CS 858: Topics on Mobile and IoT Security -- Spring 2026
Syllabus
Catalog Description
Cybercriminals are increasingly targeting mobile and IoT devices. This course examines common framework and application vulnerabilities exploited by adversaries and analyzes the security mechanisms employed by smart-device operating systems—particularly Android—to mitigate these threats. Core topics include access control, IoT security policies, and framework- and application-level security models. The course also explores recent advances in program analysis, as well as modern machine learning approaches, including large language models (LLMs), for assessing and strengthening mobile and IoT security.
Location and Time
- Wed 1:00pm - 3:50pm in TBD
Instructor
- Name: Yousra Aafer
- Email: yaafer AT uwaterloo DOT ca
- Office hours: By appointment
Course Requirements
The expectations for all CS 858 students are the following:
- Participation: Students are expected to attend every class and actively participate in classroom discussions.
- Reading: Assigned papers must be read prior to each class.
- Weekly Critiques: Each student is required to submit a peer-review-style critique (minimum 400 words) for each assigned paper before it is discussed in class. Each critique should include: (1) a summary of the problem and the paper’s approach, (2) key strengths, (3) weaknesses, (4) potential improvement(s), and (5) questions for class discussion.
- Paper Presentation: Each student will present two papers during the semester (approximately 25 minutes each) and lead the corresponding discussion. Additional details will be provided in the introductory session.
- Term Project: Students are expected to complete a research project in mobile or IoT security (topics in systems and network security are also acceptable). The primary deliverable is a conference-style paper submitted at the end of the semester. Project topics must be discussed with the instructor within the first three weeks of class. Projects may be completed individually or in pairs. Further details will be provided during the first class.
Paper Selection
Select a paper to present using the signup sheet (link shared via email); selections are first come, first served.
Grading
| Component |
Weight |
| Paper Presentations |
20% |
| Classroom Participation |
15% |
| Weekly Critique |
25% |
| Final Project |
40% (5% for the Progress Presentation, 10% for the Progress Report, 10% for Project Final Presentation, 15% for Project Report and Artifact |
Policy for Late Submissions
Late submissions within 72 hours will be graded with 15% penalty for each day. Late submissions beyond 72 hours will not be graded. Exceptions may only be granted case by case with strong evidence presented.
Schedule
(Tentative; specific topics to be covered will be updated soon)