Mobile and IoT Security 2019


Yuan Tian

Email: yt2e [at] virginia[dot] edu

Teaching Assistant:

Faysal Hossain Shezan

Email: fs5ve [at] virginia[dot] edu


Class Meetings:

Monday & Wednesday 5:00 PM- 6:15 PM

Rice Hall 032

Office Hour:

    • Yuan: Tue 1:00-2:00 pm or by appointment , Rice 422
    • Faysal: Thurs 11 am- noon , Rice 442

Course Description:

Mobile and Internet of Things (IoT) devices continue to evolve, leading to increased importance of mobile security - a topic living in the intersection of mobile computing, user privacy, and computer security. This course focuses on aspects of system security that arise in this challenging and ever-evolving space of mobile communication systems, primarily focusing on smartphones and IoT platforms. One of the main goals of the course is to improve knowledge and awareness of security issues faced by mobile application and system developers. The material will cover standards and research challenges in both deployed and future systems. Possible topics of study include (but are not limited to) smartphone security; mobile privacy; and IoT system security. In this course, students will get practical experiences about mobile security by participating in a group project involving significant research, development, and experimentation.

Note that CS 8501 is a research seminar course, comparing to CS 6501 offered in previous years, this semester we will focus more on the research perspective, and students will need to present papers in the classroom. Next year I'll offer CS6501 again, which will be similar to previous format.

Evaluation & Grading:

Students will be individually evaluated on all course deliverables. Contributions to the final grade will be 25% for individual assignments; 15% for individual presentations, 30% for group presentations of the research project; 30% for written reports for the research project.

*** For Individual presentation:

    • Presenter needs to provide 5 MCQ questions to TA one day before the presentation. (S)he needs to make these questions from the paper that (s)he is supposed to present in the class.
    • Student will evaluate presenter's performance by grading them after their presentation. [Detail instruction will be provided in the class]


Graduate standing

Contact the instructor directly with questions about prerequisites

Reading Material & Textbooks:

Textbooks will not be explicitly used; course material will be based primarily on research papers. Students are expected to read the assigned research papers (reading material may show up on assignments and exam), but reading reviews are not required. For students who are not familiar with relevant background, the following optional textbooks may help.

    • George Loukas, Cyber-Physical Attacks: How They Work and How to Protect Against Them, 2015 [Available Online at UVa]
    • Frank Adelstein, Sandeep K.S. Gupta, Golden G. Richard III, and Loren Schwiebert, Fundamentals of Mobile and Pervasive Computing, 2005.
    • Noureddine Boudriga, Security of Mobile Communications, 2010.
    • Levente Buttyán and Jean-Pierre Hubaux, Security and Cooperation in Wireless Networks, 2008. [Available Online]
    • Abhishek Dubey and Anmol Misra, Android Security: Attacks and Defenses, 2013.
    • Himanshu Dwivedi, Chris Clark, and David Thiel, Mobile Application Security, 2010.
    • Charlie Kaufman, Radia Perlman, and Mike Speciner, Network Security: Private Communication in a Public World, 2002.
    • Patrick Traynor, Patrick McDaniel, and Thomas La Porta, Security for Telecommunications Networks, 2008.
    • David Tse and Pramod Viswanath, Fundamentals of Wireless Communication, 2005. [Available Online]

Course Deliverables:

Students will participate in a significant group project in addition to individual homework assignments, and in class presentation for papers. All submissions are to be made through Collab. Email submissions will not be accepted.


Teams of students will work on a collaborative project for the duration of the semester. Students are responsible for forming their own teams based on common interests and/or complementary skills. Through the semester, teams will give four project presentations and submit two written reports. Details and deadlines are posted here.


  • Each student will present two papers on two different topics during the semester
  • Please sign up to present the paper here
  • Please submit your slides at least 2 hours before the in-class presentation
  • The paper presentation will be 20 minutes talk + 5 minutes Q&A


Assignments must be done individually. Discussion is encouraged, but each student must submit her/his own work.

    • Assignment #1: Assign Sep 09, Due Sep 23
    • Assignment #2: Assign Oct 14, Due Oct 28

Daily Schedule and Reading Material:

Students should consult the daily schedule for relevant reading materials and a complete list of the topics covered, important dates, and events. Note that this daily schedule is tentative and can change at any time.

Policies, Ethics, etc.:

Students taking the Mobile Security course are expected to follow various academic policies set forth by the departments, colleges, and university, as well as additional policies specific to this course. Please see this course's policy overview page for more details.