News:
Congratulations to all on successfully completing the Mobile Systems Security course. Grades have been sent out.
Introduction
This is the course space for the Aalto University Department of Computer Science and the University of Helsinki Department of Computer Science course on Mobile Systems Security. The course code is CS-E4310 for Aalto University and 582704 for University of Helsinki. The course is worth 5 credits, which are earned by participating in weekly lectures, completing weekly exercises, and completing either a programming project or research survey. There is no exam.
Course staff: N. Asokan, Andrew Paverd, Thomas Nyman, Filippo Bonazzi, Jian Liu, Samuel Marchal.
The course staff can be reached by email individually at firstname.lastname@aalto.fi or collectively at mss-staff@list.aalto.fi.
The course has a MyCourses space (CS-E4310 - Mobile Systems Security) for returning exercise answers and other assignments. The general discussion forum in the MyCourses space can also be used for questions and discussion about the weekly exercises.
Pre-requisites
The course is designed for people who have already taken a basic security and/or crypto course. For example, you should have a basic understanding of concepts from cryptography like digital signatures, symmetric and asymmetric key encryption algorithms, cryptographic hash functions. You should also have some familiarity with notions like user and data authentication. For example, Aalto course CS-C3130 or CS-E4300 will provide more than enough background.
Registration
As the evaluation in the course will be based entirely on continuous assessment, we need to limit the total number of students allowed to take the course for credit. In previous years, interest for the course has exceeded available capacity. For this reason we want to make sure that the participants taking the course for credit have the necessary background and are committed to completing the course. To this end, we ask all students signed up for the course to confirm their participation by sending an e-mail to the course staff explicitly confirming each of the items below:
- You have already completed your bachelor's degree (say where)
- You have taken at least one security course before (say what course and where)
- You are committed to completing this course (see below for requirements for completing the course)
- Whether you would like to do either (1) a programming project; or (2) a research survey.
- The e-mail address you use to login to MyCourses (UH students: you must login to MyCourses once before we can add you to the course page)
Participation must be confirmed in this manner by Thursday, 12 January at the latest.
Students must also register for the course through Aalto University or University of Helsinki.
Tentative Schedule
Lectures: Tuesday mornings (10:15 - 12:00), Lecture hall T3 in the CS building (Otaniemi, Konemiehentie 2)
Video Recording: We will attempt to record the lectures and publish the videos on the wiki within a few days (however, we make no guarantees about recording quality).
Exercise Sessions: Thursday mornings (10:15 - 12:00), Lecture hall T3 in the CS building (Konemiehentie 2, Otaniemi). Attending exercises sessions is compulsory. You are required to achieve 80% attendance in order to pass the course.
Feedback surveys
Students provided intermediate feedback at the end of the first month. Here is a report summarizing the feedback and the discussing corrective measures.
Date | Lecture | Exercises | Programming Project | Research Survey |
---|---|---|---|---|
Tue 10.1 | Introduction to the course [slides, recording] , | Exercise 1 , due Tue 17.1 | Survey topics published: Tue 10.1 | |
Thu 12.1 | General briefing on Thu 12.1 | |||
Tue 17.1 | Exercise 2 , due Tue 24.1 | Deadline for own project proposals: Tue 17.1 | ||
Thu 19.1 | Exercise 1 solutions discussed on Thu 19.1 | Deadline for project preferences: Thu 19.1 | Deadline for survey preferences: Thu 19.1 | |
Tue 24.1 | Exercise 3 , due Tue 31.1 | |||
Thu 26.1 | Exercise 2 solutions discussed on Thu 26.1 | Project topics assigned: Thu 26.1 (tentative) | Survey topics assigned: Thu 26.1 (tentative) | |
Tue 31.1 | Exercise 4 , due Tue 7.2 | |||
Thu 2.2 | Exercise 3 solutions discussed on Thu 2.2 | |||
Tue 7.2 | L5: Usability of Platform Security [slides, recording] | Exercise 5 , due Tue 21.2 (2 weeks) |
| |
Thu 9.2 | Preliminary feedback survey results [slides] and e xercise 4 solutions discussed on Thu 9.2 | |||
Tue 14.2 | No lecture |
| ||
Thu 16.2 | Extra lecture: IoT Security [slides1, slides2, recording] | |||
Tue 21.2 |
|
|
| |
Thu 23.2 | Exercise 5 solutions discussed on Thu 23.2 | |||
Tue 28.2 | Guest lecture: SEAndroid policy exploration Jan-Erik Ekberg (DarkMatter) [recording] |
| Survey first draft deadline: Tue 28.2 | |
Thu 2.3 | Mid-point project presentations: Thu 2.3 | |||
Tue 7.3 | No lecture |
| ||
Thu 9.3 | Extra lecture: Machine Learning & Security [slides, recording] | |||
Tue 14.3 |
| |||
Thu 16.3 | ||||
Tue 21.3 (10 - 12) | Final survey presentations |
| Final survey presentations: Tue 21.3, Wed 22.3, & Thu 23.3 | |
Tue 28.3 | Final project presentations | Final project presentations: | ||
Tue 4.4 | Final project report due Tue 4.4 | Final survey paper due Tue 4.4 | ||
Thu 6.4 | Thu 6.4 reserved for course activities (tentative) |
Homework and evaluation
- Weekly exercises (individual)
- Exercises reflect on and extend the topics covered in each lecture (estimated time equivalent to 3 ECTS credits).
- Published on Tuesdays, based on the lecture and have deadline on the following Tuesday (at 23:55); returns in writing (PDF or plain text) through MyCourses .
- Exercises are graded 0 (not done or very poor) - 12 (excellent).
- Students are required to participate in Thursday sessions during which the solutions to the exercises are discussed. Attendance in 80% of the exercise sessions is mandatory to pass the course.
- Programming project (groups of 2)
- Estimated time equivalent to 2 ECTS credits
- List of programming projects will be available when the course begins.
- Students may select 3 preferred topics or propose their own, using the project selection form, before Thursday, 19 January.
- Projects will be assigned by Thursday, 26 January (tentative).
- Mid-point project presentations will be held on Thursday, 2 March ( Graded 0-10).
- Final project presentations will be held on Tuesday, 28 March and Thursday, 30 March ( Graded 0-10).
- A final project report (one per group) must be submitted as a PDF document through MyCourses by Tuesday, 4 April ( Graded 0-20).
- Research survey (individual)
- Estimated time equivalent to 2 ECTS credits
- List of survey topics will be available when the course begins.
- All participants must select 3 preferred topics, using the survey selection form, before Thursday, 19 January.
- Survey topics will be assigned by Thursday, 26 January (tentative).
- A first draft of the survey must be submitted through MyCourses by Tuesday, 28 February (Graded 0-10).
- Final survey presentations on Tuesday 21 March, Wednesday 22 March and Thursday 23 March ( Graded 0-10).
- A final survey must be submitted as a PDF document through MyCourses by Tuesday, 4 April ( Graded 0-20).
Requirements for completing the course
To complete the course you must:
- submit solutions to all exercises
- attend at least 80% of the exercise sessions
- either:
- Programming project: give a mid-point presentation; give a final presentation; and submit your final code and project report.
or
- Research survey: submit a first draft; give a final presentation; and submit your final survey paper.
- make sure that all your required submissions are done on time
Please note that late submissions are grounds for 0 points; we recommend that you set your personal deadline a day or two earlier to have some buffer for disasters, particularly if you tend to leave work close to deadlines.
Supplementary book
There is a supplementary course book: Mobile Platform Security by Asokan, Davi, Dmitrienko, Heuser, Kostiainen, Reshetova and Sadeghi (2013). Aalto students will have free access to the book online (PDF) . For UH students, there are a limited number of copies available to borrow. Ask the course staff.