Privacy Enhancing Techniques for Future Internet

Date: 
01/09/2016 to 31/08/2019

With the proliferation of mobile devices security and privacy of smartphones and the data they process become crucial requirements. Unfortunately, we know that mobile platforms today are insecure. For example, the growth rate of mobile malware samples for the Android platform is exponential. In the same time, the price of admitting a malicious application onto an end-user’s platform is often very high, especially if the device is used in the corporate environment and handles highly sensitive information. Malicious mobile applications are known to steal private data handled by smartphones almost by default. Therefore, there is a high demand for anti-virus services tailored for mobile devices that could evaluate for a third-party application whether it is malicious or not. Security services offered by anti-virus companies often rely on known malware signatures. Such services can miss zero-day malware samples that utilise new attacks or recently discovered vulnerabilities. This approach is not sufficiently reliable in the context of application market. Indeed, if Apple or Google will distribute zero-day malware, they will face a customer loss. Thus, on-market security services typically use a combination of static and dynamic security checks that could reveal malicious behaviour in a submitted application. However, the recent generations of mobile malware that employ obfuscation and dynamic code updates to thwart the security services pose a big challenge. Such dangerous samples can be often categorised as context-sensitive malware: they change their behaviour depending on the context. If they are able to detect that they are executed by a security service, they do not exhibit their malicious payload. If the payload is obfuscated (e.g., encrypted), it can be very challenging to identify malicious code in these samples.Today security techniques to deal with this type of malware typically rely on discrepancies in several executions of the same sample: they check if one of these executions actually shows hints of malicious intentions. This approach depends a lot on finding the right input, or context, what is very difficult in general. Generation of a right context often requires manual inspection of the code. This is a tedious task that is not suitable for online third-party security services. In our project we will improve the state-of-art mechanisms for reliable automatic detection of malicious applications by looking simultaneously at executed and not-executed code paths. The intuition is simple: context-sensitive malware tries to conceal the malicious behaviour, so the most security-critical code will be hidden in the code paths that were not executed by the security service. For such code paths we will analyse them automatically to detect concealed security issues. The detection approach will leverage a semantic model representing malicious data flows in the not-executed code, and advanced and scalable hybrid code analysis.

Week: 
Monday, 10 December, 2018

Project type:

News

Pilots for the European Cybersecurity Competence Networks: how can your SME benefit? - Cyberwatching.eu 6th Webinar -

The four pilot projects involved in the development of the European Cybersecurity Competence Network will present their plans and upcoming tools and services for SMEs in the Cyberwatching.eu webinar on the 2nd of April, 10:00 AM CEST

REGISTER NOW!

 

Future Events

Cyber Insurance and its Contribution to Cyber Risk Mitigation - Leiden March 25-29
25/03/2019 to 29/03/2019
Image:

The rise in both the scale and severity of recent cyberattacks demands new thinking about cybersecurity risk and the mitigation and transfer of that risk. Cyber insurance is one potential way to manage risk by transferring damage liability, but the cyber insurance market is immature and the understanding and actuarial knowledge of cyber-risk is currently underdeveloped.

e-SIDES workshop 2019
02/04/2019
Image:

e-SIDES workshop: Towards Value-Centric Big Data: Connect People, Processes and Technology

BRUSSELS

2 April 2019

10am to 4pm

 

e-SIDES is a research project funded by European Commission H2020 Programme that deals with the ethical, legal, social and economic implications of privacy-preserving technologies in different big data context.