CNT 4419, Fall 2019
Secure Coding
Announcements
Final grades are posted in Canvas.
Course materials
Useful Links
Please use Canvas to check your grades.
Schedule (filled in as the semester progresses)
| Week | Dates | Topics | Textbook Reading |
|---|---|---|---|
| 1 | 08/26, 08/28 | Introduction; Definitions (policy, mechanism, enforcement) | 1.1-1.9 |
| 2 | 09/04 | Definitions (property, CIA, safety) | Class notes |
| 3 | 09/09, 09/11 | Test I (on 09/09); Definitions (liveness); Unenforceability | Class notes |
| 4 | 09/16, 09/18 | Unenforceability; Threats; Test II (on 09/18) | 2.1-2.9 |
| 5 | 09/23, 09/25 | Threats; Tradeoffs; Secure design | 3.1-3.9, Appendix A |
| 6 | 09/30, 10/02 | Access control; Buffer overflows; Test III (on 10/02) | 5.1-5.3, 6.1-6.5 |
| 7 | 10/07, 10/09 | Buffer overflows; StackGuard; ASLR; CFI; Type safety | Class notes |
| 8 | 10/14, 10/16 | Format string attacks; Integer overflow attacks; Test IV (on 10/16) | 6.6 |
| 9 | 10/21, 10/23 | Networking and communications; Protocols | Class notes |
| 10 | 10/28, 10/30 | DoS; Firewalls; IDSs; Web applications; Test V (on 10/30) | Class notes |
| 11 | 11/04, 11/06 | Client-state manipulation; CSRF; OWASP Top 10 | 7.1-7.4 |
| 12 | 11/13 | Databases; Information management; SQL | Class notes |
| 13 | 11/18, 11/20 | SQL-injection attacks; Test VI (on 11/20) | 8.1-8.2 |
| 14 | 11/25 | XSS | Class notes |
| 15 | 12/02, 12/04 | Cryptography; Password management | 9.1-9.6 |
| Final | 12/09 | Final Exam, 3-5pm | All tests are cumulative |