| Date | Topic/Readings | Attack | |
|---|---|---|---|
| 08/29 | Introduction | ||
| 08/31 | Introduction | ||
| 09/05 | Ethics in Security Research | ||
| 09/07 | Classic Memory Attacks & Defenses | ||
| 09/12 | Modern Memory Attacks | Control flow attack | |
| 09/14 | Modern Memory Defenses | Kernel-level rootkit | |
| 09/19 | Classic Web Security | Attacking vulnerable websites | |
| 09/21 | Modern Web Security | Tricking users | |
| 09/26 | User Authentication | Breaking CAPTCHAs | |
| 09/28 | Usable Security | Cracking passwords | |
| 10/03 | Isolation Defenses | Cold-boot attack | |
| 10/05 | Isolation Attacks | Cross-VM side channel | |
| 10/10 | Malware | Compiler Trojan horse | |
| 10/12 | Worms | Malicious peripheral | |
| 10/17 | Underground Economies | ||
| 10/19 | Project proposal presentations | ||
| 10/24 | Cryptography Intro / TLS | ||
| 10/26 | The Certificate Ecosystem | TLS information leakage | |
| 10/31 | Crypto Failures in Practice | Differential Power Analysis | |
| 11/02 | Property-Preserving Encryption | Privacy-preserving DB attack | |
| 11/07 | Building Anonymity | Traffic deanonymization | |
| 11/09 | Breaking Anonymity | Data deanonymization | |
| 11/14 | Censorship Resistance | Firmware-resident malware | |
| 11/16 | TCP/IP Security | Kaminsky attack | |
| 11/21 | Botnets | Rogue wireless AP | |
| 11/23 | Thanksgiving Break | ||
| 11/28 | DoS Attacks | Off-path TCP attack | |
| 11/30 | DoS Defenses | Opt-ACK attack | |
| 12/05 | Project Presentations | ||
| 12/07 | Project Presentations |