RAMSES | Internet Forensic platform for tracking the money flow of financially-motivated malware

Summary
The Internet has become a key piece of any business activity. Criminal activity is not an exception. Some crimes previous to the Internet, such as thefts and scams, have found in the Internet the perfect tool for developing their activities. The Internet allows criminals hiding their real identity and the possibility to purchase specific tools for stealing sensitive data with a very low investment.

The overall objective of RAMSES is to design and develop a holistic, intelligent, scalable and modular platform for Law Enforcement Agencies (LEAs) to facilitate digital Forensic Investigations. The system will extract, analyse, link and interpret information extracted from Internet related with financially-motivated malware.

Customers, developers and malware victims will be included in order to obtain a better understanding of how and where malware is spread and to get to the source of the threat. To achieve these ambitious objectives, this project will rely on disruptive Big Data technologies to firstly extract and storage, and secondly look for patterns of fraudulent behaviour in enormous amounts of unstructured and structured data. We will focus on 2 case studies: ransomware and banking Trojans.

In order to this, RAMSES brings together the latest technologies to develop an intelligent software platform, combining scraping of public and deep web, detecting manipulation and steganalysis for images and videos, tracking malware payments, extraction and analysis of malware samples and Big Data analysis and visualizations tools.

Validation pilots will take place in three different EU countries (Portugal, Belgium and Spain) being the first a mono-LEA pilot in each site and the second a collaborative investigation pilot between several LEAs.

Commercial potential will be validated during the project supported by a feasibility study to assess determinants for the adoption of the platform and appropriate business models.
Unfold all
/
Fold all
More information & hyperlinks
Web resources: https://cordis.europa.eu/project/id/700326
Start date: 01-09-2016
End date: 30-11-2019
Total budget - Public funding: 3 785 931,86 Euro - 3 532 000,00 Euro
Cordis data

Original description

The Internet has become a key piece of any business activity. Criminal activity is not an exception. Some crimes previous to the Internet, such as thefts and scams, have found in the Internet the perfect tool for developing their activities. The Internet allows criminals hiding their real identity and the possibility to purchase specific tools for stealing sensitive data with a very low investment.

The overall objective of RAMSES is to design and develop a holistic, intelligent, scalable and modular platform for Law Enforcement Agencies (LEAs) to facilitate digital Forensic Investigations. The system will extract, analyse, link and interpret information extracted from Internet related with financially-motivated malware.

Customers, developers and malware victims will be included in order to obtain a better understanding of how and where malware is spread and to get to the source of the threat. To achieve these ambitious objectives, this project will rely on disruptive Big Data technologies to firstly extract and storage, and secondly look for patterns of fraudulent behaviour in enormous amounts of unstructured and structured data. We will focus on 2 case studies: ransomware and banking Trojans.

In order to this, RAMSES brings together the latest technologies to develop an intelligent software platform, combining scraping of public and deep web, detecting manipulation and steganalysis for images and videos, tracking malware payments, extraction and analysis of malware samples and Big Data analysis and visualizations tools.

Validation pilots will take place in three different EU countries (Portugal, Belgium and Spain) being the first a mono-LEA pilot in each site and the second a collaborative investigation pilot between several LEAs.

Commercial potential will be validated during the project supported by a feasibility study to assess determinants for the adoption of the platform and appropriate business models.

Status

CLOSED

Call topic

FCT-04-2015

Update Date

27-10-2022
Images
No images available.
Geographical location(s)
Structured mapping
Unfold all
/
Fold all
Horizon 2020
H2020-EU.3. SOCIETAL CHALLENGES
H2020-EU.3.7. Secure societies - Protecting freedom and security of Europe and its citizens
H2020-EU.3.7.0. Cross-cutting call topics
H2020-FCT-2015
FCT-04-2015 Forensics topic 4: Internet Forensics to combat organized crime