Browse > Article
http://dx.doi.org/10.3837/tiis.2015.04.012

Mobile Botnet Attacks - an Emerging Threat: Classification, Review and Open Issues  

Karim, Ahmad (Faculty of Computer Science and Information Technology, University of Malaya)
Ali Shah, Syed Adeel (Faculty of Computer Science and Information Technology, University of Malaya)
Salleh, Rosli Bin (Faculty of Computer Science and Information Technology, University of Malaya)
Arif, Muhammad (Faculty of Computer Science and Information Technology, University of Malaya)
Noor, Rafidah Md (Faculty of Computer Science and Information Technology, University of Malaya)
Shamshirband, Shahaboddin (Faculty of Computer Science and Information Technology, University of Malaya)
Publication Information
KSII Transactions on Internet and Information Systems (TIIS) / v.9, no.4, 2015 , pp. 1471-1492 More about this Journal
Abstract
The rapid development of smartphone technologies have resulted in the evolution of mobile botnets. The implications of botnets have inspired attention from the academia and the industry alike, which includes vendors, investors, hackers, and researcher community. Above all, the capability of botnets is uncovered through a wide range of malicious activities, such as distributed denial of service (DDoS), theft of business information, remote access, online or click fraud, phishing, malware distribution, spam emails, and building mobile devices for the illegitimate exchange of information and materials. In this study, we investigate mobile botnet attacks by exploring attack vectors and subsequently present a well-defined thematic taxonomy. By identifying the significant parameters from the taxonomy, we compared the effects of existing mobile botnets on commercial platforms as well as open source mobile operating system platforms. The parameters for review include mobile botnet architecture, platform, target audience, vulnerabilities or loopholes, operational impact, and detection approaches. In relation to our findings, research challenges are then presented in this domain.
Keywords
Attacks; malware; mobile botnet; smartphone; DDoS;
Citations & Related Records
연도 인용수 순위
  • Reference
1 Spreitzenbarth, M., F. Freiling, F. Echtler, T. Schreck, and J. Hoffmann,"Mobile-sandbox: having a deeper look into android applications," in Proc. of the 28th Annual ACM Symposium on Applied Computing, 2013. Article (CrossRef Link)
2 Alzahrani, A.J. and A.A. Ghorbani," SMS mobile botnet detection using a multi-agent system: research in progress," in Proc. of the 1st International Workshop on Agents and CyberSecurity, 2014. Article (CrossRef Link)
3 Aswini, A. and P. Vinod,“Droid permission miner: Mining prominent permissions for Android malware analysis,” in Proc. of Applications of Digital Information and Web Technologies (ICADIWT), 2014 Fifth International Conference on the, 2014. Article (CrossRef Link)
4 Pieterse, H. and M.S. Olivier, "Bluetooth Command and Control Channel," Computers & Security, 2014. Article (CrossRef Link)
5 Protalinski, E., “F-Secure: Android accounted for 97% of all mobile malware in 2013, but only 0.1% of those were on Google Play”, 2013.
6 Mobile Security Primer, https://viaforensics.com/resources/reports/best-practices-ios-android-secure-mobile-development/mobile-security-primer/
7 Nadji, Y., J. Giffin, and P. Traynor.,“Automated remote repair for mobile malware,” in Proc. of the 27th Annual Computer Security Applications Conference, 2011.Article (CrossRef Link)
8 Unified Extensible Firmware Interface, http://en.wikipedia.org/wiki/Unified_Extensible_Firmware_Interface
9 UEFI Technology Expands in Mobile Devices and Other Non-PC Market Segments, http://www.uefi.org/sites/default/files/press_releases/UEFI_Specifications_Expand_in_Mobile_Devices_and_Non-PC_Markets_May_8_2013.pdf
10 Forbes, Secure mobile development best practices, https://viaforensics.com/resources/reports/best-practices-ios-android-secure-mobile-development/mobile-security-primer/
11 Open DNS, security whitepaper, http://info.opendns.com/rs/opendns/images/OpenDNS_SecurityWhitepaper-DNSRoleInBotnets.pdf
12 Rootkit, http://en.wikipedia.org/wiki/Rootkit
13 Bank Site Attacks Trigger Ongoing Outages, Customer Anger, http://www.informationweek.com/attacks/bank-site-attacks-trigger-ongoing-outages-customer-anger/d/d-id/1106615?
14 Mishra, A.R., “Advanced cellular network planning and optimisation: 2G/2.5 G/3G... evolution to 4G,” John Wiley & Sons, 2007.
15 Gani, A., G.M. Nayeem, M Shiraz, M. Sookhak, M. Whaiduzzaman, and S. Khan, “A review on interworking and mobility Techniques for seamless connectivity In Mobile Cloud Computing,”Journal of Network and Computer Applications, pp. 84-102,2014. Article (CrossRef Link)   DOI
16 Singh, K., S. Sangal, N. Jain, P. Traynor, and W. Lee, “Evaluating bluetooth as a medium for botnet command and control,” in Proc. of Detection of Intrusions and Malware, and Vulnerability Assessment,pp. 61-80, 2010. Article (CrossRef Link)
17 Grizzard, J.B., V. Sharma, C. Nunnery, B.B. Kang, and D. Dagon,"Peer-to-peer botnets: Overview and case study," in Proc. of the first conference on First Workshop on Hot Topics in Understanding Botnets, 2007.Article (CrossRef Link)
18 Hamandi, K., I.H. Elhajj, A. Chehab, and A. Kayssi, “Android SMS botnet: a new perspective,” in Proc. of the 10th ACM international symposium on Mobility management and wireless access, 2012.Article (CrossRef Link)
19 Adeel, M., L. Tokarchuk, and M. Awais Azam,“Classification of Mobile P2P Malware Based on Propagation Behaviour,” in Proc. of The Fourth International Conference on Mobile Ubiquitous Computing, Systems, Services and Technologies, 2010.Article (CrossRef Link)
20 Geng, G., G. Xu, M. Zhang, Y. Guo, G. Yang, and C. Wei, “The Design of SMS Based Heterogeneous Mobile Botnet,” Journal of Computers, vol. 7, no.1, pp. 235-243, 2012. Article (CrossRef Link)   DOI
21 Zeng, Y., K.G. Shin, and X. Hu,“Design of SMS commanded-and-controlled and P2P-structured mobile botnets,”in Proc. of the fifth ACM conference on Security and Privacy in Wireless and Mobile Networks, 2012.Article (CrossRef Link)
22 Xiang, C., F. Binxing, Y. Lihua, L. Xiaoyi, and Z. Tianning,“Andbot: towards advanced mobile botnets,” in Proc. of the 4th USENIX conference on Large-scale exploits and emergent threats, 2011.
23 Qi, H., M. Shiraz, A. Gani, M. Whaiduzzaman, and S. Khan, “Sierpinski triangle based data centerarchitecture in cloud computing,”The Journal of Supercomputing, pp. 1-21, 2014. Article (CrossRef Link)
24 La Polla, M., F. Martinelli, and D. Sgandurra, “A survey on security for mobile devices,” Communications Surveys & Tutorials, IEEE, vol. 15, no. 1, pp. 446-471. Article (CrossRef Link)   DOI
25 Zhao, S., P.P. Lee, J. Lui, X. Guan, X. Ma, and J. Tao,“Cloud-based push-styled mobile botnets: a case study of exploiting the cloud to device messaging service,” in Proc. of the 28th Annual Computer Security, Applications Conference,ACM, 2012. Article (CrossRef Link)
26 Szongott, C., B. Henne, and M. Smith.,“Evaluating the threat of epidemic mobile malware,” in Proc. of Wireless andMobile Computing, Networking and Communications (WiMob), 2012 IEEE 8th International Conference on, 2012. Article (CrossRef Link)
27 Flo, A. and A. Josang, “Consequences of botnets spreading to mobile devices,” in Short-Paper Proc. of ofthe 14th Nordic Conference on Secure IT Systems, 2009.
28 Paganinip, HTTP-Botnets: The Dark Side of an Standard Protocol!, http://securityaffairs.co/wordpress/13747/cyber-crime/http-botnets-the-dark-side-of-an-standard-protocol.html
29 Pieterse, H. and M. Olivier, “Design of a hybrid command and control mobile botnet,” in Proc. of Academic Conferences and Publishing International Ltd,2013. Article (CrossRef Link)
30 Kasera, S. and N. Narang, “3G mobile networks: architecture, protocols and procedures based on 3GPP specifications for UMTS WCDMA networks,”McGraw-Hill Professional,2005.
31 KARIM, A., R.B. SALLEH, M. SHIRAZ, S.A.A. SHAH, I. AWAN, and N.B. ANUAR, “Botnet detection techniques:review, future trends and issues,”Journal of Zhejiang University SCIENCE C, 2014.Article (CrossRef Link)
32 Zeus Botnet Eurograbber Steals $47 Million, http://www.informationweek.com/security/attacks/zeus-botnet-eurograbber-steals-47-millio/240143837
33 Geng, G., G. Xu, M. Zhang, Y. Yang, and G. Yang., “An improved sms based heterogeneous mobile botnet model,”in Proc. ofInformation and Automation (ICIA), 2011 IEEE International Conference, 2011.
34 VentureBeat,“News about Tech, money and innovation / Mobile,” http://venturebeat.com/2013/10/31/android-captures-record-81-global-market-share-windows-phone-is-fastest-growing/
35 Smartphone Vendor Market Share, http://www.idc.com/prodserv/smartphone-market-share.jsp, 2014 [Accessed on : 20-06-2014]
36 Karim, A., S.A.A. Shah, and R. Salleh, “Mobile Botnet Attacks: A Thematic Taxonomy,”New Perspectives in Information Systems and Technologies, vol. 2, pp. 153-164, 2014. Article (CrossRef Link)
37 Android DreamDroid two: rise of laced apps, http://www.itnews.com.au/News/259147,android-dreamdroid-two-rise-of-lacedapps.aspx/
38 F-Secure, F- secure| Virus and threat descriptions, http://www.f-secure.com/v-descs/worm_iphoneos_ikee_b.shtml
39 Maslennikov, D., SecureList: Mobile Malware Analysis: Part-6, http://www.securelist.com/en/analysis?calendar=2013-02
40 Abdelrahman, O.H., E. Gelenbe, G. Görbil, and B. Oklander, “Mobile Network Anomaly Detection and Mitigation: The NEMESYS Approach,”Information Sciences and Systems 2013 Lecture Notes in Electrical Engineering, vol. 264, pp.429-438, 2013. Article (CrossRef Link)   DOI
41 Arbor Networks: Worldwide Infrastructure Security Report (2012), https://www.arbornetworks.com/news-and-events/press-releases/recent-press-releases/4737-the-arbor-networks-8th-annual-worldwide-infrastructure-security-report-finds-ddos-has-become-part-of-advanced-threat-landscape
42 Weichselbaum, L., M. Neugschwandtner, M. Lindorfer, Y. Fratantonio, V. van der Veen, and C. Platzer, “Andrubis: Android Malware Under The Magnifying Glass,”Vienna University of Technology, Tech. Rep,2014. Article (CrossRef Link)
43 Ollmann, G., “The evolution of commercial malware development kits and colour-by-numbers custom malware,”Computer Fraud & Security, vol. 9, pp. 4-7, 2008.Article (CrossRef Link)   DOI
44 X. Jiang, “GingerMaster: First Android Malware Utilizing a Root Exploit on Android 2.3 (Gingerbread)”, 2011.
45 Zetter, K., BlackBerry a Juicy Hacker Target, 2006, http://www.wired.com/science/discoveries/news/2006/08/71548
46 Microsoft, Microsoft, Malware Protection Center, Trojan:AndroidOS/SpamSold.A, http://www.microsoft.com/security/portal/threat/encyclopedia/Entry.aspx?Name=Trojan%3AAndroidOS%2FSpamSold.A#tab=2
47 Donovan, F., “Botnet of mobile devices used for first time to distribute Trojan,” 2013.
48 Unuchek, R., Obad.a Trojan Now Being Distributed via Mobile Botnets, http://securelist.com/blog/mobile/57453/obad-a-trojan-now-being-distributed-via-mobile-botnets/
49 Shiraz, M., A. Gani, R.W. Ahmad, S.A.A. Shah, A. Karim, and Z.A. Rahman, “A Lightweight DistributedFramework for Computational Offloading in Mobile Cloud Computing,”PloS one, vol.9, vo.8,2014. Article (CrossRef Link)   DOI
50 Dai, S., T. Wei, and W. Zou.,“DroidLogger: Reveal suspicious behavior of Android applications via instrumentation,” in Proc. of Computing and Convergence Technology (ICCCT), 2012 7th International Conference on, 2012.
51 Portokalidis, G., P. Homburg, K. Anagnostakis, and H. Bos, "Paranoid Android: versatile protection forsmartphones,"in Proc. of the 26th Annual Computer Security Applications Conference, 2010. Article (CrossRef Link)
52 Xuxian, J., “Security Alert: New RootSmart Android Malware Utilizes the GingerBreak Root Exploit,” 2012.
53 DroidDream, DroidDream, http://www.webopedia.com/TERM/D/droiddream.html
54 Worm:iPhoneOS/Ikee.B, http://www.f-secure.com/v-descs/worm_iphoneos_ikee_b.shtml
55 Kiley, S., “Spy Smartphone Software Tracks Every Move,”
56 Android.Geinimi, http://www.symantec.com/security_response/writeup.jsp?docid=2011-010111-5403-99
57 Musthaler, L., “How to avoid becoming a victim of SMiShing (SMS phishing)”
58 Mills, E., Report: Android phones vulnerable to snooping attack, http://news.cnet.com/8301-27080_3-20063646-245.html
59 Orchilles, J.A., "SSL Renegotiation DOS, 2011, http://permalink.gmane.org/gmane.ietf.tls/8335
60 Choi, B., S.-K. Choi, and K. Cho, "Detection of Mobile Botnet Using VPN," in Proc. of Innovative Mobile and Internet Services in Ubiquitous Computing (IMIS), 2013 Seventh International Conference on, 2013.Article (CrossRef Link)
61 Vural, I. and H. Venter, “Combating Spamming Mobile Botnets through Bayesian Spam Filtering,”
62 Roshandel, R., P. Arabshahi, and R. Poovendran, “LIDAR: a layered intrusion detection and remediationframework for smartphones,” in Proc. of the 4th international ACM Sigsoft symposium on Architecting critical systems, 2013.Article (CrossRef Link)
63 Chiang, H.-S. and W.-J. Tsaur, “Identifying Smartphone Malware Using Data Mining Technology,” in Proc of Computer Communications and Networks (ICCCN), 20th International Conference on, 2011. Article (CrossRef Link)
64 Andrews, B., T. Oh, and W. Stackpole,“Android Malware Analysis Platform,” in Proc. of 8th Annual Symposium on Information Assurance (ASIA’13), 2013. Article (CrossRef Link)