Lecture Notes

1 Introduction, Threat Models (PDF)
2 Control Hijacking Attacks (PDF)
3 Buffer Overflow Exploits and Defenses (PDF)
4 Privilege Separation (PDF)
5 Guest Lecture: Paul Youn from iSEC Partners (no notes)
6 Capabilities (PDF)
7 Sandboxing Native Code (PDF)
8 Web Security Model (PDF)
9 Securing Web Applications (PDF)
10 Symbolic Execution (no notes)
11 Ur / Web (no notes)
12 Network Security (PDF)
13 Network Protocols (PDF)
14 SSL and HTTPS (PDF)
15 Medical Software (no notes)
16 Side-Channel Attacks (PDF)
17 User Authentication (PDF)
18 Private Browsing (PDF)
19 Anonymous Communication (no notes)
20 Mobile Phone Security (PDF)
21 Data Tracking (PDF)
22 Guest Lecture: Mark Silis and David LaPorte from MIT IS&T (no notes)
23 Security Economics (PDF)
24 Project Presentations (no notes)