University of Technology Sydney

42036 Cybersecurity for Mobile Platforms

Warning: The information on this page is indicative. The subject outline for a particular session, location and mode of offering is the authoritative source of all information about the subject for that offering. Required texts, recommended texts and references in particular are likely to change. Students will be provided with a subject outline once they enrol in the subject.

Subject handbook information prior to 2025 is available in the Archives.

UTS: Engineering: Electrical and Data Engineering
Credit points: 6 cp

Subject level:

Postgraduate

Result type: Grade and marks

Requisite(s): ( 32548 Cybersecurity OR (48730 Cybersecurity AND 30 credit points of completed study in spk(s): MAJ03445 Networking and Cybersecurity major BSc ))
These requisites may not apply to students in certain courses. See access conditions.

Recommended studies:

knowledge of network security, Java programming, and Internet Protocols is required. Knowledge of mobile application development is desirable.

Description

Mobile devices with their hugely increased usage of various applications and services have attracted a plethora of possible attacks. Organisations and businesses have to adapt and deploy special security measures while users face new generation of security threats.

This subject provides an in-depth technical overview of the new security risks and threats of modern mobile platforms and operating systems, and their implications. It also introduces mobile threats ranging The subject also covers the security of enterprise networks, while BYOD (Bring Your Own Device) model is being widely adopted in corporate and small/medium size enterprise networks. This poses significant additional and new threats to network security administrators. The subject covers how Shadow IT solutions might not be relevant and how administrators should adapt to circumvent insider attacks enabled by BYOD.

The subject takes practice-based learning allowing students to perform penetrations tests to some locally set private networks. It also uncovers some limitations of one the most popular tools to trace back information leakage in mobile apps by giving the students the possibility to demonstrate their own covert channel techniques. Finally, the students are able to adapt a regular network firewalling policy to mobile environment and observe the possible threats and circumvention techniques.

Subject learning objectives (SLOs)

Upon successful completion of this subject students should be able to:

1. Analyse the current cybersecurity issues and challenges for the development of security solutions in mobile platforms. (B.1)
2. Apply practical security tools and technologies to design appropriate solutions for specific mobile platforms. (C.1)
3. Examine security risks to prevent fraud from mobile systems, services and applications. (D.1)
4. Produce written technical documentation for a project or experiment. (E.1)

Course intended learning outcomes (CILOs)

This subject also contributes specifically to the development of the following Course Intended Learning Outcomes (CILOs):

  • Socially Responsible: FEIT graduates identify, engage, and influence stakeholders, and apply expert judgment establishing and managing constraints, conflicts and uncertainties within a hazards and risk framework to define system requirements and interactivity. (B.1)
  • Design Oriented: FEIT graduates apply problem solving, design thinking and decision-making methodologies in new contexts or to novel problems, to explore, test, analyse and synthesise complex ideas, theories or concepts. (C.1)
  • Technically Proficient: FEIT graduates apply theoretical, conceptual, software and physical tools and advanced discipline knowledge to research, evaluate and predict future performance of systems characterised by complexity. (D.1)
  • Collaborative and Communicative: FEIT graduates work as an effective member or leader of diverse teams, communicating effectively and operating autonomously within cross-disciplinary and cross-cultural contexts in the workplace. (E.1)

Contribution to the development of graduate attributes

Engineers Australia Stage 1 Competencies

This subject contributes to the development of the following Engineers Australia Stage 1 Competencies:

  • 1.3. In-depth understanding of specialist bodies of knowledge within the engineering discipline.
  • 1.4. Discernment of knowledge development and research directions within the engineering discipline.
  • 1.5. Knowledge of engineering design practice and contextual factors impacting the engineering discipline.
  • 2.1. Application of established engineering methods to complex engineering problem solving.
  • 2.2. Fluent application of engineering techniques, tools and resources.
  • 3.2. Effective oral and written communication in professional and lay domains.

Teaching and learning strategies

Cybersecurity for Mobile Platforms is designed for students to experience active and interactive learning opportunities. Students will engage in various settings including classes, labs, and workshops. Students are expected to complete reading and viewing materials before each class and each lab. The pre-work materials will be used in classes and labs to help students to complete lab tasks and actively engage in. Feedbacks will be communicated each week verbally during the completion of lab and class tasks. The tasks will be both individual and group work. In the latter part of the session, students will collaboratively work in a project. Groups will discuss research and issues pertaining to the project problem. They will present the process and solutions to demonstrate applications of their learning. Verbal and written feedback will be provided during the project workshops, so that students can maximize their potential.

Content (topics)

Topics in this subject include:

1. Platform Security Models

2. Mobile Platforms

3. Mobile Hardware Security

4. Enterprise Security Extensions

5. Platform Security Research

Assessment

Assessment task 1: Lab Test

Intent:

For students to demonstrate their ability to develop cybersecurity methods for Android mobile platforms

Objective(s):

This assessment task addresses the following subject learning objectives (SLOs):

2 and 3

This assessment task contributes to the development of the following Course Intended Learning Outcomes (CILOs):

C.1 and D.1

Type: Laboratory/practical
Groupwork: Individual
Weight: 30%

Assessment task 2: Quiz

Intent:

For students to demonstrate their knowledge about the theoretical and some practical aspects of the subject.

Objective(s):

This assessment task addresses the following subject learning objectives (SLOs):

1, 2, 3 and 4

This assessment task contributes to the development of the following Course Intended Learning Outcomes (CILOs):

B.1, C.1, D.1 and E.1

Type: Quiz/test
Groupwork: Individual
Weight: 30%

Assessment task 3: Research Report

Intent:

For students to demonstrate their application of skills learnt in classes as well as their own research into cybersecurity for mobile platforms. Students also demonstrate their written and oral communication skills.

Objective(s):

This assessment task addresses the following subject learning objectives (SLOs):

1, 2, 3 and 4

This assessment task contributes to the development of the following Course Intended Learning Outcomes (CILOs):

B.1, C.1, D.1 and E.1

Type: Project
Groupwork: Group, group assessed
Weight: 20%
Length:

4000-5000 words.

Assessment task 4: iOS Lab Test

Intent:

For students to demonstrate their ability to develop cybersecurity methods for iOS mobile platforms

Objective(s):

This assessment task addresses the following subject learning objectives (SLOs):

2 and 3

This assessment task contributes to the development of the following Course Intended Learning Outcomes (CILOs):

C.1 and D.1

Type: Laboratory/practical
Groupwork: Individual
Weight: 20%

Minimum requirements

In order to pass this subject, students must achieve an overall mark of 50%.

Required texts

[1] N. Asokan, J. Davi, A. Dmitrienko, S. Heuser, K. Kostiainen, E. Reshetova, and A-R. Sadeghi, Mobile Platform Security, Morgan & Claypool Publishers, 2014.

The UTS Library already has a subscription to this book online, so it is free. You can access a link to the PDF of the full book at:

https://www.morganclaypool.com/doi/pdf/10.2200/S00555ED1V01Y201312SPT009

Recommended texts

[1] J. Doherty, Wireless and Mobile Device Security, Jones & Bartlett Publishers, 2015.

[2] I. Androunlidakis, Mobile Phone Security and Forensics, Springer Publisher, 2016.

[3] M. Y. Rhee, Wireless Mobile Internet Security, Wiley Publisher, 2013.

References

Additional reference materials will be supplied to students when required.