Adaptive contact probing mechanisms for delay tolerant applications
Proceedings of the 13th annual ACM international conference on Mobile computing and networking
Structured Peer-to-Peer Overlay Networks: Ideal Botnets Command and Control Infrastructures?
ESORICS '08 Proceedings of the 13th European Symposium on Research in Computer Security: Computer Security
Mobile Malware Attacks and Defense
Mobile Malware Attacks and Defense
MobiClique: middleware for mobile social networking
Proceedings of the 2nd ACM workshop on Online social networks
On cellular botnets: measuring the impact of malicious devices on a cellular network core
Proceedings of the 16th ACM conference on Computer and communications security
NordSec '09 Proceedings of the 14th Nordic Conference on Secure IT Systems: Identity and Privacy in the Internet Age
An Advanced Hybrid Peer-to-Peer Botnet
IEEE Transactions on Dependable and Secure Computing
Evaluating Bluetooth as a medium for botnet command and control
DIMVA'10 Proceedings of the 7th international conference on Detection of intrusions and malware, and vulnerability assessment
Social network-based botnet command-and-control: emerging threats and countermeasures
ACNS'10 Proceedings of the 8th international conference on Applied cryptography and network security
A SMS-based mobile Botnet using flooding algorithm
WISTP'11 Proceedings of the 5th IFIP WG 11.2 international conference on Information security theory and practice: security and privacy of mobile devices in wireless communication
A survey of mobile malware in the wild
Proceedings of the 1st ACM workshop on Security and privacy in smartphones and mobile devices
| Hi-index | 0.00 |
Many serious threats for PCs are spreading to the mobile environment. A mobile botnet, which is a collection of hijacked smartphones under the control of hackers, is one of them. With the quick development of the computing and communication abilities of smartphones, many command and control (C&C) techniques in PC botnets can be easily reused in mobile botnets. However, some particular functions and characteristics of smartphones may provide botmasters with additional means to control their mobile botnets. This paper presents two special C&C mechanisms that leverage Short Message Service and human mobility, respectively. The first one designs a SMS-based flooding algorithm to propagate commands. We theoretically prove that the uniform random graph is the optimal topology for this botnet, and demonstrate its high efficiency and stealth with various simulations. The second one utilizes Bluetooth to transmit botnet commands when hijacked smartphones encounter each other while in motion. We study its performance in a 100mx100m square area with NS-2 simulations, and show that human-mobility characteristics facilitate the command propagation. Even if the infection rate is low, the command can still be effectively propagated provided that the mobility of devices is high. In the end, we propose effective defense strategies against these two special C&C mechanisms.