Class Schedule

This schedule will be updated as the semester progresses. Find the tentative syllabus here.

Date Topics Recommended Readings Other Activities/Notes
08/27/2024 Course Introductions [slides] 1. Ken Thompson, Reflections on Trusting Trust. Turing Award Lecture, 1983. (link)
1. Homework 1 assigned; due 09/03
2. Project Phase 1 (Idea and Team formation) assigned; due 09/05 11:59 pm
08/29/2024 1. IoT Security fundamentals
2. Intro to HomeAssistant [slides]
1. Security Engineering, Chapter 1 [link]
2. HomeAssistant Architecture [link1, link2] and Integrations [link1, link2]
08/30 Last day to add/drop classes
09/03/2024 Crypto 1: Secret Key Crypto [slides] Security Engineering, Chapter 5.1-5.5 [link] Homework 1 Due
09/05/2024 Crypto 2: Hashes and Message Authentication [slides] 1. Security Engineering, Chapter 5.6 [link]
2. Ross Anderson, Why Cryptosystems fail [link]
1. Project Phase 1 Due
2. Homework 2 assigned; due 09/19 11:59 pm
09/10/2024 Crypto 3: Public Key Cryptography [slides] Security Engineering, Chapter 5.7 [link] Project Phase 2 assigned (HomeAssistant Integration Design and Implementation); due 10/22 11:59 pm
09/12/2024 SSL/TLS [slides] SSL and TLS: A Beginner’s Guide [link]
09/17/2024 Access Control Basics [slides] 1. Operating System Security, Chapters 1,2 and 5 [link]
2. [Only Section I-A] J. Saltzer and M. Schroeder, The Protection of Information in Computer Systems. Proceedings of the IEEE 63(9) (1975) pp. 1278-1308 [link]
Project Plan due
09/19/2024 Information Flow Control [slides] [reading-papers] 1. [BB] How risky are real users’ IFTTT applets? [link] Homework 2 due
09/24/2024 Trigger-Action Programs [slides] 1. [BB] Soteria: Automated IoT Safety and Security Analysis [link]
1. [BB] Towards a natural perspective of Smart Homes for Practical Security and Safety Analyses [link]
Homework 3 assigned; due 10/08 due
09/26/2024 Smart Home Platforms: Architecture and Security NO CLASS due to Hurricane Helene 1. [BB] Security Analysis of Emerging Smart Home Applications [link]
10/01/2024 Smart Home Platforms: Lateral Privilege escalation [slides] 1. [BB] A Study of Data Store-based Home Automation [link]
10/03/2024 Smart Home Security: Situational Access Control and Integrity Validation [slides] 1. [BB] Situational Access Control in IoT [link]
2. [BB] Practical Integrity Validation in the Smart Home [link]
10/08/2024 Permission models: Smart Home vs Android apps NO CLASS due to Hurricane Milton 1. [BB] Android Permissions Demystified [link] Homework 3 due Deadline moved to 10/24
10/10/2024 1. Smart Home: Challenges of Multiuser Access Control
2. Midterm exam review
NO CLASS due to Hurricane Milton
1. [BB] Rethinking Access Control and Authentication for the Home IoT [link]
10/15/2024 Midterm Exam Asynchronous Class 1: 'Multi-User based Smart Home Access Control' [async-slides] 1. [BB] Rethinking Access Control and Authentication for the Home IoT [link]
10/17/2024 Asynchronous Class 2: ‘Crypto- API Misuses in IoT Apps' 1. [BB] Jin et. al., Understanding IoT Security from a Market-Scale Perspective, CCS 2022 [link]
10/22/2024 1. Integrity Validation (contd..)
2. Class updates, Midterm notice [slides]
10/24/2024 Midterm Exam Homework 3 due
10/29/2024 1. Async classes recap
2. Permission Models and Platform Defenses
1. [BB] Android Permissions Demystified [link]
10/31/2024 Smart Home Wrap-Up: Privacy Issues [slides] 1. [BB] Smart Home Privacy Policies Demystified [link]
11/05/2024 1. Network Security: TCP/IP
2. Smart Home Quiz! [slides]
1. A look back at “Security problems in the TCP/IP protocol suite” [link] Project Phase 2 report due
11/07/2024 Network Security: Worms and Botnets [slides] 1. S. Staniford and V. Paxson and N. Weaver. "How to 0wn the Internet in Your Spare Time". In Proceedings of the 11th USENIX Security Symposium, August 2002. [link] 1. Project Phase 3 (IoT app analysis proposal) assigned; due 11/12
2. Homework 4 assigned; due 11/26
11/12/2024 Network Security: Routing [slides] 1. "Why is it Taking so Long to Secure Internet Routing?" [link] 1. Project Phase 3 due
2. Project Phase 4 (Implementation and Evaluation) assigned; due 12/12
11/14/2024 Network Security: Wireless [slides] 1. Brenza et al. "A Practical Investigation of Identity Theft Vulnerabilities in Eduroam". In Proceedings of the ACM Conference on Security and Privacy in Wireless and Mobile Networks (WiSec). 2015 [link]
11/19/2024 Network Security: Intrusion Detection and Firewalls [slides] 1. S. Axelsson, "The Base-Rate Fallacy and Its Implications for the Difficulty of Intrusion Detection". In Proceedings of the ACM Conference on Computer and Communication Security. November, 1999. [link]
11/21/2024 Network Security: User Authentication 1 [slides] 1. Troy Hunt, "The science of password selection" [link]
11/26/2024 Network Security: User Authentication 2 [slides] 1. P. G. Kelley et al., "Guess again (and again and again): Measuring password strength by simulating password-cracking algorithms". IEEE Symposium on Security and Privacy, 2012. [link] Homework 4 due
11/28/2024 No Class.
Happy Thanksgiving!
12/03/2024 Web Authentication [slides]
12/05/2024 Finals review and Project Updates
12/10/2024 Final Exam
12/12/2024 Project Phase 4 report due

back to the top