Spring 2018

The schedule will change as the course progresses, in part based on student interests. If you are particularly interested in some topic not covered here, send mail to the course staff.

The year of publication for class readings are shown in parentheses.

MondayTuesday WednesdayThursday Friday
feb 5
Reg day
feb 6
First day of classes
feb 7
LEC 1 (nz): Introduction, threat models (2014 video)
Assigned: Lab 1: Buffer overflows
feb 8 feb 9
feb 12
LEC 2 (nz): Security architecture
Preparation: Read Google Infrastructure Security (2017) and optionally other details (2018) (Question)
feb 13 feb 14
LEC 3 (fk): User authentication (2014 video)
Preparation: Read Mandatory password changes (2016) and U2F (2017) (Question)
feb 15 feb 16
DUE: Lab 1 parts 1+2
feb 19
Presidents Day
feb 20
LEC 4 (fk): Buffer overflow defenses (2014 video)
Preparation: Read Baggy bounds checking (2009) + errata (Question)
Monday schedule
feb 21
LEC 5 (nz): Privilege separation (2014 video)
Preparation: Read OKWS (2004) but skip section 7 (Question)
Assigned: Lab 2: Privilege separation
feb 22 feb 23
DUE: Lab 1 all parts
feb 26
LEC 6 (nz): OS security (2014 video)
Preparation: Read Capsicum (2010) (Question)
feb 27 feb 28
LEC 7 (fk): Software fault isolation (2014 video)
Preparation: Read Native Client (2009) (Question)
mar 1 mar 2
DUE: Lab 2 part 1
mar 5
LEC 8 (guest): Paul Youn from Airbnb (2014 video)
mar 6 mar 7
LEC 9 (fk): Intel SGX
Preparation: Read Innovative instructions (2013) up to section 3.2 + Haven (2014) up to but not including section 6; optional SGX details (2016), section 5 (Question)
mar 8 mar 9
DUE: Lab 2 parts 2+3
ADD DATE
mar 12
LEC 10 (nz): Client device security
Preparation: Read iOS Security (2018), pages 1-25 (Question)
mar 13 mar 14
LEC 11 (nz): Android security (2014 video)
Preparation: Read Understanding Android Security (2009) + errata (Question)
Assigned: Lab 3: Symbolic execution
mar 15 mar 16
DUE: Lab 2 all parts
mar 19
LEC 12 (fk): Symbolic execution (2014 video)
Preparation: Read EXE: Automatically generating inputs of death (2006) (Question)
Assigned: Lab 5: Final project
Quiz review; notes on Baggy Bounds and buffer overflows
mar 20 mar 21
Quiz 1: Covers lectures 1-11 and labs 1-2
Reference: Past quizzes, solutions
Materials: Open laptop, no Internet
Location: Walker, 50-340
mar 22 mar 23
DUE: Final project proposal (if you are not doing the default project)
mar 26
Spring Vacation
mar 27
Spring Vacation
mar 28
Spring Vacation
mar 29
Spring Vacation
mar 30
Spring Vacation
apr 2
LEC 13 (nz): Web security model (2014 video)
Preparation: Read The Tangled Web (2012), Chapters 9-11 (Question)
apr 3 apr 4
REC 1: Web security (2014 video)
Preparation: Read The Tangled Web (2012), Chapters 12-13 and OWASP top 10 (2017)
apr 5 apr 6
DUE: Lab 3 part 1
apr 9
LEC 14 (fk): Network security (2014 video)
Preparation: Read Security Problems in TCP/IP (2004) (Question)
apr 10 apr 11
LEC 15 (fk): Secure channels (2014 video)
Preparation: Read Analysis of SSL 3.0 (1996) (Question)
Assigned: Lab 4: Browser security
apr 12 apr 13
DUE: Lab 3 all parts
apr 16
Patriots Day
apr 17
Patriots Day
apr 18
LEC 16 (fk): Certificates (2014 video)
Preparation: Read SSL and HTTPS (2013) (Question)
apr 19 apr 20
DUE: Lab 4 part 1 and 2
apr 23
LEC 17 (fk): CPU timing attacks (2014 video)
Preparation: Read Spectre (2018) (Question)
apr 24 apr 25
LEC 18 (nz): Security economics (2014 video)
Preparation: Read Click Trajectories (2011) (Question)
apr 26
DROP DATE
apr 27
DUE: Lab 4 all parts
apr 30
LEC 19 (guest): Tim Leek, MIT Lincoln Lab
Preparation: Read LAVA (2016) (Question)
may 1 may 2
LEC 20 (guest): Nick Mathewson, Anonymous communication (2014 video)
Preparation: Read Tor (2004) and blog posts 1, 2, and 3 (2012) (Question)
may 3 may 4
may 7
LEC 21 (nz): Bitcoin
Preparation: Read Bitcoin challenges (2015) (Question)
may 8 may 9
LEC 22 (dl): Email/messaging security
Preparation: Read Secure messaging (2015) (or extended version) (Question)
may 10 may 11
DUE: Final project writeup and code
may 14
LEC 23 (guest): Mark Silis and Jessica Murray, MIT IS&T (2014 video)
may 15 may 16
LEC 24 (students): Project presentations (2014 video)
DUE: Final project presentation
may 17
Last day of classes
may 18
Final exam review
Time: 7PM
Location: 32-141
may 21
Final exam: Emphasis on lectures 12-24 and labs 3-4
Reference: Past quizzes, solutions
Materials: Open laptop, no Internet
Time and Location: 9am-11am, Ice Rink
may 22 may 23 may 24 may 25

Questions or comments regarding 6.858? Send e-mail to the course staff at 6858-staff@lists.csail.mit.edu.

Top // 6.858 home // Last updated Thursday, 17-May-2018 21:25:24 EDT