The goal of MobSec is to improve the security of mobile devices by reducing the risk from installing and using third party applications.
Our research objectives build on each other to achieve this goal: First, we will develop dynamic analyses to automatically, faithfully and comprehensively construct models of application behavior. We will address the problem of incompleteness in dynamic analysis by replaying human interaction traces and complementing them with systematic exploration using symbolic execution. Once we are able to build models containing the interesting behavioral traits of mobile malware, we focus on detecting and containing malicious behavior. We initially target information leakage by investigating evasion-resistant information leakage detection techniques and later generalize to distinguish malicious from benign apps. To handle cases in which detection is not possible, we contain potential threats by decomposing apps in logical components: this enables the enforcement of security policies and characterization of per-component behaviors, which, being more specific, allow us to detect behavior of malicious components embedded in seemingly legitimate apps. Finally, MobSec aims at exploring virtualization extensions of CPUs to open up the possibility of in-device implementation of the aforementioned analyses.
On the event of the adoption of the draft regulation laying down measures for a high common level of cybersecurity at the institutions, bodies, offices and agencies of the Union, the AI4HealthSec project kicked off a process to provide its opinion.
Cyberwatching.eu has received funding from the European Union’s Horizon 2020 research and innovation programme under grant agreement No 740129. The content of this website does not represent the opinion of the European Commission, and the European Commission is not responsible for any use that might be made of such content. Privacy Policy | Disclaimer / Terms and Conditions of Use