Calendar

For submission deadlines, please see the Canvas site of the course.

This calendar is subject to change. Always check the calendar before planning your studies.

Colour legend:
regular session day no session day Major quiz student presentations exam
September
Week # Monday Tuesday Wednesday Thursday Friday
1 6

7

UBC-wide orientation.
No classes.

8

9

Before the class:

  1. Connect to the course on Canvas.
  2. Sign up for Piazza site of the course to receive course announcements.
  3. Learn about academic integrity by studying UBC’s Policy on Academic Misconduct and information resources provided at  “Understand Academic Integrity“. 
  4. Study the course syllabus.

Learning objectives:

  1. Academic Integrity

During the class:

  1. Course overview.
  2. Quiz on the knowledge of the course syllabus and academic integrity.

 

10
2

13

10:00–10:50 AM:
Instructor’s In-person Office Hours, KAIS 4047

14

Topic: Buffer Overflow

Before the class:

  1. Make sure you can connect to the course on Canvas to be able to take the Entrance Quiz during the class.
  2. Study and prepare to be quizzed on buffer overflow:
    1. Vulnerability and Exploits (watch from 25:45 to the end)
    2. Countermeasures (watch from 25:43 to 43:48)
  3. Refresh your memory on discrete math essentials: Read Appendix 2 from Stamp and watch this video-lecture by Stamp.
  4. Optionally, read a detailed analysis of a buffer overflow vulnerability in an earlier version of WhatsApp.

Learning Objectives:

  1. Buffer Overflow
  2. Discrete Math Essentials

During the class:

  1. Entrance Quiz on Buffer Overflow and Math Essentials
  2. Presentations of term papers from previous cohorts.

 

15

01:00–01:50 PM: Instructor’s Zoom Office Hours

16

Topic: Introduction to Cybersecurity

Before the class:

  1. Study sections 1.1-1.6 & 1.8 of Chapter 1 from Computer Security and the Internet: Tools and Jewels [CSI-TJ].

During the class:

  1. Discussion of the material studied for this class.
  2. Quiz on the study material for the class.
17
3

20

10:00–10:50 AM:
Instructor’s In-person Office Hours, KAIS 4047

 

21

Topic: Principles of Designing Secure Systems 

Before the class:

  1. Study section 1.7 of Section 1.7 from Computer Security and the Internet: Tools and Jewels [CSI-TJ].

Learning objectives:

  1. Design Principles

During the class:

  1. Quiz on the study material for the class.
  2. Discussion of the material studied for this class.

22

01:00–01:50 PM: Instructor’s Zoom Office Hours

23

Topic: Introduction to Cryptography (part I)

Before the class:

    1. Read Legal Implications of Real World Security Analysis (password is provided via Piazza).
    2. Study Cryptography 101: Goals, BasicsSubstitution Ciphers
    3. Study all micro-modules of ancient cryptography and  Ciphers modules.
    4. Study Stamp Sections 2.1–2.3.5, 2.5, 2.6. Feel free to supplement the reading with Stamp video lectures on on the corresponding sections.
    5. Optionally, read Stamp 2.3.6-2.3.8.

Learning Objectives:

  1. Introduction to Cryptography (part I)

During the class:

    1. Quiz on the study material for the class.
    2. Discussion of the material studied for this class.
24
4

27

10:00–10:50 AM:
Instructor’s In-person Office Hours, KAIS 4047

28

Topic: Introduction to Cryptography (part II)

Before class:

  1. Study Vigenere cipher by reading Anderson Section 5.2.1.
  2. Bonus Material: Playfair cipher:
    1. Playfair Cipher video.
    2. Playfair Cipher mechanics.
  3. Get clear understanding of confusion and diffusion properties of ciphers by studying this short explanation.
  4. Study Stamp: Section 2.4. Feel free to supplement the reading with Stamp video lectures on on the corresponding sections.
  5. Study Random Oracle model and its versions for hash functions, block ciphers, and stream ciphers:
    1. Anderson: Section 5.3 (introduction, 5.3.1, 5.3.2, 5.3.3).
    2. Random Oracle in Pictures.
  6. Study properties of hash functions: Stamp: Sections 5.1 & 5.2. Feel free to supplement the reading with a video of Stamp’s lecture on Hash Function properties.
  7. Bonus Material: study Birthday Paradox and Birthday Attack. Stamp: Sections 5.3, 5.4.

Learning Objectives:

  1. Introduction to Cryptography (part II)

During the class:

  1. Quiz on the study material for the class.
  2. Work on practice problems and questions on the material studied for this class.

29

01:00–01:50 PM: Instructor’s Zoom Office Hours

30

Truth and Reconciliation Day

No Classes

October 1
October
Week # Monday Tuesday Wednesday Thursday Friday
5

4

10:00–10:50 AM:
Instructor’s In-person Office Hours, KAIS 4047

 

5

Topic: Stream and Block Ciphers Under The Hood

Before the class:
(most videos are short)

  1. Optionally, view this gentle introduction into stream ciphers, videos 1, 2, 3,
  2. Study Stamp Sections 3.1-3.2. Feel free to supplement the reading with Stamp video lectures: parts 1& 2 from Chapter 3.
  3. Study random number generators video 1, and Stamp’s lecture on Random Numbers in Cryptography.
  4. Study A5/1 cipher
    1. Pages 7-10 of the slides.
    2. Video animation of A5/1.
  5. Study required properties of block ciphers (5m).
  6. Study AES
    1. Stamp Section 3.3.4, feel free to compliment it with viewing Stamp’s lecture on AES.
    2. AES animation demo (may need to download the demo).
  7. Bonus Material: Study videos 1, 2, 5, 11, 12, 13 on the mechanics of AES.
  8. Optionally, watch the rest of the video lectures on AES (3, 4, 6, 7, 8, 9, 10, 14, 15) from applied crypto playlist.

Learning Objectives: Stream and Block Ciphers Under The Hood

During the class:

  1. Quiz on the study material for the class.
  2. Discussion of the material studied for this class.

6

01:00–01:50 PM: Instructor’s Zoom Office Hours

7

Topic: Modes of Operation and Hash Functions

Before the class:

  1. Study modes of operation for block ciphers
    1. Study Stamp Section 3.3.7. (Feel free to supplement the reading with Stamp video lectures: parts 8 & 9 of Chapter 3.)
    2. Study modes of operations for block ciphers: ECB, CBC, and CTR, and optionally: CFB.
  2. Study MAC: Stamp Section 3.4.
  3. Study hash functions:
    1. Study Non-cryptographic Hash Functions Stamp Section 5.5. (Feel free to supplement the reading with Stamp video lectures for Chapter 5)
    2. Study Cryptographic hash functions: video Lecture 1.1 (first 21 minutes) of this video material on Cryptocurrencies.
    3. Study Applications of Hash Functions: Stamp Sections 5.7, 5.8. (Feel free to supplement the reading with Stamp video lectures for Chapter 5.)
    4. Optionally, watch HMAC video (from 6m12s to the end).

Learning Objectives: Modes of Operation and Hash Functions

During the class:

  1. Quiz on the study material for the class.
  2. Discussion of the material studied for this class.
8
6

11

Thanksgiving Day. University closed.

No Classes, Tutorials, or Office Hours

12

In the class:

Term paper proposal presentations

Last day to obtain authorization for third-party system security analysis from the UBC IT Security.

 

 

 

13

01:00–01:50 PM: Instructor’s Zoom Office Hours

14

Topic: Asymmetric Ciphers 

Before the class:

  1. Study Stamp Chapter 4, all sections except 4.3.2, 4.3.3, 4.5. (which are optional). Feel free to supplement the reading with Stamp video lectures on Chapter 4.

Learning Objectives:

  1. Public Key Cryptography

During the class:

  1. Quiz on the study material for the class.
  2. Discussion of the material studied for this class.
15
7

18

10:00–10:50 AM:
Instructor’s In-person Office Hours, KAIS 4047

 

19

Topic: Authentication and Key Establishment Over Insecure Networks

Before the class:

  1. Review DH protocol with this very affordable videos.
  2. Study Stamp Sections 9.1-9.4, 9.6, 9.7. Feel free to supplement the reading with Stamp video lectures on Chapter 9.

Learning Objectives: Simplified Authentication and Key Establishment Protocols

During the class:

  1. Discussion of the material studied for this class.
  2. Quiz on the study material for the class.

20

01:00–01:50 PM: Instructor’s Zoom Office Hours

21

Mid-term exam

The exam is on all the material studied until the exam.

22

 

8

25

10:00–10:50 AM:
Instructor’s In-person Office Hours, KAIS 4047

26

Topic: Real World Security Protocols

Before the class:

  1. Study Stamp Sections 10.1, SSH (10.2), SSL (10.3), Kerberos (10.5), 10.8. You can compliment your reading with Stamp video lectures on Chapter 10.
  2. Bonus Material: Stamp Sections on WEP  (10.6), and GSM (10.7).
  3. Optionally, watch WEP vs. WPA explanation.

Learning Objectives: Real World Security Protocols

During the class:

  1. Quiz on the study material for the class.
  2. Discussion of the material studied for this class.

27

01:00–01:50 PM: Instructor’s Zoom Office Hours

28

Topics: Designing and Building (More) Secure Software

Before the class:

  1. Study the following parts of Software Security Lecture 4:
    1. Security Requirements and Abuse Cases (26m46s-30m14s).
    2. Design Flaws (30m20s-32m46s).
    3. Top Design Flaws (1h07m18s-1h16m30s).
    4. TFTPD case study (1h16m30s-1h27m45s).
  2. Bonus Material: Web (in)Security.

Learning Objectives: Designing and Building (More) Secure Software

During the class:

  1. Quiz on the study material for the class.
  2. Discussion of the material studied for this class.
  3. Midterm anonymous feedback for the teaching staff.
29
November
Week # Monday Tuesday Wednesday Thursday Friday
9

1

10:00–10:50 AM:
Instructor’s In-person Office Hours, KAIS 4047

2

Topic: Authentication of Humans to Computers

Before the class:

  1. Study all sections of Stamp Chapter 7 (Feel free to compliment your reading with Stamp video lectures on Chapter 7).
  2. Bonus Material: Passwords — A Guide to the Ruins and Lessons for Improvement” by Dr. Cormac Herley (length: 1h25m).

Learning Objectives: Authentication of Humans to Computers

During the class:

  1. Quiz on the study material for the class.
  2. Discussion of the material studied for this class.

3

01:00–01:50 PM: Instructor’s Zoom Office Hours

 

4

Topic: Economic,  Organizational, and Political Aspects of Cybersecurity

Before the class:

Study video lectures on the economics of cybersecurity:

Part 1: Basics (42m)

  1. Study A brief history (8m).
  2. Study Introduction to economics (10m).
  3. Study The economics of information goods (13m).
  4. Study Security from an economic perspective (11m),

Part 2: Security Metrics (39m)

  1. Study What to measure? (9m).
  2. Study Measuring security levels (9m).
  3. Study Metrics in practice (9m).
  4. Study Metrics from incident data (12m).

Learning Objectives: Economic,  Organizational, and Political Aspects of Cybersecurity

During the class:

  1. Quiz on the study material for the class.
  2. Discussion of the material studied for this class.
5
10

8

10:00–10:50 AM:
Instructor’s In-person Office Hours, KAIS 4047

9

Topic: Economic,  Organizational, and Political Aspects of Cybersecurity

Before the class:

Study video lectures on the economics of cybersecurity (continued):

Part 3: Security Investment and Risk Management (47m)

  1. Study Information security strategy (11m).
  2. Study Information security investment (10m).
  3. Study Risk management (13m).
  4. Study Operational security management (13m).

Part 4: Market Failures (43m)

  1. Study Market failures (12m).
  2. Study Policy interventions (13m).
  3. Study Case study 1: Information sharing in incident response (8m).
  4. Study Case study 2: payment card security (10m).

Part 5: Behavioural research into security & Policy Implications (38m)

  1. Study Prospect Theory (10m).
  2. Study Heuristics and social persuasion (16m),
  3. Study Behavioural economics of privacy (12m).
  4. Optionally: Consumer behaviour and deception,
  5. Optionally: Security economics and policy.

Learning Objectives: Economic,  Organizational, and Political Aspects of Cybersecurity

During the class:

  1. Quiz on the study material for the class.
  2. Discussion of the material studied for this class.

10

Midterm Break, No Classes or Office Hours

11

Midterm Break, No Classes

Remembrance Day, UBC closed.

12

Midterm Break, No Classes

11

15

10:00–10:50 AM:
Instructor’s In-person Office Hours, KAIS 4047

16

Topic: Usable Privacy and Security

Before the class:

  1. Study 1 — Introduction (56m).
  2. Study 3 — Evaluating usable security design (1h13m).
  3. Study Neilsen’s Usability Heuristics.
  4. Optionally, watch 2 — Design.

Learning Objectives:

During the class:

  1. Discussion of the material studied for this class.
  2. Quiz on the study material for the class.

17

11:00–11:50 AM: Instructor’s Zoom Office Hours

18

Topic: Usable Privacy and Security

Before the class:

  1. Study 4 — Guidelines for Secure Interaction Design (58m).
  2. Study 5 –Usable Authentication (49m).
  3. Optionally: Read Section 3 (“Design Principles”) of User Interaction Design for Secure Systems by Ka-Ping Yee.

Learning Objectives:

During the class:

  1. Discussion of the material studied for this class.
  2. Quiz on the study material for the class.
19
12

22

10:00–10:50 AM:
Instructor’s In-person Office Hours, KAIS 4047

23

Topic: Case Study: Bitcoin

Before the class:

  1. Study 1. Introduction to Bitcoin and Blockchain Cryptography (from 20th minute of the video to the end).

Learning Objectives: Case Study: Bitcoin

During the class:

  1. Discussion of the material studied for this class.
  2. Quiz on the study material for the class.

24

01:00–01:50 PM: Instructor’s Zoom Office Hours

25

Topic: Case Study: Bitcoin

Before the class:

  1. Study 2. How Bitcoin Achieves Decentralization (1h14m).

Learning Objectives: Case Study: Bitcoin

During the class: 

  1. Discussion of the material studied for this class.
  2. Quiz on the study material for the class.
  3. Tutorial on Making Oral Technical Presentations by Dr. Tatiana Teslenko
26
December
Week # Monday Tuesday Wednesday Thursday Friday
13

November 29

10:00–10:50 AM:
Instructor’s In-person Office Hours, KAIS 4047

November 30

Topic: Case Study: Bitcoin

Before the class:

  1. Study 3. Mechanics of Bitcoin (1h20m).

Learning Objectives:

During the class:

  1. Discussion of the material studied for this class.
  2. Quiz on the study material for the class.

December 1

01:00–01:50 PM: Instructor’s Zoom Office Hours

2

Topic: Case Study: Bitcoin

Before the class:

  1. Study 4. How to Store and Use Bitcoins (1h22m).
  2. Bonus Material: 5. Bitcoin Mining
  3. Bonus Material: Study 6. Bitcoin and Anonymity (1h52m).
  4. Optionally, watch 7. Bitcoin Community, Politics, and Regulation.
  5. Optionally, watch 10. Altcoins and the Cryptocurrency Ecosystem (1h5m).

Learning Objectives:

During the class:

  1. Discussion of the material studied for this class.
  2. Quiz on the study material for the class.

3

 

14

6

10:00–10:50 AM:
Instructor’s Zoom Office Hours

7

During the class:

  1. Where to go from here.
  2. Mini-conference, term papers, and final exam Q&A.

8

02:00–02:50 PM: Instructor’s Zoom Office Hours

9

10

Course mini-conference with term project presentations.

Location: CEME 1215

15 13 14 15 16

17

Final Exam
12:00-2:30 PM

 

16 20 21 22 23 24