A Model of Virus Infection Dynamics in Mobile Personal Area Network

In this paper, the authors explore the mobile network security focused on the virus threat. Firstly, the authors explain the importance of mobile network security which sometimes not really takes into considerations by users. This paper then explains the virus threat of mobile devices virus where it explains how the viruses spread. The threats can be in three major forms namely the virus spreading via mobile personal area network, virus spreading via internet access and virus spreading via messaging. Lastly a model explains the dynamics of the infection on Mobile Network is introduced

Mobile Malware and Smart Device Security: Trends, Challenges and Solutions

This work is part of the research to study trends and challenges of cyber security to smart devices in smart homes. We have seen the development and demand for seamless interconnectivity of smart devices to provide various functionality and abilities to users. While these devices provide more features and functionality, they also introduce new risks and threats. Subsequently, current cyber security issues related to smart devices are discussed and analyzed. The paper begins with related background and motivation. We identified mobile malware as one of the main issue in the smart devices' security. In the near future, mobile smart device users can expect to see a striking increase in malware and notable advancements in malware-related attacks, particularly on the Android platform as the user base has grown exponentially. We discuss and analyzed mobile malware in details and identified challenges and future trends in this area. Then we propose and discuss an integrated security solution for cyber security in smart devices to tackle the issue

Design of a hybrid command and control mobile botnet

The increasing popularity and improvement in capabilities offered by smartphones caught the attention of botnet developers. Now the threat of botnets is moving towards the mobile environment. This study presents the design of a hybrid command and control mobile botnet. The hybrid design explores the efficiency of multiple command and control channels against the following objectives: no single point of failure within the topology, low cost for command dissemination, limited network activities and low battery consumption. The objectives are measured with a prototype that is deployed on a small collection of Android-based smartphones. The results indicate that current mobile technology exhibits all the capabilities needed to create a mobile botnet.http://www.jinfowar.comam2017Computer Scienc

Bluetooth command and control channel

Bluetooth is popular technology for short-range communications and is incorporated in mobile devices such as smartphones, tablet computers and laptops. Vulnerabilities associated with Bluetooth technology led to improved security measures surrounding Bluetooth connections. Besides the improvement in security features, Bluetooth technology is still plagued by vulnerability exploits. This paper explores the development of a physical Bluetooth C&C channel, moving beyond previous research that mostly relied on simulations. In order to develop a physical channel, certain requirements must be fulfilled and specific aspects regarding Bluetooth technology must be taken into consideration. To measure performance, the newly designed Bluetooth C&C channel is executed in a controlled environment using the Android operating system as a development platform. The results show that a physical Bluetooth C&C channel is indeed possible and the paper concludes by identifying potential strengths and weaknesses of the new channel.http://www.elsevier.com/locate/cosehb2016Computer Scienc

Detection of Advanced Bots in Smartphones through User Profiling

abstract: This thesis addresses the ever increasing threat of botnets in the smartphone domain and focuses on the Android platform and the botnets using Online Social Networks (OSNs) as Command and Control (C&C;) medium. With any botnet, C&C; is one of the components on which the survival of botnet depends. Individual bots use the C&C; channel to receive commands and send the data. This thesis develops active host based approach for identifying the presence of bot based on the anomalies in the usage patterns of the user before and after the bot is installed on the user smartphone and alerting the user to the presence of the bot. A profile is constructed for each user based on the regular web usage patterns (achieved by intercepting the http(s) traffic) and implementing machine learning techniques to continuously learn the user's behavior and changes in the behavior and all the while looking for any anomalies in the user behavior above a threshold which will cause the user to be notified of the anomalous traffic. A prototype bot which uses OSN s as C&C; channel is constructed and used for testing. Users are given smartphones(Nexus 4 and Galaxy Nexus) running Application proxy which intercepts http(s) traffic and relay it to a server which uses the traffic and constructs the model for a particular user and look for any signs of anomalies. This approach lays the groundwork for the future host-based counter measures for smartphone botnets using OSN s as C&C; channel.Dissertation/ThesisM.S. Computer Science 201

Short Message Service (SMS) Command and Control (C2) Awareness in Android-based Smartphones using Kernel-Level Auditing

This thesis addresses the emerging threat of botnets in the smartphone domain and focuses on the Android platform and botnets using short message service (SMS) as the command and control (C2) channel. With any botnet, C2 is the most important component contributing to its overall resilience, stealthiness, and effectiveness. This thesis develops a passive host-based approach for identifying covert SMS traffic and providing awareness to the user. Modifying the kernel and implementing this awareness mechanism is achieved by developing and inserting a loadable kernel module that logs all inbound SMS messages as they are sent from the baseband radio to the application processor. The design is successfully implemented on an HTC Nexus One Android smartphone and validated with tests using an Android SMS bot from the literature. The module successfully logs all messages including bot messages that are hidden from user applications. Suspicious messages are then identified by comparing the SMS application message list with the kernel log\u27s list of events. This approach lays the groundwork for future host-based countermeasures for smartphone botnets and SMS-based botnets

A Survey on Security for Mobile Devices

Nowadays, mobile devices are an important part of our everyday lives since they enable us to access a large variety of ubiquitous services. In recent years, the availability of these ubiquitous and mobile services has signicantly increased due to the dierent form of connectivity provided by mobile devices, such as GSM, GPRS, Bluetooth and Wi-Fi. In the same trend, the number and typologies of vulnerabilities exploiting these services and communication channels have increased as well. Therefore, smartphones may now represent an ideal target for malware writers. As the number of vulnerabilities and, hence, of attacks increase, there has been a corresponding rise of security solutions proposed by researchers. Due to the fact that this research eld is immature and still unexplored in depth, with this paper we aim to provide a structured and comprehensive overview of the research on security solutions for mobile devices. This paper surveys the state of the art on threats, vulnerabilities and security solutions over the period 2004-2011. We focus on high-level attacks, such those to user applications, through SMS/MMS, denial-of-service, overcharging and privacy. We group existing approaches aimed at protecting mobile devices against these classes of attacks into dierent categories, based upon the detection principles, architectures, collected data and operating systems, especially focusing on IDS-based models and tools. With this categorization we aim to provide an easy and concise view of the underlying model adopted by each approach

Evaluating Bluetooth as a Medium for Botnet Command and Control

Malware targeting mobile phones is being studied with increasing interest by the research community. While such attention has previously focused on viruses and worms, many of which use near-field communications in order to propagate, none have investigated whether more complex malware such as botnets can effectively operate in this environment. In this paper, we investigate the challenges of constructing and maintaining mobile phone-based botnets communicating nearly exclusively via Bluetooth. Through extensive large-scale simulation based on publicly available Bluetooth traces, we demonstrate that such a malicious infrastructure is possible in many areas due to the largely repetitive nature of human daily routines. In particular, we demonstrate that command and control messages can propagate to approximately 2/3 of infected nodes within 24 hours of being issued by the botmaster. We then explore how traditional defense mechanisms can be modified to take advantage of the same information to more effectively mitigate such systems. In so doing, we demonstrate that mobile phone-based botnets are a realistic threat and that defensive strategies should be modified to consider them

An integrated networkbased mobile botnet detection system

The increase in the use of mobile devices has made them target for attackers, through the use of sophisticated malware. One of the most significant types of such malware is mobile botnets. Due to their continually evolving nature, botnets are difficult to tackle through signature and traditional anomaly based detection methods. Machine learning techniques have also been used for this purpose. However, the study of their effectiveness has shown methodological weaknesses that have prevented the emergence of conclusive and thorough evidence about their merit. To address this problem, in this thesis we propose a mobile botnet detection system, called MBotCS and report the outcomes of a comprehensive experimental study of mobile botnet detection using supervised machine learning techniques to analyse network traffic and system calls on Android mobile devices. The research covers a range of botnet detection scenarios that is wider from what explored so far, explores atomic and box learning algorithms, and investigates thoroughly the sensitivity of the algorithm performance on different factors (algorithms, features of network traffic, system call data aggregation periods, and botnets vs normal applications and so on). These experiments have been evaluated using real mobile device traffic, and system call captured from Android mobile devices, running normal apps and mobile botnets. The experiments study has several superiorities comparing with existing research. Firstly, experiments use not only atomic but also box ML classifiers. Secondly, a comprehensive set of Android mobile botnets, which had not been considered previously, without relying on any form of synthetic training data. Thirdly, experiments contain a wider set of detection scenarios including unknown botnets and normal applications. Finally, experiments include the statistical significance of differences in detection performance measures with respect to different factors. The study resulted in positive evidence about the effectiveness of the supervised learning approach, as a solution to the mobile botnet detection problem