CSCI 4250/6250 - Computer and Network SecurityFall 2011 |
| This is
the course calendar for the Fall 2011 semester. Please notice that the
schedule is not definitive and will be updated as the course
progresses.
Students are responsible for visiting this page often to stay informed
on
the latest reading assignments and other information. Of course, I will
also inform you of significant changes during the lectures, but this
page is the one place you should refer to for all the details. |
| Date |
Topic |
Lecture |
Assignments |
| 8/15 |
Syllabus Introduction |
CSCI-x250 Syllabus [slides] |
Assignment
0.1 |
| 8/16 |
Introduction |
Chapter 1 (Goodrich) | Assignment 0.2 |
| 8/18 |
Introduction |
Chapter 1 (Goodrich) | |
| 8/22 |
Introduction |
Chapter
1 (Goodrich) [slides] |
|
| 8/23 |
Crypto
concepts, Stream Cyphers |
Chapter
8 (Goodrich), Chapter 2-6 (Kaufman) |
|
| 8/25 |
Block
Cyphers, DES |
Chapter 8 (Goodrich), Chapter 2-6 (Kaufman) | Assignment 1 (deadline:
9/8/2011 11:59pm) |
| 8/29 |
Block
Cyphers, CBC |
Chapter 8 (Goodrich), Chapter 2-6 (Kaufman) [slides] | |
| 8/30 |
Public
Key Crypto, RSA |
Chapter 8 (Goodrich), Chapter 2-6 (Kaufman) | |
| 9/1 |
Diffie-Hellman MACs |
Chapter 8 (Goodrich), Chapter 2-6 (Kaufman) [slides] | Assignment 2 (deadline:
9/15/2011 11:59pm) |
| 9/5 |
Labor Day Holiday |
||
| 9/6 |
Digital
Signatures, Email Security |
Chapter 8, 10.2 (Goodrich), Chapter 19-22 (Kaufman) | Paper Assignments for Grad Students
(choose by 9/9/2011) |
| 9/8 |
SSL,
IPSec |
Chapter
17-19 (Kaufman) |
|
| 9/12 |
IPSec,
IKE |
Chapter 17-18 (Kaufman) | Assignment 3 (deadline: 9/23 11:59pm) |
| 9/13 |
IKE, Kerberos |
Chapter
17-18, 13 (Kaufman) Chapter 9.6 (Goodrich) |
|
| 9/15 |
Kerberos, PAKE |
Chapter
17-18, 13 (Kaufman) [slides] Chapter 9.6 (Goodrich) Is it too late for PAKE? |
|
| 9/19 |
CA Trust Issues |
Discussion What is we cannot trust the CAs? Pros and Cons of possible solutions... |
|
| 9/20 |
CA Trust Issues |
Discussion What is we cannot trust the CAs? Pros and Cons of possible solutions... |
|
| 9/22 |
Anonymity |
Dingledine, R. and Mathewson, N. and Syverson, P. Tor: The second-generation onion router USENIX Security Symposium, 2004 PRESENTER: Jordan Marchetto |
|
| 9/26 |
Group Projects Summary |
Group Projects Assignments (choose by 10/3/2011) |
|
| 9/27 |
Phishing | Phishing Attacks and Countermeasures |
|
| 9/29 |
WEP Weaknesses |
A. Bittau, M. Handley and J. Lackey. The Final Nail in WEP's Coffin. Proceedings of the IEEE Symposium on Security and Privacy, 2006 PRESENTER: Babak Rahbarinia |
|
| 10/3 |
Midterm Program Review |
||
| 10/4 |
Phishing |
Phishing Attacks and Countermeasures [slides] Chapter 7 (Goodrich) |
|
| 10/6 |
Midterm Exam |
||
| 10/10 |
Web Security |
Chapter 7 (Goodrich), Chapter 25 (Kaufman) |
Assignment 4 (deadline 10/20/2011 11:59pm) |
| 10/11 |
Web Security | Chapter 7 (Goodrich), Chapter 25 (Kaufman) | |
| 10/13 |
Physical Security |
J. A. Halderman, S. D. Schoen, N. Heninger, W. Clarkson, W. Paul,
J. A. Calandrino, A. J. Feldman, E. W. Felten. Lest We Remember: Cold Boot Attacks on Encryption Keys USENIX Security Symposium 2008 PRESENTER: Jordan Marchetto |
|
| 10/17 |
Web Security |
Chapter 7 (Goodrich), Chapter 25 (Kaufman) | |
| 10/18 |
Aleph One Smashing the Stack for Fun and Profit (Presentation + Demo) PRESENTER: Kevin Jonathan Warrick |
||
| 10/20 |
DLL Injection Attacks (Presentation + Demo) PRESENTER: Robert Lee Harrison |
||
| 10/24 |
CSRF, XSS |
Chapter 7 (Goodrich), Chapter 25 (Kaufman) | |
| 10/25 |
CSRF, XSS |
Chapter 7 (Goodrich), Chapter 25 (Kaufman) | |
| 10/27 |
Barth, A. and Jackson, C. and Reis, C. and Team, TGC The Security Architecture of the Chromium Browser Proceedings of WWW 2009 PRESENTER: Phani Vadrevu |
||
| 10/31 |
SQL injections, Server-Side Vulnerabilities | Chapter 7 (Goodrich), Chapter 25 (Kaufman) [slides] | Assignment 5 (deadline 11/15/2011, 11:59pm) |
| 11/1 |
OS Security, TCB |
Chapter 3 (Goodrich) | |
| 11/3 |
Juan Caballero, Chris Grier, Christian Kreibich, and Vern Paxson Measuring Pay-per-Install: The Commoditization of Malware Distribution USENIX Security Symposium 2008 PRESENTER: Robert Lee Harrison |
||
| 11/7 |
OS Sec, Multics |
Brief intro to the security features of the Multics OS |
|
| 11/8 |
UNIX, Win Sec |
Security features of UNIX and Windows systems [slides] |
|
| 11/10 |
Adam Barth and Collin Jackson and John C. Mitchell Robust Defenses for Cross-Site Request Forgery 15th ACM Conference on Computer and Communications Security (CCS 2008) PRESENTER: Phani Vadrevu |
||
| 11/14 |
Network Security (ARP, ICMP, IP) |
Chapter 5 (Goodrich) [slides] | |
| 11/15 |
Network Security (TCP, DNS) |
Chapter 5-6 (Goodrich) [slides] | |
| 11/17 |
A. Moser, C. Kruegel, and E. Kirda. Exploring Multiple Execution Paths for Malware Analysis IEEE Symposium on Security and Privacy, 2007 PRESENTER: Kevin Jonathan Warrick |
||
| 11/21-11/25 |
Thanksgiving Holiday |
||
| 11/28 |
Malware |
Chapter 4 (Goodrich) | |
| 11/29 |
Malware |
Chapter 4 (Goodrich) [slides] | |
| 12/1 |
Y. Zhao, Y. Xie, F. Yu, Q. Ke, Y. Yu, Yuan, Y. Chen, E. Gillum.
BotGraph: large scale spamming botnet detection NSDI'09: Proceedings of the 6th USENIX symposium on Networked systems design and implementation. PRESENTER: Babak Rahbarinia |
||
| 12/5 |
Final Program Review |
||
| 12/8 3:30-6:30pm |
Final Exam (Room: CHEMISTRY 455) |