I plan to talk about a number of issues at a high level and assign homework that dives into some of those issues at a lower level. The homeworks/projects will be more on the order of multiple weeks (i.e., this is not a project course). The assignments will be at least partially programming based, but as at least some of them are about attacking rather than defending, the amount of lines of code that will be required (as opposed to thinking) is not extensive.
Because this is a special topics course, you need a code to register. When you request a code (tdenning@cs.utah.edu), please make sure that you fulfill the prerequisities (i.e., have taken CS 4400).
I am continuing to make changes to
the last offering of the course (and in particular, the assignments).
Here is a sample of what a lecture schedule might look like:
Lecture 1: Administrivia & Introduction
Lecture 2: Continued Introduction and Threat Modeling
Lecture 3: Introduction to Cryptography (History)
Lecture 4: Cryptography, continued (DES)
Lecture 5: Cryptography, continued (Hashing, RSA)
Lecture 6: Diffie-Hellman, Certificates + SSL/TLS, Security Principles
Lecture 7: Authentication
Lecture 8: Web Security, Part 1
Lecture 9: Web Security, Part 2
Lecture 10: Revisiting Buffer Overflows (Coding & Software Practices)
Lecture 11: Continuing Coding & Software Practices
Lecture 12: Randomness and HW1 Review
Lecture 13. Access Control
Lecture 14. Trustworthy Computing & Exam Review
Lecture 15. De-Identification, Re-Identification, and Differential Privacy
Lecture 16. Security, Privacy, and the Law
Lecture 17. Human Factors
Lecture 18. Android Security and Fuzzing
Lecture 19. Network Security
Lecture 20. Network Security, Continued
Lecture 21. Intrusion Detection continued, Malware
Guest Lecture: Static Analysis & Research (Professor Matthew Might)
Lecture 22. Malware, continued