Skip to main content
SpringerLink
Log in

Modular Anomaly Detection for Smartphone Ad Hoc Communication

  • Conference paper
Information Security Technology for Applications (NordSec 2011)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 7161))

Included in the following conference series:

Abstract

The capabilities of the modern smartphones make them the obvious platform for novel mobile applications. The open architectures, however, also create new vulnerabilities. Measures for prevention, detection, and reaction need to be explored with the peculiarities that resource-constrained devices impose. Smartphones, in addition to cellular broadband network capabilities, include WiFi interfaces that can even be deployed to set up a mobile ad hoc network (MANET). While intrusion detection in MANETs is typically evaluated with network simulators, we argue that it is important to implement and test the solutions in real devices to evaluate their resource footprint. This paper presents a modular implementation of an anomaly detection and mitigation mechanism on top of a dissemination protocol for intermittently-connected MANETs. The overhead of the security solution is evaluated in a small testbed based on three Android-based handsets and a laptop. The study shows the feasibility of the statistics-based anomaly detection regime, having low CPU usage, little added latency, and acceptable memory footprint.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 54.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 69.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Asplund, M., Nadjm-Tehrani, S.: A partition-tolerant manycast algorithm for disaster area networks. In: IEEE Symposium on Reliable Distributed Systems, pp. 156–165. IEEE Computer Society, Los Alamitos (2009)

    Chapter  Google Scholar 

  2. Vergara, E.J., Nadjm-Tehrani, S., Asplund, M., Zurutuza, U.: Resource footprint of a manycast protocol implementation on multiple mobile platforms. In: The Fifth International Conference on Next Generation Mobile Applications, Services and Technologies, NGMAST 2011. IEEE (September 2011)

    Google Scholar 

  3. Hastily Formed Networks, http://www.ida.liu.se/~rtslab/HFN

  4. Landman, M.: Managing smart phone security risks. In: Information Security Curriculum Development Conference, InfoSecCD 2010, pp. 145–155. ACM, New York (2010)

    Chapter  Google Scholar 

  5. Cheng, J., Wong, S.H., Yang, H., Lu, S.: SmartSiren: virus detection and alert for smartphones. In: Proceedings of the 5th International Conference on Mobile Systems, Applications and Services, MobiSys 2007, pp. 258–271. ACM, New York (2007)

    Chapter  Google Scholar 

  6. Bose, A., Hu, X., Shin, K.G., Park, T.: Behavioral detection of malware on mobile handsets. In: Proceeding of the 6th International Conference on Mobile Systems, Applications, and Services, MobiSys 2008, pp. 225–238. ACM, New York (2008)

    Chapter  Google Scholar 

  7. Schmidt, A.D., Peters, F., Lamour, F., Albayrak, S.: Monitoring smartphones for anomaly detection. In: Proceedings of the 1st International Conference on MOBILe Wireless MiddleWARE, Operating Systems, and Applications, MOBILWARE 2008, pp. 40:1–40:6. ICST (Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering), Brussels (2007)

    Google Scholar 

  8. Kim, H., Smith, J., Shin, K.G.: Detecting energy-greedy anomalies and mobile malware variants. In: Proceeding of the 6th International Conference on Mobile Systems, Applications, and Services, MobiSys 2008, pp. 239–252. ACM, New York (2008)

    Chapter  Google Scholar 

  9. Shabtai, A., Kanonov, U., Elovici, Y., Glezer, C., Weiss, Y.: Andromaly: a behavioral malware detection framework for Android devices. Journal of Intelligent Information Systems, 1–30 (2011)

    Google Scholar 

  10. Xenakis, C., Panos, C., Stavrakakis, I.: A comparative evaluation of intrusion detection architectures for mobile ad hoc networks. Computers & Security 30(1), 63–80 (2011)

    Article  Google Scholar 

  11. Cucurull, J., Asplund, M., Nadjm-Tehrani, S.: Anomaly Detection and Mitigation for Disaster Area Networks. In: Jha, S., Sommer, R., Kreibich, C. (eds.) RAID 2010. LNCS, vol. 6307, pp. 339–359. Springer, Heidelberg (2010)

    Chapter  Google Scholar 

  12. Vergara, E.J.: Implementation of a manycast protocol for intermittently connected mobile ad hoc networks in disaster areas, Master Thesis. Linköping University (2010), http://urn.kb.se/resolve?urn=urn:nbn:se:liu:diva-58603

  13. IDC: Press Release (June 2011), http://www.idc.com/getdoc.jsp?containerId=prUS22871611

  14. Enck, W., Ongtang, M., McDaniel, P.: Understanding Android security. IEEE Security Privacy 7(1), 50–57 (2009)

    Article  Google Scholar 

  15. Shabtai, A., Fledel, Y., Kanonov, U., Elovici, Y., Dolev, S., Glezer, C.: Google android: A comprehensive security assessment. IEEE Security Privacy 8(2), 35–44 (2010)

    Article  Google Scholar 

  16. Burguera, I., Zurutuza, U., Nadjm-Tehrani, S.: Crowdroid: Behavior-based malware detection system for Android. In: Workshop on Security and Privacy in Smartphones and Mobile Devices, SPSM 2011. ACM (October 2011)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Computer and Information Science, Linköping University, SE-581 83, Linköping, Sweden

    Jordi Cucurull, Simin Nadjm-Tehrani & Massimiliano Raciti

Authors
  1. Jordi Cucurull
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Simin Nadjm-Tehrani
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Massimiliano Raciti
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Cybernetica AS, Ülikooli 2, 51003, Tartu, Estonia

    Peeter Laud

Rights and permissions

Reprints and permissions

Copyright information

© 2012 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Cucurull, J., Nadjm-Tehrani, S., Raciti, M. (2012). Modular Anomaly Detection for Smartphone Ad Hoc Communication. In: Laud, P. (eds) Information Security Technology for Applications. NordSec 2011. Lecture Notes in Computer Science, vol 7161. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-29615-4_6

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-29615-4_6

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-29614-7

  • Online ISBN: 978-3-642-29615-4

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation