| # | Date | Topic | Speaker | Textbook |
|---|---|---|---|---|
| 1 | Thu 8/20 | Introduction, Syllabus, Course Overview | Carter | Chapter 0 |
| 2 | Tue 8/25 | Computer Security Overview, Standards and Standard-Setting Organizations | Carter | Chapter 1 Appendix C |
| 3 | Thu 8/27 | Computer Networking Overview: TCP/IP Protocol Architecture and the Domain Name System | Carter | Appendix F Appendix I |
| 4 | Tue 9/1 | Cryptographic Tools: Symmetric Encryption and Message Confidentiality | Carter | Chapter 2 Chapter 20 DES DES Calculator |
| 5 | Thu 9/3 | Cryptographic Tools: Symmetric Encryption and Message Confidentiality | Carter | Chapter 2 Chapter 20 |
| 6 | Tue 9/8 | Cryptographic Tools: Public-Key Cryptography and Message Authentication, SHA-3 | Carter | Chapter 2 Chapter 21 Appendix K |
| 7 | Thu 9/10 | Cryptographic Tools: Public-Key Cryptography and Message Authentication | Carter | Chapter 2 Chapter 21 |
| 8 | Tue 9/15 | Cryptographic Tools: Public-Key Cryptography and Message Authentication | Carter | Chapter 2 Chapter 21 |
| 9 | Thu 9/17 | User Authentication | Carter | Chapter 3 |
| 10 | Tue 9/22 | Exam #1 | ||
| 11 | Thu 9/24 | Access Control | Bletsch | Chapter 4 |
| 12 | Tue 9/29 | Database and Cloud Security | Bletsch | Chapter 5 |
| 13 | Thu 10/1 | Malicious Software | Bletsch | Chapter 6 |
| 14 | Tue 10/6 | Malicious Software II: Stuxnet, Malicious hardware, Rootkits, Windows tracing tools demo | Bletsch | Chapter 6 Stuxnet analysis Adore-ng rootkit demo jellyfish: A gpu rootkit! |
| Thu 10/8 | Fall break | |||
| 15 | Tue 10/13 | Denial-of-Service Attacks | Bletsch | Chapter 7 |
| 16 | Thu 10/15 | Intrusion Detection | Bletsch | Chapter 8 Appendix J |
| 17 | Tue 10/20 | Firewalls and Intrusion Prevention Systems | Bletsch | Chapter 9 |
| 18 | Thu 10/22 | Buffer Overflows | Bletsch | Chapter 10 |
| 19 | Tue 10/27 | Software Security | Bletsch | Chapter 11 |
| 20 | Thu 10/29 | Exam #2 | ||
| 21 | Tue 11/3 | Operating Systems Security | Bletsch | Chapter 12 |
| 22 | Thu 11/5 | Internet Security Protocols and Standards, Internet Authentication Applications | Carter | Chapter 22 Chapter 23 |
| 23 | Tue 11/10 | Wireless Network Security | Carter | Chapter 24 |
| 24 | Thu 11/12 | Legal and Ethical Aspects, Security Auditing and Forensics | Tim Gurganus | Chapter 19 Chapter 18 |
| 25 | Tue 11/17 | Mobile Security | Tim Gurganus | - |
| 26 | Thu 11/19 | Reverse engineering | Bletsch | - |
| 27 | Tue 11/24 | Course Review / Final Exam Review | Bletsch/Carter | |
| Thu 11/26 | Thanksgiving holiday | |||
| 28 | Tue 12/1 | Human factors and social engineering | Bletsch | Poorly-spelled 1990s textfiles: social.txt, soceng.txt |
| 29 | Thu 12/3 |
Show and Tell Day
John Boezeman: Error-message based SQL injection database slurping
John Boezeman: HW3 self-grader crack (live script modification) Nicholas Shelton: Automatic SQL injection database slurper Isaac Musick: HW3 self-grader crack (report-as-binary attack) Isaac Musick: Software-defined radio Nathan Shirley: Steganography (pptx version; code) | Students | |
| Tue 12/8 | (6pm) Final exam |