The ESUKOM project aims to develop a real-time security solution for enterprise networks that works based upon the correlation of metadata. A key challenge for ESUKOM is the steadily increasing adoption of mobile consumer electronic devices (smartphones) for business purposes which generate new threats for enterprise networks. ESUKOM focuses on the integration of available and widely deployed security components (both commercial and open source) based upon the Trusted Computing Group's IF-MAP specification.
For explanation of the possibilities of the prototype, several videos have been produced to show the different use case scenarios:
- ESUKOM demo video (1): Real-time Enforcement
- ESUKOM demo video (2): Location Based Services
- ESUKOM demo video (3): Anomaly Detection
- ESUKOM demo video (4): MalApp-Detection
At the use case scenario "real-time enforcement" enables immediate reaction on identified anomalies by any component that can help to mitigate the potential damage (like flow controllers and net-work enforcement points). The "location-based services" provisions services based upon the smartphone’s location as well as to support detection capabilities (like the Anomaly and MalApp detection compo-nents) by providing location information on users and devices. For "anomaly detection" the consolidation of metadata has been created by different components in order to detect outliers, indicating potential fraud activities. Furthermore, smartphone driven attack patterns (like sensory malware approaches) will be analyzed. To defend against the spread of potentially malicious applications and to limit the amount of damage they can cause to the respective business environment, "MalApp detection" has been developed. This also implies to develop new means in order to assess the security state of a smartphone in-cluding its installed applications and their respective privileges that go beyond well-known approaches like Trusted Computing or application certification.
The videos can be access directly and should explain the prototype in detail. Further information can be requested by our contact form if your are interested in.
