Modular anomaly detection for smartphone ad hoc communication

Authors:
Jordi Cucurull;Simin Nadjm-Tehrani;Massimiliano Raciti
Affiliations:
Department of Computer and Information Science, Linköping University, Linköping, Sweden;Department of Computer and Information Science, Linköping University, Linköping, Sweden;Department of Computer and Information Science, Linköping University, Linköping, Sweden
Venue:
NordSec'11 Proceedings of the 16th Nordic conference on Information Security Technology for Applications
Year:
2011

Citing 12
Cited 0

SmartSiren: virus detection and alert for smartphones

Proceedings of the 5th international conference on Mobile systems, applications and services
Monitoring smartphones for anomaly detection

Proceedings of the 1st international conference on MOBILe Wireless MiddleWARE, Operating Systems, and Applications
Behavioral detection of malware on mobile handsets

Proceedings of the 6th international conference on Mobile systems, applications, and services
Detecting energy-greedy anomalies and mobile malware variants

Proceedings of the 6th international conference on Mobile systems, applications, and services
Understanding Android Security

IEEE Security and Privacy
A Partition-Tolerant Manycast Algorithm for Disaster Area Networks

SRDS '09 Proceedings of the 2009 28th IEEE International Symposium on Reliable Distributed Systems
Google Android: A Comprehensive Security Assessment

IEEE Security and Privacy
Anomaly detection and mitigation for disaster area networks

RAID'10 Proceedings of the 13th international conference on Recent advances in intrusion detection
Managing smart phone security risks

2010 Information Security Curriculum Development Conference
Crowdroid: behavior-based malware detection system for Android

Proceedings of the 1st ACM workshop on Security and privacy in smartphones and mobile devices
Resource Footprint of a Manycast Protocol Implementation on Multiple Mobile Platforms

NGMAST '11 Proceedings of the 2011 Fifth International Conference on Next Generation Mobile Applications, Services and Technologies
"Andromaly": a behavioral malware detection framework for android devices

Journal of Intelligent Information Systems

Quantified Score

Hi-index	0.00

Visualization

Abstract

The capabilities of the modern smartphones make them the obvious platform for novel mobile applications. The open architectures, however, also create new vulnerabilities. Measures for prevention, detection, and reaction need to be explored with the peculiarities that resource-constrained devices impose. Smartphones, in addition to cellular broadband network capabilities, include WiFi interfaces that can even be deployed to set up a mobile ad hoc network (MANET). While intrusion detection in MANETs is typically evaluated with network simulators, we argue that it is important to implement and test the solutions in real devices to evaluate their resource footprint. This paper presents a modular implementation of an anomaly detection and mitigation mechanism on top of a dissemination protocol for intermittently-connected MANETs. The overhead of the security solution is evaluated in a small testbed based on three Android-based handsets and a laptop. The study shows the feasibility of the statistics-based anomaly detection regime, having low CPU usage, little added latency, and acceptable memory footprint.