Congratulations to all on successfully completing the Mobile Systems Security course. Grades have been sent out.

 

Introduction

Course staff: N. Asokan, Andrew Paverd, Thomas Nyman, Filippo Bonazzi, Jian Liu, Samuel Marchal.

The course staff can be reached by email individually at firstname.lastname@aalto.fi or collectively at mss-staff@list.aalto.fi.

The course has a MyCourses space (CS-E4310 - Mobile Systems Security) for returning exercise answers and other assignments. The general discussion forum in the MyCourses space can also be used for questions and discussion about the weekly exercises.

Pre-requisites

The course is designed for people who have already taken a basic security and/or crypto course. For example, you should have a basic understanding of concepts from cryptography like digital signatures, symmetric and asymmetric key encryption algorithms, cryptographic hash functions. You should also have some familiarity with notions like user and data authentication. For example, Aalto course CS-C3130 or CS-E4300 will provide more than enough background.

Registration

  • You have already completed your bachelor's degree (say where)
  • You have taken at least one security course before (say what course and where)
  • You are committed to completing this course (see below for requirements for completing the course)
  • Whether you would like to do either (1) a programming project; or (2) a research survey.
  • The e-mail address you use to login to MyCourses (UH students: you must login to MyCourses once before we can add you to the course page)

Participation must be confirmed in this manner by Thursday, 12 January at the latest.

Students must also register for the course through Aalto University or University of Helsinki.

Tentative Schedule

Lectures: Tuesday mornings (10:15 - 12:00), Lecture hall T3 in the CS building (Otaniemi, Konemiehentie 2)

Video Recording: We will attempt to record the lectures and publish the videos on the wiki within a few days (however, we make no guarantees about recording quality).

Exercise Sessions: Thursday mornings (10:15 - 12:00), Lecture hall T3 in the CS building (Konemiehentie 2, Otaniemi). Attending exercises sessions is compulsory. You are required to achieve 80% attendance in order to pass the course.

Feedback surveys

Students provided intermediate feedback at the end of the first month. Here is a report summarizing the feedback and the discussing corrective measures.

 

DateLectureExercises Programming Project Research Survey

Tue 10.1

Introduction to the course [slides, recording] ,
L1: Overview of Platform Security [ slides]

Exercise 1 , due Tue 17.1

Project topics published: Tue 10.1

Survey topics published: Tue 10.1
Thu 12.1 General briefing on Thu 12.1  

Tue 17.1

L2: Platform Security in Android OS [slides, recording]

Exercise 2 , due Tue 24.1

 
Thu 19.1 Exercise 1 solutions discussed on Thu 19.1 Deadline for project preferences: Thu 19.1Deadline for survey preferences: Thu 19.1

Tue 24.1

L3: Mobile Platform Security [slides, recording]

Exercise 3 , due Tue 31.1

  
Thu 26.1 Exercise 2 solutions discussed on Thu 26.1Project topics assigned: Thu 26.1 (tentative)Survey topics assigned: Thu 26.1 (tentative)

Tue 31.1

L4: Mobile Hardware Platform Security [slides, recording]

Exercise 4 , due Tue 7.2

  
Thu 2.2 Exercise 3 solutions discussed on Thu 2.2  

Tue 7.2

L5: Usability of Platform Security [slides, recording]

Exercise 5 , due Tue 21.2 (2 weeks)

 

 
Thu 9.2 

Preliminary feedback survey results [slides] and e xercise 4 solutions discussed on Thu 9.2

  

Tue 14.2
[Aalto eval week]

No lecture

 

Thu 16.2
[Aalto eval week]

Extra lecture: IoT Security [slides1, slides2, recording] 

Tue 21.2

 

 

 

 
Thu 23.2 Exercise 5 solutions discussed on Thu 23.2  

Tue 28.2

Guest lecture: SEAndroid policy exploration
Jan-Erik Ekberg (DarkMatter) [recording]

 

 Survey first draft deadline: Tue 28.2

Thu 2.3

  Mid-point project presentations: Thu 2.3 

Tue 7.3
[ UH eval week ]

No lecture

 

  

Thu 9.3
[ UH eval week ]

Extra lecture: Machine Learning & Security [slides, recording]   

Tue 14.3

L6: Recent Research and Summary [slides, recording]

 

  
Thu 16.3    

Tue 21.3 (10 - 12)
Wed 22.3 (9 - 11)
Thu 23.3 (10 - 12)

Final survey presentations

 

 Final survey presentations:
Tue 21.3, Wed 22.3, & Thu 23.3

Tue 28.3
Thu 30.3

Final project presentations 

Final project presentations:
Tue 28.3 & Thu 30.3

 

Tue 4.4
[ Aalto eval week ]

  

Final project report due Tue 4.4

Final survey paper due Tue 4.4

Thu 6.4
[ Aalto eval week ]

Thu 6.4 reserved for course activities (tentative)   

 

Homework and evaluation

  • Weekly exercises (individual)
    • Exercises reflect on and extend the topics covered in each lecture (estimated time equivalent to 3 ECTS credits).
    • Published on Tuesdays, based on the lecture and have deadline on the following Tuesday (at 23:55); returns in writing (PDF or plain text) through MyCourses .
    • Exercises are graded 0 (not done or very poor) - 12 (excellent).
    • Students are required to participate in Thursday sessions during which the solutions to the exercises are discussed. Attendance in 80% of the exercise sessions is mandatory to pass the course.

  • Programming project (groups of 2)
    • Estimated time equivalent to 2 ECTS credits
    • List of programming projects will be available when the course begins.
    • Students may select 3 preferred topics or propose their own, using the project selection form, before Thursday, 19 January.
    • Projects will be assigned by Thursday, 26 January (tentative).
    • Mid-point project presentations will be held on Thursday, 2 March ( Graded 0-10).
    • Final project presentations will be held on Tuesday, 28 March and Thursday, 30 March ( Graded 0-10).
    • A final project report (one per group) must be submitted as a PDF document through  MyCourses by Tuesday, 4 April ( Graded 0-20).

  • Research survey (individual)
    • Estimated time equivalent to 2 ECTS credits
    • List of survey topics will be available when the course begins.
    • All participants must select 3 preferred topics, using the survey selection form, before Thursday, 19 January.
    • Survey topics will be assigned by Thursday, 26 January (tentative).
    • A first draft of the survey must be submitted through MyCourses by Tuesday, 28 February (Graded 0-10).
    • Final survey presentations on Tuesday 21 March, Wednesday 22 March and Thursday 23 March ( Graded 0-10).
    • A final survey must be submitted as a PDF document through MyCourses by Tuesday, 4 April ( Graded 0-20).

Requirements for completing the course

To complete the course you must:

  • submit solutions to all exercises
  • attend at least 80% of the exercise sessions
  • either:
    • Programming project: give a mid-point presentation; give a final presentation; and submit your final code and project report.

or

    • Research survey: submit a first draft; give a final presentation; and submit your final survey paper.
  • make sure that all your required submissions are done on time

Please note that late submissions are grounds for 0 points; we recommend that you set your personal deadline a day or two earlier to have some buffer for disasters, particularly if you tend to leave work close to deadlines.

Supplementary book

There is a supplementary course book: Mobile Platform Security by Asokan, Davi, Dmitrienko, Heuser, Kostiainen, Reshetova and Sadeghi (2013). Aalto students will have free access to the book online (PDF) . For UH students, there are a limited number of copies available to borrow. Ask the course staff.

  • No labels