Skip to end of metadata
Go to start of metadata

Course staff: N. Asokan*, Thomas Nyman* (IRC handle: tajnyman), Hien Truong

The course staff can be reached by email at firstname.lastname@aalto.fi  (where indicated by *) or firstname.lastname@cs.helsinki.fi (where indicated by ).

The course has

News

Online feedback forms for the course are open.

We would greatly appreciate any and all feedback from course participants. Your feedback is important to us to so that we can improve the course accordingly next year.

You can find the online feedback forms at:

As the evaluation in the course will be based entirely on continuous assessment, we need to limit the total number of students allowed to take the course for credit. Interest for the course has exceeded our expectations. For this reason we want to make sure that the participants taking the course for credit have the necessary background and are committed to completing the course. To this end, we ask student signed up for the course to confirm their their participation by sending e-mail to the course staff explicitly confirming each of the three items below:

  • You have already completed your bachelor's degree (say where)
  • You have taken at least one security course before (say what course and where)
  • You are committed to completing this course (see below for requirements for completing the course)

Participation must be confirmed in this manner by noon Wednesday, Jan 14 at the latest.

 Schedule

The lectures in Aalto University are held in the room A303 in the Building of Chemical Technology in Otaniemi, Kemistintie 1 and in University of Helsinki in room A114 in the Exactum building in Kumpula, GustafHällströmin katu 2B (main entrance from Pietari Kalmin katu). The lectures are conducted on Tuesday mornings (10-12) and will be streamed using a video conference channel between Otaniemi and Kumpula.

Exercise sessions are conducted separately for each university. At Aalto University, the exercise session are held on Thursday mornings (10-12) in Otaniemi (T3 in CS building, Konemiehenkatu 2). The exercise sessions at the University of Helsinki are held on Thursday afternoons (14-16) at Kumpula (Room B119 in Exactum). Attending exercises sessions is compulsory. You are required to achieve 80% attendance in order to pass the course. In addition to this you are required to attend the lecture you are assigned to take notes for (see below).

The invited talk on Tue 10.3 is held in Otaniemi (T3 in CS building, Konemiehenkatu 2). There will be no video conference channel to Kumpula, but participants from the University of Helsinki are of course free (and encouraged) to attend the talk.

DateLectureLecture notes (assigned to)ExercisesProgramming assignmentsSurvey

Tue 13.1
Thu 15.1

L1: Introduction to the course, and
L1: Overview of Platform Security

Sample lecture notes by Sini Ruohomaa

Exercise 1, Solutions
General briefing on Thu 15.1

1st programming assignment, due 25.1

Survey topics published.
Signup sheet for survey topics
circulated Tue 13.1 and Thu 15.1

Tue 20.1
Thu 22.1

L2: Platform Security in Android OS
Android Services

Allio, Bonazzi, Casay, Jalas, Karvonen

Exercise 2, due Tue 27.1
AndroidManifest.xml
Exercise 1 solutions discussed on Thu 22.1

2nd programming assignment, due 8.2

Survey topics assigned.

Tue 27.1
Thu 29.1
L3: Mobile software platform security

Kantala, Liu, Pennekamp, Rajendran,

Sarbinowski

Exercise 3, due Tue 3.2
Exercise 2 solutions discussed on Thu 29.1

1st assignment solutions discussed Thu 29.1-
Tue 3.2
Thu 5.2
L4: Mobile hardware platform security

Haider, Lintumäki, Tyrväinen,
Zahid

Exercise 4, due Tue 10.2
Exercise 3 solutions discussed on Thu 5.2

3rd programming assignment, due 1.3

-
Tue 10.2
Thu 12.2
L5: Usability of platform security

Riekkinen, Schmidt, Sundarram,
Huttunen, Satharasi

Exercise 5, due Tue 24.2
Exercise 4 solutions discussed on Thu 12.2
2nd assignment solutions discussed Thu 12.2-
Tue 17.2
Thu 19.2
No lecture-No exercise session

-

-
Tue 24.2
Thu 26.2
No lecture-Exercise 5 solutions discussed on Thu 26.24th programming assignment, due 22.3-
Tue 3.3
Thu 5.3
No lecture-No exercise session--

Tue 10.3
Thu 12.3

Invited talk: SEAndroid policy exploration
Jan-Erik Ekberg (Trustonic)
T3, CS building, Konemiehenkatu 2

-

Optional exercise, due Thu 17.3
No exercise session

--
Tue 17.3
Thu 19.3
L6: Recent research and summaryLi, Fang, Koskinen, Gutierrez, Guo, KyllönenOptional exercise solutions discussed on Thu 19.33rd assignment solutions discussed Thu 19.3Survey draft due 22.3
Tue 24.3
Thu 26.3
No lecture-Course feedback4th assignment solutions discussed Thu 26.3Survey due 12.4

 

Homework and evaluation

  • Written weekly exercises reflect on and extend the topics covered on each lecture (estimated time use: ca. 35 hours total, or roughly 6 hours /week, per exercise set, + attendance).
    • Published on Tuesdays, based on the lecture and have deadline on the next Tuesday (at 23:55); returns in writing (PDF or plaintext) through Moodle.
    • Exercises are graded 0 (not done or very poor) - 5 (great).
    • Students are strongly recommended to participate in Thursday sessions during which the solutions to the exercises are discussed.
  • Students produce lecture notes summarizing a lecture (estimated time use: ca. 16 hours)
    • Imagine writing a chapter in a book about the course for another student, can use material from course book etc as well (remember proper citations, no cut-paste!)
    • Ca. 5 students assigned to cover each lecture, individual returns (= no copying). Collaborative discussion encouraged during second week to improve notes.
    • First deadline: 2 weeks after lecture (Thursday at 23:55), returns in writing through Moodle .
    • Final lecture notes will be published in the course wiki. The first versions are visible in Moodle and coarsely graded to give you quick feedback; this version can then be discussed and further polished within 2 week (same dl). The final version is then returned and graded 3 weeks after the lecture.

In addition, each student is required to complete one of the following (estimated time use: ca. 40 hours total):

  • Programming assignments.
    • 3 + 1 assignments over weeks 2-5, programming on an Android developer environment (free to download, no specialized devices required)
    • Will be briefed during the exercise session on Thursday 15.1.
    • Graded 0-5,
    • Deadline for initial assignment will be Sunday Jan 25 at 23:55, deadline for the remaining assignments will be Sunday Jan 25 at 23:55 two weeks after publication.
    • Returns in one file package through Moodle.
  • Written survey of topic related to systems security.
    • Survey topics published on first week of course.
    • Students opting to do the written survey will apply for three topics of interest to them during the exercise session on Thursday 15.1.
    • Surveys topics are assigned on Thursday 29.1.
    • Graded 0-5,
    • Deadline for draft of survey will be Sunday, March 22 at 23:55, deadline for final version will be Sunday, April 12.
    • Returns in writing as PDF through Moodle.

Requirements for completing the course

To complete the course you must:

  • submit solutions to all exercises
  • present in at least 80% of the exercise sessions
  • produce lecture notes for one lecture assigned to you
  • either
    • submit solutions to all four programming assignments.

or

    • submit a survey paper based on a research paper assigned to you.
  • make sure that all your required submissions are done on time

Please note that late submissions are grounds for 0 points; we recommend that you set your personal deadline a day or two earlier to have some buffer for disasters, particularly if you tend to leave work close to deadlines.

If you are unable to make it to a lecture you are assigned to take notes in, let Thomas Nyman know at latest the morning on the day of the assigned lecture and preferably well in advance so we can see if assignments can be swapped.

Supplementary book

There is a supplementary course book: Mobile Platform Security by Asokan, Davi, Dmitrienko, Heuser, Kostiainen, Reshetova and Sadeghi (2013). Aalto students will have free access to the book online (PDF). For UH students a small number of paper copies will be made available to borrow until the end of the course.


Recently Updated

  • No labels