Principles of Mobile Application Development and Analysis (CPEN 524)


  1. Overview
  2. Communication and Links
  3. Topics and Schedule
  4. Course Format
  5. Grading
  6. Absence and Late Deliverables
  7. University Policies

1. Overview

For several years now, mobile devices bypass desktops in sales: just walk into a restaurant, bar or a shopping mall and see how many individuals are holding a mobile device. The number of mobile application developers also bypasses the number of desktop developer worldwide. To better understand the mobile ecosystem, this course will look at topics specific to mobile application development and management, such as mobile application security, privacy, and energy-efficiency. Students will learn fundamentals and specifics of mobile application development and how it differs from the development of desktop applications. The main part of the course will focus on fundamentals of program analysis and how to apply analysis techniques for evaluating and vetting mobile applications developed by a third-party, e.g., those submitted to application stores.

This is a graduate research-oriented course. Each student will read, summarize, and present several scientific papers. Students will work in pairs or groups of three to propose, implement, and present an original project that advances the state-of-the-art in mobile application analysis. The course will also focus on polishing the students' research, development, communication, and technical presentation skills.

Instructor and Office Hours

Prof. Julia Rubin

Wed. 2-5pm, CEME 1212

Office hours:
Mon. 5-6pm, KAIS 4053 (or by appointment)

Course Prerequisites

Programming experience, in languages such as in Java, C++, Swift, or Objective-C.

Learning Objectives

By the end of the course, students will learn:

2. Communication and Links

3. Topics and Schedule




Major Deadlines


Jan. 8

Introduction; mobile application development, Android development principles; mobile security, privacy and energy-efficiency


Jan. 15

UBC closed - weather alert

By the beginning of the class (2pm):
- select papers you would like to present
- submit HW1.

Jan. 17: Last day to withdraw


Jan. 22

Software analysis principles: static and dynamic program analysis, symbolic execution, model checking

By the beginning of the class:
project M0 (finalize groups and discuss project ideas).


Jan. 29



Feb. 5

Input generation and testing

By the beginning of the class:
project M1 (proposal).


Feb. 12

Project proposal presentations


Feb. 19

Midterm Break - No classes


Feb. 26



Mar. 4



Mar. 11

Libraries and Security

By the beginning of the class:
project M2 (first project report)


Mar. 18

Reliability in Malware Detection


Mar. 25



Apr. 1

USENIX Security '19 - Stack Overflow Considered Helpful! Deep Learning Security Nudges Towards Stronger Cryptography


Apr. 8

No class. Please work on your projects!


April 15

Project presentations in lieu of the meeting in April 8. Please mark your calendars!

Project M3 (presentations and demos)


April 22

Final project reports are due.

April 22, 2pm:
Project M4 (final project report)

4. Course Format

Reading Assignments

For weeks 3-5, 8-13 students will read the assigned research papers (two or three papers each week). Each student will submit a one-page summary of each paper that describes (a) how the approach proposed in the paper works and (b) a critical review of the paper.

For (a), please specify, in bullet points, the input and outputs to the approach and what it does to transform the inputs to outputs. Then describe how the approach was evaluated and what the results show. The description should take about 3/4 of the page. Points will be deduced for explanations that are not clear or not specific to the paper.

For (b), specify in bullet points 1-2 main strengths and weaknesses of the paper (not including those listed in the paper) and 1-2 suggestions for improvement and follow-up work. Points will be deduced for unclear statements and for listing non-original strength / weaknesses / suggestions, i.e., those stated in the paper.

Paper Presentations

Each week, a student will present one of the assigned research papers to the class (two or three students each week). The student should motivate the need for the contribution made by the paper, summarize the proposed technique and its evaluation, discuss the strengths and weaknesses of the approach (beyond those listed in the paper), and lead the discussion on the paper. Depending on the number of course participants, each student will present 1-2 papers. Students do not need to submit summaries of the papers they present.


The first and the only homework assignment (HW1) is due the beginning of class on week 2. The students are expected to implement a simple Android-native mobile application and demonstrate it in class. The detailed specification for the assignment will be given in class and be posted on Piazza.


The majority of evaluation for the course is based on the course project. The expectation for the project is to generate novel insights relevant to the mobile application ecosystem. That can include novel mobile application development paradigms, novel application analysis techniques, discovery of previously unknown vulnerabilities in mobile applications, collection of statistical data on existing vulnerabilities and their impact on the society, or novel literature reviews. Come to talk to the course instructor at least one week before the deadline if you want some ideas for inspiration!
The project will be performed by groups of 2-3 students. The scope of each group's project should match the number of students involved.
There are five deliverables for the project:

5. Grading

This course does not have a final exam. The grading is based on four components:

6. Absence and Late Deliverables

7. University Policies

UBC provides resources to support student learning and to maintain healthy lifestyles but recognizes that sometimes crises arise and so there are additional resources to access including those for survivors of sexual violence. UBC values respect for the person and ideas of all members of the academic community. Harassment and discrimination are not tolerated nor is suppression of academic freedom. UBC provides appropriate accommodation for students with disabilities and for religious, spiritual and cultural observances. UBC values academic honesty and students are expected to acknowledge the ideas generated by others and to uphold the highest academic standards in all of their actions. Details of the policies and how to access support are available here.