A SMS-based mobile botnet using flooding algorithm

Jingyu Hua, Kouichi Sakurai

Research output: Chapter in Book/Report/Conference proceedingConference contribution

27 Citations (Scopus)

Abstract

As a lot of sophisticated duties are being migrated to mobile phones, they are gradually becoming hot targets of hackers. Actually, during the past few years, It has appeared many malware targeting mobile phones and the situation is getting worse. Under this circumstance, we may ask a serious question: whether can those infected phones be organized to a botnet? In this paper, we present a design of such a botnet using Short Message Service (SMS) as its Command and Control (C&C) medium. We cover all the aspects of the botnet design including the stealthiness protection, the topology selecting and the botnet maintaining. Our simulations show that in our proposed SMS-based botnet a newly issued C&C message can be covertly propagated to over 90% of the total 20000 bots within 20 minutes based on a simple flooding algorithm. Moreover, in this process each bot sends no more than four SMS messages and the botnet is robust to both random and selective node failures. Thereby, we demonstrate that the proposed mobile botnet is indeed a serious threat on the security of the mobile computing environment. For this reason, we further explore several effective defense strategies against such a botnet. In doing so, we hope to be one step ahead of the hackers to discover and prevent this upcoming threat.

Original languageEnglish
Title of host publicationInformation Security Theory and Practice
Subtitle of host publicationSecurity and Privacy of Mobile Devices in Wireless Communication - 5th IFIP WG 11.2 International Workshop, WISTP 2011, Proceedings
Pages264-279
Number of pages16
DOIs
Publication statusPublished - 2011
Event5th Workshop in Information Security Theory and Practice, WISTP 2011 - Heraklion, Crete, Greece
Duration: Jun 1 2011Jun 3 2011

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume6633 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Other

Other5th Workshop in Information Security Theory and Practice, WISTP 2011
CountryGreece
CityHeraklion, Crete
Period6/1/116/3/11

All Science Journal Classification (ASJC) codes

  • Theoretical Computer Science
  • Computer Science(all)

Fingerprint Dive into the research topics of 'A SMS-based mobile botnet using flooding algorithm'. Together they form a unique fingerprint.

Cite this