Towards an Intrusion Detection System for Battery Exhaustion Attacks on Mobile Computing Devices
PERCOMW '05 Proceedings of the Third IEEE International Conference on Pervasive Computing and Communications Workshops
OSDI'04 Proceedings of the 6th conference on Symposium on Opearting Systems Design & Implementation - Volume 6
Autograph: toward automated, distributed worm signature detection
SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
An advanced hybrid peer-to-peer botnet
HotBots'07 Proceedings of the first conference on First Workshop on Hot Topics in Understanding Botnets
Detecting energy-greedy anomalies and mobile malware variants
Proceedings of the 6th international conference on Mobile systems, applications, and services
Overbot: a botnet protocol based on Kademlia
Proceedings of the 4th international conference on Security and privacy in communication netowrks
Towards Next-Generation Botnets
EC2ND '08 Proceedings of the 2008 European Conference on Computer Network Defense
SS'08 Proceedings of the 17th conference on Security symposium
On cellular botnets: measuring the impact of malicious devices on a cellular network core
Proceedings of the 16th ACM conference on Computer and communications security
Dispatcher: enabling active botnet infiltration using automatic protocol reverse-engineering
Proceedings of the 16th ACM conference on Computer and communications security
A foray into Conficker's logic and rendezvous points
LEET'09 Proceedings of the 2nd USENIX conference on Large-scale exploits and emergent threats: botnets, spyware, worms, and more
Evaluating Bluetooth as a medium for botnet command and control
DIMVA'10 Proceedings of the 7th international conference on Detection of intrusions and malware, and vulnerability assessment
Poster: recoverable botnets: a hybrid C&C approach
Proceedings of the 18th ACM conference on Computer and communications security
Isolating and analyzing fraud activities in a large cellular network via voice call graph analysis
Proceedings of the 10th international conference on Mobile systems, applications, and services
Advanced triple-channel botnets: model and implementation
Proceedings of the 2012 ACM conference on Computer and communications security
The triple-channel model: toward robust and efficient advanced botnets (poster abstract)
RAID'12 Proceedings of the 15th international conference on Research in Attacks, Intrusions, and Defenses
Proceedings of the 28th Annual Computer Security Applications Conference
Fluxing botnet command and control channels with URL shortening services
Computer Communications
Computer Networks: The International Journal of Computer and Telecommunications Networking
Sensing-enabled channels for hard-to-detect command and control of mobile devices
Proceedings of the 8th ACM SIGSAC symposium on Information, computer and communications security
Hi-index | 0.00 |
With the rapid development of the computing and Internet access (i.e., using WiFi, GPRS and 3G) capabilities of smartphones, constructing practical mobile botnets has become an underlying trend. In this paper, we introduce the design of a mobile botnet called Andbot which exploits a novel command and control (C&C) strategy named URL Flux. The proposed Andbot would have desirable features including being stealthy, resilient and low-cost (i.e., low battery power consumption, low traffic consumption and low money cost) which promise to be appealing for botmasters. To prove the efficacy of our design, we implemented the prototype of Andbot in the most popular open source smartphone platform - Android (Google) - and evaluated it. The preliminary experiment results show that the design of Andbot is suitable for smartphones and hard to defend against. We believe that mobile botnets similar to Andbot will break out in the near future, consequently, security defenders should pay more attention to this kind of advanced mobile botnet in the early stage. The goal of our work is to increase the understanding of mobile botnets which will promote the development of more efficient countermeasures. To conclude our paper, we suggest possible defenses against the emerging threat.