ACTIVMOBSEC
Active Behaviour Demands Active Security: New Approaches to Mobile Device Security
| Coordinatore | THE GLASGOW CALEDONIAN UNIVERSITY
Organization address
address: "Cowcaddens Road, City Campus 70" contact info |
| Nazionalità Coordinatore | United Kingdom [UK] |
| Totale costo | 200˙371 € |
| EC contributo | 200˙371 € |
| Programma | FP7-PEOPLE
Specific programme "People" implementing the Seventh Framework Programme of the European Community for research, technological development and demonstration activities (2007 to 2013) |
| Code Call | FP7-PEOPLE-2011-IIF |
| Funding Scheme | MC-IIF |
| Anno di inizio | 2012 |
| Periodo (anno-mese-giorno) | 2012-09-28 - 2014-09-27 |
Partecipanti
| # | ||||
|---|---|---|---|---|
| 1 |
THE GLASGOW CALEDONIAN UNIVERSITY
Organization address
address: "Cowcaddens Road, City Campus 70" contact info |
UK (GLASGOW) | coordinator | 200˙371.80 |
Mappa
Word cloud
Esplora la "nuvola delle parole (Word Cloud) per avere un'idea di massima del progetto.
Obiettivo del progetto (Objective)
'As mobile devices are increasingly used in day-to-day tasks involving sensitive information, authentication and money, they are becoming attractive targets for attackers. Recent attacks against mobile devices have succeeded in leaking the sensitive information stored on the device and have provided attackers financial gain through the unauthorized use of phone and messaging services.
While the current state-of-the-art is designed with security in mind and provides a level of protection they are static and have a major assumption: every user will download applications from the ‘official app store’ in which, submitted applications are statically checked and validated prior to being admitted. The app store validation is mainly based on permission checks and code verification prior to installation. However, once the application passes and makes its way to the user’s mobile device, no further security checks occur. This leaves the users open for sophisticated attacks involving various data leak cases or the interaction of existing applications on the device.
Therefore, ACTIVMOBSEC proposes an active approach based on user and application behaviour modelling, similar but not identical to anomaly detection, for detecting the behaviour changes on the device. The main challenge is to differentiate between legitimate changes (i.e., software updates) and the malicious acts such as device theft, malware infection or data leaks. To this end, ACTIMOBSEC aims to improve the user awareness and provide clear and concise information on the device state. Furthermore, a user centric validation technique will be investigated to provide a way for only the legitimate user to train his/her device while the malicious use and users will cause the device to operate in a defensive state, preventing access to sensitive data and functions.'