Skip links

MMI

Solution for securing mobile devices

MMI detects malware-specific behaviors with the help of an agent installed on the mobile device, performs behavioral analysis of the device's Internet traffic, forensics and reverse engineering of the applications installed on the device.

Solution overview

Currently, there is a tendency for attackers to increasingly target mobile devices, given their permanent connection to the Internet and the large amounts of personal or work-related data stored on them. MMI is a software product developed by Safetech Innovations with the objectives of ensuring the detection of suspicious applications, suspicious behavior, lack of security elements of the mobile device, and suspicious traffic. The solution is delivered as a complete platform, combining several technologies, some of which include artificial intelligence, in order to provide good coverage of all objectives. The platform addresses mobile devices with Android and iOS operating systems and can be used concurrently by several users, with individual permissions. 

Key functionalities of MMI

MMI is structured in four sections, which address the following aspects of mobile device security:

  • Monitoring, with an agent installed on the mobile device,
  • Behavioral analysis of the internet traffic of the device,
  • Forensic investigations,
  • Reverse engineering investigations.

The monitoring module

This module uses information transmitted by a software agent installed on the mobile device (Android or iOS), which transmits information to the central security platform. The mobile application on the device collects information specific to suspicious behavior, working even when the device is not connected to the central platform. The app can detect anomalous behavior of the mobile device, by identifying activities specific to malware, and alerts the user about the suspicious activities and suggests different malware blocking and troubleshooting actions.

Behavioral traffic analysis module

The module handles the capture and analysis of internet traffic carried out by the mobile device. Based on learned patterns, this module classifies recorded traffic as either malicious or benign. Real malware samples were used to build the data model, the malware-associated traffic (malignant traffic) was inspected, and legitimate (benign) traffic made by regular, trusted applications was used as the baseline.

Forensic investigations module

This module has the role of interrogating the mobile device to extract useful information from a security point of view. The module can collect the information as long as the mobile device is connected. The information extracted includes:

  • Device status (rooted or not / jailbroken),,
  • List of installed applications,
  • Application installation source (official store, or by other means),
  • The security score of all information.

Reverse engineering investigations module

The module uses the information from the previous module, in the sense that the applications identified on the device are downloaded to the platform and are investigated in detail in terms of the application code, the URLs to which they connect, the requested permissions, and other security identifiers. Based on this information, a security score is also calculated for each scanned application.

The security solution includes a reporting module, in which all information specific to a mobile device is aggregated; the generated report can be downloaded as a file in docx format.

Main benefits of MMI

By using MMI:

You will improve your level of cyber security of mobile devices in your organization, ensuring the detection of suspicious applications, suspicious behavior, lack of security elements of the mobile device, and suspicious traffic,

You can extend your solution's security functionality by using the Safetech Computer Emergency Response Team (STI CERT®) services to monitor, detect and respond to security threats, with 24h/24h coverage, using a team structured on 3 levels (detection, response and advanced technical support), with certified specialists (ISC)², ISACA and EC-Council.

The entire MMI platform uses the latest programming technologies and is tested by information security experts to ensure that it is sufficiently protected against attackers.