Principles of Mobile Application Development and Analysis

Overview

For several years now, mobile devices bypass desktops in sales: just walk into a restaurant, bar or a shopping mall and see how many individuals are holding a mobile device. The number of mobile application developers also bypasses the number of desktop developer worldwide. To better understand the mobile ecosystem, this course will look at topics specific to mobile application development and management, such as mobile application security, privacy, and energy-efficiency. Students will learn fundamentals and specifics of mobile application development and how it differs from the development of desktop applications. Students will also learn fundamentals of program analysis and how to apply analysis techniques for evaluating and vetting mobile applications developed by a third-party, e.g., those submitted to application stores.

This is a seminar-style course. Each student will read, summarize, and present several scientific papers, as well as propose, implement, and present their own original project. As such, the course will also focus on polishing the students' research, development, communication, and technical presentation skills.

Office Hours

Mondays, 3-4pm, KAIS 4053

Learning Objectives

By the end of the course, students will learn:

Prerequisites

This course does not have formal prerequisites. However, previous programming experience, specifically in Java, C++, Swift, or Objective-C, is highly desired.

Topics and Schedule

Week Topic Major Deadlines
W1:
Jan. 4
Introduction; mobile application development, Android development principles; mobile security, privacy and energy-efficiency
[instructor]
W2:
Jan. 11
Software analysis principles: static and dynamic program analysis, symbolic execution, model checking
[instructor]
By Jan. 10, select papers and tutorials you would like to present here.
W3:
Jan. 18
Privacy Tutorial:
  • Android Studio
Finalize groups and project topic by the beginning of class
W4:
Jan. 25
Privacy Tutorial:
  • Soot
Project proposal are due by the beginning of class
W5:
Feb. 1
Guest Lecture
W6:
Feb. 8
Project proposal presentations
[students]
W7:
Feb. 15
Security Tutorial:
  • FlowDroid
W8:
Feb. 22
Midterm Break - No classes
W9:
Mar. 1
Security Tutorial:
  • ProGuard
W10:
Mar. 8
Input generation Tutorial:
  • DexGuard
First project report is due by the beginning of class
W11:
Mar. 15
Energy-efficiency Tutorial:
  • XCode
W12:
Mar. 22
Energy-efficiency Tutorial:
  • Swift
W13:
Mar. 29
Open to topics of interest: Tutorial:
  • ???
W14:
Apr. 5
Workshop: project presentations and demos
[students]
W15:
April 12
Final project report is due by April 12

Reading Assignments

For weeks 3, 4, 7, 9-13, students will read the assigned research papers (two papers each week). Each student will submit a one-page summary of each paper that describes (a) the main idea of the paper, (b) paper strengths, and (c) paper weaknesses and suggestions for improvement.

Paper Presentations

Each week, a student will present one of the assigned research papers to the class (two students each week). The student should summarize the paper, discuss its strengths and weaknesses, and lead the discussion on the paper. Depending on the number of course participants, each student will present 1-2 papers. Students do not need to submit summaries of the papers they present.

In addition, each week, one student (or a pair of students) will present an informal tutorial about a practical concept / tool related to mobile application development.

By January 10, 2017, please indicate which papers and tutorials you would like to present. Use this form to select up to 5 papers and up to 3 tutorials. I will do my best to satisfy everyone's preferences and will give priority to earlier records in case multiple students are interested in the same paper/tutorial.

Project

The majority of evaluation for the course is based on the course project. The expectation for the project is to generate novel insights relevant to the mobile application ecosystem. That can include novel mobile application development paradigms, novel application analysis techniques, discovery of previously unknown vulnerabilities in mobile applications, collection of statistical data on existing vulnerabilities and their impact on the society, or novel literature reviews. Come to talk to me if you want some ideas for inspiration!

The project will be performed by groups of 2-3 students. The scope of each group's project should match the number of students involved.

There are five deliverables for the project:

  1. Groups are formed by the beginning of class on week 3.
  2. Project proposals are due by the beginning of class on week 4. Use the reception hours to discuss your proposals in advance!
  3. The first project report is due by the beginning of class on week 10.
  4. The final project report is due by the beginning of class on week 15.
  5. Demos and presentations will be scheduled in the course workshop that will be held during the weeks 14 or 15.

Grading

This course does not have a final exam. The grading is based on four components:
  1. Summaries of the assigned research papers – 15%
  2. Presentation of 1-2 research papers and a tutorial in class – 25%
  3. Project – 55%, specifically:
    1. Project proposal – 10% (if final report and demo are made)
    2. First project report – 10% (if final report and demo are made)
    3. Final project report – 20%
    4. Final demo and presentation – 15%
  4. Participation in class discussions – 5%