Calendar

The course calendar is subject to change. Always check the calendar before planning your studies.

If necessary, consult the following for the calendar:

regular session day no session day Major quiz due student presentations exam

Assignments become available and discussed in the sessions.

All deadlines are in Vancouver local time.

September
Week # Monday Tuesday Wednesday Thursday Friday
1 7

8

UBC-wide orientation.
No classes.

9

10

Before the class:

  1. Learn about academic integrity by studying materials of the UBC’s Academic Integrity Resource Centre.
  2. Study the course syllabus.

In the class:

  1. Course overview.
  2. Quiz on the knowledge of the course syllabus and academic integrity.

 

11
2

14

5-5:50 PM: Tutorial Session, 6-7 PM: TA office hours. Both on Zoom

15

Topic: Introduction to Cybersecurity

Before the class:

  1. Make sure you can connect to the course on Canvas.
  2. Study and prepare to be quizzed on buffer overflow:
    1. General Introduction  [pptx][pdf][YouTube]
    2. Part I – Basic Buffer Overflows [pptx][pdf][YouTube][Youtube (watch from 25:45 to 57:15]
    3. Part II – Real Buffer Overflows [pptx][pdf][YouTube]
    4. Part III – Countermeasures [pptx][pdf][YouTube][Youtube (watch from 25:43 to 43:48)]
  3. Refresh your memory on modular arithmetics, combinatorics, probability and linear algebra: Appendix 2 from Stamp. Prepare to be quizzed.
  4. Refresh your memory of modular arithmetics with this video-lecture by Stamp.
  5. Optionally, read a detailed analysis of a recent buffer overflow vulnerability in WhatsApp.

In the class:

  1. Entrance Quiz on Buffer Overflow and Math Essentials (Appendix 2 of Stamp’s textbook)
  2. Introduction to Cybersecurity

 

 

16

Instructor’s Office Hours 10:05–10.55 AM.

17

Topic: Introduction to Cybersecurity & Design Principles

Assignment #1 (Risk Analysis)
due 11:59 PM. Submit through Canvas.

Before the class:

  1. Study slides of Introduction to Cybersecurity.
  2. Study all sections of Chapter 1 from Computer Security and the Internet: Tools and Jewels [CSI-TJ].

In the class:

  1. Presentation of a term project from the previous cohort.
  2. Discussion of the material studied for this class.
  3. Quiz on the study material for the class.
18
3

21

5-5:50 PM: Tutorial Session, 6-7 PM: TA office hours. Both on Zoom

 

22

Topic: Introduction to Cryptography

Before the class:

  1. Study Legal Implications of Real World Security Analysis.
  2. Study Cryptography 101: Goals, BasicsSubstitution Ciphers
  3. Study all micro-modules of ancient cryptography and then study and practice all parts of Ciphers module.
  4. Study Stamp: Chapter 2. Feel free to supplement the reading with Stamp video lectures on Chapter 2.
  5. Get clear understanding of confusion and diffusion properties of ciphers by studying this short explanation.

In the class:

  1. Discussion of the material studied for this class.
  2. Quiz on the study material for the class.

23

Last day to withdraw from the course without W standing.

Instructor’s Office Hours 10:05–10.55 AM.

24

Topic: Introduction to Cryptography

Before the class:

  1. Study Playfair cipher:
    1. Playfair Cipher video.
    2. Playfair Cipher mechanics.
  2. Study Random Oracle model and its versions for hash functions, block ciphers, and stream ciphers:
    1. Random Oracle in Pictures.
    2. Anderson: Sections 5.1-5.3.
  3. Study  hash function properties: Stamp: Sections 5.1 & 5.2. Feel free to supplement the reading with Stamp’s lecture on Hash Function properties.

In the class:

  1. Discussion of the material studied for this class.
  2. Quiz on the study material for the class.

 

25
4

28

5-5:50 PM: Tutorial Session, 6-7 PM: TA office hours. Both on Zoom

29

Topic: Stream and Block Ciphers

Before the class:
(most videos are short)

  1. Optionally, view this gentle introduction into stream ciphers, videos 1, 2, 3,
  2. Study Stamp Sections 3.1-3.2. Feel free to supplement the reading with Stamp video lectures: parts 1& 2 from Chapter 3.
  3. Study random number generators video 1, and Stamp’s lecture on Random Numbers in Cryptography.
  4. Study A5/1 cipher
    1. Pages 7-10 of the slides.
    2. Video animation of A5/1.
  5. Study required properties of block ciphers (5m).
  6. Study AES
    1. videos 1 and 2.
    2. AES demos.
    3. Stamp Section 3.3.4, feel free to compliment it with viewing Stamp’s lecture on AES.
  7. Optionally, view video lectures of AES Parts 3-15 from applied crypto playlist.

In the class:

  1. Discussion of the material studied for this class.
  2. Quiz on the study material for the class.

30

Instructor’s Office Hours 10:05–10.55 AM.

Assignment #2 (crypto)
due 11:59 PM

Last day to obtain authorization for third-party system security analysis from the course professor.

October 1

Topic: Modes of Operation and Cryptographic Hashes

Before the class:

  1. Study modes of operation for block ciphers
    1. Study Stamp Section 3.3.7. (Feel free to supplement the reading with Stamp video lectures: parts 8 & 9 of Chapter 3.)
    2. Study modes of operations for block ciphers: ECB & CBC, CBC, CFB, CTR,
  2. Study hash functions:
    1. Study Stamp Sections 5.1, 5.2, 5.5, 5.7, 5.8. (Feel free to supplement the reading with Stamp video lectures for Chapter 5, parts: 1, 2 (from 9m53s), 3, 4, 5.)
    2. Study video Lecture 1.1 (first 21 minutes) of this video material on Cryptography for Bitcoin.
    3. Optionally, read Sections 5.3 & 5.4 on Birthday Paradox and Attack (Video of the corresponding lecture by Stamp).
    4. Optionally watch HMAC video (from 6m12s to the end).

In the class:

  1. Discussion of the material studied for this class.
  2. Quiz on the study material for the class.
October 2

 

October
Week # Monday Tuesday Wednesday Thursday Friday
5

5

5-5:50 PM: Tutorial Session, 6-7 PM: TA office hours. Both on Zoom

 

6

Topic: Asymmetric Ciphers 

Before the class:

  1. Study Stamp Chapter 4, all sections except 4.3.2, 4.3.3, 4.5. (which are optional). Feel free to supplement the reading with Stamp video lectures on Chapter 4.

In the class:

  1. Discussion of the material studied for this class.
  2. Quiz on the study material for the class.

7

Instructor’s Office Hours 10:05–10.55 AM.

8

Topic: Authentication and Key Establishment Over Insecure Networks

Before the class:

  1. Study Stamp Sections 9.1-9.4, 9.6, 9.7. Feel free to supplement the reading with Stamp video lectures on Chapter 9.
  2. Review DH protocol with this very affordable videos.

In the class:

  1. Discussion of the material studied for this class.
  2. Quiz on the study material for the class.
9
6

12

Thanksgiving Day. University closed.

13

In the class:

Term project proposals presentations

 

 

14

Instructor’s Office Hours 10:05–10.55 AM.

 

15

Topic: Real World Security Protocols

Before the class:

  1. Study Stamp Sections 10.1-10.3, 10.5-10.8. You can compliment your reading with Stamp video lectures on Chapter 10.
  2. Optionally, watch WEP vs. WPA explanation.

In the class:

  1. Midterm anonymous feedback for the teaching staff.
  2. Discussion of the material studied for this class.
  3. Quiz on the study material for the class.

 

16

Assignment #3 (VPN)
due 9:00 PM

Evaluation of your project team members WRT Assignment #3 through iPeer due 11:00 PM.

Last day to withdraw from the course with W standing.

Term project proposals due 9:00 PM via Canvas.

Evaluation of your project team members WRT Project Proposal through iPeer due 11:00 PM.

Last day to obtain authorization for third-party system security analysis from the UBC IT Security.

7

19

5-5:50 PM: Tutorial Session, 6-7 PM: TA office hours. Both on Zoom

20

Mid-term exam

21

Instructor’s Office Hours 10:05–10.55 AM.

22

Topics: (1) Web Security, (2) Designing and Building (More) Secure Software

Before the class:

  1. Study Software Security Lecture 3.
  2. Study the following parts of Software Security Lecture 4:
    1. Security Requirements and Abuse Cases (26m46s-30m14s).
    2. Design Flaws (30m20s-32m46s).
    3. Top Design Flaws (1h07m18s-1h16m30s).
    4. TFTPD case study (1h16m30s-1h27m45s).

In the class:

  1. Discussion of the material studied for this class.
  2. Quiz on the study material for the class.

23

 

8

26

5-5:50 PM: Tutorial Session, 6-7 PM: TA office hours. Both on Zoom

27

Topic: Authentication of Humans to Computers

Before the class:

  1. Study all sections of Stamp Chapter 7 (Feel free to compliment your reading with Stamp video lectures on Chapter 7).
  2. StudyPasswords — A Guide to the Ruins and Lessons for Improvement” by Dr. Cormac Herley (length: 1h25m).

In the class:

  1. Discussion of the material studied for this class.
  2. Quiz on the study material for the class.

28

Instructor’s Office Hours 10:05–10.55 AM.

29

Topic: Economic,  Organizational, and Political Aspects of Cybersecurity

Before the class:

Study video lectures on the economics of cybersecurity:

Part 1: Basics (42m)

  1. Study A brief history (8m).
  2. Study Introduction to economics (10m).
  3. Study The economics of information goods (13m).
  4. Study Security from an economic perspective (11m),

Part 2: Security Metrics (39m)

  1. Study What to measure? (9m).
  2. Study Measuring security levels (9m).
  3. Study Metrics in practice (9m).
  4. Study Metrics from incident data (12m).

During the class:

  1. Discussion of the material studied for this class.
  2. Quiz on the study material for the class.

 

 

30

Assignment #4
due 9:00 PM.

 

November
Week # Monday Tuesday Wednesday Thursday Friday
9

2

5-5:50 PM: Tutorial Session, 6-7 PM: TA office hours. Both on Zoom

3

Topic: Economic,  Organizational, and Political Aspects of Cybersecurity

Before the class:

Study video lectures on the economics of cybersecurity (continued):

Part 3: Security Investment and Risk Management (47m)

  1. Study Information security strategy (11m).
  2. Study Information security investment (10m).
  3. Study Risk management (13m).
  4. Study Operational security management (13m).

Part 4: Market Failures (43m)

  1. Study Market failures (12m).
  2. Study Policy interventions (13m).
  3. Study Case study 1: Information sharing in incident response (8m).
  4. Study Case study 2: payment card security (10m).

Part 5: Behavioural research into security & Policy Implications (38m)

  1. Study Prospect Theory (10m).
  2. Study Heuristics and social persuasion (16m),
  3. Optionally, watch Consumer behaviour and deception,
  4. Study Behavioural economics of privacy (12m).
  5. Optionally, watch Security economics and policy.

During the class:

  1. Discussion of the material studied for this class.
  2. Quiz on the study material for the class.

4

Instructor’s Office Hours 10:05–10.55 AM.

 

5

Topic: Human Aspects of Cybersecurity

Before the class:

Video lectures on usable privacy and security:

  1. Study 1 — Introduction (56m).
  2. Optionally, watch 2 — Design.

During the class:

  1. Discussion of the material studied for this class.
  2. Quiz on the study material for the class.

6

(Required for analysis projects. Optional for other teams.) Prefinal reports of the term projects are due 10 PM via Canvas.

(For those teams that submitted prefinal drafts.) Evaluation of your project team members WRT Finalized Introduction, Related Work, and Methodology sections through iPeer due 11:00 PM.

10

9

5-5:50 PM: Tutorial Session, 6-7 PM: TA office hours. Both on Zoom

10

Topic: Human Aspects of Cybersecurity

Before the class:

  1. Study 3 — Evaluating usable security design (1h13m).
  2. Study 4 — Guidelines for Secure Interaction Design (58m).
  3. Optionally, watch 5 –Usable Authentication.
  4. Study 6 –Usable Privacy (43m).
  5. Optionally, watch TED Talk “What’s wrong with your pa$$w0rd?

During the class:

  1. Discussion of the material studied for this class.
  2. Quiz on the study material for the class.

11

Remembrance Day, UBC closed

No office hours

12

Topic: Case Study: Bitcoin

Before the class:

  1. Study 1. Introduction to Bitcoin and Blockchain Cryptography (1h).

During the class:

  1. Discussion of the material studied for this class.
  2. Quiz on the study material for the class.

13

Assignment #5 (WebGoat)
due 9:00 PM

Evaluation of your project team members WRT Assignment #5 through iPeer due 11:00 PM.

11

16

coin-mining contest starts at 11:00 AM.

5-5:50 PM: TA office hours.

17

Topic: Case Study: Bitcoin

Before the class:

  1. Study 2. How Bitcoin Achieves Decentralization (1h14m).
  2. Study 3. Mechanics of Bitcoin (1h20m).

During the class:

  1. Discussion of the material studied for this class.
  2. Quiz on the study material for the class.
  3. Tutorial on Making Oral Technical Presentations by Dr. Tatiana Teslenko

 

18

Instructor’s Office Hours 10:05–10.55 AM.

 

19

Topic: Case Study: Bitcoin

Before the class:

  1. Study 4. How to Store and Use Bitcoins (1h22m).
  2. Optionally, view 5. Bitcoin Mining

During the class:

  1. Discussion of the material studied for this class.
  2. Quiz on the study material for the class.

20

Submission of Term project video clips due 9 PM.

Evaluation of your project team members WRT Project Video Clip through iPeer due 11:00 PM.

12

23

 

24

Topic: Case Study: Bitcoin

Before the class:

  1. Study 6. Bitcoin and Anonymity (1h52m).
  2. Optionally, watch 7. Bitcoin Community, Politics, and Regulation.
  3. Optionally, watch 10. Altcoins and the Cryptocurrency Ecosystem (1h5m).

During the class:

  1. Discussion of the material studied for this class.
  2. Quiz on the study material for the class.
  3. Where to go from here.

25

Instructor’s Office Hours 10:05–10.55 AM.

26

Term project presentations

  • Team 9: Security Analysis of PlaceSpeak Inc. Web Application
  • Team 8: Designing a Secure Bike Share System
  • Team 3: MiniSec: A Cryptographically Secure Protocol for Computationally-Restricted Flash Devices
27
13

30

 

December 1

Term project presentations

  • Team 7: Reverd Phone Scam Stopper Analysis and Improvement
  • Team 5: AuthK-9
  • Team 4: Design of PassBook: Secure Local Storage of Encrypted Passwords

December 2

Instructor’s Office Hours 10:05–10.55 AM.

December 3

Term project presentations

  • Team 2: Analysis of UBC Mattermost
  • Team 1: ShareSafe – Secure File Transfer App for Android and Windows
  • Team 6: FirstImpression Password Manager

Evaluation of your project team members WRT Project Presentation through iPeer due 11:00 PM.

December 4

 

 

December
Week # Monday Tuesday Wednesday Thursday Friday
14

7

coin-mining contest ends at 9:00 PM.

8

 

9

Instructor’s Office Hours 10:05–10.55 AM.

10

11

Term project reports due 9:00 PM via Canvas.

Evaluation of your project team members WRT Term Project Report through iPeer due 11 PM.

 

15 14 15

16

Instructor’s Office Hours 10:05–10.55 AM.

17

18

Final examination 7:00 PM.

16 21 22 23 24

25

Christmas Day. University closed.