CNIT 128: Hacking Mobile Devices
Spring 2017 Sam BowneSchedule · Slides · Projects · Links · Home PageScores |
Catalog DescriptionMobile devices such as smartphones and tablets are now used for making purchases, emails, social networking, and many other risky activities. These devices run specialized operating systems have many security problems. This class will cover how mobile operating systems and apps work, how to find and exploit vulnerabilities in them, and how to defend them. Topics will include phone call, voicemail, and SMS intrusion, jailbreaking, rooting, NFC attacks, malware, browser exploitation, and application vulnerabilities. Hands-on projects will include as many of these activities as are practical and legal.Advisory: CNIT 113 and 123, or equivalent familiarity with hacking computers and operating mobile devices Upon successful completion of this course, the student will be able to:
Textbook"Hacking Exposed Mobile: Security Secrets & Solutions", by Bergman, Stanfield, Rouse, Scambray, Geethakumar, Deshmukh, Matsumoto, Steven and Price, McGraw-Hill Osborne Media; 1 edition (July 9, 2013) ISBN-10: 0071817018 Buy from AmazonOptional additional book: iOS App Reverse Engineering (free PDF) QuizzesThe quizzes are multiple-choice, online, and open-book. However, you may not ask other people to help you during the quizzes. You will need to study the textbook chapter before the lecture covering it, and take the quiz before that class. Each quiz is available for one week, up till 5:30 pm Weds. Each quiz has 5 questions, you have ten minutes to take it, and you can make two attempts. If you take the quiz twice, the second score is the one that counts, not necessarily the higher score.To take quizzes, first claim your RAM ID and then log in to Canvas here:
|
Schedule (may be revised) | ||||
---|---|---|---|---|
Date | Quiz & Proj | Topic | ||
Wed 1-18 | Is Your Mobile App Secure? | |||
Wed 1-25 | 1: The mobile risk ecosystem | |||
Wed 2-1 | 2: Hacking the cellular network | |||
Fri 2-3 | Last Day to Add Classes | |||
Wed 2-8 | Ch 1 Quiz due before class Ch 2 Quiz due before class Proj 1 due |
3: iOS (Part 1) | ||
Wed 2-15 | Class Cancelled for RSA | |||
Wed 2-22 | Ch 3 Quiz due before class Proj 2-4 due |
3: iOS (Part 2) | ||
Wed 3-1 | Ch 4 (Part 1) Quiz due before class Proj 5 due |
4: Android (Part 1) | ||
Wed 3-8 | Ch 4 (Part 2) Quiz due before class | 4: Android (Part 2) | ||
Wed 3-15 | Ch 5 Quiz due before class Proj 6 and 7 due |
5: Mobile malware | ||
Wed 3-22 | Ch 6 (Part 1: Beginning Through OAuth) Quiz due before class Proj 8 due |
6: Mobile services and mobile Web (Part 1: Beginning Through OAuth) | ||
Wed 3-29 | Holiday -- No Class | |||
Wed 4-5 | Ch 6 (Part 2: SAML to end) Quiz due before class Proj 9 due |
6: Mobile services and mobile Web (Part 2: SAML to end) | ||
Wed 4-12 | Ch 7 Quiz due before class Proj 10-11 due |
7: Mobile Device Management | ||
Wed 4-19 | Ch 8 Quiz due before class Proj 12 due |
8: Mobile development security | ||
Wed 4-26 | Ch 9 Quiz due before class Proj 13 due |
9: Mobile payments | ||
Wed 5-3 | No Quiz |
Open Lab in S214 | ||
Wed 5-10 | Class Cancelled for CyberSecureGov in Washington, DC | |||
Wed 5-17 | Last class No Quiz All Extra Credit Projects Due |
Open Lab in S214 | ||
Wed 5-24 | Final Exam -- SCIE 204 |
SlidesPolicyPrintable schedule Student agreement
Is Your Mobile App Secure? ·
PPT ·
KEY ·
PDF
Click a lecture name to see it on SlideShare. |