Mobile Botnet Attacks - an Emerging Threat: Classification, Review and Open Issues |
Karim, Ahmad
(Faculty of Computer Science and Information Technology, University of Malaya)
Ali Shah, Syed Adeel (Faculty of Computer Science and Information Technology, University of Malaya) Salleh, Rosli Bin (Faculty of Computer Science and Information Technology, University of Malaya) Arif, Muhammad (Faculty of Computer Science and Information Technology, University of Malaya) Noor, Rafidah Md (Faculty of Computer Science and Information Technology, University of Malaya) Shamshirband, Shahaboddin (Faculty of Computer Science and Information Technology, University of Malaya) |
1 | Spreitzenbarth, M., F. Freiling, F. Echtler, T. Schreck, and J. Hoffmann,"Mobile-sandbox: having a deeper look into android applications," in Proc. of the 28th Annual ACM Symposium on Applied Computing, 2013. Article (CrossRef Link) |
2 | Alzahrani, A.J. and A.A. Ghorbani," SMS mobile botnet detection using a multi-agent system: research in progress," in Proc. of the 1st International Workshop on Agents and CyberSecurity, 2014. Article (CrossRef Link) |
3 | Aswini, A. and P. Vinod,“Droid permission miner: Mining prominent permissions for Android malware analysis,” in Proc. of Applications of Digital Information and Web Technologies (ICADIWT), 2014 Fifth International Conference on the, 2014. Article (CrossRef Link) |
4 | Pieterse, H. and M.S. Olivier, "Bluetooth Command and Control Channel," Computers & Security, 2014. Article (CrossRef Link) |
5 | Protalinski, E., “F-Secure: Android accounted for 97% of all mobile malware in 2013, but only 0.1% of those were on Google Play”, 2013. |
6 | Mobile Security Primer, https://viaforensics.com/resources/reports/best-practices-ios-android-secure-mobile-development/mobile-security-primer/ |
7 | Nadji, Y., J. Giffin, and P. Traynor.,“Automated remote repair for mobile malware,” in Proc. of the 27th Annual Computer Security Applications Conference, 2011.Article (CrossRef Link) |
8 | Unified Extensible Firmware Interface, http://en.wikipedia.org/wiki/Unified_Extensible_Firmware_Interface |
9 | UEFI Technology Expands in Mobile Devices and Other Non-PC Market Segments, http://www.uefi.org/sites/default/files/press_releases/UEFI_Specifications_Expand_in_Mobile_Devices_and_Non-PC_Markets_May_8_2013.pdf |
10 | Forbes, Secure mobile development best practices, https://viaforensics.com/resources/reports/best-practices-ios-android-secure-mobile-development/mobile-security-primer/ |
11 | Open DNS, security whitepaper, http://info.opendns.com/rs/opendns/images/OpenDNS_SecurityWhitepaper-DNSRoleInBotnets.pdf |
12 | Rootkit, http://en.wikipedia.org/wiki/Rootkit |
13 | Bank Site Attacks Trigger Ongoing Outages, Customer Anger, http://www.informationweek.com/attacks/bank-site-attacks-trigger-ongoing-outages-customer-anger/d/d-id/1106615? |
14 | Mishra, A.R., “Advanced cellular network planning and optimisation: 2G/2.5 G/3G... evolution to 4G,” John Wiley & Sons, 2007. |
15 | Gani, A., G.M. Nayeem, M Shiraz, M. Sookhak, M. Whaiduzzaman, and S. Khan, “A review on interworking and mobility Techniques for seamless connectivity In Mobile Cloud Computing,”Journal of Network and Computer Applications, pp. 84-102,2014. Article (CrossRef Link) DOI |
16 | Singh, K., S. Sangal, N. Jain, P. Traynor, and W. Lee, “Evaluating bluetooth as a medium for botnet command and control,” in Proc. of Detection of Intrusions and Malware, and Vulnerability Assessment,pp. 61-80, 2010. Article (CrossRef Link) |
17 | Grizzard, J.B., V. Sharma, C. Nunnery, B.B. Kang, and D. Dagon,"Peer-to-peer botnets: Overview and case study," in Proc. of the first conference on First Workshop on Hot Topics in Understanding Botnets, 2007.Article (CrossRef Link) |
18 | Hamandi, K., I.H. Elhajj, A. Chehab, and A. Kayssi, “Android SMS botnet: a new perspective,” in Proc. of the 10th ACM international symposium on Mobility management and wireless access, 2012.Article (CrossRef Link) |
19 | Adeel, M., L. Tokarchuk, and M. Awais Azam,“Classification of Mobile P2P Malware Based on Propagation Behaviour,” in Proc. of The Fourth International Conference on Mobile Ubiquitous Computing, Systems, Services and Technologies, 2010.Article (CrossRef Link) |
20 | Geng, G., G. Xu, M. Zhang, Y. Guo, G. Yang, and C. Wei, “The Design of SMS Based Heterogeneous Mobile Botnet,” Journal of Computers, vol. 7, no.1, pp. 235-243, 2012. Article (CrossRef Link) DOI |
21 | Zeng, Y., K.G. Shin, and X. Hu,“Design of SMS commanded-and-controlled and P2P-structured mobile botnets,”in Proc. of the fifth ACM conference on Security and Privacy in Wireless and Mobile Networks, 2012.Article (CrossRef Link) |
22 | Xiang, C., F. Binxing, Y. Lihua, L. Xiaoyi, and Z. Tianning,“Andbot: towards advanced mobile botnets,” in Proc. of the 4th USENIX conference on Large-scale exploits and emergent threats, 2011. |
23 | Qi, H., M. Shiraz, A. Gani, M. Whaiduzzaman, and S. Khan, “Sierpinski triangle based data centerarchitecture in cloud computing,”The Journal of Supercomputing, pp. 1-21, 2014. Article (CrossRef Link) |
24 | La Polla, M., F. Martinelli, and D. Sgandurra, “A survey on security for mobile devices,” Communications Surveys & Tutorials, IEEE, vol. 15, no. 1, pp. 446-471. Article (CrossRef Link) DOI |
25 | Zhao, S., P.P. Lee, J. Lui, X. Guan, X. Ma, and J. Tao,“Cloud-based push-styled mobile botnets: a case study of exploiting the cloud to device messaging service,” in Proc. of the 28th Annual Computer Security, Applications Conference,ACM, 2012. Article (CrossRef Link) |
26 | Szongott, C., B. Henne, and M. Smith.,“Evaluating the threat of epidemic mobile malware,” in Proc. of Wireless andMobile Computing, Networking and Communications (WiMob), 2012 IEEE 8th International Conference on, 2012. Article (CrossRef Link) |
27 | Flo, A. and A. Josang, “Consequences of botnets spreading to mobile devices,” in Short-Paper Proc. of ofthe 14th Nordic Conference on Secure IT Systems, 2009. |
28 | Paganinip, HTTP-Botnets: The Dark Side of an Standard Protocol!, http://securityaffairs.co/wordpress/13747/cyber-crime/http-botnets-the-dark-side-of-an-standard-protocol.html |
29 | Pieterse, H. and M. Olivier, “Design of a hybrid command and control mobile botnet,” in Proc. of Academic Conferences and Publishing International Ltd,2013. Article (CrossRef Link) |
30 | Kasera, S. and N. Narang, “3G mobile networks: architecture, protocols and procedures based on 3GPP specifications for UMTS WCDMA networks,”McGraw-Hill Professional,2005. |
31 | KARIM, A., R.B. SALLEH, M. SHIRAZ, S.A.A. SHAH, I. AWAN, and N.B. ANUAR, “Botnet detection techniques:review, future trends and issues,”Journal of Zhejiang University SCIENCE C, 2014.Article (CrossRef Link) |
32 | Zeus Botnet Eurograbber Steals $47 Million, http://www.informationweek.com/security/attacks/zeus-botnet-eurograbber-steals-47-millio/240143837 |
33 | Geng, G., G. Xu, M. Zhang, Y. Yang, and G. Yang., “An improved sms based heterogeneous mobile botnet model,”in Proc. ofInformation and Automation (ICIA), 2011 IEEE International Conference, 2011. |
34 | VentureBeat,“News about Tech, money and innovation / Mobile,” http://venturebeat.com/2013/10/31/android-captures-record-81-global-market-share-windows-phone-is-fastest-growing/ |
35 | Smartphone Vendor Market Share, http://www.idc.com/prodserv/smartphone-market-share.jsp, 2014 [Accessed on : 20-06-2014] |
36 | Karim, A., S.A.A. Shah, and R. Salleh, “Mobile Botnet Attacks: A Thematic Taxonomy,”New Perspectives in Information Systems and Technologies, vol. 2, pp. 153-164, 2014. Article (CrossRef Link) |
37 | Android DreamDroid two: rise of laced apps, http://www.itnews.com.au/News/259147,android-dreamdroid-two-rise-of-lacedapps.aspx/ |
38 | F-Secure, F- secure| Virus and threat descriptions, http://www.f-secure.com/v-descs/worm_iphoneos_ikee_b.shtml |
39 | Maslennikov, D., SecureList: Mobile Malware Analysis: Part-6, http://www.securelist.com/en/analysis?calendar=2013-02 |
40 | Abdelrahman, O.H., E. Gelenbe, G. Görbil, and B. Oklander, “Mobile Network Anomaly Detection and Mitigation: The NEMESYS Approach,”Information Sciences and Systems 2013 Lecture Notes in Electrical Engineering, vol. 264, pp.429-438, 2013. Article (CrossRef Link) DOI |
41 | Arbor Networks: Worldwide Infrastructure Security Report (2012), https://www.arbornetworks.com/news-and-events/press-releases/recent-press-releases/4737-the-arbor-networks-8th-annual-worldwide-infrastructure-security-report-finds-ddos-has-become-part-of-advanced-threat-landscape |
42 | Weichselbaum, L., M. Neugschwandtner, M. Lindorfer, Y. Fratantonio, V. van der Veen, and C. Platzer, “Andrubis: Android Malware Under The Magnifying Glass,”Vienna University of Technology, Tech. Rep,2014. Article (CrossRef Link) |
43 | Ollmann, G., “The evolution of commercial malware development kits and colour-by-numbers custom malware,”Computer Fraud & Security, vol. 9, pp. 4-7, 2008.Article (CrossRef Link) DOI |
44 | X. Jiang, “GingerMaster: First Android Malware Utilizing a Root Exploit on Android 2.3 (Gingerbread)”, 2011. |
45 | Zetter, K., BlackBerry a Juicy Hacker Target, 2006, http://www.wired.com/science/discoveries/news/2006/08/71548 |
46 | Microsoft, Microsoft, Malware Protection Center, Trojan:AndroidOS/SpamSold.A, http://www.microsoft.com/security/portal/threat/encyclopedia/Entry.aspx?Name=Trojan%3AAndroidOS%2FSpamSold.A#tab=2 |
47 | Donovan, F., “Botnet of mobile devices used for first time to distribute Trojan,” 2013. |
48 | Unuchek, R., Obad.a Trojan Now Being Distributed via Mobile Botnets, http://securelist.com/blog/mobile/57453/obad-a-trojan-now-being-distributed-via-mobile-botnets/ |
49 | Shiraz, M., A. Gani, R.W. Ahmad, S.A.A. Shah, A. Karim, and Z.A. Rahman, “A Lightweight DistributedFramework for Computational Offloading in Mobile Cloud Computing,”PloS one, vol.9, vo.8,2014. Article (CrossRef Link) DOI |
50 | Dai, S., T. Wei, and W. Zou.,“DroidLogger: Reveal suspicious behavior of Android applications via instrumentation,” in Proc. of Computing and Convergence Technology (ICCCT), 2012 7th International Conference on, 2012. |
51 | Portokalidis, G., P. Homburg, K. Anagnostakis, and H. Bos, "Paranoid Android: versatile protection forsmartphones,"in Proc. of the 26th Annual Computer Security Applications Conference, 2010. Article (CrossRef Link) |
52 | Xuxian, J., “Security Alert: New RootSmart Android Malware Utilizes the GingerBreak Root Exploit,” 2012. |
53 | DroidDream, DroidDream, http://www.webopedia.com/TERM/D/droiddream.html |
54 | Worm:iPhoneOS/Ikee.B, http://www.f-secure.com/v-descs/worm_iphoneos_ikee_b.shtml |
55 | Kiley, S., “Spy Smartphone Software Tracks Every Move,” |
56 | Android.Geinimi, http://www.symantec.com/security_response/writeup.jsp?docid=2011-010111-5403-99 |
57 | Musthaler, L., “How to avoid becoming a victim of SMiShing (SMS phishing)” |
58 | Mills, E., Report: Android phones vulnerable to snooping attack, http://news.cnet.com/8301-27080_3-20063646-245.html |
59 | Orchilles, J.A., "SSL Renegotiation DOS, 2011, http://permalink.gmane.org/gmane.ietf.tls/8335 |
60 | Choi, B., S.-K. Choi, and K. Cho, "Detection of Mobile Botnet Using VPN," in Proc. of Innovative Mobile and Internet Services in Ubiquitous Computing (IMIS), 2013 Seventh International Conference on, 2013.Article (CrossRef Link) |
61 | Vural, I. and H. Venter, “Combating Spamming Mobile Botnets through Bayesian Spam Filtering,” |
62 | Roshandel, R., P. Arabshahi, and R. Poovendran, “LIDAR: a layered intrusion detection and remediationframework for smartphones,” in Proc. of the 4th international ACM Sigsoft symposium on Architecting critical systems, 2013.Article (CrossRef Link) |
63 | Chiang, H.-S. and W.-J. Tsaur, “Identifying Smartphone Malware Using Data Mining Technology,” in Proc of Computer Communications and Networks (ICCCN), 20th International Conference on, 2011. Article (CrossRef Link) |
64 | Andrews, B., T. Oh, and W. Stackpole,“Android Malware Analysis Platform,” in Proc. of 8th Annual Symposium on Information Assurance (ASIA’13), 2013. Article (CrossRef Link) |
![]() |