Increasing Students Awareness of Mobile Privacy and Security Using Modules

Year 2019, Volume: 4 Issue: 2, 1 - 9, 01.06.2019

Lila Ghemri Shengli Yuan

Abstract

Mobile devices are fast becoming the dominant computing platform for an increasing number of people. Indeed millions of people are using their mobile phones as the main way to access the internet and social and entertainment media. This surge in mobile devices usage has been accompanied by an increase in malware specifically designed to infect mobile devices. From an educational standpoint, it is then becoming imperative to inform students about the risks and threats of mobile devices, not only as users but also as developers of mobile software. However, the Computer Science and other IT related disciplines are suffering from an overcrowding of their respective curricula with an ever increasing number of topics and courses that need to be covered within a limited amount of time. A possible solution to this issue is the use of teaching modules. Modular teaching provides a framework in which new skills can be introduced with little time commitment on the part of the student and the instructor alike. It is also ideal for introducing subjects that are important to know and could fit within different subjects. This paper presents an experience in modular teaching of mobile security and privacy. Two modules have been designed and presented to two cohorts of students n=14, n=10 and learning assessed through tests and surveys. Results show that the modular approach is indeed beneficial in filling students’ knowledge gaps in mobile security and that interleaving hands-on activities with instructional material can yield better retention and understanding of the topic.

Keywords

Computing Education, Mobile Devices, Mobile and Wireless Security, Web Applications Security, Privacy

References

• Apple, Inc. (2018). iOS Security iOS 11. Retrieved from http://www.apple.com/business/docs/iOS_Security_Guide.pdf
• Bloom, B. S., Engelhard, M. D., Furst, E. J., Hill, W. H., & Krathwohl, D. R. (1956). Taxonomy of educational objectives; the classification of educational goals. Cognitive Domain. Handbook 1 Longman, New York.
• Boren, Z. D. (2014). There are officially more mobile devices than people in the world. Retrieved from http://www.independent.co.uk/life-style/gadgets-and-tech/news/there-are- officially-more-mobile-devices-than- people-in-the-world-9780518.html
• Chickowski, E. (2015). Ransomware Ranked Number One Mobile Malware Threat. Retrieved from http://www.darkreading.com/endpoint/ransomware-ranked-number-one-mobile-malware-threat/d/d-id/1322886
• Doty, N. & Wilde, E. (2010). Geolocation privacy and application platforms. Proceedings of the 3rd ACM SIGSPATIAL International Workshop on Security and Privacy in GIS and LBS (SPRINGL’10). ACM, New York, 65-69. DOI:http://dx.doi.org/10.1145/1868470. 1868485
• Dwivedi, H., Clark, C., & Thiel. D. (2010). Mobile Application Security. McGraw- Hill Professional Publishing. New York, USA.
• Ghemri, L. & Yuan, S. (2016). Teaching Mobile Security Using Modules. Proceedings of the 12th International Conference on Frontiers in Education: Compute Science and Computer Engineering (FECS’16), in conjunction with 2016 World Congress in Computer Science, Computer Engineering, & Applied Computing. July 25-28, 2016, Las Vegas, USA.
• Gibler, C., Crussell, J., Erickson, J., & Chen, H. (2012). AndroidLeaks: automatically detecting potential privacy leaks in android applications on a large scale. Proceedings of the 5th International Conference on Trust and Trustworthy Computing (TRUST’2012). Springer Berlin Heidelberg. 291-307.
• Iqbal, J. M. (1993). Modular Teaching. Retrieved from http://cemca.org.in/ckfinder/userfiles/Javed_Iqbal_Muhammad__0193.pdf
• Isaca. (2010). Securing Mobile Devices, White Paper Report. Retrieved from http://www.isaca.org/KnowledgeCenter/Research/Documents/SecureMobileDevi ces_whp_Eng_0710.pdf regnum=29401
• Karthikeyan, K., & Kumar, A. (2014). Integrated modular teaching in dermatology for undergraduate students: A novel approach. Indian Dermatology Online Journal. 5, 3 (2014), 266-270. DOI: 10.4103/2229-5178.137774
• Leswing, K. (2015). Android and iOS are nearly tied for U.S. Smartphone Market Share. Retrieved from https://gigaom.com/2015/02/04/android-and-ios-are-nearly-tied-for-u-s-smartphone-market-share/
• Lo, D. (2018). Information Assurance and Security Education on Portable Labs. Retrieved from https://sites.google.com/site/iasoncs/home
• Miller, K.W., Voas, J., & Hurlburt G.F. (2012). BYOD: Security and privacy considerations. IEEE IT Professional. (September 2012), 53-55. DOI: http://doi.ieeecomputersociety.org/10.1109/MITP.2012.93
• Perez, S. (2015). App Usage Grew 76% In 2014, With Shopping Apps Leading the Way. Retrieved from http://techcrunch.com/2015/01/06/app-usage-grew-76-in-2014-with-shopping-apps-leading-the-way/
• Porter Felt, A., Finifter, M., Chin, E., Hanna, S., & Wagner, D. (2011). A survey of mobile malware in the wild. Proceedings of the 1st ACM Workshop on Security and Privacy in Smartphones and Mobile Devices (SPSM’11). ACM New York, NY, 3-14. DOI: http://dx.doi.org/1145/2046614.2046618
• Ruggiero, P., & Foote, J. (2011). Cyber Threats to Mobile Phones. Retrieved from http://www.uscert.gov/reading_room/cyber_threats_to_mobile_phones.pdf
• Sejpal K.K. (2013). Modular Method of Teaching. International Journal for Research in Education, 2(2), 169-171.
• Siddharth, S., Doshi. P., (2010). Five common Web applications vulnerabilities. Retrieved from http://www.symantec.com/connect/articles/five-common-web-application-vulnerabilities
• Smith, A. (2015). U.S. Smartphone Use in 2015. Pew Research Center. Retrieved from http://www.pewinternet.org/files/2015/03/PI_Smartphones_0401151.pdf
• Solis, B. (2015). Disruptive Technology Trends 2015-2016. Retrieved from http://www.briansolis.com/2015/01/25- disruptive-technology-trends-2015-2016/
• Sonek, G.J. (2006). A Modular Approach to Teaching the Engineering Challenges of Physiology. Proceedings of the American Society for Engineering Education New England Section 2006 Annual Conference. Retrieved from https://www.wpi.edu/News/Conf/ASEE/papers.html
• Stewart, J. L., & Wilkinson, V.L. (1999). ChemConnections: A Guide to Teaching with Modules. Retrieved from chemlinks.beloit.edu/guide/superim.pdf
• Suarez-Tangil, S., Tapiador, J. E., Peris-Lopez, P., & Ribagorda, A. (2014). Evolution, Detection and Analysis of Malware in Smart Devices. IEEE Communications Surveys & Tutorials, 16(2), 961-987.
• Viega, J., & McGraw, G. (2001). Building Secure Software: how to avoid security problems the right way. Addison- Wesley Professional Computing Series.
• Wassermann, G., & Su, Z. (2008). Static detection of cross-site scripting vulnerabilities. Proceedings of 30th ACM/IEEE Conference on Software engineering (ICSE'08). ACM New York, NY, 171-180.DOI: http://dl.acm.org/citation.cfm?doid=1388088.1368112
• Yang, L. (2014). Capacity Building through Curriculum and Faculty Development on Mobile Security. Retrieved http://www.utc.edu/faculty/li-yang/mobilesecurity.php
• Yu ,R. (2012). Lost cellphones added up fast in 2011. Retrieved from http://usatoday30.usuatoday.com/tech/news/story/2012-03-22/lost-phones/53707448/1
• Zorabedian, John. (2014). What’s causing the explosive growth in Android malware threats? Retrieved from http://www.itbestofbreed.com/sponsors/sophos/best-tech/what%E2%80%99s- causing-explosive-growth-android-malware-threats