September |
Week # |
Monday |
Tuesday |
Wednesday |
Thursday |
Friday |
1 |
3 |
4
UBC-wide orientation.
No classes. |
5 |
6
- Course overview
- Introduction to Computer Security (printible)
|
7 |
2 |
10 Lab, TA office hours, Project Group Meetings, 5-7 PM, MCLD 228. |
11
Before the class:
- Watch and prepare to be quizzed on buffer overflow:
- General Introduction [pptx][pdf][YouTube]
- Part I - Basic Buffer Overflows [pptx][pdf][YouTube]
- Part II - Real Buffer Overflows [pptx][pdf][YouTube]
- Part III - Countermeasures [pptx][pdf][YouTube]
- Refresh your memory on modular arithmetics, combinatorics, and elementary statistics: Appendix 2.1, 2.2, and 2.3 from Stamp. Prepare to be quizzed.
In the class:
- Quiz #0 on Buffer Overflow and Math Essentials (Appendix 2 of Stamp's textbook)
- Introduction to Computer Security (printible)
|
12
|
13
Instructor office hours, 11 AM - 12 PM, KAIS 4047. Check-in with students with first names starting with A, B, C.
Assignment #1 (Risk Analysis)
due 12:30 PM. Turn in a paper copy in the class.
Before the class:
- Get a student account with TopHat and join there CPEN 442 (join code was sent to all registered students).
- Study Chapter 1 Stamp.
- Problems from Stamp to try: 1-20.
In the class:
- Top Hat Quiz on the study material for the class.
- Introduction to Computer Security (printible)
|
14 |
3 |
17
Lab, TA office hours, Project Group Meetings, 5-7 PM, MCLD 228.
|
18
Before the class:
- Study Legal Implications of Real World Security Analysis.
- Study pages 17-31 of Introduction to Computer Security (printible).
- Study Cryptography 101: Goals, Basics, Substitution Ciphers
- Study all micro-modules of ancient cryptography and then study and pracrtice all parts of Ciphers module.
- Study Stamp: Chapter 2 (except 2.3.6 & 2.3.8).
- Take a look at the fllowing problems from Stamp chapter 2: 3, 7, 9, 13, 18, 19, 20.
In the class:
- Q&A on Legal Implications of Real World Security Analysis from UBC leagal.
- Top Hat Quiz on the study material for the class.
- Discussion of sample problems related to the Introduction to Cryptography
Last day to withdraw from the course without W standing. |
19 |
20
Instructor office hours, 11 AM - 12 PM, KAIS 4047. Check-in with students with first names starting with A-F.
Before the class:
- Study pages
4-9,
39 of Introduction to Cryptography (printable).
- Study Playfair cipher:
- Playfair Cipher video.
- Pages 18-37 of Introduction to Cryptography (printable).
- Study Random Oracle model and its versions for hash functions, block ciphers, and stream ciphers:
- pages
46-52 of Introduction to Cryptography (printable).
- Anderson: Sections 5.1-5.3.
In the class:
- Top Hat Quiz on the study material for the class.
- Presentation of a sample analysis project from 2016.
- Discussion of sample problems related to the Introduction to Cryptography
|
21 |
4 |
24
Lab, TA office hours, Project Group Meetings, 5-7 PM, MCLD 228. |
25*
Before the class:
(most videos are short)
- Study introduction to modern cryptography, videos 1, 2, 3.
- Study introduction into stream ciphers, videos 1, 2, 3, and Stamp Sections 3.1-3.2.
- Study random number generators video 1.
- Study A5/1 cipher
- Pages 7-10 of the slides.
- Video animation of A5/1.
- Study block ciphers Introduction video.
- Study AES
- videos 1 and 2.
- AES demos.
- Stamp Section 3.3.4.
- Optionally, study videos AES Parts 3-15 from applied crypto playlist.
In the class:
- Top Hat Quiz on the study material for the class.
- Discussion of the stream and block ciphers.
Problems from Stamp chapter 3 to look at: 3.1-3.6, 3.19. |
26
Last day to obtain authorization for third-party system security analysis from the course professor.
Assignment #2 (crypto)
due 9:00 PM |
27*
No instructor office hours this week.
Before the class:
- Study modes of operation for block ciphers
- Study Stamp Section 3.3.7.
- Study modes of operations for block ciphers: ECB & CBC, CBC, CFB, CTR,
- Study hash functions:
- Study Sampt Sections 5.1-5.5, 5.7, 5.8.
- Watch HMAC video (from 6m12s to the end).
In the class:
- Top Hat Quiz on the study material for the class.
- Symmetric Cryptography (printable)
Problems from Stamp to look at: 3.22-3.29, 3.31-3.34, 3.36-3.40, 3.43, 5.1-5.9, 5.15-5.22
|
28 |
October |
Week # |
Monday |
Tuesday |
Wednesday |
Thursday |
Friday |
5 |
1
Instructor office hours, 1PM - 2 PM, KAIS 4047. Check-in with students with first names starting with A-I.
Lab, TA office hours, Project Group Meetings, 5-7 PM, MCLD 228.
|
2
Before the class:
- Study Stamp Chapter 4, all sections except 4.3.2, 4.3.3, 4.5. (which are optional). You can complement your reading with video lectures by Stamp himself: 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11.
In the class:
- Top Hat Quiz on the study material for the class.
- Asymmetric Cryptography(printable)
Problems from Stamp Chapter 4 to look at: all. |
3 |
4
Before the class:
- Study Satmp Sections 9.1-9.4, 9.6, 9.7. You can compliment your reading with video lectures by Stamp himself: 9.1-9.2, 9.3, 9.3.1, 9.3.2-9.3.3, 9.3.4-9.3.5, 9.3.6, 9.4, 9.6 (from 9:30).
- Problems from Stamp Chapter 9 to look at: 1-33.
- Review DH protocol with this very affordable videos.
In the class:
- Presentation of a sample design project.
- Top Hat Quiz on the study material for the class.
- Authentication of Computers and Key Establishment Over Insecure Networks.
deadline for an optional meeting with the instructor to discuss term project proposals |
5
Last day to obtain authorization for third-party system security analysis from the UBC IT Security. |
6 |
8
Thanksgiving Day. University closed.
|
9
Instructor office hours, 11 AM - 12 PM, KAIS 4047. Check-in with students with first names starting with A-L.
Before the class:
- Study Satmp Sections 10.1-10.3, 10.5-10.8. You can compliment your reading with video lectures by Stamp himself: 10.1-10.2, 10.3, 10.3.1-10.3.3, 10.5-10.5.1, 10.5.2-10.5.3, 10.6.1-10.6.3, 10.6.2-10.6.5, 10.7-10.7.1, 10.7.2-10.7.3, 10.7.4-10.8.
- Watch WEP vs. WPA explanation.
- Try problems from Stamp for Chapter 10: 1-10, 13-19, 36-44.
In the class:
- Top Hat Quiz on the study material for the class.
- SSH, SSL, Kerberos, WEP, GSM
|
10 |
11
Term project proposals presentations
|
12
Last day to withdraw from the course with W standing.
|
Term project proposals due 9:00 PM via turnitin.com. |
7 |
15
Lab, TA office hours, Project Group Meetings, 5-7 PM, MCLD 228.
|
16
Instructor office hours, 11 AM - 12 PM, KAIS 4047. Check-in with students with first names starting with A-O.
Before the class:
- Study Principles of Designing Secure Systems (printable)
In the class:
- Top Hat Quiz on the study material for the class.
- Case Study: iOS Security
- Discussion of the problems on the material studied for this class.
|
17
|
18
Before the class:
- Study all sections of Stamp Chapter 7.
- Look at problems in Chapter 7: 1-40.
In the class:
- Guest lecture by Rob Knoblauch, VP Enterprise Securirty, Scotibank. (The lecture content will be tested on the quiz and possibly on the exam.)
- Top Hat Quiz on the study material for the class.
- Adversary Models (printable)
Evaluation of your project team members WRT Project Proposal through iPeer due 11:00 PM. |
19
Assignment #3 (VPN)
due 9:00 PM
Evaluation of your project team members WRT Assignment #3 through iPeer due 11:00 PM. |
8
|
22
Lab, TA office hours, Project Group Meetings, 5-7 PM, MCLD 228. |
23
Midterm exam
on all the material studied so far.
|
24 |
25
Instructor office hours, 11 AM - 12 PM, KAIS 4047. Check-in with students with first names starting with A-R.
Before the class:
- Study all sections of Stamp Chapter 7.
- Look at problems in Chapter 7: 1-40.
In the class:
- Top Hat Quiz on the study material for the class.
- Discussion of the problems on the material studied for this class.
|
26 |
November |
Week # |
Monday |
Tuesday |
Wednesday |
Thursday |
Friday |
9
|
October 29
Lab, TA office hours, Project Group Meetings, 5-7 PM, MCLD 228.
|
October 30
Before the class:
- Study all sections of chapter 8 in Stamp, with extra attention to ACLs and Capabilities, CAPTCHAs, Firewalls, and IDS.
- To compliment the reading, view video lectures on Chapter 8 by Stamp himself, starting with the first one.
- Look at problems in Chapter 8.
During the class:
- Top Hat Quiz on the study material for the class.
- Discussion of the problems on the material studied for this class.
|
October 31
Assignment #4 (passwords)
due 9:00 PM. |
November 1
Instructor office hours, 11 AM - 12 PM, KAIS 4047. Check-in with students with first names starting with A-U.
Before the class:
- Study chapter 11 in Stamp. Since you have already studied buffer overflow, you can just refresh you memory by looking through Section 11.2.1. Pay particular attention to all other sections.
- Look at the problems for chapter 11.
- Complementary, view video lectures on the material of Chapter 11 by Stamp himself, starting here.
During the class:
- Top Hat Quiz on the study material for the class.
- Discussion of the problems on the material studied for this class.
|
2 |
10 |
5
Lab, TA office hours, Project Group Meetings, 5-7 PM, MCLD 228. |
6
Before the class:
- Study Security for the Web.
- Optional: watch top 10 Web Application security vulnerabilities using videos of presentations by Michael Coates and Chrisitian Wenz.
During the class:
- Top Hat Quiz on the study material for the class.
- Discussion of the problems on the material studied for this class.
|
7 |
8
Instructor office hours, 11 AM - 12 PM, KAIS 4047. Check-in with students with first names starting with A-Z.
Before the class:
- Study Designing and Building Secure Software.
- Optional: watch secure software development processes using a video of this presentation on SDLC by Bart De Win.
During the class:
- Top Hat Quiz on the study material for the class.
- Guest lecture on modern malware by Dmitry Samosseiko, Director of Threat Research, SophosLabs. (The lecture content will be tested on the quiz and possibly on the exam.)
- Discussion of the problems on the material studied for this class.
|
9
Prefinal reports of the term projects are due 10 PM via turnitin.com.
Evaluation of your project team members WRT Finalized Introduction, Related Work, and Methodology sections through iPeer due 11:00 PM. |
11 |
12
UBC closed. No lab or TA office hours. Enjoy your long weekend. |
13
Before the class:
Study video lectures on the economics of cybersecurity:
Part 1: Basics
- A brief history,
- Introduction to economics,
- The economics of information goods,
- Security from an economic perspective,
Part 2: Security Metrics
- What to measure?
- Measuring security levels,
- Metrics in practice,
- Metrics from incident data,
Part 3: Security Investment and Risk Management
- Information security strategy,
- Information security investment,
- Risk management,
- Operational security management.
During the class:
- Top Hat Quiz on the study material for the class.
- Discussion of the problems on the material studied for this class.
|
14
Assignment #5 (WebGoat)
due 9:00 PM
Evaluation of your project team members WRT Assignment #5 through iPeer due 11:00 PM. |
15
12 PM, KAIS 4047. Check-in with students with first names starting with A-Z.
Before the class:
Study video lectures on the economics of cybersecurity (continued):
Part 4: Market Failures
- Market failures,
- case study 1: Information sharing in incident response,
- case study 2: payment card security,
- Policy interventions,
Part 5: Behavioural research into security & Policy Implications
- Prospect Theory,
- Heuristics and social persuasion,
- Consumer behaviour and deception,
- Behavioural economics of privacy,
- Security economics and policy.
During the class:
- Top Hat Quiz on the study material for the class.
- Discussion of the problems on the material studied for this class.
|
16 |
12 |
19
Lab, TA office hours, Project Group Meetings, 5-7 PM, MCLD 228. |
20
Before the class:
Study video lectures on usable privacy and security:
- Lecture 1: Introduction.
- Lecture 2: Design.
- Lecture 3: Evaluating usable security design.
- Lecture 4: Guidelines for Secure Interaction Design.
During the class:
- End-of-the-term Anonymous evaluation of the course.
- Top Hat Quiz on the study material for the class and last lecture.
- Discussion of the problems on the material studied for this class.
|
21 |
22
12 PM, KAIS 4047. Check-in with students with first names starting with A-Z.
Before the class:
- Lecture 5: Usable Authentication.
- Lecture 6: Usable Privacy.
- Optional: Watch TED Talk "What's wrong with your pa$$w0rd?"
During the class:
- Top Hat Quiz on the study material for the class and last lecture.
- Tutorial on Making Oral Technical Presentations by Dr. Tatiana Teslenko
|
23 |
13 |
26
Lab, TA office hours, Project Group Meetings, 5-7 PM, MCLD 228. |
27
Before the class:
- Study Ethics and Computer Security (printable).
- Study video of "Ethics in Computer Security Research" by Dave Dittrich part 1, part 2.
During the class:
- Top Hat Quiz on the study material for the class and last lecture.
- Term project video clips should be handed to the instructor in the class.
- Discussion of the problems on the material studied for this class.
Evaluation of your project team members WRT Term Project Video Clips through iPeer due 11:00 PM. |
28 |
29
Instructor office hours, 10:30 AM - 11:30 AM, KAIS 4047. Check-in with students with first names starting with A-Z.
Before the class:
- Study Penetration Testing.
During the class:
- Top Hat Quiz on the study material for the class and last lecture.
- Discussion of the problems on the material studied for this class.
- Where to go from here.
|
30 |
December |
Week # |
Monday |
Tuesday |
Wednesday |
Thursday |
Friday |
14 |
3
9:00-13:00 Mini-conference all day in KAIS 2020/2030
Evaluation of your project team members WRT Project Presentation through iPeer due 11:00 PM. |
4
|
5
Final Examination 3:30 PM - 6:00 PM |
6
Instructor office hours, 3 PM - 4 PM, KAIS 4047.
|
7
Term project reports due 9:00 PM via e-mail.
Evaluation of your project team members WRT Term Project Report through iPeer due 11 PM.
|
15 |
10 |
11 |
12 |
13 |
14 |
16 |
17 |
18 |
19 |
20 |
21 |
|