Schedule

By Mike Hicks

January 2, 2026

Date	Topic / Speaker	Readings & handouts
Jan 15	Introduction and syllabus	S. Keshav. How to Read a Paper. ACM SIGCOMM Computer Communication Review, Volume 37, Number 3, July 2007.
Jan 20	Attacks: Vulnerability exploitation	MITRE. 2025 CWE Top 25 Most Dangerous Software Weaknesses. Dec 2025. Marc Frederic Gomez. Top 25 CWE 2025 - Technical Analysis. Blog article, Dec 2025. OWASP. OWASP Top 10: The Ten Most Critical Web Application Security Risks. Dec 2025. Christian Heilmann. Web Security: Are You Part of the Problem?. Smashing magazine, Jan 2010.
Jan 22	Attacks: Exploiting the human	Ho, Grant, et al. Understanding the efficacy of phishing training in practice. 2025 IEEE Symposium on Security and Privacy (SP). IEEE, 2025. Optional: Lorrie Faith Cranor. A Framework for Reasoning About the Human in the Loop. In Proceedings of UPSEC 2008.