Mobile and IoT Security Lab Course

Introduction

In the rapidly evolving landscape of mobile and IoT security, there exists a critical gap between theoretical knowledge and practical implementation skills. As artificial intelligence becomes increasingly integrated into mobile devices, autonomous vehicles, and humanoid robotics systems, the security challenges have become exponentially more complex. Traditional cybersecurity education often falls short in preparing students for the sophisticated threats targeting AI-powered IoT ecosystems.

This open-source lab collection addresses these educational needs by providing hands-on experience with cutting-edge security concepts that directly impact the development of secure AI systems. From adversarial machine learning attacks on autonomous vehicle perception systems to federated learning security in mobile AI applications, these labs bridge the gap between academic theory and real-world implementation.

Why These Labs Matter for AI & Robotics:

• Humanoid AI Security: As humanoid robots integrate multiple biometric sensors and AI models, understanding multi-modal security becomes crucial
• Autonomous Vehicle Safety: Self-driving cars rely on wireless sensing, computer vision, and real-time AI - all covered in these labs
• Edge AI Protection: Mobile AI applications require specialized security frameworks that these labs demonstrate
• Federated AI Systems: Privacy-preserving AI across robot swarms and IoT networks demands the distributed security concepts taught here

By open-sourcing these materials, we aim to accelerate security education in AI robotics, provide practical skills for defending next-generation autonomous systems, and foster a community of security-aware AI developers who can build safer intelligent machines.

Week 3 Lab: Building Multi-Layer IoT Security System

Duration: 30-45 minutes | Level: Graduate students

Project Overview

Build a Multi-Layer IoT Security System that demonstrates countermeasure mechanisms across the three CPS layers: Perception, Transmission, and Application. Each task builds upon the previous one to create a comprehensive security framework.

Final Deliverable: A Python-based security system that implements authentication, encryption, and intrusion detection across IoT device layers.

Setup

pip install numpy matplotlib cryptography hashlib random time

Lab Tasks

Implement device authentication, lightweight encryption, and sensor data protection

Add transmission layer routing security and application layer intrusion detection

What You'll Build:

1. Perception Layer Security: Device certification, lightweight encryption, and sensor data protection
2. Transmission Layer Security: Secure routing protocols, hop-by-hop encryption, and network access control
3. Application Layer Security: User authentication, intrusion detection, and end-to-end encryption
4. Integrated Security System: Multi-layer defense with real-time threat assessment

Real-World Applications:

• Smart City Infrastructure: Securing traffic sensors, environmental monitors, and public safety systems
• Industrial IoT: Protecting manufacturing sensors, control systems, and automation networks
• Healthcare IoT: Securing patient monitors, medical devices, and health data transmission

Week 4 Lab: Building Adversarial Attack and Defense System

Duration: 30-45 minutes | Level: Graduate students

Project Overview

Build an Adversarial Attack and Defense System that demonstrates both white-box and black-box attacks on machine learning models, followed by implementing robust defense mechanisms. Each task builds upon the previous one to create a comprehensive adversarial ML security framework.

Final Deliverable: A Python-based system that can generate adversarial examples, evaluate attack effectiveness, and implement multiple defense strategies.

Setup

pip install numpy matplotlib scikit-learn seaborn

Lab Tasks

Implement gradient-based attacks and black-box transferability attacks on IoT device classifiers

Implement adversarial training, ensemble defenses, feature squeezing, and detection mechanisms

What You'll Build:

1. Adversarial Attack System: Implemented FGSM, I-FGSM, targeted attacks, and transferability testing on IoT device classifiers
2. Multi-Model Architecture: Tested attacks across Neural Networks, SVMs, and Random Forests to understand vulnerability patterns
3. Comprehensive Defense Framework: Adversarial training, ensemble methods, feature squeezing, input transformations, and statistical detection
4. Security Assessment Pipeline: Complete evaluation framework measuring clean accuracy, robustness, and detection capabilities

Real-World IoT Security Applications:

• Smart Home Systems: Protecting device classification models from spoofing attacks that could misidentify malicious devices
• Industrial IoT Networks: Securing anomaly detection systems against adversarial manipulation in manufacturing environments
• Autonomous Vehicles: Defending perception systems against adversarial attacks on traffic sign and obstacle recognition
• Healthcare IoT: Protecting patient monitoring systems from adversarial manipulation of sensor data classification

Week 5 Lab: Side-Channel Attack Countermeasures in IoT Security

Duration: 30-45 minutes | Level: Graduate students

Project Overview

Build a Side-Channel Attack Countermeasures System that demonstrates mitigation techniques across mobile and IoT devices. Building upon Week 3's multi-layer security framework, this lab focuses on implementing power analysis protection, electromagnetic shielding simulation, timing attack mitigation, and cross-device protection in IoT ecosystems.

Final Deliverable: A Python-based countermeasures system that simulates and mitigates power analysis, electromagnetic leakage, timing attacks, and wireless RF vulnerabilities.

Setup

pip install numpy matplotlib cryptography hashlib random time scipy

Lab Tasks

Implement power consumption masking, electromagnetic shielding, and noise injection

Implement constant-time operations, blinding techniques, and distributed countermeasures

What You'll Build:

1. Power Analysis Countermeasures: Cryptographic masking and randomized power consumption to defeat DPA attacks
2. Electromagnetic Protection: EM shielding simulation and noise injection to prevent EM side-channel attacks
3. Timing Attack Mitigation: Constant-time implementations and RSA blinding techniques
4. Cross-Device Protection: Distributed randomization, secure firmware validation, and frequency-hopping spread spectrum

Real-World Applications:

• Mobile Payment Systems: Protecting cryptographic operations in NFC payments and mobile wallets
• Smart Grid Infrastructure: Securing smart meters against power analysis attacks that could reveal usage patterns
• Industrial IoT: Protecting sensor networks in manufacturing from electromagnetic eavesdropping
• Healthcare Devices: Securing wearable medical devices against timing attacks on patient data encryption

Week 6 Lab: Covert Channel Attack Detection and Analysis System

Duration: 30-45 minutes | Level: Graduate students

Project Overview

Build a Covert Channel Attack Detection and Analysis System that demonstrates both the creation and detection of covert channels across different system layers. This lab implements timing-based and storage-based covert channels while developing countermeasures to detect and mitigate such attacks.

Final Deliverable: A Python-based system that simulates covert channel attacks and implements detection mechanisms with real-time analysis capabilities.

Setup

pip install numpy matplotlib pandas seaborn hashlib random time threading queue

Lab Tasks

Implement timing-based and storage-based covert channel attacks with data transmission capabilities

Implement intrusion detection system with anomaly detection and countermeasures against covert channels

What You'll Build:

1. Covert Channel Attack Simulation: Implemented timing-based and storage-based covert channels with real data transmission
2. Baseline System Monitoring: Established normal system behavior patterns for anomaly detection
3. Multi-Vector Detection System: Advanced detection algorithms for identifying sophisticated covert channel attacks
4. Hybrid Attack Analysis: Demonstrated complex multi-layer covert channels combining multiple attack vectors
5. Countermeasure Deployment: Automated security response system with multiple defensive strategies

Real-World Applications:

• Secure Computing Environments: Detecting data exfiltration in classified systems and air-gapped networks
• IoT Security: Identifying covert communication between compromised IoT devices
• Mobile Security: Detecting covert channels in mobile applications and system processes
• Cloud Security: Monitoring for covert data transmission in multi-tenant cloud environments

Week 7 Lab: Building Backdoor Attack Detection and Prevention System

Duration: 30-45 minutes | Level: Graduate students

Project Overview

Build a Comprehensive Backdoor Detection and Prevention System that demonstrates attack simulation, detection mechanisms, and countermeasure implementations. Each task builds upon the previous one to create a complete security framework for identifying and mitigating backdoor threats in IoT environments.

Final Deliverable: A Python-based system that simulates backdoor attacks, detects malicious activities, and implements prevention mechanisms with real-time monitoring.

Setup

pip install numpy matplotlib hashlib random time os subprocess json datetime

Lab Tasks

Implement various backdoor attack types and basic detection mechanisms

Implement comprehensive countermeasure mechanisms and real-time monitoring

What You'll Build:

1. Backdoor Attack Simulator: Comprehensive simulation of hardcoded, trojan, and firmware backdoor attacks
2. Multi-layered Detection System: Code auditing, network analysis, behavioral monitoring, and integrity checking
3. Advanced Countermeasures: Secure coding practices, firmware verification, network segmentation, and IPS
4. Real-time Security Monitoring: Continuous threat assessment with automated incident response
5. Integrated Security Framework: End-to-end protection from attack simulation to threat mitigation

Real-World Applications:

• Smart City Infrastructure: Protecting municipal IoT systems from nation-state backdoor attacks
• Industrial Control Systems: Securing SCADA and manufacturing networks against insider threats
• Healthcare IoT: Preventing backdoors in medical devices that could compromise patient safety
• Financial Services: Securing mobile banking apps and payment terminals against trojan backdoors

Week 9 Lab: Wireless Sensing System Security Framework

Duration: 30-45 minutes | Level: Graduate students

Project Overview

Build a Wireless Sensing System Security Framework that demonstrates both attack vectors and defense mechanisms in mmWave sensing systems. You'll implement passive attacks using meta-material tags, intrusion detection systems, and countermeasures to protect against vanish/ghost attacks.

Final Deliverable: A Python-based security framework that simulates mmWave sensing attacks and implements real-time defense mechanisms.

Setup

pip install numpy matplotlib scipy cryptography hashlib time random

Lab Tasks

Implement passive MetaWave attacks for vanish/ghost scenarios and analyze vulnerability patterns

Implement intrusion detection, signal authentication, and adaptive countermeasures

What You'll Build:

1. mmWave Attack Simulation: Implemented passive MetaWave tag attacks including vanish attacks (hiding obstacles) and ghost attacks (creating false targets)
2. Advanced Intrusion Detection: Built ML-powered anomaly detection with statistical analysis and signature matching
3. Adaptive Countermeasures: Deployed frequency hopping, signal encryption, adaptive power control, and multi-sensor verification
4. Integrated Security Framework: Real-time attack detection and response system with comprehensive monitoring

Real-World Applications:

• Autonomous Vehicles: Protecting radar systems from malicious interference that could cause accidents
• Perimeter Security: Securing mmWave sensors used in critical infrastructure protection
• Smart Transportation: Defending traffic monitoring systems against spoofing attacks
• Industrial IoT: Protecting wireless sensing in manufacturing and logistics environments

Week 10 Lab: Building AI-Powered Biometric Security System

Duration: 30-45 minutes | Level: Graduate students

Project Overview

Build an AI-Powered Multi-Modal Biometric Security System that demonstrates real-world biometric authentication, attack detection, and advanced countermeasures. The system will simulate facial recognition, voice authentication, and behavioral analysis with ML-based threat detection.

Final Deliverable: A Python-based biometric security platform with AI-driven liveness detection, adversarial attack simulation, and multi-modal authentication.

Setup

pip install numpy matplotlib scikit-learn tensorflow pillow librosa opencv-python seaborn pandas

Lab Tasks

Implement facial recognition, voice authentication, and behavioral biometrics with AI models

Implement real-time threat monitoring, adversarial attack detection, and security analytics

What You'll Build:

1. AI-Powered Multi-Modal Authentication: Face, voice, and behavioral biometrics with machine learning
2. Advanced Liveness Detection: AI models detecting spoofing attempts across modalities
3. Adversarial Attack Simulation: Testing system robustness against ML-based attacks
4. Real-Time Threat Monitoring: Continuous risk assessment and security analytics
5. Privacy-Preserving Analysis: Differential privacy and federated learning concepts
6. Comprehensive Security Dashboard: Real-time visualization of security metrics

Real-World Applications:

• Mobile Device Security: Smartphone unlock systems with multi-modal biometrics
• Banking & Finance: Secure transaction authentication with AI-powered fraud detection
• Border Security: Immigration systems with robust anti-spoofing capabilities
• Healthcare: Patient identification systems protecting sensitive medical data
• Smart Buildings: Access control systems with behavioral pattern recognition

Week 12 Lab: Building Secure Mobile AI Systems

Duration: 30-45 minutes | Level: Graduate students

Project Overview

Build a Secure Mobile AI Security System that demonstrates protection mechanisms against adversarial attacks, implements federated learning for privacy preservation, and includes real-time threat detection for mobile AI applications. Each task builds upon the previous one to create a comprehensive mobile AI security framework.

Final Deliverable: A Python-based mobile AI security system that implements adversarial attack detection, federated learning simulation, and behavioral anomaly detection.

Setup

pip install numpy matplotlib scikit-learn hashlib random time seaborn

Lab Tasks

Implement adversarial attack detection, model integrity verification, and secure inference

Implement federated learning simulation, privacy protection, and distributed threat detection

What You'll Build:

1. Mobile AI Model Security: Device authentication, model integrity verification, and secure inference with adversarial detection using scikit-learn models
2. Adversarial Attack Detection: Multi-layered detection system using confidence analysis, statistical anomaly detection, and input pattern analysis
3. Federated Learning System: Privacy-preserving distributed learning with differential privacy and secure aggregation
4. Comprehensive Security Framework: Multi-layered defense combining local AI security with distributed learning protection

Real-World Applications:

• Mobile Health AI: Protecting patient data in AI-powered diagnostic apps while enabling collaborative model improvement across hospitals
• Smart Assistant Security: Defending voice assistants against adversarial audio attacks while preserving user privacy
• Mobile Banking AI: Securing fraud detection models against adversarial examples while maintaining privacy through federated learning
• Autonomous Vehicles: Protecting AI navigation systems from adversarial attacks on road signs and sensors

Key Security Concepts Across All Labs

Advanced Techniques Covered:

• Multi-Modal Security: Combining multiple authentication and detection methods
• Real-Time Threat Detection: Continuous monitoring and adaptive response systems
• Cryptographic Protection: Advanced encryption and integrity verification methods
• Behavioral Analysis: AI-powered pattern recognition for anomaly detection
• Federated Security: Distributed security across IoT networks and edge devices

Implementation Guidelines

General Requirements:

• Python 3.8+ with specified dependencies for each lab
• Jupyter notebook environment recommended for interactive development
• Basic understanding of machine learning and cryptography concepts
• Familiarity with IoT architectures and mobile security principles

Lab Submission Format:

Each lab requires submission of:

1. Complete Python implementation with all tasks
2. Generated plots and visualizations
3. Written analysis (half-page to one page) addressing specific questions
4. Optional bonus challenges for advanced students

Assessment Criteria:

• Technical Implementation: Correct implementation of security mechanisms
• Security Analysis: Understanding of attack vectors and defense strategies
• Real-World Application: Ability to connect lab concepts to practical scenarios
• Innovation: Creative enhancements and additional security measures

License & Usage

This open-source educational content is provided for academic and educational use. Feel free to adapt, modify, and distribute these materials while maintaining attribution to CU Denver's Mobile and IoT Security course.

For questions or contributions, please contact the course instructors or submit issues through the appropriate academic channels.