Scientific & Technological Objectives

In order the NEMESY vision to be utterly realized, a specific set of scientific and technological objectives has been identified. Achieving these objectives will provide the means that are necessary for facilitating the acute detection and attribution of malicious phenomena within the mobile ecosystem, while at the same time it will accommodate the investigation of the evolving modus operandi of cyber criminals. In more detail, the pillars of the NEMESYS framework are:

Objective 1: Attack attribution

Attacks against mobile devices denote a significant shift in the modus operandi of attackers compared to wireline networks, where the attacks aim primarily at network resources or critical infrastructure rather than the compromised device itself. Hence, NEMESYS targets at providing new means to understand the existing and emerging threats that are targeting the mobile economy and the net citizens.

Objective 2: Implementation of a virtualized shadow honeypot

Cyber-criminals attacking smart mobile devices take advantage of vulnerabilities that are related to the diversity of OS and middleware and the heterogeneity of wireless interfaces found on a smart mobile device. Thus, NEMESYS aims at creating a prototype-implementation of a virtualized honeypot for the most commonly used mobile platforms. All possible requirements for creating a vitrualized mobile honeypot will be analyzed, including aspects like possible attack vectors to be covered as well as the target platform.

Objective 3: Detection of deviations from normal behaviour

NEMESYS focuses on the optimization of information network security by: (i) identifying and predicting abnormal patterns using lightweight anomaly detection techniques running on the smart mobile devices, (ii) building anomaly detection modules based on signalling protocols for mobile networks and on real-time exploitation of billing systems in billed and prepaid environments, (iii) detecting abnormal events within the now emerging femtocell architectures.

Objective 4: Hypothesis formulation and visual validation

NEMESYS builds the modules and the corresponding visual analytics techniques for an interactive tool that will facilitate the analyst in reasoning, hypothesis testing and decision making. These highly novel tools will leverage the experience gained from the VIS-SENSE project and will utilize information from all information layers, including low-level network data, data from the control plane (signalling and billing information), results from the developed algorithms and others.
Last Update: 26/11/2013 17:23