Class time: Tuesday and Thursday: 2:00-3:15 p.m
Class location: 205 MLH (MacLean Hall)
Instructor: Antonio Bianchi
Teaching assistant: Muhammad Hammad Mazhar (firstname.lastname@example.org)
Instructor’s office hours: Tuesday: 4:15-5:45 pm, Thursday: 3:30-5:00 pm
Teaching assistant’s office hours: Monday and Wednesday: 3:30-4:20pm in 201N MLH
DEO contact information:
Alberto Segre, 14 MLH (MacLean Hall), 319 3350713, CS-INFO@list.uiowa.edu
Course description and objective:
This course will discuss security and privacy aspects relevant to mobile systems (smartphones, tablets, …).
More than one billion mobile devices are sold every year, and, for billions of people these devices have become the primary way to access online services and perform sensitive operations (e.g., monetary transactions using mobile banking apps). Unfortunately, the security of these devices, their operating systems, and their apps is far from perfect.
This course will cover topics such as the mobile application ecosystem, the design and architecture of mobile operating systems, rooting/jailbreaking, mobile applications and malware reverse engineering, vulnerability assessment, automatic static and dynamic analysis, and exploitation and mitigation techniques.
Given its open nature, this course will mostly focus on Google’s Android, but it will also provide some details about Apple’s IOS.
This is an advanced, hands-on, class. Students enrolling in this course are strongly recommended to already have a good knowledge of:
System programming and C (pointers, memory management, system calls)
Knowledge in the following areas is also highly suggested:
a Linux-based operating system and programming environment
This class does not have a primary textbook. Resources will be provided by the instructor on ICON and the Piazza online forum. Resources will be in the form of slides, code samples, web links, and scientific publications. Students are required to enroll in the Piazza online forum.
Exams will be comprehensive, covering everything up to the exam date, emphasizing integrating material from recent assignments. The exam may include open questions, multiple-choice questions, numerical problems, and understanding/writing snippets of code. The exams will be closed book. Students that cannot attend the exam due to conflicts (e.g., illness, religious holidays) may make alternate arrangements (in advance, if at all possible).
Homework grading will mainly focus on automated test and emphasize correctly completing all or a part of the assignment. Submitting incorrect homework (e.g., submitting the wrong file, files in the wrong format, not compiling code, …) will result in zero points. Students should double check the file(s) they submitted.
Cheating will not be tolerated and will result in a grade of zero for that assignment. Further actions against cheating students will be considered. Students are encouraged to consult the instructor to ensure whether (and to which extent) collaboration and discussion among students are allowed for a particular assignment. Students are not allowed to share, copy, or show, the code they developed for an assignment. Students are not allowed to copy homework solutions from online resources (even partially).
The course grade will be assigned based on the student’s performance on the following testing criteria.
Homework assignments, including written and programming assignments, will contribute to the 60% of the course grade.
Midterm examination will contribute to the 18% of the course grade.
Final examination will contribute to the 22% of the course grade.
Dates and times of midterms will be shared in class at least two weeks before the exam.
Letter grades are assigned with attention to collegiate norm-referenced grading guidelines. Grades with +/- will be assigned. The final grade distribution will roughly adhere to the CLAS suggested grade distribution. However, the instructor holds the right to alter this distribution.
Each student will be entitled to 3 late days. One late day may be used to delay the homework submission for a single day (24 hours). A student can use all the 3 late days for a single homework assignment submission. Note that, late submissions for which students have no late days available will not be accepted, regardless of the reason why the student submitted late. Students should exercise the use of late days wisely as the homework assignments are likely to be progressively harder. There will not be any fractional late day.
Most of the emails regarding grades, homework, and exams should be first directed to the Teaching Assistant. The teaching assistant will forward relevant emails to the instructor as needed. Other emails (e.g., scheduling one-on-one meetings) and also emails of personal nature containing sensitive information, should be directed to the instructor directly. The instructor leaves the decision of determining the sensitivity of an email to the students. All emails directed to the instructor should have the prefix “[CS:4980]” (without the quotes) in the subject line. Complying with this requirement will enable the instructor to process emails faster. Students must use their @uiowa.edu email address when communicating with the TA/instructor. For any matter that requires the instructor’s immediate attention, do not hesitate to schedule a face-to-face meeting.
The course will follow the following College policies: