| Date | Topic/Readings | Attack | |
|---|---|---|---|
| 08/28 | Introduction | ||
| 08/30 | Introduction | ||
| 09/04 | Ethics in Security Research | ||
| 09/06 | Cryptography Intro / TLS | ||
| 09/11 | The Certificate Ecosystem | TLS information leakage | |
| 09/13 | Crypto Failures in Practice | Certificate mis-validation | |
| 09/18 | Building Anonymity | Traffic deanonymization | |
| 09/20 | Breaking Anonymity | Data deanonymization | |
| 09/25 | Censorship Resistance | On-path censorship and evasion | |
| 09/27 | Botnets | IoT device compromise | |
| 10/02 | User Authentication | Cracking passwords | |
| 10/04 | Usable Security | Breaking CAPTCHAs | |
| 10/09 | Underground Economies | ||
| 10/11 | Project proposal presentations | ||
| 10/16 | Classic Memory Attacks & Defenses | ||
| 10/18 | Modern Memory Attacks | Control flow attack | |
| 10/23 | Modern Memory Defenses | Kernel-level rootkit | |
| 10/25 | Isolation Defenses | Cold-boot attack | |
| 10/30 | Classic Web Security | Attacking vulnerable websites | |
| 11/01 | Modern Web Security | Tricking users | |
| 11/06 | Isolation Attacks | Speculative execution attack | |
| 11/08 | Malware | Compiler Trojan horse | |
| 11/13 | Networking Intro | Kaminsky attack | |
| 11/15 | TCP/IP Security | Opt-ACK attack | |
| 11/20 | Worms | Malicious peripheral | |
| 11/22 | Thanksgiving Break | ||
| 11/27 | DoS Attacks | Rogue wireless AP | |
| 11/29 | DoS Defenses | Firmware-resident malware | |
| 12/04 | Project Presentations | ||
| 12/06 | Project Presentations |