Abstract
The fast growing market for smart phones coupled with their almost constant on-line presence makes these devices the new targets of malicious code (virus) writers. To aggravate the issue, the security level of these devices is far below the state-of-the art of what is used in personal computers. It has been recently found that the topological spread of multimedia message service (MMS) viruses is highly restricted by the underlying fragmentation of the call graph—the term topological here refers to the explicit use of the call graph topology to find vulnerable phones. In this paper, we study MMS viruses under another type of spreading behavior that locates vulnerable phones by generating a random list of numbers to be contacted, generally referred to as scanning. We find that hybrid MMS viruses including some level of scanning are more dangerous to the mobile community than their standard topological counterparts. Interestingly, this paper shows that the topological and scanning behaviors of MMS viruses can be more damaging in high and low market share cases, respectively. The results also show that given sufficient time, sophisticated viruses may infect a large fraction of susceptible phones without being detected. Fortunately, with the improvement of phone providers’ monitoring ability and the timely installations of patches on infected phones, one can contain the spread of MMS viruses. Our findings lead to a better understanding on how one could prevent the spread of mobile-phone viruses even in light of new behaviors such as scanning.
Similar content being viewed by others
References
Andersen, R., May, R.: Infectious diseases of humans: dynamics and control. Oxford Science Publications, Oxford (1992)
Bose, A., Hu, X., Shin, K., Park, T.: Behavioral detection of malware on mobile handsets. In: Proceedings of the 6th International Conference on Mobile Systems, Applications, and Services (MobiSys08), pp. 225–238. New York (2008)
Bose, A., Shin, K.: On mobile viruses exploiting messaging and bluetooth services. In: Securecomm and Workshops, pp. 1–10. Baltimore (2006)
Bunde, A., Havlin, S. (eds.): Percolation and disordered systems: theory and applications, vol. 266. Physica A (1999)
Caldarelli, G.: Scale-free networks: complex webs in nature and technology. Oxford University Press, Oxford (2007)
Callaway, D.S., Newman, M.E.J., Strogatz, S.H., Watts, D.J.: Network robustness and fragility: percolation on random graphs. Phys. Rev. Lett. 85(25), 5468–5471 (2000)
Candia, J., González, M.C., Wang, P., Schoenharl, T., Madey, G., Barabási, A.L.: Uncovering individual and collective human dynamics from mobile phone records. J. Phys. A: Math. Theor. 41, 224,015 (2008)
Chen, Y., Paul, G., Cohen, R., Havlin, S., Borgatti, S.P., Liljeros, F., Stanley, H.E.: Percolation theory applied to measures of fragmentation in social networks. Phys. Rev. E 75(4), 046,107 (2007)
Cheng, J., Wong, S.H., Yang, H., Lu, S.: Smartsiren: virus detection and alert for smartphones. In: Proceedings of the 5th International Conference on Mobile Systems, Applications and Services, pp. 258–271. ACM, New York, NY (2007)
Cohen, R., Erez, K., Ben-Avraham, D., Havlin, S.: Resilience of the internet to random breakdowns. Phys. Rev. Lett. 85(21), 4626–4628 (2000)
Dorogovtsev, S.N., Mendes, J.F.F., Samukhin, A.N.: Giant strongly connected component of directed networks. Phys. Rev. E 64, 025,101 (2001)
Funk, S., Salathe, M., Jansen, V.: Modelling the influence of human behaviour on the spread of infectious diseases: a review. J. R. Soc. Interface 7, 1247–1256 (2010)
Gao, C., Liu, J., Zhong, N.: Network immunization and virus propogation in email networks: experimental evaluation and analysis. Knowl. Inf. Syst. 27(2), 253–279 (2011)
Hypponen, M.: Malware goes mobile. Scientific American, pp. 70–77 (2006)
Kim, H., Smith, J., Shin, K.G.: Detecting energy-greedy anomalies and mobile malware variants. In: Proceedings of the 6th International Conference on Mobile Systems, Applications, and Services (MobiSys08), pp. 239–252. New York (2008)
Kleinberg, J.: The wireless epidemic. Nature 449, 287–288 (2007)
Lambiotte, R., Blondel, V.D., de Kerchove, C., Huens, E., Prieur, C., Smoreda, Z., Dooren, P.V.: Geographical dispersal of mobile communication networks. Phys. A: Stat. Mech. Its Appl. 387(21), 5317–5325 (2008)
Mickens, J., Nobel, B.: Modeling epidemic spreading in mobile environment. In: Proceedings of the ACM Workshop Wireless Security, pp. 77–86. New York (2005)
Onnela, J.P., Saramaki, J., Hyvonen, J., Szabo, G., Lazer, D., Kaski, K., Kertesz, J., Barabási, A.L.: Structure and tie strengths in mobile communication networks. Proc. Natl. Acad. Sci. 104(18), 7332–7336 (2005)
Palla, G., Barabási, A.L., Vicsek, T.: Quantifying social group evolution. Nature 446, 664–667 (2007)
Schechter, S., Jung, J., Berger, A.: Fast detection of scanning worm infections. In: Jonsson, E., Valdes, A., Almgren, M. (eds.) Recent Advances in Intrusion Detection, Lecture Notes in Computer Science, vol. 3224, pp. 59–81. Springer, Berlin (2004)
Shevchenko, A.: An Overview of Mobile Device Security (2005). http://www.viruslist.com/
Su, J., Chan, K.W., Miklas, A., Po, K., Akhavan, A., Saroiu, S., de Lara, E., Goel, A.: A preliminary investigation of worm infections in a bluetooth environment. In: Proceedings of the 5th ACM Workshop Rapid Malcode (WORM), pp. 9–16. New York (2006)
Wang, P., González, M.C.: Understanding spatial connectivity of individuals with non uniform population density. Philos. Trans. R. Soc. A 367, 3321–3329 (2009)
Wang, P., González, M.C., Hidalgo, C.A., Barabási, A.L.: Understanding the spreading patterns of mobile phone viruses. Science 324, 1071–1076 (2009)
Xie, L., Zhang, X., Chaugule, A., Jaeger, T., Zhu, S.: Designing system-level defenses against cellphone malware. In: Proceedings of the 28th IEEE International Symposium on Reliable Distributed Systems (SRD09), pp. 89–90. SRD09, New York (2009).
Yan, G., Flores, H., Cuellar, L., Hengatner, N., Eidenbenz, S., Vu, V.: Bluetooth worm propagation: mobility pattern matters. In: Proceedings of the 2nd ACM Symposium on Information, Computer and Communication Security, pp. 32–44. New York (2007)
Zhu, Z., Cao, G., Zhu, S., Ranjan, S., Nucci, A.: A social network based patching scheme for worm containment in cellular networks. In: Proceedings of the 28th IEEE International Conference on Computer Communication (INFOCOM09), pp. 1476–1484. Rio de Janeiro, Brazil (2009)
Acknowledgments
We thank G. Xiao and C. Song for discussions and comments on the manuscript. This work was supported by National Natural Science Foundation of China (No. 51208520), the James S. McDonnell Foundation twenty-first Century Initiative in Studying Complex Systems, the National Science Foundation within the DDDAS (CNS-0540348), ITR (DMR-0426737) and IIS-0513650 programs. P. Wang acknowledges support from Shenghua Scholar Program of Central South University.
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Wang, P., González, M.C., Menezes, R. et al. Understanding the spread of malicious mobile-phone programs and their damage potential. Int. J. Inf. Secur. 12, 383–392 (2013). https://doi.org/10.1007/s10207-013-0203-z
Published:
Issue Date:
DOI: https://doi.org/10.1007/s10207-013-0203-z