Fall 2015
Note: Previous year's web site
Home
General information
Schedule
Reference materials
Piazza discussion
Submission
Quizzes
Labs
1 2 3 4 5
MIT network rules
Final projects
2014 class materials
Creative Commons License

The schedule will change as the course progresses, in part based on student interests. If you are particularly interested in some topic not covered here, send mail to the course staff.

The year of publication for class readings are shown in parentheses.

MondayTuesday WednesdayThursday Friday
sep 7
Labor day		 sep 8
Reg day		 sep 9
LEC 1: Introduction, threat models (video 2014)
Assigned: Lab 1: Buffer overflows
First day of classes		 sep 10 sep 11
sep 14
REC 1: Lab 1 Buffer overflow exploits (code)		 sep 15 sep 16
LEC 2: Control hijacking attacks (video)
Preparation: Read Baggy bounds checking (2009) + errata (Question)		 sep 17 sep 18
DUE: Lab 1 parts 1+2
sep 21
LEC 3: User authentication (video 2014) (Slides)
Preparation: Read The Quest to Replace Passwords (2012) and optionally the extended version (Question)		 sep 22 sep 23
LEC 4: Guest lecture:
Paul Youn from Airbnb (video 2014)
Assigned: Lab 2: Privilege separation		 sep 24 sep 25
DUE: Lab 1 all parts
sep 28
LEC 5: Privilege separation (video 2014)
Preparation: Read OKWS (2004) (Question)		 sep 29 sep 30
LEC 6: Capabilities (video 2014)
Preparation: Read Confused Deputy (1988) and Capsicum (2010) (Question)		 oct 1 oct 2
DUE: Lab 2 part 1
oct 5
Hacking day		 oct 6 oct 7
LEC 7: Sandboxing native code (video 2014)
Preparation: Read Native Client (2009) (Question)		 oct 8 oct 9
DUE: Lab 2 parts 2+3
ADD DATE
oct 12
Columbus day		 oct 13
Monday schedule
Hacking day		 oct 14
LEC 8: Isolation with Intel SGX
Preparation: Read until Section 3.2 of Using innovatative instructions to create trustworthy software solutions (2013) and Read until Section 6 of Shielding applications from an untrusted cloud with Haven (2014) (Question)
Assigned: Lab 3: Symbolic execution		 oct 15 oct 16
DUE: Lab 2 all parts
oct 19
LEC 9: Symbolic execution (lab 3)
Preparation: Read EXE: Automatically generating inputs of death (2006) (Question)		 oct 20 oct 21
LEC 10: Mobile phone security (video 2014)
Preparation: Read Understanding Android Security (2009) + errata (Question)
Assigned: Lab 5: Final project		 oct 22 oct 23
DUE: Lab 3 part 1
oct 26
Hacking day		 oct 27 oct 28
LEC 11: Web security model (video 2014)
Preparation: Read The Tangled Web (2012), Chapters 9-11 (Question)
Assigned: Lab 4: Browser security		 oct 29
DUE: Final project proposal (if you are not doing the default project)		 oct 30
DUE: Lab 3 all parts
nov 2
REC 2: Web Security (video 2014)
Preparation: Read The Tangled Web (2012), Chapters 12-13 and OWASP top 10 (Question)		 nov 3 nov 4
LEC 12: Ur/Web (video 2014)
(Guest lecture by Adam Chlipala, MIT CSAIL)
Preparation: Read Ur/Web (2015) (Question)		 nov 5 nov 6
DUE: Lab 4 part 1 and 2
nov 9
Quiz 1: Covers lectures 1-10 and labs 1-3
Reference: Past quizzes, solutions
Materials: Open laptop, no Internet
Location: 26-100		 nov 10 nov 11
Veterans day		 nov 12 nov 13
DUE: Lab 4 all parts
nov 16
LEC 13: Network security (video 2014)
Preparation: Read Security Problems in TCP/IP (2004) (Question)		 nov 17 nov 18
LEC 14: Network protocols (video 2014)
Preparation: Read Kerberos (1988) (Question)
DROP DATE		 nov 19 nov 20
nov 23
LEC 15: SSL and HTTPS (video 2014)
Preparation: Read ForceHTTPS (2008) (Question)		 nov 24 nov 25
LEC 16: Side-channel attacks (video 2014)
Preparation: Read Remote timing attacks (2003) (Question)		 nov 26
Thanksgiving		 nov 27
Thanksgiving
nov 30
LEC 17: Guest lecture: Nick Mathewson, Anonymous communication (video)
Preparation: Read Tor (2004) and blog posts 1, 2, and 3 (2012) (Question)		 dec 1 dec 2
LEC 18: Guest lecture:
Mark Silis and David LaPorte from MIT IS&T (Slides) (video 2014)		 dec 3 dec 4
DUE: Final project writeup and code
dec 7
LEC 19: Guest lecture:
Butler Lampson (Microsoft and MIT): What has worked in computer security and what hasn't? (Slides)		 dec 8 dec 9
LEC 20: Project presentations (video)
DUE: Final project presentation		 dec 10
Last day of classes		 dec 11
dec 14
Thursday Dec 17 Quiz 2

Quiz 2: Emphasis on lectures 11-20 and lab 4
Reference: Past quizzes, solutions
Materials: Open laptop, no Internet
Time and Location:1:30-3:30, du Pont
Quiz 2 Review Quiz 2 Review 2 Notes		 dec 15
Thursday Dec 17 Quiz 2

Quiz 2: Emphasis on lectures 11-20 and lab 4
Reference: Past quizzes, solutions
Materials: Open laptop, no Internet
Time and Location:1:30-3:30, du Pont
Quiz 2 Review Quiz 2 Review 2 Notes		 dec 16
Thursday Dec 17 Quiz 2

Quiz 2: Emphasis on lectures 11-20 and lab 4
Reference: Past quizzes, solutions
Materials: Open laptop, no Internet
Time and Location:1:30-3:30, du Pont
Quiz 2 Review Quiz 2 Review 2 Notes		 dec 17
Thursday Dec 17 Quiz 2

Quiz 2: Emphasis on lectures 11-20 and lab 4
Reference: Past quizzes, solutions
Materials: Open laptop, no Internet
Time and Location:1:30-3:30, du Pont
Quiz 2 Review Quiz 2 Review 2 Notes		 dec 18
Thursday Dec 17 Quiz 2

Quiz 2: Emphasis on lectures 11-20 and lab 4
Reference: Past quizzes, solutions
Materials: Open laptop, no Internet
Time and Location:1:30-3:30, du Pont
Quiz 2 Review Quiz 2 Review 2 Notes

Questions or comments regarding 6.858? Send e-mail to the course staff at 6858-staff@lists.csail.mit.edu.

Top // 6.858 home // Last updated Wednesday, 20-Mar-2019 21:21:32 EDT