Objective
Today’s industry is more vulnerable to cyberattacks than ever. The biggest threat comes from advanced
persistent threats that targets the sensitive data of a specific company. Such a threat may come along as
an innocuous app that starts its malicious behavior only when the mobile logs into the corporate network.
At the same time, such threats can be made undetectable through testing or code analysis.
The ERC SPECMATE project has developed a technology named BOXMATE that protects against unexpected
changes of app behavior and thus drastically reduces the attack surface of mobile applications.
The key idea is to mine app behavior by executing generated tests, systematically exploring the program’s
accesses to sensitive data. During production, the app then is placed in a sandbox, which prohibits
accesses not seen during testing.
This combination of test generation and sandboxing effectively protects against advanced persistent
threats. To access sensitive data during production, the app already must do so during testing—where
tracing makes it easy to discover and assess. BOXMATE neither does not need to collect user data: All
app behavior is assessed during testing already. Finally, BOXMATE requires no knowledge about source
or binary code, and thus easily handles arbitrarily obfuscated or obscure third-party apps. BOXMATE is
currently being patented worldwide.
We want to turn the BOXMATE approach into a full mobile security solution for corporate and end
users. This proposal aims at producing a full-fledged prototype that can be demonstrated to potential
customers, most notably app vendors and mobile infrastructure providers; as well as developing an
adequate marketing strategy exploring and responding to the needs of the market.
This proposal is fueled by the principal investigator, Andreas Zeller, one of the world’s leading experts
in software test generation and specification mining.
Fields of science (EuroSciVoc)
CORDIS classifies projects with EuroSciVoc, a multilingual taxonomy of fields of science, through a semi-automatic process based on NLP techniques. See: The European Science Vocabulary.
CORDIS classifies projects with EuroSciVoc, a multilingual taxonomy of fields of science, through a semi-automatic process based on NLP techniques. See: The European Science Vocabulary.
You need to log in or register to use this function
We are sorry... an unexpected error occurred during execution.
You need to be authenticated. Your session might have expired.
Thank you for your feedback. You will soon receive an email to confirm the submission. If you have selected to be notified about the reporting status, you will also be contacted when the reporting status will change.
Programme(s)
Multi-annual funding programmes that define the EU’s priorities for research and innovation.
Multi-annual funding programmes that define the EU’s priorities for research and innovation.
-
H2020-EU.1.1. - EXCELLENT SCIENCE - European Research Council (ERC)
MAIN PROGRAMME
See all projects funded under this programme
Topic(s)
Calls for proposals are divided into topics. A topic defines a specific subject or area for which applicants can submit proposals. The description of a topic comprises its specific scope and the expected impact of the funded project.
Calls for proposals are divided into topics. A topic defines a specific subject or area for which applicants can submit proposals. The description of a topic comprises its specific scope and the expected impact of the funded project.
Funding Scheme
Funding scheme (or “Type of Action”) inside a programme with common features. It specifies: the scope of what is funded; the reimbursement rate; specific evaluation criteria to qualify for funding; and the use of simplified forms of costs like lump sums.
Funding scheme (or “Type of Action”) inside a programme with common features. It specifies: the scope of what is funded; the reimbursement rate; specific evaluation criteria to qualify for funding; and the use of simplified forms of costs like lump sums.
ERC-POC - Proof of Concept Grant
See all projects funded under this funding scheme
Call for proposal
Procedure for inviting applicants to submit project proposals, with the aim of receiving EU funding.
Procedure for inviting applicants to submit project proposals, with the aim of receiving EU funding.
(opens in new window) ERC-2016-PoC
See all projects funded under this callHost institution
Net EU financial contribution. The sum of money that the participant receives, deducted by the EU contribution to its linked third party. It considers the distribution of the EU financial contribution between direct beneficiaries of the project and other types of participants, like third-party participants.
66123 Saarbrucken
Germany
The total costs incurred by this organisation to participate in the project, including direct and indirect costs. This amount is a subset of the overall project budget.