After successful completion of the course, students are able to fundamentally understand the structure of mobile applications and basic security mechanisms of mobile applications. Furthermore, the students know about app protection mechanisms and the basics to circumvent them.
In the course, the fundamental aspects of the following topics, among others, will be discussed:
- Introduction to the engineering of mobile applications
- Introduction to the security mechanisms of mobile operating systems
- Reverse engineering of applications
- Static and dynamic analysis of applications
- Analysis of network traffic
- Detection of vulnerabilities.
Theoretical basics as well as practical experience are taught in the lecture.
In the 3 individual or team exercises, this content is deepened and expanded.
For this purpose, you will change into the role of an attacking person, so that you understand how mobile applications can be secured and why the security mechanisms can only make attacks more difficult and not completely prevent them.
In the lecture, you will learn the necessary technical basics.
Demonstrations in the lecture will also provide an insight into applications that are used in practice to attack or analyze mobile applications.
In the practical exercises, in addition to the theoretical content of the lecture, different aspects of the security of mobile applications are further deepened or independently expanded in 3 individual or group tasks in an exercise environment.
Please direct general inquiries to lva.security@inso.tuwien.ac.at.
Effort estimation (ECTS Breakdown):
Preliminary meeting: 1 h
Lectures: 10.5 h
Self Study (exercises, exam preparation): 62.5 h
Delivery discussion(s): 0.5 h
oral examination: 0.5 h
Total: 75 hours (3 ECTS)
During the semester there are 3 individual/team exercises, primarily in the style of a Jeopardy CTF contest, which must be completed and documented.
For the team exercises, there are also hand-in discussions.
In addition, there is an oral exam.
