Course staff: N. Asokan*, Thomas Nyman* (IRC handle: tajnyman), Hien Truong†
The course staff can be reached by email at firstname.lastname@example.org (where indicated by *) or email@example.com (where indicated by †).
The course has
- a Moodle space (CSE-E5480 Mobile Systems Security (5 cr) III-IV/2015) for returning written homework and programming assignments, and
- an Internet Relay Chat (IRC) channel #tkt-mobisec @ IRCnet which can be used for discussing assignments, questions on lectures etc.
Online feedback forms for the course are open.
We would greatly appreciate any and all feedback from course participants. Your feedback is important to us to so that we can improve the course accordingly next year.
You can find the online feedback forms at:
- University of Helsinki: https://ilmo.cs.helsinki.fi/kurssit/servlet/Valinta?kieli=en (search for "Mobile System Security")
- Aalto University: https://www.webropolsurveys.com/S/3AA0B8F54DF1C050.par
As the evaluation in the course will be based entirely on continuous assessment, we need to limit the total number of students allowed to take the course for credit. Interest for the course has exceeded our expectations. For this reason we want to make sure that the participants taking the course for credit have the necessary background and are committed to completing the course. To this end, we ask student signed up for the course to confirm their their participation by sending e-mail to the course staff explicitly confirming each of the three items below:
- You have already completed your bachelor's degree (say where)
- You have taken at least one security course before (say what course and where)
- You are committed to completing this course (see below for requirements for completing the course)
Participation must be confirmed in this manner by noon Wednesday, Jan 14 at the latest.
The lectures in Aalto University are held in the room A303 in the Building of Chemical Technology in Otaniemi, Kemistintie 1 and in University of Helsinki in room A114 in the Exactum building in Kumpula, GustafHällströmin katu 2B (main entrance from Pietari Kalmin katu). The lectures are conducted on Tuesday mornings (10-12) and will be streamed using a video conference channel between Otaniemi and Kumpula.
Exercise sessions are conducted separately for each university. At Aalto University, the exercise session are held on Thursday mornings (10-12) in Otaniemi (T3 in CS building, Konemiehenkatu 2). The exercise sessions at the University of Helsinki are held on Thursday afternoons (14-16) at Kumpula (Room B119 in Exactum). Attending exercises sessions is compulsory. You are required to achieve 80% attendance in order to pass the course. In addition to this you are required to attend the lecture you are assigned to take notes for (see below).
The invited talk on Tue 10.3 is held in Otaniemi (T3 in CS building, Konemiehenkatu 2). There will be no video conference channel to Kumpula, but participants from the University of Helsinki are of course free (and encouraged) to attend the talk.
|Date||Lecture||Lecture notes (assigned to)||Exercises||Programming assignments||Survey|
|Sample lecture notes by Sini Ruohomaa|
1st programming assignment, due 25.1
Survey topics published.
Allio, Bonazzi, Casay, Jalas, Karvonen
2nd programming assignment, due 8.2
|Survey topics assigned. |
|L3: Mobile software platform security|
Kantala, Liu, Pennekamp, Rajendran,
Exercise 3, due Tue 3.2
|1st assignment solutions discussed Thu 29.1||-|
|L4: Mobile hardware platform security|
Haider, Lintumäki, Tyrväinen,
|Exercise 4, due Tue 10.2|
Exercise 3 solutions discussed on Thu 5.2
3rd programming assignment, due 1.3
|L5: Usability of platform security|
Riekkinen, Schmidt, Sundarram,
|Exercise 5, due Tue 24.2|
Exercise 4 solutions discussed on Thu 12.2
|2nd assignment solutions discussed Thu 12.2||-|
|No lecture||-||No exercise session|
|No lecture||-||Exercise 5 solutions discussed on Thu 26.2||4th programming assignment, due 22.3||-|
|No lecture||-||No exercise session||-||-|
Invited talk: SEAndroid policy exploration
Optional exercise, due Thu 17.3
|L6: Recent research and summary||Li, Fang, Koskinen, Gutierrez, Guo, Kyllönen||Optional exercise solutions discussed on Thu 19.3||3rd assignment solutions discussed Thu 19.3||Survey draft due 22.3|
|No lecture||-||Course feedback||4th assignment solutions discussed Thu 26.3||Survey due 12.4|
Homework and evaluation
- Written weekly exercises reflect on and extend the topics covered on each lecture (estimated time use: ca. 35 hours total, or roughly 6 hours /week, per exercise set, + attendance).
- Published on Tuesdays, based on the lecture and have deadline on the next Tuesday (at 23:55); returns in writing .
- Exercises are graded 0 (not done or very poor) - 5 (great).
- Students are strongly recommended to participate in Thursday sessions during which the solutions to the exercises are discussed.
- Students produce lecture notes summarizing a lecture (estimated time use: ca. 16 hours)
- Imagine writing a chapter in a book about the course for another student, can use material from course book etc as well (remember proper citations, no cut-paste!)
- Ca. 5 students assigned to cover each lecture, individual returns (= no copying). Collaborative discussion encouraged during second week to improve notes.
- First deadline: 2 weeks after lecture (Thursday at 23:55), returns in writing
- Final lecture notes will be published in the course wiki. The first versions are visible in Moodle and coarsely graded to give you quick feedback; this version can then be discussed and further polished within 2 week (same dl). The final version is then returned and graded 3 weeks after the lecture.
In addition, each student is required to complete one of the following (estimated time use: ca. 40 hours total):
- Programming assignments.
- 3 + 1 assignments over weeks 2-5, programming on an Android developer environment (free to download, no specialized devices required)
- Will be briefed during the exercise session on Thursday 15.1.
- Graded 0-5,
- Deadline for initial assignment will be Sunday Jan 25 at 23:55, deadline for the remaining assignments will be Sunday Jan 25 at 23:55 two weeks after publication.
- Returns in one file package .
- Written survey of topic related to systems security.
- Survey topics published on first week of course.
- Students opting to do the written survey will apply for three topics of interest to them during the exercise session on Thursday 15.1.
- Surveys topics are assigned on Thursday 29.1.
- Graded 0-5,
- Deadline for draft of survey will be Sunday, March 22 at 23:55, deadline for final version will be Sunday, April 12.
- Returns in writing .
Requirements for completing the course
To complete the course you must:
- submit solutions to all exercises
- present in at least 80% of the exercise sessions
- produce lecture notes for one lecture assigned to you
- submit solutions to all four programming assignments.
- submit a survey paper based on a research paper assigned to you.
- make sure that all your required submissions are done on time
Please note that late submissions are grounds for 0 points; we recommend that you set your personal deadline a day or two earlier to have some buffer for disasters, particularly if you tend to leave work close to deadlines.
If you are unable to make it to a lecture you are assigned to take notes in, let Thomas Nyman know at latest the morning on the day of the assigned lecture and preferably well in advance so we can see if assignments can be swapped.
There is a supplementary course book: Mobile Platform Security by Asokan, Davi, Dmitrienko, Heuser, Kostiainen, Reshetova and Sadeghi (2013). Aalto students will have free access to the book online (PDF). For UH students a small number of paper copies will be made available to borrow until the end of the course.