At present, computer science studies generally offer courses addressing mobile development and they use mobile technologies for illustrating theoretical concepts such as operating system, design patterns, and compilation because Android and iOS use a large variety of technologies for developing applications. Teaching courses on security is also becoming an important concern for academics, and the use of mobile platforms (such as Android) as supporting material is becoming a reasonable option. In this paper, we intend to bridge a gap in the literature by reversing this paradigm: Android is not only an opportunity to learn security concepts but requires strong pedagogical efforts for covering all the aspects of mobile security. Thus, we propose teaching Android mobile security through a two-dimensional approach. The first dimension addresses the cognitive process of the Bloom taxonomy, and the second dimension addresses the technical layers of the architecture of the Android operating system. We describe a set of comprehensive security laboratory courses covering various concepts, ranging from the application development perspective to a deep investigation of the Android Open Source Project and its interaction with the Linux kernel. We evaluated this approach, and our results verify that the designed security labs impart the required knowledge to the students.
CCS CONCEPTS• Applied computing → Education; • Security and privacy → Mobile platform security; Software security engineering; Software reverse engineering.