Mobile Botnet Attacks: A Thematic Taxonomy

Part of the Advances in Intelligent Systems and Computing book series (AISC, volume 276)


Mobile botnets have recently evolved owing to the rapid growth of smartphone technologies. The implications of botnets have inspired attention from the academia and industry alike, which includes vendors, investors, hackers and researcher community. Above all, the capability of botnets is exploited in a wide range of criminal activities, such as, Distributed Denial of Service (DDoS) attacks, stealing business information, remote access, online/click fraud, phishing, malware distribution, spam emails, and building mobile devices for illegitimate exchange of information/materials. In this paper, we investigate mobile botnet attacks by exploring attack vectors and a subsequent presentation of a well-defined thematic taxonomy. Through identification of significant parameters from the taxonomy, we conduct a comparison to explore effects of existing mobile botnets on commercial as well as open source mobile operating system platforms. The parameters for comparison include mobile botnet architecture, platform, target audience, vulnerabilities/loopholes, operational impact and detection approaches. Related to our findings, we present open research challenges in this domain.


Mobile botnet smartphone attacks malware 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    DroidDream, DroidDream (2012), (accessed on: November 30, 2013)
  2. 2.
    Center, F.: SymbOS/Yxes.A!worm!worm (2009), (accessed on: November 30, 2013)
  3. 3.
    Worm: iPhoneOS/Ikee.B, (accessed on: November 30, 2013)
  4. 4.
    Abdelrahman, O.H., et al.: Mobile Network Anomaly Detection and Mitigation: The NEMESYS Approach. arXiv preprint arXiv:1305.4210 (2013)Google Scholar
  5. 5.
  6. 6.
  7. 7.
    Xuxian, J.: Security Alert: New RootSmart Android Malware Utilizes the GingerBreak Root Exploit (2012)Google Scholar
  8. 8.
    Ollmann, G.: The evolution of commercial malware development kits and colour-by-numbers custom malware. Computer Fraud & Security 2008(9), 4–7 (2008)CrossRefGoogle Scholar
  9. 9.
    Musthaler, L.: How to avoid becoming a victim of SMiShing (SMS phishing), pp. 10–11 (2013) (accessed on: November 10, 2013) Google Scholar
  10. 10.
    Mills, E.: Report: Android phones vulnerable to snooping attackGoogle Scholar
  11. 11.
    Kiley, S.: Spy Smartphone Software Tracks Every MoveGoogle Scholar
  12. 12.
    Xiang, C., et al.: Andbot: towards advanced mobile botnets. In: Proceedings of the 4th USENIX Conference on Large-Scale Exploits and Emergent Threats. USENIX Association (2011)Google Scholar
  13. 13.
    Orchilles, J.A.: SSL Renegotiation DOSGoogle Scholar
  14. 14.
    Zetter, K.: BlackBerry a Juicy Hacker TargetGoogle Scholar
  15. 15.
    SecureList: Mobile Malware Analysis: Part-6,
  16. 16.
    Zhao, S., et al.: Cloud-based push-styled mobile botnets: a case study of exploiting the cloud to device messaging service. In: Proceedings of the 28th Annual Computer Security Applications Conference. ACM (2012)Google Scholar
  17. 17.
    Zeus Botnet Eurograbber Steals $47 Million, (accessed on: November 19, 2013)
  18. 18.
    Microsoft, Malware Protection Center, Trojan: AndroidOS/SpamSold.A (2013)Google Scholar
  19. 19.
    Android DreamDroid two: rise of laced apps,,android-dreamdroid-two-rise-of-lacedapps.aspx (accessed on: November 19, 2013)
  20. 20.
    Donovan, F.: Botnet of mobile devices used for first time to distribute Trojan (2013)Google Scholar
  21. 21.
    F.: secure| Virus and threat descriptionsGoogle Scholar
  22. 22.
    Szongott, C., Henne, B., Smith, M.: Evaluating the threat of epidemic mobile malware. In: 2012 IEEE 8th International Conference on Wireless and Mobile Computing, Networking and Communications (WiMob). IEEE (2012)Google Scholar
  23. 23.
  24. 24.
    Grizzard, J.B., et al.: Peer-to-peer botnets: Overview and case study. In: Proceedings of the first conference on First Workshop on Hot Topics in Understanding Botnets (2007)Google Scholar
  25. 25.
    Geng, G., et al.: An improved sms based heterogeneous mobile botnet model. In: 2011 IEEE International Conference on Information and Automation (ICIA). IEEE (2011)Google Scholar
  26. 26.
    Hamandi, K., et al.: Android SMS botnet: a new perspective. In: Proceedings of the 10th ACM International Symposium on Mobility Management and Wireless Access. ACM (2012)Google Scholar
  27. 27.
    Geng, G., et al.: The Design of SMS Based Heterogeneous Mobile Botnet. Journal of Computers 7(1), 235–243 (2012)CrossRefGoogle Scholar
  28. 28.
    Singh, K., Sangal, S., Jain, N., Traynor, P., Lee, W.: Evaluating bluetooth as a medium for botnet command and control. In: Kreibich, C., Jahnke, M., et al. (eds.) DIMVA 2010. LNCS, vol. 6201, pp. 61–80. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  29. 29.
    Nadji, Y., Giffin, J., Traynor, P.: Automated remote repair for mobile malware. In: Proceedings of the 27th Annual Computer Security Applications Conference. ACM (2011)Google Scholar
  30. 30.
  31. 31.
  32. 32.
  33. 33.
  34. 34.
    Choi, B., Choi, S.-K., Cho, K.: Detection of Mobile Botnet Using VPN. In: 2013 Seventh International Conference on Innovative Mobile and Internet Services in Ubiquitous Computing (IMIS). IEEE (2013)Google Scholar
  35. 35.
    Roshandel, R., Arabshahi, P., Poovendran, R.: LIDAR: a layered intrusion detection and remediationframework for smartphones. In: Proceedings of the 4th International ACM Sigsoft Symposium on Architecting Critical Systems. ACM (2013)Google Scholar
  36. 36.
    Chiang, H.-S., Tsaur, W.-J.: Identifying Smartphone Malware Using Data Mining Technology. In: 2011 Proceedings of 20th International Conference on Computer Communications and Networks (ICCCN). IEEE (2011)Google Scholar
  37. 37.
    Andrews, B., Oh, T., Stackpole, W.: Android Malware Analysis Platform. In: 8th Annual Symposium on Information Assurance, ASIA 2013 (2013)Google Scholar
  38. 38.
    Spreitzenbarth, M., et al.: Mobile-sandbox: having a deeper look into android applications. In: Proceedings of the 28th Annual ACM Symposium on Applied Computing. ACM (2013)Google Scholar

Copyright information

© Springer International Publishing Switzerland 2014

Authors and Affiliations

  • Ahmad Karim
    • 1
  • Syed Adeel Ali Shah
    • 1
  • Rosli Salleh
    • 1
  1. 1.Department of Computer Science and Information TechnologyUniversity of Malayakuala LumpurMalaysia

Personalised recommendations