feb 5
Reg day |
feb 6
First day of classes |
feb 7
LEC 1 (nz): Introduction, threat models (2014 video)
Assigned: Lab 1: Buffer overflows |
feb 8 |
feb 9 |
feb 12
LEC 2 (nz): Security architecture
Preparation: Read Google Infrastructure Security (2017) and optionally other details (2018) (Question) |
feb 13 |
feb 14
LEC 3 (fk): User authentication (2014 video)
Preparation: Read Mandatory password changes (2016) and U2F (2017) (Question) |
feb 15 |
feb 16
DUE: Lab 1 parts 1+2 |
feb 19
Presidents Day |
feb 20
LEC 4 (fk): Buffer overflow defenses (2014 video)
Preparation: Read Baggy bounds checking (2009) + errata (Question)
Monday schedule |
feb 21
LEC 5 (nz): Privilege separation (2014 video)
Preparation: Read OKWS (2004) but skip section 7 (Question)
Assigned: Lab 2: Privilege separation |
feb 22 |
feb 23
DUE: Lab 1 all parts |
feb 26
LEC 6 (nz): OS security (2014 video)
Preparation: Read Capsicum (2010) (Question) |
feb 27 |
feb 28
LEC 7 (fk): Software fault isolation (2014 video)
Preparation: Read Native Client (2009) (Question) |
mar 1 |
mar 2
DUE: Lab 2 part 1 |
mar 5
LEC 8 (guest): Paul Youn from Airbnb (2014 video) |
mar 6 |
mar 7
LEC 9 (fk): Intel SGX
Preparation: Read Innovative instructions (2013) up to section 3.2 + Haven (2014) up to but not including section 6; optional SGX details (2016), section 5 (Question) |
mar 8 |
mar 9
DUE: Lab 2 parts 2+3
ADD DATE |
mar 12
LEC 10 (nz): Client device security
Preparation: Read iOS Security (2018), pages 1-25 (Question) |
mar 13 |
mar 14
LEC 11 (nz): Android security (2014 video)
Preparation: Read Understanding Android Security (2009) + errata (Question)
Assigned: Lab 3: Symbolic execution |
mar 15 |
mar 16
DUE: Lab 2 all parts |
mar 19
LEC 12 (fk): Symbolic execution (2014 video)
Preparation: Read EXE: Automatically generating inputs of death (2006) (Question)
Assigned: Lab 5: Final project
Quiz review; notes on Baggy Bounds and buffer overflows |
mar 20 |
mar 21
Quiz 1: Covers lectures 1-11 and labs 1-2
Reference: Past quizzes, solutions
Materials: Open laptop, no Internet
Location: Walker, 50-340 |
mar 22 |
mar 23
DUE: Final project proposal (if you are not doing the default project) |
mar 26
Spring Vacation |
mar 27
Spring Vacation |
mar 28
Spring Vacation |
mar 29
Spring Vacation |
mar 30
Spring Vacation |
apr 2
LEC 13 (nz): Web security model (2014 video)
Preparation: Read The Tangled Web (2012), Chapters 9-11 (Question) |
apr 3 |
apr 4
REC 1: Web security (2014 video)
Preparation: Read The Tangled Web (2012), Chapters 12-13 and OWASP top 10 (2017) |
apr 5 |
apr 6
DUE: Lab 3 part 1 |
apr 9
LEC 14 (fk): Network security (2014 video)
Preparation: Read Security Problems in TCP/IP (2004) (Question) |
apr 10 |
apr 11
LEC 15 (fk): Secure channels (2014 video)
Preparation: Read Analysis of SSL 3.0 (1996) (Question)
Assigned: Lab 4: Browser security |
apr 12 |
apr 13
DUE: Lab 3 all parts |
apr 16
Patriots Day |
apr 17
Patriots Day |
apr 18
LEC 16 (fk): Certificates (2014 video)
Preparation: Read SSL and HTTPS (2013) (Question) |
apr 19 |
apr 20
DUE: Lab 4 part 1 and 2 |
apr 23
LEC 17 (fk): CPU timing attacks (2014 video)
Preparation: Read Spectre (2018) (Question) |
apr 24 |
apr 25
LEC 18 (nz): Security economics (2014 video)
Preparation: Read Click Trajectories (2011) (Question) |
apr 26
DROP DATE |
apr 27
DUE: Lab 4 all parts |
apr 30
LEC 19 (guest): Tim Leek, MIT Lincoln Lab
Preparation: Read LAVA (2016) (Question) |
may 1 |
may 2
LEC 20 (guest): Nick Mathewson, Anonymous communication (2014 video)
Preparation: Read Tor (2004) and blog posts 1, 2, and 3 (2012) (Question) |
may 3 |
may 4 |
may 7
LEC 21 (nz): Bitcoin
Preparation: Read Bitcoin challenges (2015) (Question) |
may 8 |
may 9
LEC 22 (dl): Email/messaging security
Preparation: Read Secure messaging (2015) (or extended version) (Question) |
may 10 |
may 11
DUE: Final project writeup and code |
may 14
LEC 23 (guest): Mark Silis and Jessica Murray, MIT IS&T (2014 video) |
may 15 |
may 16
LEC 24 (students): Project presentations (2014 video)
DUE: Final project presentation |
may 17
Last day of classes |
may 18
Final exam review
Time: 7PM
Location: 32-141 |
may 21
Final exam: Emphasis on lectures 12-24 and labs 3-4
Reference: Past quizzes, solutions
Materials: Open laptop, no Internet
Time and Location: 9am-11am, Ice Rink |
may 22 |
may 23 |
may 24 |
may 25 |
