Reality mining: sensing complex social systems
Personal and Ubiquitous Computing
Understanding the network-level behavior of spammers
Proceedings of the 2006 conference on Applications, technologies, architectures, and protocols for computer communications
A preliminary investigation of worm infections in a bluetooth environment
Proceedings of the 4th ACM workshop on Recurring malcode
Vulnerability Analysis of MMS User Agents
ACSAC '06 Proceedings of the 22nd Annual Computer Security Applications Conference
Bluetooth Worms: Models, Dynamics, and Defense Implications
ACSAC '06 Proceedings of the 22nd Annual Computer Security Applications Conference
Bluetooth worm propagation: mobility pattern matters!
ASIACCS '07 Proceedings of the 2nd ACM symposium on Information, computer and communications security
The Zombie roundup: understanding, detecting, and disrupting botnets
SRUTI'05 Proceedings of the Steps to Reducing Unwanted Traffic on the Internet on Steps to Reducing Unwanted Traffic on the Internet Workshop
Publius: a robust, tamper-evident, censorship-resistant web publishing system
SSYM'00 Proceedings of the 9th conference on USENIX Security Symposium - Volume 9
Tor: the second-generation onion router
SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
BlueTorrent: Cooperative Content Sharing for Bluetooth Users
PERCOM '07 Proceedings of the Fifth IEEE International Conference on Pervasive Computing and Communications
Modeling Propagation Dynamics of Bluetooth Worms
ICDCS '07 Proceedings of the 27th International Conference on Distributed Computing Systems
Can you infect me now?: malware propagation in mobile phone networks
Proceedings of the 2007 ACM workshop on Recurring malcode
My botnet is bigger than yours (maybe, better than yours): why size estimates remain challenging
HotBots'07 Proceedings of the first conference on First Workshop on Hot Topics in Understanding Botnets
BotHunter: detecting malware infection through IDS-driven dialog correlation
SS'07 Proceedings of 16th USENIX Security Symposium on USENIX Security Symposium
Exploiting open functionality in SMS-capable cellular networks
Journal of Computer Security
SS'08 Proceedings of the 17th conference on Security symposium
SS'08 Proceedings of the 17th conference on Security symposium
Studying spamming botnets using Botlab
NSDI'09 Proceedings of the 6th USENIX symposium on Networked systems design and implementation
On cellular botnets: measuring the impact of malicious devices on a cellular network core
Proceedings of the 16th ACM conference on Computer and communications security
Botnet tracking: exploring a root-cause methodology to prevent distributed denial-of-service attacks
ESORICS'05 Proceedings of the 10th European conference on Research in Computer Security
Evading cellular data monitoring with human movement networks
HotSec'10 Proceedings of the 5th USENIX conference on Hot topics in security
Andbot: towards advanced mobile botnets
LEET'11 Proceedings of the 4th USENIX conference on Large-scale exploits and emergent threats
A SMS-based mobile Botnet using flooding algorithm
WISTP'11 Proceedings of the 5th IFIP WG 11.2 international conference on Information security theory and practice: security and privacy of mobile devices in wireless communication
Quantitatively analyzing stealthy communication channels
ACNS'11 Proceedings of the 9th international conference on Applied cryptography and network security
SkyNET: a 3G-enabled mobile attack drone and stealth botmaster
WOOT'11 Proceedings of the 5th USENIX conference on Offensive technologies
Design of SMS commanded-and-controlled and P2P-structured mobile botnets
Proceedings of the fifth ACM conference on Security and Privacy in Wireless and Mobile Networks
Proceedings of the 28th Annual Computer Security Applications Conference
Botnet command and control based on Short Message Service and human mobility
Computer Networks: The International Journal of Computer and Telecommunications Networking
Sensing-enabled channels for hard-to-detect command and control of mobile devices
Proceedings of the 8th ACM SIGSAC symposium on Information, computer and communications security
| Hi-index | 0.00 |
Malware targeting mobile phones is being studied with increasing interest by the research community. While such attention has previously focused on viruses and worms, many of which use near-field communications in order to propagate, none have investigated whether more complex malware such as bot-nets can effectively operate in this environment. In this paper, we investigate the challenges of constructing and maintaining mobile phone-based botnets communicating nearly exclusively via Bluetooth. Through extensive large-scale simulation based on publicly available Bluetooth traces, we demonstrate that such a malicious infrastructure is possible in many areas due to the largely repetitive nature of human daily routines. In particular, we demonstrate that command and control messages can propagate to approximately 2/3 of infected nodes within 24 hours of being issued by the botmaster. We then explore how traditional defense mechanisms can be modified to take advantage of the same information to more effectively mitigate such systems. In so doing, we demonstrate that mobile phone-based botnets are a realistic threat and that defensive strategies should be modified to consider them.