What are the risks posed by mobile apps? #CyberSecMonth
Anyone who owns a smartphone probably uses mobile apps. These everyday helpers track, push and accompany us from morning to night. In order to adapt to users and run their services, they need access to extensive private information. Criminals can access this data via malicious apps and process it to the detriment of users who may not even be aware of it. Consequently, very sensitive information, such as access data or data on financial transactions, can be tapped with deceptive or missing protection.
With its platform, the start-up project Queryella enables the in-depth inspection of mobile apps for security vulnerabilities and data protection breaches in order to prevent this from happening.
Queryella uses machine learning to analyze apps for security vulnerabilities and unauthorized, or undetected, data flows. The security vulnerabilities or threats are often contained in “hidden code” that is obfuscated. The platform automatically detects whether such obfuscated code is contained based on ML.
The analysis of apps is just the beginning. Further development will focus on business software, such as CRM systems, and thus promises broad application possibilities.
The originators of the ideas, Dr. Leonid Glanz, Dr. Lars Baumgärtner, Patrick Müller and Florian Breitfelder, come from the research team of Prof. Mira Mezini, hessian.AI Co-Director and PI at the Department of Computer Science at TU Darmstadt.
About the European Cybersecurity Month
Since 2012, European Cybersecurity Month (ECSM) has been a pan-European format to promote cybersecurity. Every Thursday in October 2022, hessian.AI, the Hessian Center for Artificial Intelligence, and the Department of Computer Science at TU Darmstadt provide insights into how artificial intelligence and cybersecurity successfully interact and benefit from each other.