Teaching Android Mobile Security
Jean-François Lalande , Valérie Viet Triem Tong , Pierre Graux , Guillaume Hiet , Wojciech Mazurczyk , Habiba Chaoui , Pascal Berthomé
AbstractAt present, computer science studies generally offer courses addressing mobile development and they use mobile technologies for illustrating theoretical concepts such as operating system, design patterns, and compilation because Android and iOS use a large variety of technologies for developing applications. Teaching courses on security is also becoming an important concern for academics, and the use of mobile platforms (such as Android) as supporting material is becoming a reasonable option. In this paper, we intend to bridge a gap in the literature by reversing this paradigm: Android is not only an opportunity to learn security concepts but requires strong pedagogical efforts for covering all the aspects of mobile security. Thus, we propose teaching Android mobile security through a two-dimensional approach. The first dimension addresses the cognitive process of the Bloom taxonomy, and the second dimension addresses the technical layers of the architecture of the Android operating system. We describe a set of comprehensive security laboratory courses covering various concepts, ranging from the application development perspective to a deep investigation of the Android Open Source Project and its interaction with the Linux kernel. We evaluated this approach, and our results verify that the designed security labs impart the required knowledge to the students.
|Publication size in sheets||0.5|
|Book||Proceedings of 50th ACM Technical Symposium on Computer Science Education, 2019, Association for Computing Machinery, ISBN 978-1-4503-5890-3, 500 p.|
|Keywords in English||Applied computing, Education; Security and privacy, Mobile platform security; Software security engineering; Software reverse engineering teaching, mobile, security|
|Score||= 140.0, 04-10-2019, ChapterFromConference|
|Publication indicators||= 0|
* presented citation count is obtained through Internet information analysis and it is close to the number calculated by the Publish or Perish system.