Lecture/

Date

Topics

Slides

Week 1

(Aug 30)

 

Lecture 0

Introduction / Overview

 

 

 (Lecture 0: Introduction or Overview)

(Reading Materials)

Week 2

(Sept 6)

 

Lecture 1

Secure Software Development Models/Methodology & Assurance

(Reading Materials)

 

 

[If time permits]

Lecture 2

Secure Software Development Models/Methodology & Assurance: Building Security In

 

(From Book: Building Security In + Reading List ) 

 

(Lecture 1)

(Reading Materials)

(Lecture 2)

Week 3

(Sept 13)

(Continue from Lecture 2 slide 7)

Secure Programming

·         Strings,

·         Pointer Subterfuge

(From Book: Secure Coding in C and C++)

(Lecture 3)

(Lecture 4)

Week 4

(Sept 20)

Rescheduled on Sept 23

Continue from previous week

Secure programming: Dynamic Memory Management

(From Book: Secure Coding in C and C++)

(Lecture 5)

Week 5

(Sept 27)

(Continue Lecture 5)

Secure Programming

Race Conditions, Integer Issues  & Other Issues (From Books: Secure Coding in C and C++)

Static & Dynamic Analysis

(From Book: Secure Programming with Static Analysis & papers)

(Lecture 6)

(Lecture 7)

(Self-study: Read the chapter)

(Lecture 8)

Week 6

(Oct 4)

(Start Lecture 8: Static Analysis)

Web Security & Defenses

·         SQL Injection

·         Cross-Site Scripting

 

(Lecture 9)

Week 7

(Oct 12)

(Continue Lecture 9, around slide 13 – 14)

Supply Chain Security

(Lecture 10)

Week 8

(Oct 18)

MIDTERM

Week 9

(Oct 25)

(Continue Lecture 10)

Formal methods

(Lecture 11)

(Updated on Nov 8)

Week 10

(Nov 1)

(Continue Lecture 11)

Blockchain (Kuheli Sai)

Java Security

(Blockchain)

(Lecture 12)

Week 11

(Nov 8)

(Continue remaining materials from Lectures 11-12)

Heathcare Security and Privacy

(Lecture 13)

Week 12

(Nov 15)

(Continue remaining part of Lecture 12, and 13)

Presentation by Zhendong Wang (PhD student)

(Healthcare-De-Identification)

(Nov 22)

Thanksgiving

 Week 13

(Nov 29)

Presentation of Research Papers

 (Focus Area for papers: HEALTHCARE IT SECURITY)

1.     Trust Enhanced Cloud Security for Healthcare Services

(Paper Link)

Presenter: Aashima Sharma

Primary Reviewer: Akshay Parab

Secondary Reviewer: Aneesh Sule

2.     How Secure is the Healthcare Network from Insider Attacks? An Audit Guideline for Vulnerability Analysis

(Paper Link)

Presenter: Chi-Heng Hung

Primary Reader: Emily Kauffman

Secondary Reviewer: Yuanyuan Zhang

3.     Cybersecurity of Healthcare IoT-Based Systems: Regulation and Case-Oriented Assessment

(Paper Link

Presenter: Shenghui Yang

Primary Reader: Ashutosh Burde + Amar Alsaggaf

Secondary Reviewer: Emily Kauffman

4.     Towards Autonomic Security Management of Healthcare Information Systems

(Paper Link)

Presenter: Andrew Lacey

Primary Reviewer: Aravindhan Anbarasu

Secondary Reviewer: Tushar Shetty

5.     On the design of a Blockchain-based system to facilitate Healthcare Data Sharing

(Paper Link)

Presenter: Yue Sun

Primary Reviewer: Huiying Liu & Zhendong Wang

Secondary Reviewer: Akshay Parab

6.     A Secure Framework For Medical Information Exchange (MI-X) Between Healthcare Providers

(paper Link)

Presenter: Kuheli Sai

Primary Reviewer: Aneesh Sule

Secondary Reviewer: Aravindhan Anbarasu

7.     Fitness Trackers: Fit for Health but Unfit for Security and Privacy

(Paper Link)

Presenter: Yixiao Gao

Primary Reviewer: Yuanyuan Zhang

Secondary Reviewer: Huiying Liu + Amar Alsaggaf

8.     A Patient Centered Cloud Platform for Mobile-Health Enabled Clinical Research

(Paper Link)

Presenter: Haobing Huang

Primary Reviewer: Tushar Shetty

Secondary Reviewer: Ashutosh Burde & Zhendong Wang

8 Research

Papers

 Week 14

(Dec 3)

Presentation of Research Papers

(Focus Area for papers: SQL/XSS)

1.     Automatic Web Security Unit Testing: XSS Vulnerability Detection

(Paper Link)

Presenter: Huiying Liu

Reviewer 1: Kuheli Sai

Reviewer 2: Yixiao Gao

2.     Source Code Patterns of SQL Injection Vulnerabilities

(Paper Link)

Presenter: Zhendong Wang

Reviewer 1:Yue Sun

Reviewer 2:Chi-Heng Hung

3.     SWAP: Mitigating XSS Attacks using a Reverse Proxy

(Paper Link)

Presenter: Aneesh Sule

Reviewer 1: Emily Kauffman

Reviewer 2: Aashima Sharma

4.     Analysis of Effectiveness of Black-Box Web Application Scanners in Detection of Stored SQL Injection and Stored XSS Vulnerabilities

(Paper Link)

Presenter: Ashutosh Burde

Reviewer 1: Haobing Huang

Reviewer 2: Shenghui Yang

5.     Finding SQL Injection and Cross Site Scripting Vulnerabilities with Diverse Static Analysis Tools

(Paper Link)

Presenter: Yuanyuan Zhang

Reviewer 1: Andrew Lacey

Reviewer 2: Emily Kauffman

6.     Improving Web Application Firewalls to detect advanced SQL injection attacks

(Paper Link)

Presenter: Akshay Parab

Reviewer 1: Aashima Sharma

Reviewer 2:Amar Alsaggaf

6 Research Papers

Week 15

(Dec 3)

Presentation of Research Papers

(Focus Area for papers: HEALTHCARE IT SECURITY)

1.     Developing a SSE-CMM-based Security Risk Assessment Process for Patient-Centered Healthcare Systems

2.     Towards a Software Engineering Approach for Cloud and IoT Services in Healthcare

3.     Security testing for Android mHealth apps

4.     On Design of A Fine-Grained Access Control Architecture for Securing IoT-Enabled Smart Healthcare Systems

Note: Project presentation/Demo should be arranged for this week.