Spring 2012: Network Security and Privacy (53135)

Lectures

Tue and Thu: 2-3:15pm
BUR 130

Instructor

Vitaly Shmatikov
Email: shmat AT cs
Office: CSA 1.114
Phone: 471-9530
Office hours: Tue 3:30-4:30pm

TA

Jimmy Yang
Email: jyang AT cs
Office: PAI 5.38, desk #5
Office hours: Wed 2-4pm

Updated May 12

Schedule

Date	Topic	Reading and assignments	Notes
Jan 17	Course logistics and introduction	Read Kaufman 1.5 Start reading Smashing the stack for fun and profit	[ppt] [pdf]
Jan 19	Learning secrets from procfs - guest lecture by Suman Jana
Jan 24	Passwords, security questions, challenge-response	Read Kaufman 9.1-2, 10, 11.1-2, and 12.2	[ppt] [pdf]
Jan 26	Bypassing antivirus scanners - guest lecture by Suman Jana
Jan 31	Cryptographic hash functions	Read Kaufman 5.1-2 and 5.6-7	[ppt] [pdf]
Feb 2	Biometrics		[ppt] [pdf]
Feb 7	Phishing		[ppt] [pdf]
Feb 9	Cookies and Web session management	Read Kaufman 25 and Dos and don'ts of client authentication	[ppt] [pdf]
Feb 14	JavaScript and same origin policy		[ppt] [pdf]
Feb 16	Clickjacking and cross-site request forgery	Homework 1 due Read Next generation clickjacking and Cross-site request forgeries: exploitation and prevention	[ppt] [pdf]
Feb 21	SQL injection and cross-site scripting	Read Advanced SQL injection and Cross site scripting explained	see above
Feb 23	Symmetric encryption	Read Kaufman 2.1-4 and 4.2	[ppt] [pdf]
Feb 28	Kerberos	Read Kaufman 13 and 14, and Designing an authentication system	[ppt] [pdf]
Mar 1	Stream ciphers Attacks on 802.11b/WEP, CSS, MIFARE		[ppt] [pdf]
Mar 6	Attacks on TCP/IP, DNS, BGP Denial of service	Project 1 due Read SYN cookies, IP spoofing demystified, It's the end of the cache as we know it	[ppt] [pdf]
Mar 8	Midterm
Mar 20	Memory corruption attacks	Read Smashing the stack, Once upon a free(), and Exploiting format string vulnerabilities	[ppt] [pdf]
Mar 22	Defenses against memory attacks		see above
Mar 27	Viruses and rootkits	Project 2 (part 1) due	[ppt] [pdf]
Mar 29	Worms and botnets		[ppt] [pdf]
Apr 3	Stuxnet		[ppt] [pdf]
Apr 5	Spam	Project 2 (part 2) due	[ppt] [pdf]
Apr 10	Firewalls and intrusion detection	Read Kaufman 23	[ppt] [pdf]
Apr 12	Public-key cryptography	Read Kaufman 6.1-6	[ppt] [pdf]
Apr 17	How things goes wrong in SSL certificate verification - guest lecture by Martin Georgiev and Suman Jana
Apr 19	No class
Apr 24	SSL	Homework 2 due Read Kaufman 19	[ppt] [pdf]
Apr 26	PKI and certificates	Read Kaufman 15.1-7	[ppt] [pdf]
May 1	IPsec and IKE	Read Kaufman 17 and 18	[ppt] [pdf]
May 3	Side-channel attacks: acoustics and reflections	Homework 3 due	[ppt] [pdf]
May 12 (Sat)	Final