Course Schedule

A (tentative) schedule for the semester:

Week	Date	Topic	Readings	Assignments
1	08/26	Logistics, Security Mindset and Software Security Basics (Permission, Set-UID, and Environment Variables)	Chapter 1 & 2 of SEED book	HW1: Readiness Exercise (Due: 09/03)
2	09/02	Software Security: Control Flow Hijacking; Write Shellcode	Chapter 4 of SEED | Chapter 10 of CSPP	HW2: Set-UID and Environment Variables (Due: 09/13)
3	09/09	Software Security: Code Reuse Attacks and ROP	Chapter 5 of SEED	HW3: Buffer Overflow (Code Injection) Attack [optional] (Due: 11/30)
4	09/16	Software Security: Control-Flow Integrity, Stack Canaries, and ASLR		HW4: Code Reuse Attack (ret2libc) (Due: 09/27)
5	09/23	Software Security: Vulnerability Discovery (Fuzzing and Symbolic Execution)		Final Project Proposal (Due: 10/08)
6	09/30	Software Security: Format String Vulnerabilities, Reverse Shell	Chapter 6 & 9 of SEED	HW5: Format-String Vulnerability (Due: 10/17)
7	10/07	Software Security: Integer Overflows; Midterm Review.		Final Project Checkpoint (Due: 11/08)
8	10/14	Software Security: Heap Exploits; Midterm Exam (Oct 15).		Memory safety: The past and the future [optional] (Due: 10/27)
9	10/21	Software Security: Malware; Crypto: Crypto Basics, Hash Function, Symmetric-Key Encryption.		HW6 (part 1): Secret-Key Encryption (Tasks 1-4) (Due: 11/12)
10	10/28	Crypto: Encryption Mode, Padding, Diffie-Hellman Key Exchange, Public-Key Encryption.		HW6 (part 2): RSA (Tasks 1-5) (Due: 11/15)
11	11/04	Crypto: RSA, Public-Key Infrastructure, CA, Digital Certificate (X.509).		HW7: Public-Key Infrastructure, CA [optional] (Due: 11/30)
12	11/11	Systems Security: Authentication, Password and Access Control; OS Security; Side-Channels, CPU Vulnerabilities.
13	11/18	Network Security: IDS, Firewalls, IPSec, TCP/UDP layer security, TLS.
14	11/25	Special Topics
15	12/02	Final Project Presentation