DeCoIMa: Detection of and Countermeasures against Information hiding-based Malware

Headed by:
Dr. Michal Choras
Project Status:
from November 01, 2017 to August 31, 2019
Warsaw Technical University, Poland Institute of Intelligent Systems for Automation (ISSIA) of the National Research Council of Italy (CNR), Genova, Italy; netzfactor GmbH, Bochum


Malware and Ransomware (encrypts user data and demands ransom) are major threats in the 2016 Internet Organized Crime Threat Assessment (IOCTA) of the European Cybercrime Center (EC3, Europol).

Locky, the newest example, most often attacks targets in Germany. Hence it is important for Germany to develop effective measures for detection and removal of computer infections with malware. These measures are getting more difficult, as newer malware uses elaborate data hiding techniques, with only specialized counter measures available.

The proposed project first forms a consortium of partners with relevant and complementary expertise in cyber security, and prepares a H2020 project proposal to develop new methods for detection and removal of complex malware. The consortium will consist of universities, research institutions, and small and medium enterprises from different target states, with a mix of complementary specializations.

After an analysis of necessary and available competencies, institutions in target countries will be searched for potential partners, which will be contacted, and the most promising visited. When the consortium for the H2020 project proposal is complete, a meeting (workshop) of all partners will be held, and the drafting of the proposal will begin.

Contact: Dr. Michal Choras