At a glance Full Project Title Enhanced Network Security for Seamless Service Provisioning in the Smart Mobile Ecosystem (NEMESYS) Project Objectives The main goal of NEMESYS is the research and development of novel security technologies for seamless service provisioning in the smart mobile ecosystem. Mobile and smartphone security is a fast moving field. To this end, NEMESYS gathers and analyses information about the nature of cyber attacks targeting smart mobile devices, so that appropriate countermeasures can be taken to combat them. Project Funding NEMESYS is an EU FP7-ICT funded project, under the grant agreement no: 317888.
NEMESYS Architecture would have been driving will be working on their tablet while the car drives itself,” continues Professor Gelenbe. “Now, driving itself means more than just driving, it also means communicating between cars, and the walls and barriers on the road. A mobile network threat can the impair the physical security of the driver and the car.” An attack on the mobile network underpinning these communications would clearly have serious consequences, underlining the importance of security in the smart mobile ecosystem. Professor Gelenbe says the issue is becoming evermore pressing. “We really need to understand how we can render the system resilient, secure and stable,” he stresses. The project is developing novel security technologies for this purpose. “One set of technologies is related to how we select and change various parameters in existing networks, so that attacks are detected and rapidly mitigated. They’re related to our understanding of the overall design. Some parameters cannot be changed overnight, so any change to the system is going to be gradual and based on consensus,” continues Professor Gelenbe. “The system is parameterized in many different ways, and you can modify the parameters to, on the one hand, detect attacks, and on the other hand render them ineffective or less harmful.” The project is also developing a layer of software that encapsulates operating systems, which will be used to gather further data. Operating systems on mobile devices have certain transition steps in their behaviour, from which information can be collected about attacks. “If certain transitions happen more frequently than
www.euresearcher.com
others, then this is an indication that there is some kind of anomalous behaviour,” explains Professor Gelenbe. Researchers are developing software that can gather information from honey-pots. “A mobile phone may be targeted by an attack, so we create software that gathers information about that attack, and then analyse it and do the transition analysis I talked about, at the operating system level,” outlines Professor Gelenbe. “Then of course this information must go back to a reporting and analysis system.”
Project Partners The NEMESYS Consortium consists of 6 complementary partners from 5 different European Countries, namely United Kingdom, Greece, Spain, Germany and Italy. Contact Details Project Coordinator, Professor Erol Gelenbe Imperial College London T: +44 207 594 6342 E: e.gelenbe@imperial.ac.uk W: www.nemesys-project.eu
Professor Erol Gelenbe
Statistical analysis This system is based on network-wide statistical analysis and also includes a visual component to help detect, identify and analyse threats. While it’s difficult to predict the nature, extent and timing of a cyber-attack, Professor Gelenbe says it is possible to prepare for when they do occur. “What you can do is look at the technology that’s being deployed and try to see how you can detect an attack when it happens,” he outlines. This of course is an issue that concerns both government and industry, and Professor Gelenbe and his colleagues are keen to translate their research into practical improvements. “We’re talking to governments about regulatory and policy issues, which could have wider implications,” he says. “We are also discussing possible extensions in the form of new enterprises and new research projects. We are dealing with exploitation, looking at the parts of the project that could be transferred to industry, or sold or commercialised – either by companies from within our project group, or from outside.”
Erol Gelenbe was born in Istanbul, and graduated from Ankara College and the Middle East Technical University in Turkey. He is a Fellow of IEEE and ACM, a Member of the French National Academy of Engineering, and of the Science Academies of Hungary, Poland and Turkey. He has held Chaired Professorships at the Universities of Liege (Belgium), Paris Orsay, Paris Rene-Descartes, Duke University, and the University of Central Florida, before joining Imperial as the Professor in the Dennis Gabor Chair. His work has earned him technical awards from ACM (USA), the Institution for Engineering and Technology (UK), the French Academy of Sciences and the Parlar Foundation in Turkey.
71