14-829: Mobile Security

14-829 / 18-638: Mobile Security - Fall 2017

Instructor: Patrick Tague
Email: tague [at] cmu [dot] edu
Office: B23 218
Phone: 650-335-2827
Skype: ptague

Logistics:

Class Meetings:
Tuesdays & Thursdays, 9:00-10:20am PDT (12:00-1:20pm EDT)
B23 118 in SV, CIC 1201 in Pgh

Course Description:
Mobile devices continue to evolve and penetrate our everyday lives, leading to increased importance of mobile security - a topic living in the intersection of wireless communication, mobile computing, and computer security. This course focuses on aspects of information and network security that arise in this challenging and ever-evolving space of mobile communication systems, primarily focusing on smartphones and mobile telecommunication systems. One of the main goals of the course is to improve knowledge and awareness of security issues faced by mobile application and system developers. Material will cover standards and research challenges in both deployed and future systems. Possible topics of study include (but are not limited to) telecom vulnerabilities; smartphone security; mobile Internet security; and mobile location privacy. In addition to individual homework assignments, students will participate in an intensive group project involving significant research, development, and experimentation. Graduate standing is required to register for this course.

Evaluation & Grading:
Students will be individually evaluated on all course deliverables. Contributions to the final grade will be 30% for individual assignments; 25% for group presentations; 25% for written reports; and 20% for the exam.

Prerequisites:
Graduate standing and (18631 or 18730 or 14741) and (14740 or 18756 or 15641).
Contact the instructor directly with questions about prerequisites.

Reading Material & Textbooks:
Textbooks will not be explicitly used; course material will be based primarily on research papers. Students are expected to read the assigned research papers (reading material may show up on assignments and exam), but reading reviews are not required. For students who are not familiar with relevant background, the following optional textbooks may help.
  • Frank Adelstein, Sandeep K.S. Gupta, Golden G. Richard III, and Loren Schwiebert, Fundamentals of Mobile and Pervasive Computing, 2005.
  • Noureddine Boudriga, Security of Mobile Communications, 2010.
  • Levente Buttyán and Jean-Pierre Hubaux, Security and Cooperation in Wireless Networks, 2008. [Available Online]
  • Abhishek Dubey and Anmol Misra, Android Security: Attacks and Defenses, 2013.
  • Himanshu Dwivedi, Chris Clark, and David Thiel, Mobile Application Security, 2010.
  • Charlie Kaufman, Radia Perlman, and Mike Speciner, Network Security: Private Communication in a Public World, 2002.
  • William Stallings, Wireless Communications & Networks, 2004.
  • Patrick Traynor, Patrick McDaniel, and Thomas La Porta, Security for Telecommunications Networks, 2008.
  • David Tse and Pramod Viswanath, Fundamentals of Wireless Communication, 2005. [Available Online]

Course Deliverables:

Students will participate in a significant group project in addition to individual homework assignments and an exam. All submissions are to be made through Canvas. Email submissions will not be accepted.

Project:
Teams of students will work on a collaborative project for the duration of the semester. Students are responsible for forming their own teams based on common interests and/or complementary skills. Through the semester, teams will give four project presentations and submit two written reports. Details and deadlines are posted here and also available on Canvas.

Exam:
An in-class exam will take place on November 14. Please contact the instructor as soon as possible if special arrangements are needed.

Assignments:
Assignments must be done individually. Discussion is encouraged, but each student must submit her/his own work.

Daily Schedule and Reading Material:

Students should consult the daily schedule for relevant reading materials and a complete list of the topics covered, important dates, and events. Note that this daily schedule is tentative and can change at any time.

Policies, Ethics, etc.:

Students taking the Mobile Security course are expected to follow various academic policies set forth by the departments, colleges, and university, as well as additional policies specific to this course. Please see this course's policy overview page for more details.