ICS: UVa specific
material, spring 2019
Go up to the main ICS readme (md)
Much of the rest of this git repo is meant to be generic to anybody
who has a class such as this one. But this page contains details
specific to the CS 2150 version of the course at the University of
Virginia.
Links
There are a number of links and other parts of this course that are
NOT included in this repository. They are:
- The set of online tools, which can be accessed through Collab or here.
- Grading guidelines, which are available in the Collab wiki (here
is the direct link, although Collab login is required)
- Email list archive, which is a Collab tool (here
is the direct link, although Collab login is required)
- The Piazza forum
for this course; Collab can log you in directly – the Collab tool
link is here
(again, Collab login required)
- Anonymous
feedback, which is through Collab
- The VirtualBox
image used for this course. This is version 2, which was released
about half-way into the semester. For how to install it, see here.
The parts of this course that are in this repo are:
Readings
All scholarly articles (such as from the ACM digital library) can be
obtained from free from any UVa wireless network. Some of htem you will
NOT be able to get it for free from your home Internet provider
such as Comcast (unless you live in a UVa dorm, of course). All readings
are due by the lecture that day.
- Due Wednesday, February 29th
- Smashing the Stack for Fun and Profit, available online in HTML and PDF
- Due Friday, February 1st:
- Due Friday, January 25th:
Homeworks
Unless otherwise noted, all submissions are due by the end of the day
of the due date given – this means by 11:59:59 pm. The late policies are
discussed in the homework policies page
(md). Submission is through the online
submission system – all submissions should open up 3 days (i.e., 72
hours) prior to the due date/time.
- HW 13: Forensics (md) is due Monday, April 29th
- HW 12: Rootkits (md) is due Friday, April 19th
- HW 11: Celebrity
Visit (md) is due
Tuesday, April 16th and there is NO LATE SUBMISSION on this one
- HW 10: Cryptocurrency
(md) is due Friday, April
12th
- HW 9: SQL, XSS, &
CSRF (md) is due
Wednesday, April 3rd
- HW 8: Networks (md) is due Friday, March 22nd
- HW 7: Movie Night (md) is due Friday, March
22nd
- HW 6: Buffer Overflow (md) is due Friday, March 8th
- HW 5: Hashing (md) is due Friday, February 22nd
- HW 4: RSA (md) is due Friday, February 15th
- HW 3: Ethics (md) is due Wednesday, February
6th
- HW 2: Policy (md) is due Wednesday, January
30th
- HW 1: Rational Paranoia (md) is due Wednesday, January
23rd
Lecture progress
- Mon, Apr 29: Course
reflection, entire slide set
- Fri, Apr 26: Final exam review Q&A session
- Wed, Apr 24: Finished VMs
- Mon, Apr 22: Finished forensics; VMs through the “Language VM”
slide
- Fri, Apr 19: Forensics
through the third “Encrypted Drives” slide in the “Barriers” column
- Wed, Apr 17: Jason Belford, UVa’s CISO, gave a guest lecture
- Mon, Apr 15: Started and finished Stuxnet
- Fri, Apr 12: Finished rootkits
- Wed, Apr 10: Finished anonymity; rootkits through the end of the
Rootkits column of slides
- Mon, Apr 8: Anonymity
through the end of the Tor column of slides
- Fri, Apr 5: Finished Cryptocurrency; Started Anonymity through the first of
the Sender Anonymity -> Anonymity Theory slide
- Wed, Apr 3: Cryptocurrency through the
second Mining -> Why So Hard? slide
- Mon, Apr 1: Finished Web
security; Cryptocurrency through the
Bitcoin Basics -> Wallet slide
- Fri, Mar 29: Exam 2, so no lecture
- Wed, Mar 27: Web
security through the end of the “Attacking HTTPS” slide column
- Mon, Mar 25: Web
security through the bit TLS protocol image slide
- Fri, Mar 22: Finished SQL, XSS & CSRF
- Wed, Mar 20: Finished networks; SQL, XSS & CSRF through
the car SQL injection attack slide
- Mon, Mar 18: networks
through the end of the basic network security column
- Fri, Mar 8: finished binary exploits; networks through the “More about
TCP/IP” slide
- Wed, Mar 6: binary
exploits through the “stack canary operation” slide
- Mon, Mar 4: finished buffer overflows; binary exploits through the
third “Format String Attack Example” slide
- Fri, Mar 1: exam 1 today, so no lecture progress
- Wed, Feb 27: buffer
overflows through the end of the “how to do it” column
- Mon, Feb 25: finished viruses; buffer overflows through
the third “Stack for vulnerable()” slide
- Fri, Feb 22: viruses
through the “Oligomorphic viruses” slide
- Wed, Feb 20: UVa had a snow day, so no lecture progress
- Mon, Feb 18: viruses
through the “Basic Virus Stealth -> Viruses must be stealthy”
slide
- Fri, Feb 15: Finished encryption
- Wed, Feb 13: encryption
through the first “hash vulnerabilities” slide
- Mon, Feb 11: encryption
through the end of the RSA column of slides
- Fri, Feb 8: encryption
through the end of RSA cracking
- Wed, Feb 6: encryption
through the Google Recruitment Campaign slide in the RSA column
- Mon, Feb 4: encryption
through the end of the one-time pad section
- Fri, Feb 1: the rest of ethics
- Wed, Jan 30: ethics through
the officespace video clip in the public obligations column
- Mon, Jan 28: the remainder of the policy slide set, and the start of
the ethics slide set (through
the first of the ethical questions)
- Fri, Jan 25: policy through
the 1990’s page in the History column
- Wed, Jan 23: the rest of security mindset; policy through the first 9
challenges (did not really get through challenge #9 fully)
- Mon, Jan 21: MLK day, so no classes
- Fri, Jan 18: security
mindset though the end of the lockpicking slides
- Wed, Jan 16: terminology, the entire slide
set
- Mon, Jan 14: course
introduction, the entire slide set