Computer Security
Home

Details

Schedule

Project

References

Schedule

Tentative schedule, and subject to change at any time.

Time Topic Lectures & Readings Assignment
March 11 Overview
Lecture: Overview

Lab 1: Software setup

The pre-built VM we'll be using (Ubuntu 16.04 32bit)
can be downloaded from here or here.
Software Security
March 18 Set-UID Lecture: Set-UID

Prepare: read chap. 1
Homework: Question 		Lab 2: Set-UID and EVA
March 25 Environment Variables and Attacks Lecture: EVA

Prepare: read chap. 2
Homework: Question 		 
April 1 Shellshock Attack Lecture: Shellshock;
Reverse shell

Prepare: read chap. 3
Homework: Question 		Lab 3: Shellshock
April 8 Buffer Overflow Attack Lecture: Buffer overflow

Prepare: read chap. 4
Homework: Question 		Lab 4: Buffer overflow
Lab 5: Shellcode (optional)
April 15 Return-to-libc Attack and ROP Lecture: Return-to-libc

Prepare: read chap. 5
Homework: Question 		Lab 6: Return-to-libc
April 22 Deep learning security:
project proposal
Groups

  
April 29 Format String Vulnerability Lecture: Format String

Prepare: read chap. 6
Homework: Question 		Lab 7: Format string
May 6 Race Condition Vulnerability;
Dirty COW 		Lecture: Race Condition;
Dirty COW

Prepare: read chap. 7 and 8
Homework: Question;
Question 		Lab 8: Race condition;
Lab 9: Dirty COW (optional)
May 13 No class
Recruiting week, good luck!

  
Web Security
May 20 Same-origin Policy Lecture: Same-origin Policy

Prepare: read the official wiki and
the browser security
Homework: Question 		  
May 28 Cross-Site Request Forgery Attack Lecture: CSRF

Prepare: read chap. 9
Homework: Question 		Lab 10: CSRF
June 4 Cross-Site Scripting Attack Lecture: XSS

Prepare: read chap. 10
Homework: Question 		Lab 11: XSS
June 11 SQL Injection Attack Lecture: SQL Injection

Prepare: read chap. 11
Homework: Question 		Lab 12: SQL Injection
Network Security
June 18 Packet Sniffing & Spoofing Lecture: Packet Sniffing & Spoofing;
ARP cache poisoning

Prepare: read chap. 12
Homework: Question 		Lab 13: Packet Sniffing & Spoofing
Lab 14: ARP cache poisoning attack
June 25 Deep learning security project:
final presentation
Groups

  
July 2 Attacks on the TCP Protocol Lecture: TCP Protocol

Prepare: read chap. 13
Homework: Question 		Lab 15: TCP Protocol Attack
July 9 DNS Lecture: Attack on DNS

Prepare: read chap. 15
Homework: Question 		Lab 16: Attack on DNS
July 16 Virtual Private Network Lecture: VPN

Prepare: read chap. 16
Homework: Question 		Lab 17: VPN
July 21 Final exam
9:30--11:30am;
open book, open notes;
no electronic devices;

Good luck!