Advertisement

Mobile Malware Threats and Defenses for Homeland Security

  • Seung-Hyun Seo
  • Kangbin Yim
  • Ilsun You
Part of the Lecture Notes in Computer Science book series (LNCS, volume 7465)

Abstract

As the population of mobile users grows rapidly, mobile malware targeting smartphones are becoming a new threat to homeland security. So far, many kinds of malicious malwares including monetizing, stealing credentials or rooting have emerged. The latest mobile malwares are especially posing a serious threat to homeland security, because they can zombify phones to be controlled by their command and conquer servers. In this paper, we survey the threats and malicious behaviors of current mobile malwares. Then, we study the defense mechanisms of mobile malware and introduce a cooperative system for mobile security in South Korea. We also discuss the possible future of mobile malware and attack techniques.

Keywords

Homeland Security Malicious Code Attack Scenario Security Framework Mobile Security 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

References

  1. 1.
    Burguera, I., Zurutuza, U., Nadjm-Tehrani, S.: Crowdroid: Behavior-Based Malware Detection System for Android. In: Proceedings of the 1st Workshop on Security and Privacy in Smartphones and Mobile Devices, CCSSPSM 2011 (2011)Google Scholar
  2. 2.
    Chin, E., Felt, A.P., Greenwood, K., Wagner, D.: Analyzing Inter-Application Communication in Android. In: Proceedings of the 9th Annual Symposium on Network and Distributed System Security, MobiSys 2011 (2011)Google Scholar
  3. 3.
  4. 4.
    Enck, W., Gilbert, P., Chun, B.-G., Cox, L.P., Jung, J., Mc- Daniel, P., Sheth, A.N.: TaintDroid: An Information-Flow Tracking System for Realtime PrivacyMonitoring on Smartphones. In: Proceedings of the 9th USENIX Symposium on Operating Systems Design and Implementation, USENIX OSDI 2010 (2010)Google Scholar
  5. 5.
    Enck, W., Ongtang, M., McDaniel, P.: On Lightweight Mobile Phone Application Certification. In: Proceedings of the 16th ACM Conference on Computer and Communications Security, CCS 2009 (2009)Google Scholar
  6. 6.
    Felt, A.P., Chin, E., Hanna, S., Song, D., Wagner, D.: Android Permissions Demystied. In: Proceedings of the 18th ACM Conference on Computer and Communications Security, CCS 2011 (2011)Google Scholar
  7. 7.
    Fuchs, A., Chaudhuri, A., Foster, J.: SCanDroid: Automated Security Certification of Android Applications, http://www.cs.umd.edu/avik/projects/scandroidascaa
  8. 8.
  9. 9.
    Grace, M., Zhou, Y., Wang, Z., Jiang, X.: Systematic Detection of Capability Leaks in Stock Android Smartphones. In: Proceedings of the 19th Annual Symposium on Network and Distributed System Security, NDSS 2012 (2012)Google Scholar
  10. 10.
  11. 11.
    Lange, M., Liebergeld, S., Lackorzynski, A., Warg, A., Peter, M.: L4Android: A Generic Operating System Framework for Secure Smartphones. In: Proceedings of the 1st Workshop on Security and Privacy in Smartphones and Mobile Devices, CCS-SPSM 2011 (2011)Google Scholar
  12. 12.
    Liu, L., Yan, G., Zhang, X., Chen, S.: VirusMeter: Preventing Your Cellphone from Spies. In: Proceedings of the 12th International Symposium on Recent Advances in Intrusion Detection, RAID 2009 (2009)Google Scholar
  13. 13.
    McAfee, Threats Report: Second Quarter 2011 (2011)Google Scholar
  14. 14.
    Nauman, M., Khan, S., Zhang, X.: Apex: Extending Android Permission Model and Enforcement with User-Defined Runtime Constraints. In: Proceedings of the 5th ACM Symposium on Information, Computer and Communications Security, ASIACCS 2010 (2010)Google Scholar
  15. 15.
    KISA, Korea Internet and Security Agency, http://www.kisa.or.kr
  16. 16.
    Kim, H., Smith, J., Shin, K.G.: Detecting Energy-Greedy Anomalies and Mobile Malware Variants. In: Proceeding of the 6th International Conference on Mobile Systems, Applications, and Services, MobiSys 2008 (2008)Google Scholar
  17. 17.
  18. 18.
    SCADA, Supervisory Control and Data Acquisition, http://en.wikipedia.org/wiki/SCADA
  19. 19.
    Xie, L., Zhang, X., Seifert, J.-P., Zhu, S.: pBMDS: A Behavior-based Malware Detection System for Cellphone Devices. In: Proceedings of the 3rd ACM conference on Wireless Network Security, WiSec 2010 (2010)Google Scholar
  20. 20.
    Zhou, W., Zhou, Y., Jiang, X., Ning, P.: DroidMOSS: Detecting Repackaged Smartphone Applications in Third-Party AndroidMarketplaces. In: Proceedings of the 2nd ACM Conference on Data and Application Security and Privacy, CODASPY 2012 (2012)Google Scholar
  21. 21.
    Zhou, Y., Wang, Z., Zhou, W., Jiang, X.: Hey, You, Get Off of My Market: Detecting Malicious Apps in Official and Alternative Android Markets. In: Proceedings of NDSS 2012 (2012)Google Scholar

Copyright information

© IFIP International Federation for Information Processing 2012

Authors and Affiliations

  • Seung-Hyun Seo
    • 1
  • Kangbin Yim
    • 2
  • Ilsun You
    • 3
  1. 1.Korea Information and Security Agency (KISA)SeoulKorea
  2. 2.Dept. of Information Security EngineeringSoonchunhyang UniversityAsanKorea
  3. 3.School of Information ScienceKorean Bible UniversitySeoulKorea

Personalised recommendations