Abstract
Smartphones have become the most popular mobile devices. Due to their simplicity, portability and functionality comparable to recent computers users tend to store more and more sensitive information on mobile devices rendering them an attractive target for malware writers. As a consequence, mobile malware population is doubled every single year. Many approaches to detect mobile malware infections directly on mobile devices have been proposed. Detecting and blocking voice and SMS messages related to mobile malware in a mobile operator’s network has, however, gained little attention so far. The 4GMOP proposed in this paper aims at closing this gap.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
- 2.
- 3.
Only the encoding differs from ASCII encoding.
References
3GPP. Alphabets and Language-specific Information. TS 23.038, 3rd Generation Partnership Project (3GPP) (2008)
3GPP. Numbering, Addressing and Identification. TS 23.003, 3rd Generation Partnership Project (3GPP) (2008)
Almeida, T.A., Hidalgo, J.M.G., Yamakami, A.: Contributions to the study of sms spam filtering: new collection and results. In: Proceedings of the 11th ACM Symposium on Document Engineering, DocEng 2011, pp. 259–262. ACM (2011)
Bilge, L., Balzarotti, D., Robertson, W., Kirda, E., Kruegel, C.: Disclosure: detecting botnet command and control servers through large-scale netflow analysis. In: Proceedings of the 28th Annual Computer Security Applications Conference, ACSAC 2012, pp. 129–138. ACM (2012)
Blasing, T., Batyuk, L., Schmidt, A.-D., Camtepe, S.A., Albayrak, S.: An android application sandbox system for suspicious software detection. In: Malicious and Unwanted Software, MALWARE 2010, pp. 55–62. IEEE (2010)
Boser, B.E., Guyon, I.M., Vapnik, V.N.: A training algorithm for optimal margin classifiers. In: Proceedings of the 5th Annual Workshop on Computational Learning Theory, COLT 1992, pp. 144–152. ACM (1992)
Breiman, L.: Random Forests, vol. 45, pp. 5–32. Kluwer Academic organizations, Hingham (2001)
Burguera, I., Zurutuza, U., Nadjm-Tehrani, S.: Crowdroid: behavior-based malware detection system for android. In: Proceedings of the 1st ACM workshop on Security and Privacy in Smartphones and Mobile Devices, SPSM 2011, pp. 15–26. ACM (2011)
Chuanxiong Guo, H.J.W., Zhu, W.: Smart-phone attacks and defenses. In: Proceedings of the Third Workshop on Hot Topics in Networks, HotNets III. ACM (2004)
Elish, K.O., Yao, D., Ryder, B.G.: User-centric dependence analysis for identifying malicious mobile apps. In: Workshop on Mobile Security Technologies, IEEE (2012)
Enck, W., Gilbert, P., Chun, B.-G., Cox, L.P., Jung, J., McDaniel, P., Sheth, A.: Taintdroid: an information-flow tracking system for realtime privacy monitoring on smartphones. In: Proceedings of the 9th USENIX Conference on Operating Systems Design and Implementation, OSDI 2010, pp. 255–270. USENIX Association (2010)
Enck, W., Traynor, P., McDaniel, P., La Porta, T.: Exploiting open functionality in sms-capable cellular networks. In: Proceedings of the 12th ACM Conference on Computer and Communications Security, CCS 2005, pp. 393–404. ACM (2005)
Este, A., Gringoli, F., Salgarelli, L.: On-line svm traffic classification. In: 2011 7th International Wireless Communications and Mobile Computing Conference, IWCMC 2011, pp. 1778–1783. IEEE (2011)
Felt, A.P., Egelman, S., Wagner, D.: I’ve got 99 problems, but vibration ain’t one: a survey of smartphone users’ concerns. In: Proceedings of the 2nd ACM Workshop on Security and Privacy in Smartphones and Mobile Devices, SPSM 2012, pp. 33–44. ACM (2012)
Felt, A.P., Finifter, M., Chin, E., Hanna, S., Wagner, D.: A survey of mobile malware in the wild. In: Proceedings of the 1st ACM Workshop on Security and Privacy in Smartphones and Mobile Devices, SPSM 2011, pp. 3–14. ACM (2011)
Hoche, M., Kirsch, H., Kühnel, M.: Recommender system for security risk reduction - situational awareness for critical information infrastructures. Technical Report, ASMONIA project (2012)
Hua, J., Sakurai, K.: A SMS-based mobile botnet using flooding algorithm. In: Ardagna, C.A., Zhou, J. (eds.) WISTP 2011. LNCS, vol. 6633, pp. 264–279. Springer, Heidelberg (2011)
Hugh, E.I.G., Chipman, A., McCulloch, R.E.: BART: bayesian additive regression trees. Ann. Appl. Stat. 4, 266–298 (2010)
Joachims, T.: Making large scale SVM learning practical (1999)
Lever, C., Antonakakis, M., Reaves, B., Traynor, P., Lee, W.: The core of the matter: analyzing malicious traffic in cellular carriers. In: Proceedings of The 20th Annual Network and Distributed System Security Symposium, NDSS 2013, pp. 1–16. ISOC (2013)
Lookout.: Mobile security, state of mobile security. Technical report, Lookout (2012)
Mulliner, C., Miller, C.: Injecting sms messages into smart phones for security analysis. In: Proceedings of the 3rd USENIX Conference on Offensive Technologies, WOOT 2009, pp. 5–5. USENIX Association (2009)
Mulliner, C., Seifert, J.-P.: Rise of the ibots: owning a telco network. In: Malicious and Unwanted Software, MALWARE 2010, pp. 71–80. IEEE (2010)
Patcha, A., Park, J.-M.: An overview of anomaly detection techniques: existing solutions and latest technological trends. Comput. Netw. 51(12), 3448–3470 (2007)
Porras, P., Saïdi, H., Yegneswaran, V.: An analysis of the iKee.B iPhone botnet. In: Schmidt, A.U., Russello, G., Lioy, A., Prasad, N.R., Lian, S. (eds.) MobiSec 2010. LNICST, vol. 47, pp. 141–152. Springer, Heidelberg (2010)
Scarfone, K.A., Mell, P.: Guide to intrusion detection and prevention systems (IDPS). Technical Report SP 800–94, (2012)
Traynor, P., Lin, M., Ongtang, M., Rao, V., Jaeger, T., McDaniel, P., La Porta, T.: On cellular botnets: measuring the impact of malicious devices on a cellular network core. In: Proceedings of the 16th ACM Conference on Computer and Communications Security, CCS 2009, pp. 223–234. ACM (2009)
VirusTotal.: Free online virus, malware and url scanner. https://www.virustotal.com
Xiang, C., Binxing, F., Lihua, Y., Xiaoyi, L., Tianning, Z.: Andbot: towards advanced mobile botnets. In: Proceedings of the 4th USENIX Conference on Large-scale Exploits and Emergent Threats, LEET 2011, pp. 11–18. USENIX Association (2011)
Zeng, Y., Shin, K.G., Hu, X.: Design of sms commanded-and-controlled and p2p-structured mobile botnets. In: Proceedings of the fifth ACM Conference on Security and Privacy in Wireless and Mobile Networks, WISEC 2012, pp. 137–148. ACM (2012)
Zhou, W., Zhou, Y., Jiang, X., Ning, P.: Detecting repackaged smartphone applications in third-party android marketplaces. In: Proceedings of the 2nd ACM Conference on Data and Application Security and Privacy, CODASPY 2012, pp. 317–326. ACM (2012)
Zhou, Y., Jiang, X.: Dissecting android malware: characterization and evolution. In: Proceedings of the 2012 IEEE Symposium on Security and Privacy, S&P 2012, pp. 95–109. IEEE (2012)
Acknowledgments
Part of this work was funded by the German Federal Ministry of Education and Research under the references 01BY1010 - 01BY1015. The authors would like to thank Dominik Teubert for comments on ZertSecurity and the anonymous reviewers for their valuable suggestions and feedback.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2015 Springer International Publishing Switzerland
About this paper
Cite this paper
Kühnel, M., Meyer, U. (2015). 4GMOP: Mopping Malware Initiated SMS Traffic in Mobile Networks. In: Desmedt, Y. (eds) Information Security. Lecture Notes in Computer Science(), vol 7807. Springer, Cham. https://doi.org/10.1007/978-3-319-27659-5_8
Download citation
DOI: https://doi.org/10.1007/978-3-319-27659-5_8
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-27658-8
Online ISBN: 978-3-319-27659-5
eBook Packages: Computer ScienceComputer Science (R0)