Big Data Against Cyberattackers

Cyberattacks pose a major risk for companies. ETH spin-off Exeon Analytics has developed a piece of software that uses big data to help companies protect themselves against data theft. The first licenses are expected to be sold in the coming weeks.

Exeon Analytics monitors data traffic on the Internet highway for possible cyber attacks. (Photograph:

When we surf the internet, we generate massive volumes of data. Clicking on the homepage of a Swiss news portal, for example, establishes contact with more than 30 other web servers – ranging from web and analytics services to ad providers and social networks. For the operators of large company networks, this becomes a problem in the fight against cyberattacks or data leaks, since detecting conspicuous operations among millions of web activities is akin to finding a needle in a haystack. ETH spin-off Exeon Analytics AG offers a solution: its big data-based software, called ExeonTrace, is designed to help companies improve the security of their IT networks.

Machine learns internet activities

David Gugelmann, founder and CEO of Exeon Analytics, describes the problem: “Cyberattackers no longer have to hide, as they blend in easily with the millions of other normal web activities.” The ExeonTrace algorithm changes this: it uses machine learning to restore a user’s true internet activities and identifies an attacker’s covert actions among millions of data points. Thus, cyberattackers can be blocked early before data thefts happen. The software developed by Exeon Analytics offers companies another advantage, however: “Our analytics help customers understand what is happening within their own IT networks,” says Gugelmann.

But why are the conventional antivirus programs not enough? “Our software helps to combat a new generation of malware,” explains Gugelmann. This is a sophisticated, constant threat known as “advanced persistent threats” (APT). Unlike normal viruses, which usually infect a very large number of users and therefore can be detected by common antivirus software, APTs are developed specifically to steal data from a certain company. “This is why they often go unnoticed for a very long time,” says Gugelmann. In 2016, for example, defense company Ruag discovered that a total of 20 gigabytes of data had been stolen over the course of several months.

Steady growth

Exeon Analytics founders Adrian Gaemperli (l.) and David Gugelmann. (Photograph: Exeon Analytics)

The groundwork for Exeon Analytics was laid by 33-year-old Gugelmann while he was working on his doctorate at ETH. His publication on network forensics not only received an award, but also generated a great deal of interest in the industry. Gugelmann continued to develop his technology and in order to turn it into a product, he decided to establish a company in August 2016.

Adrian Gämperli joined him at the end of 2016. The 29-year-old had already met Gugelmann during his studies in the Department of Information Technology and Electrical Engineering at ETH. He subsequently worked as a “penetration tester”, which involved testing company websites for security vulnerabilities. Today, Gämperli is CTO of the start-up, which has a total of five employees. An additional two or three may be added in the near future, he says. “Due to space limitations, we will soon need to move out of our ETH office to a larger space.”

Banks showing much interest

Exeon Analytics’ potential customers are large companies that place a premium on data security. More specifically, large Swiss banks have shown the most interest in the software so far. Their interest is great, since from mid-2018 regulatory tightening threatens to impose major fines on companies that do not adequately protect sensitive user data.

At the moment, Exeon Analytics is focusing on the Swiss market, but Gugelmann says he will also be looking at other countries from next year. Exeon Analytics is already looking into various possibilities for international partnerships: “We see our business model as complementary to existing IT security software.” The start-up is in a good position to carry out a project with a large company, in order to help it enter the highly competitive data security market. After all, there are dozens of global IT security solutions providers that might make good potential partners.

First licenses on sale soon

Currently, the start-up is still financed externally. In February, it completed a successful financing round that in addition to several business angels also included the funding initiative Venture Kick and the Hasler Foundation. “This is enough to get us through the next year and a half. But our goal is to generate revenue through software licenses as soon as possible,” says Gugelmann. The final tests are currently in progress in collaboration with companies, and the software is being finalised. The first licenses will be available for purchase in May.

Source : ETH Zurich