Practical Lab on (Mobile) System Security

Organization Matters

Kick-Off Meeting

• Lecturer: Prof. Dr.-Ing. Ahmad-Reza Sadeghi and Dipl.-Inform. Stephan Heuser
• Date: Kick-Off Meeting: October 16th, 2015. 14:00-16:00
• Location: Building S4|14 (CASED), room 3.02.6

Final Presentation

Date: Mar 23rd, 2016. 11:00

Location: Building S4|14 (CASED), room 3.02.6

Description

In this practical course, the students deal with different aspects of (mobile) platform security. The projects target operating system security in general and partially the open-source Android OS. They comprise the following areas:

• System programming in general
• Design and implementation of selected software attacks (ethical hacking)
• Design and implemenation of secure user apps
• Modifications of the Android Middleware and Kernel to build security architectures

Prerequisites

Students who want to participate in the course should

• have solid knowledge of OS concepts/architectures
• be familiar with programming in C/C++ and Java

For most topics actual programming experience on Android or at OS-level are not a prequisite, but definitively an advantage.

Procedure

The programming tasks are solved in teams of (up to) 3-4 students. At the beginning of the course, a kick-off lab-session is given to present the topics.

The participants are required to form teams of up to 3-4 students, depending on the topic. We provide a mailing list for this task (mandatory signup).

At the midterm of the semester, each team has to hand in a short progress report and at the end of the semester a concluding lab-session is held in which every team has to shortly present its work/results.

Literature

A list of selected scientific publications regarding Android OS security can be found here. The Android Security Modules framework is available here.