CS165 Computer Security |
| Date | Class | Calendar | Reading |
| Apr 1, Mon | Introduction: Course Overview | ||
| Apr 3, Wed | Passwords | Project 1 out | Paul van Oorschot. Tools and Jewels: Chapter 3.1-3.3 Link Additional reading: Link |
| Apr 5, Fri | Vulnerabilities | Vulnerability definition Link | |
| Apr 8, Mon | Low-level program execution | Bryant and O'Hallaron. CSAPP: Chapter 3.2-3.4.3 Link | |
| Apr 10, Wed | Low-level program execution 2 | Bryant and O'Hallaron. CSAPP: Chapter 3.4.4, 3.6 Link | |
| Apr 12, Fri | Buffer overflows | Project 1 due Project 2 out |
Aleph One. Smashing the stack for fun and profit. Link |
| Apr 15, Mon | Control flow hijack | ||
| Apr 17, Wed | Control flow hijack defenses | Homework 1 out | |
| Apr 19, Fri | Return-Oriented Programming | Paul van Oorschot. Tools and Jewels. Section 6.5. Link
The Geometry of Innocent Flesh on the Bone: Return-into-libc without Function Calls (on the x86). Link |
|
| Apr 22, Mon | Control flow integrity | Martin Abadi et al. Control-Flow Integrity Principles, Implementations, and Applications. Link | |
| Apr 24, Wed | Heap attacks | Paul van Oorschot. Tools and Jewels. Section 6.4. Link | |
| Apr 26, Fri | Attack surface and access control | Homework 1 due | |
| Apr 28, Mon | Access control models | ||
| May 1, Wed | Mid-term review | Project 2 due the day before (Apr 30) | |
| May 3, Fri | Mid-term | ||
| May 6, Mon | Vulnerability discovery: fuzzing | ||
| May 8, Wed | Vulnerability discovery: static analysis |