Spring 2018

The schedule will change as the course progresses, in part based on student interests. If you are particularly interested in some topic not covered here, send mail to the course staff.

The year of publication for class readings are shown in parentheses.

MondayTuesday WednesdayThursday Friday
feb 5
Reg day
feb 6
First day of classes
feb 7
LEC 1: Introduction, threat models (2014 video)
Assigned: Lab 1: Buffer overflows
feb 8 feb 9
feb 12
REC 1: Lab 1 Buffer overflow exploits (2014 notes) (code)
feb 13 feb 14
LEC 2: Security architecture
Preparation: Read Google Security Overview (2017) (Question)
feb 15 feb 16
DUE: Lab 1 parts 1+2
feb 19
Presidents Day
feb 20
LEC 3: User authentication (slides) (2014 video)
Preparation: Read The Quest to Replace Passwords (2012) and optionally the extended version (Question)
Monday schedule
feb 21
LEC 4: Buffer overflow defenses (2014 video)
Preparation: Read Baggy bounds checking (2009) + errata (Question)
Assigned: Lab 2: Privilege separation
feb 22 feb 23
DUE: Lab 1 all parts
feb 26
LEC 5: Privilege separation (2014 video)
Preparation: Read OKWS (2004) (Question)
feb 27 feb 28
LEC 6: Capabilities (2014 video)
Preparation: Read Confused Deputy (1988) and Capsicum (2010) (Question)
mar 1 mar 2
DUE: Lab 2 part 1
mar 5
LEC 7: Guest lecture:
Paul Youn from Airbnb (2014 video)
mar 6 mar 7
LEC 8: Software fault isolation (2014 video)
Preparation: Read Native Client (2009) (Question)
mar 8 mar 9
DUE: Lab 2 parts 2+3
ADD DATE
mar 12
LEC 9: Secure client
Preparation: Read Cloud Terminal (2012) (Question)
mar 13 mar 14
LEC 10: Intel SGX
Preparation: Read Innovative instructions (2013) up to section 3.2 + Ryoan (2016); optional SGX details, section 5 (2016) (Question)
Assigned: Lab 3: Symbolic execution
mar 15 mar 16
DUE: Lab 2 all parts
mar 19
LEC 11: Mobile phone security (2014 video)
Preparation: Read Understanding Android Security (2009) + errata (Question)
Assigned: Lab 5: Final project
mar 20 mar 21
Quiz 1: Covers lectures 1-11 and labs 1-2
Reference: Past quizzes, solutions
Materials: Open laptop, no Internet
Location: Split: 66-168 (last names A-E), E25-111 (last names F-Z)
CHANGE! Quiz will be during NORMAL LECTURE TIME
mar 22 mar 23
DUE: Final project proposal (if you are not doing the default project)
mar 26
Spring Vacation
mar 27
Spring Vacation
mar 28
Spring Vacation
mar 29
Spring Vacation
mar 30
Spring Vacation
apr 2
LEC 12: Symbolic execution
Preparation: Read EXE: Automatically generating inputs of death (2006) (Question)
apr 3 apr 4
LEC 13: Web security model (2014 video)
Preparation: Read The Tangled Web (2012), Chapters 9-11 (Question)
apr 5 apr 6
DUE: Lab 3 part 1
apr 9
REC 2: Web Security (2014 video)
Preparation: Read The Tangled Web (2012), Chapters 12-13 and OWASP top 10
apr 10 apr 11
LEC 14: Network security (2014 video)
Preparation: Read Security Problems in TCP/IP (2004) (Question)
Assigned: Lab 4: Browser security
apr 12 apr 13
DUE: Lab 3 all parts
apr 16
Patriots Day
apr 17
Patriots Day
apr 18
No class, work on final project
apr 19 apr 20
DUE: Lab 4 part 1 and 2
apr 23
LEC 15: Network protocols (2014 video)
Preparation: Read Kerberos (1988) (Question)
apr 24 apr 25
LEC 16: SSL and HTTPS (2014 video)
Preparation: Read ForceHTTPS (2008) (Question)
apr 26
DROP DATE
apr 27
DUE: Lab 4 all parts
apr 30
LEC 17: Side-channel attacks (2014 video)
Preparation: Read Remote timing attacks (2003) (Question)
may 1 may 2
LEC 18: Security economics (2014 video)
Preparation: Read Click Trajectories (2011) (Question)
may 3 may 4
may 7
LEC 19: Email/messaging security
Preparation: Read Secure Messaging (or extended version) and optionally email security (Question)
may 8 may 9
LEC 20: Guest lecture: Nick Mathewson, Anonymous communication (2014 video)
Preparation: Read Tor (2004) and blog posts 1, 2, and 3 (2012) (Question)
may 10 may 11
DUE: Final project writeup and code
may 14
LEC 21: Guest lecture:
Mark Silis from MIT IS&T (2014 video)
may 15 may 16
LEC 22: Project presentations (2014 video)
DUE: Final project presentation
may 17
Last day of classes
Final exam review
Time: 7PM
Location: 32-155
may 18
may 21
Final exam: Emphasis on lectures 12-21 and labs 3-4
Reference: Past quizzes, solutions
Materials: Open laptop, no Internet
Time and Location: TBD
may 22
Final exam: Emphasis on lectures 12-21 and labs 3-4
Reference: Past quizzes, solutions
Materials: Open laptop, no Internet
Time and Location: TBD
may 23
Final exam: Emphasis on lectures 12-21 and labs 3-4
Reference: Past quizzes, solutions
Materials: Open laptop, no Internet
Time and Location: TBD
may 24
Final exam: Emphasis on lectures 12-21 and labs 3-4
Reference: Past quizzes, solutions
Materials: Open laptop, no Internet
Time and Location: TBD
may 25
Final exam: Emphasis on lectures 12-21 and labs 3-4
Reference: Past quizzes, solutions
Materials: Open laptop, no Internet
Time and Location: TBD

Questions or comments regarding 6.858? Send e-mail to the course staff at 6858-staff@lists.csail.mit.edu.

Top // 6.858 home // Last updated Wednesday, 06-Dec-2017 21:17:06 EST