How to Own the Internet in Your Spare Time
Proceedings of the 11th USENIX Security Symposium
Throttling Viruses: Restricting propagation to defeat malicious mobile code
ACSAC '02 Proceedings of the 18th Annual Computer Security Applications Conference
Worm propagation modeling and analysis under dynamic quarantine defense
Proceedings of the 2003 ACM workshop on Rapid malcode
IEEE Security and Privacy
A behavioral approach to worm detection
Proceedings of the 2004 ACM workshop on Rapid malcode
Proceedings of the 2004 ACM workshop on Rapid malcode
On instant messaging worms, analysis and countermeasures
Proceedings of the 2005 ACM workshop on Rapid malcode
Very fast containment of scanning worms
SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
Empirical analysis of rate limiting mechanisms
RAID'05 Proceedings of the 8th international conference on Recent Advances in Intrusion Detection
Can you infect me now?: malware propagation in mobile phone networks
Proceedings of the 2007 ACM workshop on Recurring malcode
A systematic approach for cell-phone worm containment
Proceedings of the 17th international conference on World Wide Web
VirusMeter: Preventing Your Cellphone from Spies
RAID '09 Proceedings of the 12th International Symposium on Recent Advances in Intrusion Detection
pBMDS: a behavior-based malware detection system for cellphone devices
Proceedings of the third ACM conference on Wireless network security
Proceedings of the 7th International Conference on Advances in Mobile Computing and Multimedia
SEIP: simple and efficient integrity protection for open mobile platforms
ICICS'10 Proceedings of the 12th international conference on Information and communications security
Automated remote repair for mobile malware
Proceedings of the 27th Annual Computer Security Applications Conference
MADAM: a multi-level anomaly detector for android malware
MMM-ACNS'12 Proceedings of the 6th international conference on Mathematical Methods, Models and Architectures for Computer Network Security: computer network security
| Hi-index | 0.00 |
The interoperability of IM (Instant Messaging) and SMS (Short Messaging Service) networks allows users to seamlessly use a variety of computing devices from desktops to cellular phones and mobile handhelds. However, this increasing convergence has also attracted the attention of malicious software writers. In the past few years, the number of malicious codes that target messaging networks, primarily IM and SMS, has been increasing exponentially. Large message volume and number of users in these networks renders manual mitigation of malicious software nearly impossible. This paper proposes automated and proactive security models to protect messaging networks from mobile worms and viruses. First, we present an algorithm for automated identification of the most vulnerable clients in the presence of a malicious attack, based on interactions among the clients. The simplicity of our approach enables easy integration in most client-server messaging systems. Next, we describe a proactive containment framework that applies two commonly-used mechanisms---rate-limiting and quarantine---to the dynamically-generated list of vulnerable clients in a messaging network whenever a worm or virus attack is suspected. Finally, we evaluate the effectiveness of proactive security in a cellular network using data from a large real-life SMS customer network, and compare it against other existing approaches. Most messaging networks can implement our proposed framework without any major modification of their existing infrastructure.