Defending Mobile Phones from Proximity Malware

Zyba, Gjergji; Voelker, Geoffrey M.; Liljenstam, Michael; Mehes, A.; Johansson, Per

doi:10.1109/infcom.2009.5062067

Cited by 46 publications

(37 citation statements)

References 13 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…State-of-the-art solutions on mobile malware containment have ignored two important temporal properties: firstly, the time order, frequency and duration of contacts; and secondly, the time of day a malicious message starts to spread and the delay of a patch [26], [27]. Instead, we argue that the temporal dimension is of key importance in devising effective solutions to this problem.…”

mentioning

confidence: 89%

“…However, this only captures potentially long-distance relationships and misses important opportunistic contacts that Bluetooth worms can exploit. In [27] Zyba et al evaluate the spreading of a patch via short-range radio transmission; this work is based on a random mobility model and assumes homogeneous mixing and degree distribution over time. As we have shown, mobile phone contact networks are driven by periodic human schedules and so the models proposed in this paper could be considered as an over-simplification of real situations.…”

Section: A Related Workmentioning

confidence: 99%

See 1 more Smart Citation

Exploiting temporal complex network metrics in mobile malware containment

Tang

Mascolo

Musolesi

et al. 2011

2011 IEEE International Symposium on a World of Wireless, Mobile and Multimedia Networks

View full text Add to dashboard Cite

Abstract-Malicious mobile phone worms spread between devices via short-range Bluetooth contacts, similar to the propagation of human and other biological viruses. Recent work has employed models from epidemiology and complex networks to analyse the spread of malware and the effect of patching specific nodes. These approaches have adopted a static view of the mobile networks, i.e., by aggregating all the edges that appear over time, which leads to an approximate representation of the real interactions: instead, these networks are inherently dynamic and the edge appearance and disappearance are highly influenced by the ordering of the human contacts, something which is not captured at all by existing complex network measures.In this paper we first study how the blocking of malware propagation through immunisation of key nodes (even if carefully chosen through static or temporal betweenness centrality metrics) is ineffective: this is due to the richness of alternative paths in these networks. Then we introduce a time-aware containment strategy that spreads a patch message starting from nodes with high temporal closeness centrality and show its effectiveness using three real-world datasets. Temporal closeness allows the identification of nodes able to reach most nodes quickly: we show that this scheme reduces the cellular network resource consumption and associated costs, achieving, at the same time, complete containment of malware in a limited amount of time.

show abstract

mentioning

confidence: 89%

Section: A Related Workmentioning

confidence: 99%

Exploiting temporal complex network metrics in mobile malware containment

Tang

Mascolo

Musolesi

et al. 2011

2011 IEEE International Symposium on a World of Wireless, Mobile and Multimedia Networks

View full text Add to dashboard Cite

show abstract

“…Although Bluetooth technology provides levels of security based on the identification of the devices involved, the number of vulnerabilities via Bluetooth has increased considerably. The dynamics of mobile phone malware that propagates by proximity contact is considered in [7][8] where strategies for detecting and mitigating proximity malware from a simple local detection to a globally coordinated defence are studied. In [9], combination of four detection schemes is proposed, called SMS-Watchdog, which builds normal social behaviour profiles for each SMS user and then uses them to detect SMS anomalies in an online and streaming fashion.…”

Section: Related Workmentioning

confidence: 99%

A Novel Approach to Trojan Horse Detection in Mobile Phones Messaging and Bluetooth Services

Ramírez¹

2011

KSII TIIS

View full text Add to dashboard Cite

A method to detect Trojan horses in messaging and Bluetooth in mobile phones by means of monitoring the events produced by the infections is presented in this paper. The structure of the detection approach is split into two modules: the first is the Monitoring module which controls connection requests and sent/received files, and the second is the Graphical User module which shows messages and, under suspicious situations, reports the user about a possible malware. Prototypes have been implemented on different mobile operating systems to test its feasibility on real cellphone malware. Experimental results are shown to be promising since this approach effectively detects various known malware.

show abstract

“…But in a large-scale dynamic network, immunization strategy should cover 80% of nodes by stochastic immunization strategy or the whole topology should be known using a special immunization strategy [13,14]. Through local strategies, once a node finds itself infected, it sends an antivirus message to others immediately and the virus can be cleared accordingly [23][24][25][26].…”

Section: Introductionmentioning

confidence: 99%

“…Zyba et al [23] presents an ideal scheme to restrain virus propagation through which a node can detect a virus locally. Once the virus has been found, the infected node immediately cuts off the communication or sends an antivirus message to adjacent nodes.…”

Section: Introductionmentioning

confidence: 99%

Virus propagation power of the dynamic network

Huang

Han

et al. 2013

J Wireless Com Network

View full text Add to dashboard Cite

With the development of mobile networks, propagation characteristics and defense mechanism of the virus have attracted increasing research attention. But current researches are mainly concerned with static network topology or community structure and some studies focus on characteristics of virus and malware. Little attention is paid to the influence of dynamic changes of network topology to virus propagation. Meanwhile, many studies focus on the threshold rate of the infection (or the immunization rate) for virus outbreak. In this paper, we present a new way to assess and restrain virus propagation by proposing the concepts of propagation power and propagation structure. Three basic propagation structures are presented through which the infection risk can be quantified, and a framework is proposed to assess the impact of virus propagation in different network structures. The relationship between the speed of virus propagation and network structure is also explored. An algorithm is designed to assess the propagation power in a dynamic network with no need to redetect the community under the dynamic network which may significantly improve the efficiency of assessment in a large-scale dynamic network. This study offers a feasible approach for quantifying the risk of virus infection in the network community which is valuable for designing and optimizing the virus defense systems.

show abstract

Defending Mobile Phones from Proximity Malware

Cited by 46 publications

References 13 publications

Exploiting temporal complex network metrics in mobile malware containment

Exploiting temporal complex network metrics in mobile malware containment

A Novel Approach to Trojan Horse Detection in Mobile Phones Messaging and Bluetooth Services

Virus propagation power of the dynamic network

Contact Info

Product

Resources

About