| Date | Topic/Readings | Attack | |
|---|---|---|---|
| 01/26 | Introduction | ||
| 01/28 | Introduction | ||
| 02/02 | Ethics in Security Research | ||
| 02/04 | Cryptography Intro / TLS | ||
| 02/09 | The Certificate Ecosystem | TLS information leakage | |
| 02/11 | Crypto Failures in Practice | Certificate mis-validation | |
| 02/16 | Building Anonymity | Traffic deanonymization | |
| 02/18 | Breaking Anonymity | Data deanonymization | |
| 02/23 | Censorship Resistance | On-path censorship and evasion | |
| 02/25 | Protocol Obfuscation | Language detection on encrypted VoIP | |
| 03/02 | Botnets | Cracking passwords | |
| 03/04 | User Authentication | Breaking CAPTCHAs | |
| 03/09 | Underground Economies | ||
| 03/11 | Project proposal presentations | ||
| 03/16 | Spring Break | ||
| 03/18 | Spring Break | ||
| 03/23 | Classic Memory Attacks & Defenses | ||
| 03/25 | Modern Memory Attacks | Control flow attack | |
| 03/30 | Modern Memory Defenses | Kernel-level rootkit | |
| 04/01 | Trusted Hardware | Rowhammer attack | |
| 04/13 | Isolation Attacks | Speculative execution attack | |
| 04/15 | Malware | Compiler Trojan horse | |
| 04/13 | Classic Web Security | Attacking vulnerable websites | |
| 04/15 | Modern Web Security | Tricking users | |
| 04/20 | Networking Intro | Kaminsky attack | |
| 04/22 | TCP/IP Security | Off-path TCP attack | |
| 04/27 | Worms | Opt-ACK attack | |
| 04/29 | DoS Attacks | NAT Slipstreaming | |
| 05/04 | DoS Defenses | Firmware-resident malware | |
| 05/06 | Project Presentations | ||
| 05/11 | Project Presentations |