Classroom: IRB 0318 Class hours: Tuesday and Thursday, 3:30pm - 4:45pm
Instructor: Yizheng Chen Email: yzchen@umd.edu Office Hours: Tuesday 2:15pm - 3:15pm, in IRB 5224
TA: Julius Angelo Email: jangelo9103@gmail.com Office Hours: Monday 1pm - 3pm, AVW 4132
TA: Maurice Shih Email: maurices@umd.edu Office Hours: Wednesday 9am - 11am, online
TA: Benjamin Sela Email: benjsela@umd.edu Office Hours: Thursday 9am - 11am, online
TA: Nathan Reitinger Email: nlr@umd.edu Office Hours: Friday 2pm - 4pm, online
| Date | Lecture | Slides | Project and Notes |
|---|---|---|---|
| Jan 25 | Introduction | 01-Intro.pdf | Software Security |
| Jan 30 | Memory Layout and Buffer Overflows | 02-Buffer-Overflows.pdf | Project 1 Released |
| Feb 1 | Memory Safety Vulnerabilities | 03-Memory-Safety-Vulnerabilities.pdf | |
| Feb 6 | Mitigating Memory Safety Vulnerabilities | 04-Mitigating-Memory-Safety-Vulnerabilities.pdf | |
| Feb 8 | Mitigations and Project Tutorial | 05-Mitigations-and-Project-Tutorial.pdf | |
| Feb 13 | Introduction to Web and SQL Injection | 06-Intro-Web-SQL-Injection.pdf | |
| Feb 15 | Cookies and CSRF | 07-Cookies-CSRF.pdf | |
| Feb 20 | JavaScript, Same Origin Policy, XSS | 08-JS-XSS.pdf | Project 1 Due. Project 2 Released |
| Feb 22 | UI Attacks, CAPTCHAS, Security Principles | 09-UI-Attacks-CAPTCHAS-Security-Principles.pdf | |
| Feb 27 | Malware | 10-Malware.pdf | |
| Feb 29 | ML Security | 11-MLSecurity.pdf | |
| Mar 5 | Program Analysis for Security | 12-Program-Analysis-for-Security.pdf | |
| Mar 7 | Midterm 1 Recap | 13-Midterm-Review.pdf | Project 2 Due on Mar 8 |
| Mar 12 | Midterm 1 | Covers Jan 25 - Mar 7 lectures | Cryptography |
| Mar 14 | Intro to Cryptography | 14-Intro-to-Cryptography.pdf | Project 3 Released |
| Mar 19 | Spring Break | ||
| Mar 21 | Spring Break | ||
| Mar 26 | One-Time Pads and Block Ciphers | 15-One-Time-Pad-Block-Ciphers.pdf | |
| Mar 28 | Block Cipher Chaining Modes & Cryptographic Hashes | 16-Block-Cipher-Chaining-Modes-contd-Cryptographic-Hashes.pdf | |
| April 2 | MACs, PRNGs and Diffie-Hellman Key Exchange | 17-MACs-PRNGs-Diffie-Hellman-Key-Exchange.pdf | |
| April 4 | Public-Key Cryptography, Certificates, Passwords | 18-Public-Key-Crypto-Certificates-Passwords.pdf | |
| April 9 | How Crypto Fails in Practice | 19-How-Crypto-Fails-in-Practice.pdf | |
| April 11 | Midterm 2 Recap | 20-Midterm-2-Recap.pdf | Project 3 Due, Project 4 Released |
| April 16 | Midterm 2 | Covers Mar 14 to April 11 lectures | Network Security |
| April 18 | Networking Background | 21-Intro-to-Networking.pdf | |
| April 23 | Low-Level Network Attacks | 22-Low-Level-Network-Attacks.pdf | |
| April 25 | Transport Layer, TCP, UDP | 23-Transport-Layer-TCP-UDP.pdf | |
| April 30 | DNS and DNSSEC | 24-DNS-DNSSEC.pdf | |
| May 2 | Denial of Service and Firewalls | 25-Denial-of-Service-and-Firewalls.pdf | |
| May 7 | Underground Economies | 26-Underground-Economies.pdf | Project 4 Due |
| May 9 | Final Review | ||
| May 14 | Final Exam | Covers the entire semester. 4-6pm, at EGR 1202 |