(This page will be changed frequently. Please check before class.)
|
Instructor: |
Dr. Song Fang |
||||||||
|
|
|
||||||||
|
Teaching assistant: |
TBD |
||||||||
| Syllabus | |||||||||
| Grading: | Quizzes: 10%; Labs: 15%; Paper Summary: 30%; Presentation: 20%; Project: 25% |
||||||||
| Suggested textbook: | David Kleidermacher and Mike Kleidermacher, Embedded Systems Security: Practical Methods for Safe and Secure Software and Systems Development, 1st Edition, Newnes, 2012. Wenliang Du. Computer Security: A Hands-on Approach. 1st Edition, 2017. | ||||||||
| Labs: | Lab 1: Environment Variable and Set-UID Lab due on 02/09 Lab 2: Buffer-Overflow Vulnerability Lab due on 03/01 Lab 3: Exercise with OpenSSL due on 03/18 | ||||||||
| In-class presentation: |
Each student should select a paper from the paper list provided by the instructor and prepare an in-class presentation about the selected paper. | ||||||||
| Project: |
Teams of students will work on a collaborative project for the duration of the semester. Students can form teams, each with up to three members, based on common interests and/or complementary skills. You get no extra credit for working alone. | ||||||||
| Notes on submissions: | You must use
a text editor (e.g., MS Word, Latex) to complete your homework. All submissions should be made via OU's Canvas. |
| Date | Reading | Topics | Slide |
|---|---|---|---|
| 01/13 | Kleidermacher Chapter 1 | Introduction to embedded systems security | Lec 1 |
| 01/15 | Du Chapter 1, On Trusting Trust | Software security (1): Set-UID programs | Lec 2 |
| 01/20 | Martin Luther King Day Holiday - No class | ||
| 01/22 | Invoking programs | ||
| 01/27 | Du Chapter 2 | Software security (2): Environment variables and shell variables | Lec 3 |
| 01/29 | Attack surface on environment variables | ||
| 02/03 | Du Chapters 4 and 5 | Software security (3): Buffer overflow attack | Lec 4 |
| 02/05 | Campus is closed due to inclement weather | ||
| 02/10 | Student in-class presentation (1) | ||
| 02/12 | Project discussion; stack buffer-overflow attack | ||
| 02/17 | Student in-class presentation (2) | ||
| 02/19 | Software security (4): Buffer overflow mitigation | ||
| 02/24 | Student in-class presentation (3) | ||
| 02/26 | Kleidermacher Chapter 4 | Embedded cryptography: secret key cryptography, hash | Lec 5 |
| 03/02 | Public key cryptography | Lec 6 | |
| 03/04 | Blockchain | ||
| 03/09 | Student in-class presentation (4) | ||
| 03/11 | Introduction to wireless security | Lec 7 | |
| 03/16 | Spring Vacation - No class | ||
| 03/18 | Spring Vacation - No class | ||
| 03/23 | Term project lightning talk; lab analysis | ||
| 03/25 | Wireless jamming attacks and countermeasures | ||
| 03/30 | Student in-class presentation (5) | ||
| 04/01 | IoT seucurity | Lec 8 | |
| 04/06 | Student in-class presentation (6) | ||
| 04/08 | Individual meeting on projects - No class | ||
| 04/13 | Student in-class presentation (7) | ||
| 04/15 | Student in-class presentation (8) | ||
| 04/20 | Side-channel attacks | Lec 9 | |
| 04/22 | Emerging applications | Lec 10 | |
| 04/27 | Student in-class presentation (9) | ||
| 04/29 | Final project demo |
© 2020 Song Fang.