The schedule will change as the course progresses, in part based on student
interests. If you are particularly interested in some topic not covered here,
send mail to the course staff.
| Monday | Tuesday |
Wednesday | Thursday |
Friday |
sep 7
Labor day |
sep 8
Reg day |
sep 9
LEC 1: Introduction, threat models (video 2014)
Assigned: Lab 1: Buffer overflows
First day of classes |
sep 10 |
sep 11 |
sep 14
REC 1: Lab 1 Buffer overflow exploits (code) |
sep 15 |
sep 16
LEC 2: Control hijacking attacks (video)
Preparation: Read Baggy bounds checking (2009) + errata (Question) |
sep 17 |
sep 18
DUE: Lab 1 parts 1+2 |
sep 21
LEC 3: User authentication (video 2014) (Slides)
Preparation: Read The Quest to Replace Passwords (2012) and optionally the extended version (Question) |
sep 22 |
sep 23
LEC 4: Guest lecture:
Paul Youn from Airbnb (video 2014)
Assigned: Lab 2: Privilege separation |
sep 24 |
sep 25
DUE: Lab 1 all parts |
sep 28
LEC 5: Privilege separation (video 2014)
Preparation: Read OKWS (2004) (Question) |
sep 29 |
sep 30
LEC 6: Capabilities (video 2014)
Preparation: Read Confused Deputy (1988) and Capsicum (2010) (Question) |
oct 1 |
oct 2
DUE: Lab 2 part 1 |
oct 5
Hacking day |
oct 6 |
oct 7
LEC 7: Sandboxing native code (video 2014)
Preparation: Read Native Client (2009) (Question) |
oct 8 |
oct 9
DUE: Lab 2 parts 2+3
ADD DATE |
oct 12
Columbus day |
oct 13
Monday schedule
Hacking day |
oct 14
LEC 8: Isolation with Intel SGX
Preparation: Read until Section 3.2 of Using innovatative instructions to create trustworthy software solutions (2013) and Read until Section 6 of Shielding applications from an untrusted cloud with Haven (2014) (Question)
Assigned: Lab 3: Symbolic execution |
oct 15 |
oct 16
DUE: Lab 2 all parts |
oct 19
LEC 9: Symbolic execution (lab 3)
Preparation: Read EXE: Automatically generating inputs of death (2006) (Question) |
oct 20 |
oct 21
LEC 10: Mobile phone security (video 2014)
Preparation: Read Understanding Android Security (2009) + errata (Question)
Assigned: Lab 5: Final project |
oct 22 |
oct 23
DUE: Lab 3 part 1 |
oct 26
Hacking day |
oct 27 |
oct 28
LEC 11: Web security model (video 2014)
Preparation: Read The Tangled Web (2012), Chapters 9-11 (Question)
Assigned: Lab 4: Browser security |
oct 29
DUE: Final project proposal (if you are not doing the default project) |
oct 30
DUE: Lab 3 all parts |
nov 2
REC 2: Web Security (video 2014)
Preparation: Read The Tangled Web (2012), Chapters 12-13 and OWASP top 10 (Question) |
nov 3 |
nov 4
LEC 12: Ur/Web (video 2014)
(Guest lecture by Adam Chlipala, MIT CSAIL)
Preparation: Read Ur/Web (2015) (Question) |
nov 5 |
nov 6
DUE: Lab 4 part 1 and 2 |
nov 9
Quiz 1: Covers lectures 1-10 and labs 1-3
Reference: Past quizzes, solutions
Materials: Open laptop, no Internet
Location: 26-100 |
nov 10 |
nov 11
Veterans day |
nov 12 |
nov 13
DUE: Lab 4 all parts |
nov 16
LEC 13: Network security (video 2014)
Preparation: Read Security Problems in TCP/IP (2004) (Question) |
nov 17 |
nov 18
LEC 14: Network protocols (video 2014)
Preparation: Read Kerberos (1988) (Question)
DROP DATE |
nov 19 |
nov 20 |
nov 23
LEC 15: SSL and HTTPS (video 2014)
Preparation: Read ForceHTTPS (2008) (Question) |
nov 24 |
nov 25
LEC 16: Side-channel attacks (video 2014)
Preparation: Read Remote timing attacks (2003) (Question) |
nov 26
Thanksgiving |
nov 27
Thanksgiving |
nov 30
LEC 17: Guest lecture: Nick Mathewson, Anonymous communication (video)
Preparation: Read Tor (2004) and blog posts 1, 2, and 3 (2012) (Question) |
dec 1 |
dec 2
LEC 18: Guest lecture:
Mark Silis and David LaPorte from MIT IS&T (Slides) (video 2014) |
dec 3 |
dec 4
DUE: Final project writeup and code |
dec 7
LEC 19: Guest lecture:
Butler Lampson (Microsoft and MIT): What has worked in computer security and what hasn't? (Slides) |
dec 8 |
dec 9
LEC 20: Project presentations (video)
DUE: Final project presentation |
dec 10
Last day of classes |
dec 11 |
dec 14
Thursday Dec 17 Quiz 2
Quiz 2: Emphasis on lectures 11-20 and lab 4
Reference: Past quizzes, solutions
Materials: Open laptop, no Internet
Time and Location:1:30-3:30, du Pont
Quiz 2 Review Quiz 2 Review 2 Notes |
dec 15
Thursday Dec 17 Quiz 2
Quiz 2: Emphasis on lectures 11-20 and lab 4
Reference: Past quizzes, solutions
Materials: Open laptop, no Internet
Time and Location:1:30-3:30, du Pont
Quiz 2 Review Quiz 2 Review 2 Notes |
dec 16
Thursday Dec 17 Quiz 2
Quiz 2: Emphasis on lectures 11-20 and lab 4
Reference: Past quizzes, solutions
Materials: Open laptop, no Internet
Time and Location:1:30-3:30, du Pont
Quiz 2 Review Quiz 2 Review 2 Notes |
dec 17
Thursday Dec 17 Quiz 2
Quiz 2: Emphasis on lectures 11-20 and lab 4
Reference: Past quizzes, solutions
Materials: Open laptop, no Internet
Time and Location:1:30-3:30, du Pont
Quiz 2 Review Quiz 2 Review 2 Notes |
dec 18
Thursday Dec 17 Quiz 2
Quiz 2: Emphasis on lectures 11-20 and lab 4
Reference: Past quizzes, solutions
Materials: Open laptop, no Internet
Time and Location:1:30-3:30, du Pont
Quiz 2 Review Quiz 2 Review 2 Notes |
