. slides Homework 4 released
13 11/22 Security of machine learning. slides
13 11/24 No class (Thanksgiving).
14 11/29 Microarchitectural side channels. Spectre and Meltdown. slides
14 12/1 End-to-end secure messaging. slides
15 12/6 Onion routing, hidden services, censorship-resistant communications. slides