This schedule is tentative. It is likely to change as the weeks go on.
| Topics | Reading (to be completed before class) |
HW | Notes | |
|---|---|---|---|---|
| Week 1 | ||||
| Mon 01/25 | Lab 0 released | |||
| Tue 01/26 | Introduction, Networking I (pictures) (notes) | Lab 1 released (1/27) | ||
| Thu 01/28 | Networking II (notes) (handout) | Background: Chapter 7 in Principles of Computer System Design | ||
| Fri 01/29 | Lab 0 due, 7:00 PM | |||
| Week 2 | ||||
| Tue 02/02 | Networking III (notes) | Background: TCP/IP Illustrated, Ch 1–10 | HW1 | |
| Wed 02/03 | Lab 1a due, 10:00 PM | |||
| Thu 02/04 | No class HW1 due 5:00 PM |
Do HW1 | ||
| Week 3 | ||||
| Tue 02/09 | Buffer overflow I (notes) (handout) | read Smashing the Stack for Fun and Profit question errata |
Lab 2 released | |
| Wed 02/10 | Lab 1b due, 10:00 PM | |||
| Thu 02/11 | Buffer overfow II (notes) | Read Advice on how to read a paper | ||
| Fri 02/12 | Buffer overflow III (12:30-1:45 PM, CIWW 101) (notes) | read Hacking Blind, Proc. IEEE S&P 2014 question |
||
| Week 4 | ||||
| Tue 02/16 | User authentication (notes) | read The Quest to Replace Passwords: A Framework for Comparative Evaluation of Web Authentication Schemes, Proc. IEEE S&P 2012 question |
||
| Wed 02/17 | Lab 2a due, 10:00 PM | |||
| Thu 02/18 | User authentication (contd), Privilege separation I (notes) | none | ||
| Week 5 | ||||
| Tue 02/23 | Privilege separation II (notes) | read Building Secure High-Performance Web Services with OKWS, Proc. Usenix Techncal 2004 question |
HW2 | Lab 3 released |
| Wed 02/24 | Lab 2b due, 10:00 PM | |||
| Thu 02/25 | No class HW2 due 5:00 PM |
|||
| Week 6 | ||||
| Tue 03/01 | Privilege separation III (notes) | read The Confused Deputy | ||
| Wed 03/02 | Lab 3a due, 10:00 PM | |||
| Thu 03/03 | Sandboxing (notes) | read Efficient Software-Based Fault Isolation, Proc. SOSP 1993 question optional: Native Client (Web site) |
||
| Week 7 | ||||
| Sun 03/06 | Midterm review session (notes) | |||
| Tue 03/08 | Midterm | |||
| Thu 03/10 | Capabilities (notes) | read Capsicum: practical capabilities for UNIX, Proc. Usenix Security 2010 No question (but the paper is required) |
||
| Fri 03/11 | Lab 3b due, 8:00 PM | |||
| Spring break | ||||
| Tue 03/15 | No class | |||
| Thu 03/17 | No class | |||
| Week 8 | ||||
| Tue 03/22 | Symbolic execution I (notes) | read EXE: Automatically Generating Inputs of Death, Proc. CCS 2006 question |
||
| Thu 03/24 | Symbolic execution II (notes) | none. we will continue our discussion of EXE | ||
| Fri 03/25 | Lab 3c due, 9:00 PM | |||
| Week 9 | ||||
| Mon 03/28 | Lab 4 released | |||
| Tue 03/29 | Untrusted OSes I (notes) | read until section 3.2 of Using Innovative Instructions to Create Trustworthy Software Solutions, Proc. HASP 2013 read until section 6 of Shielding Applications from an Untrusted Cloud with Haven, Proc. OSDI 2014 question |
||
| Thu 03/31 | Untrusted OSes II, Public key crypto I (notes) | |||
| Fri 04/01 | Public key crypto II, Web security I (12:30-1:45 PM, CIWW 101) (notes) | |||
| Week 10 | ||||
| Tue 04/05 | Web security II (notes) | read Chapters 9-10 of The Tangled Web: A Guide to Securing Modern Web Applications, by Michal Zalewski. Options for access:
|
||
| Wed 04/06 | Lab 4a due, 9:00 PM | |||
| Thu 04/07 | Web security III (notes) | read Chapters 11-12 of The Tangled Web: A Guide to Securing Modern Web Applications, by Michal Zalewski. | The OWASP Top 10 neatly summarizes vulnerabilities and best practices | |
| Week 11 | ||||
| Tue 04/12 | Distributed systems I (notes) | read MapReduce: Simplified Data Processing on Large Clusters, Proc. OSDI 2004 question |
HW3 | |
| Thu 04/14 | Distributed systems II |
read Flat Datacenter Storage, Proc. OSDI 2012 | ||
| Fri 04/15 | Lab 4b due, 8:00 PM | Lab 5 released | ||
| Week 12 | ||||
| Mon 04/18 | HW3 due 3:00 PM | |||
| Tue 04/19 | Distributed systems III, Peer-to-peer systems I (notes) | Come prepared to discuss FDS Optional: Chord: A Scalable Peer-to-peer Lookup Service for Internet Applications, Proc. SIGCOMM 2001 Optional: Using Lightweight Modeling To Understand Chord, CCR 2012 Optional: Trackerless BitTorrent |
||
| Thu 04/21 | Peer-to-peer systems II, Concurrency I (notes) (handout) | read Non-scalable locks are dangerous, Proc. Ottawa Linux Symposium, 2012 question |
||
| Fri 04/22 | Lab 5a due, 8:00 PM | |||
| Week 13 | ||||
| Tue 04/26 | Concurrency II, Network security I (notes) | Study last week's handout, and come prepared to finish discussing the non-scalable locks paper Read Secure File Nets, Proc. SOSP 2003 Background on concurrency: Chapters 26-30, 32-33 of OSTEP |
||
| Thu 04/28 | Network security II (notes) | read ForceHTTPS, Proc. WWW 2008 question |
||
| Week 14 | ||||
| Tue 05/03 | Network security III (notes) | none. come prepared to discuss ForceHTTPS | ||
| Wed 05/04 | Lab 5b due, 9:00 PM | |||
| Thu 05/05 | Anon. communication, privacy, wrap-up (notes) | read The Moral Character of Cryptographic Work, by Phil Rogaway, 2015 question |
||
| Exam week | ||||
| Tue 05/10 | Final exam review, 8:00 PM--9:30 PM, WWH 312 (notes) | |||
| Thu 05/12 | Final exam, 4:00 PM--5:50 PM, CIWW 312 | |||
Last updated: 2016-05-19 23:37:36 -0400 [validate xhtml]