See when you stumble upon a suspicious URL

Monitoring and reporting malicious events on your Android device.

Cyber threat of botnets

The cyber threat of botnets is of great concern due to the way and intensity it is spreading, using countless hijacked resources to realize cyber-attacks. Since the vast majority of the C&C communications are HTTP-based, similar techniques that apply on personal computers and existing malware infrastructure can be reused on mobile devices.

The detection methods

The detection methods are based on known attacks (SMS hijacks, visiting malicious URLs, detecting master key exploits). Not expecting to have to “root” devices to install the solution. Main concerns are security, speed, data transfer amount and battery life impact on the device. This version is integrated with ACDC - the Advanced Cyber Defence Centre project.

ACDC provides a solution for mobile platforms

Solution consists of a broker GCMServer and mobile sensors Device Monitor. GCMServer tool acts as a broker, and can be extended with connectors towards external database of malicious events. Currently we provide support for STIX, standard DB connectors (mysql backend), but are not limited to these.


A MOBILE APPLICATION

Device Monitor

AN INTRUSION
DETECTION SYSTEM

Suricata IDS


AN ANALYTICS SERVICE

EventCorrelator


A BRIDGE SERVICE

GCMServer

Device Monitor provides more network security

DETECTION OF MALICIOUS AND SUSPICIOUS APPLICATIONS

Master key and Fake ID exploit are detected through inspection of device's APKs. Users are warned about priviledged applications that could leak private data. Detection is also done by searching the knowledgebase of malicious applications via central-clearinghouse API.

DETECTION OF CONNECTIONS TO END-POINTS REPORTED MALICIOUS WITHIN MALWARE/CCH DATABASES

By examining operating system's list of network connections (/proc/net/tcp) and comparing them to the filter provided by GCMServer connections are reported back to the GCMServer.

SMS HIJACK DETECTION

Hooking to Android's broadcast SMSReceive event and monitoring the user's SMS database, Device Monitor detects messages that could be intercepted by potentially malicious applications.

Better protect your resources
- Enterprise Software

Have you ever wondered if your employee’s online choices put your business at risk of infecting your corporate network?

The branding of our solution is customizable and can easily be integrated into an enterprise network. Our ultimate goal is for enterprise users to be able to carry out work without the risk of corporate or personal data leakage.

Contact us for a free trial.

Contact us

Better protect your resources
- Enterprise Software

Have you ever wondered if your employee’s online choices put your business at risk of infecting your corporate network?

The branding of our solution is customizable and can easily be integrated into an enterprise network. Our ultimate goal is for enterprise users to be able to carry out work without the risk of corporate or personal data leakage. Contact us for a free trial.

Contact us

This version is integrated with

ACDC - the Advanced Cyber Defence Centre project

ACDC, the European Cyber Defence Centre, is a community of stakeholders joining forces to fight botnets. Operating since February 2013 as an EU CIP funded pilot project involving 28 partners from 14 countries, for a duration of 30 months until July 2015.

Beyond July 2015, ACDC aims to continue operating as a self-sustained Centre building on its value as delivering the largest European source of data acquired through operators and end-users and a full set of solutions targeted both to help operators and end-users detect, mitigate and recover from botnet attacks.

Visit website


SiteSecurity TrustSeal issued for devicemonitor.eu by cyscon GmbH