Course Schedule


Lectures Topics




Tue 8/30 

Class overview, motivation and overview of computer security

Dr. Yinzhi Cao



Thu 9/1 

Software Vulnerability I

Dr. Yinzhi Cao



Tue 9/6 

Software Vulnerability II

Dr. Yinzhi Cao

 HW1 Shellcode out

Thu 9/8

Software Vulnerability Paper Presentation

Defense: Matthew Chin

Offense: James Currie

[Primary] Heisenbyte: Thwarting memory disclosure attacks using destructive code reads, CCS 2015.



[Secondary] Return to the Zombie Gadgets: Undermining Destructive Code Reads via Code Inference Attacks, IEEE Security and Privacy (Oakland) 2016.


Tue 9/13

Web Security and Privacy I

Dr. Yinzhi Cao


Thu 9/15

Web Security and Privacy II

Dr. Yinzhi Cao


 HW1 Shellcode in

Tue 9/20

Web Paper Presentation I

Defense: Shujiang Wu


Trusted Browsers for Uncertain Times, USENIX Security 2016.


HW2 Buffer overflow out

Thu 9/22

Web Paper Presentation II

Defense: Benjamin Weinfeld

Offense: Drew Siedel

Request and Conquer: Exposing Cross-Origin Resource Size, USENIX Security 2016.


Tue 9/27

Mobile Security and Privacy

 Dr. Yinzhi Cao



Thu 9/29

Mobile Paper Presentation I

Defense: Erik Outhwaite


On Demystifying the Android Application Framework: Re-Visiting Android Permission Specification Analysis, USENIX Security 2016.  

Tue 10/4 

Mobile Paper Presentation II

Defense: Michael Holdorf


TriggerScope: Towards Detecting Logic Bombs in Android Applications,

IEEE Security and Privacy (Oakland), 2016. 

 HW2 Buffer overflow in

Thu 10/6 

Mobile Paper Presentation III

 Defense: Ryan Newberry


Staying Secure and Unprepared: Understanding and Mitigating the Security Risks of Apple ZeroConf, IEEE Security and Privacy (Oakland), 2016.


Tue 10/11

Software-defined Network (SDN)

Dr. Yinzhi Cao


Thu 10/13

SDN Paper Presentation

Defense: Zhiheng Liu

Offense: Shujiang Wu


AVANT-GUARD: Scalable and Vigilant Switch Flow Management in Software-Defined Networks, in the Proc. of ACM CCS 2013.

Tue 10/18 

Pacing Break

Thu  10/20 

Mid-term Project Presentation


Tue  10/25 


Dr. Yinzhi Cao


HW3 XSS out

Thu  10/27 

Guest Lecture from Industry

Presenter: Mike Lemley (OSISoft)

Tue  11/1 

TLS/SSL Paper Presentation II

Defense: Zhenqiang Li

Offense: Zhiheng Liu

TLS in the Wild: An Internet-wide Analysis of TLS-based Protocols for Electronic Communication, NDSS 2016.

Thu  11/3 

Social Network Security

and Firewalls

Dr. Yinzhi Cao


HW3 XSS in

Tue  11/8 

Social Network Security Paper Presentation

Defense: James Clements

Offense: Jinbu Wang 

You Are Who You Know and How You Behave: Attribute Inference Attacks via Users’ Social Friends and Behaviors, USENIX Security 2016. 

HW4 Firewall out

Thu  11/10 

Machine Learning Security

Dr. Yinzhi Cao


Tue  11/15 

Machine Learning Security Paper Presentation I

Defense: Zhenqiang Li


Distillation as a Defense to Adversarial Perturbations against Deep Neural Networks, IEEE Security and Privacy, 2016.

Thu  11/17 

Machine Learning Security Paper Presentation II

Defense: Jinbu Wang 

Offense: Alexander Van Heest

Deep Learning with Differential Privacy, CCS 2016.

Tue  11/22 

SSL/TLS Paper Presentation I (moved due to a visitor)

Defense: Zhiheng Liu

Offense: Ryan Cooney

Killed by Proxy: Analyzing Client-end TLS Interception Software, NDSS 2016. 

HW4 Firewall in

Thu  11/24 


Tue 11/29 


Dr. Yinzhi Cao



Thu  12/1 

Privacy Paper Presentation

Defense: Shujiang Wu 

Offense: Daniel Sohn

Identifying and Characterizing Sybils in the Tor Network, USENIX Security 2016.

Tue  12/6 

Final Project Presentation I

Thu  12/8 

Final Project Presentation II