Android Botnets: A Serious Threat to Android Devices

Android devices have gained a lot of attention in the last few decades due to several reasons including ease of use, effectiveness, availability and games, among others. To take advantage of Android devices, mobile users have begun installing an increasingly substantial number of Android applications on their devices. Rapid growth in many Android devices and applications has led to security and privacy issues. It has, for instance, opened the way for malicious applications to be installed on the Android devices while downloading different applications for different purposes. This has caused malicious applications to execute illegal operations on the devices that result in malfunction outputs. Android botnets are one of these malfunctions. This paper presents Android botnets in various aspects including their security, architecture, infection vectors and techniques. This paper also evaluates Android botnets by categorising them according to behaviour. Furthermore, it investigates the Android botnets with respect to Android device threats. Finally, we investigate different Android botnet detection techniques in depth with respect to the existing solutions deployed to mitigate Android botnets.

[1]  R. Dhaya,et al.  Detecting software vulnerabilities in android using static analysis , 2014, 2014 IEEE International Conference on Advanced Communications, Control and Computing Technologies.

[2]  Julius Beneoluchi Odili,et al.  African Buffalo Optimization: A Swarm-Intelligence Technique , 2015 .

[3]  Meenu Chawla,et al.  A Survey of Android Malware Detection Strategy and Techniques , 2016 .

[4]  Shahaboddin Shamshirband,et al.  Mobile Botnet Attacks - an Emerging Threat: Classification, Review and Open Issues , 2015, KSII Trans. Internet Inf. Syst..

[5]  Simin Nadjm-Tehrani,et al.  Crowdroid: behavior-based malware detection system for Android , 2011, SPSM '11.

[6]  Vijay Laxmi,et al.  AndroSimilar: robust statistical feature signature for Android malware detection , 2013, SIN.

[7]  Syed Ali Khayam,et al.  A Taxonomy of Botnet Behavior, Detection, and Defense , 2014, IEEE Communications Surveys & Tutorials.

[8]  Jason Milletary,et al.  Technical Trends in Phishing Attacks , 1969 .

[9]  Tao Zhang,et al.  RobotDroid: A Lightweight Malware Detection Framework On Smartphones , 2012, J. Networks.

[10]  Ronaldo M. Salles,et al.  Botnets: A survey , 2013, Comput. Networks.

[11]  Julius Beneoluchi Odili,et al.  A comparative study of African Buffalo Optimization and Randomized Insertion Algorithm for asymmetric Travelling Salesman's Problem , 2015, 2015 4th International Conference on Software Engineering and Computer Systems (ICSECS).

[12]  Nor Badrul Anuar,et al.  Botnet detection techniques: review, future trends, and issues , 2014, Journal of Zhejiang University SCIENCE C.

[13]  Miroslaw Szymczyk Detecting Botnets in Computer Networks Using Multi-agent Technology , 2009, 2009 Fourth International Conference on Dependability of Computer Systems.

[14]  Muttukrishnan Rajarajan,et al.  Android Security: A Survey of Issues, Malware Penetration, and Defenses , 2015, IEEE Communications Surveys & Tutorials.

[15]  William Enck,et al.  AppsPlayground: automatic security analysis of smartphone applications , 2013, CODASPY.

[16]  Гарнаева Мария Александровна,et al.  Kaspersky security Bulletin 2013 , 2014 .

[17]  Thomas Schreck,et al.  Mobile-Sandbox: combining static and dynamic analysis with machine-learning techniques , 2015, International Journal of Information Security.

[18]  Ali Feizollah,et al.  Evaluation of machine learning classifiers for mobile malware detection , 2014, Soft Computing.

[19]  Alexandra Michelle Doorey Contextualizing privacy concerns within mobile engagement : a comparative investigation of escalating risk among general, e-commerce and health-related use , 2016 .

[20]  Veelasha Moonsamy,et al.  Mining permission patterns for contrasting clean and malicious android applications , 2014, Future Gener. Comput. Syst..

[21]  Daniel Sauter,et al.  Rapid Android Development: Build Rich, Sensor-Based Applications with Processing , 2013 .

[22]  L. Cavallaro,et al.  A System Call-Centric Analysis and Stimulation Technique to Automatically Reconstruct Android Malware Behaviors , 2013 .

[23]  Márk Jelasity,et al.  Towards Automated Detection of Peer-to-Peer Botnets: On the Limits of Local Approaches , 2009, LEET.

[24]  Yajin Zhou,et al.  Hey, You, Get Off of My Market: Detecting Malicious Apps in Official and Alternative Android Markets , 2012, NDSS.

[25]  Mazlina Abdul Majid,et al.  Trusting cloud computing for personal files , 2014, 2014 International Conference on Information and Communication Technology Convergence (ICTC).

[26]  Stefan Kraxberger,et al.  Malware detection by applying knowledge discovery processes to application metadata on the Android Market (Google Play) , 2016, Secur. Commun. Networks.

[27]  Guofei Gu,et al.  BotSniffer: Detecting Botnet Command and Control Channels in Network Traffic , 2008, NDSS.

[28]  Sancheng Peng,et al.  Smartphone Malware and Its Propagation Modeling: A Survey , 2014, IEEE Communications Surveys & Tutorials.

[29]  Julius Beneoluchi Odili,et al.  AFRICAN BUFFALO OPTIMIZATION , 2016 .

[30]  Salvatore J. Stolfo,et al.  Data mining methods for detection of new malicious executables , 2001, Proceedings 2001 IEEE Symposium on Security and Privacy. S&P 2001.

[31]  Dennis J. Turner,et al.  Symantec Internet Security Threat Report Trends for July 04-December 04 , 2005 .

[32]  Jasni Mohamed Zain,et al.  Mobile cloud computing & mobile battery augmentation techniques: A survey , 2014, 2014 IEEE Student Conference on Research and Development.

[33]  Thompson Brian,et al.  Controlling risk of data exfiltration in cyber networks due to stealthy propagating malware , 2016 .

[34]  Patrick D. McDaniel,et al.  On lightweight mobile phone application certification , 2009, CCS.

[35]  Anastasia Skovoroda,et al.  Review of the Mobile Malware Detection Approaches , 2015, 2015 23rd Euromicro International Conference on Parallel, Distributed, and Network-Based Processing.

[36]  Peter Reiher,et al.  A taxonomy of DDoS attack and DDoS defense mechanisms , 2004, CCRV.

[37]  Nicolas Ianelli,et al.  Botnets as a Vehicle for Online Crime , 2007 .

[38]  Jens Myrup Pedersen,et al.  A Collaborative Approach to Botnet Protection , 2012, CD-ARES.

[39]  Guofei Gu,et al.  BotMiner: Clustering Analysis of Network Traffic for Protocol- and Structure-Independent Botnet Detection , 2008, USENIX Security Symposium.

[40]  Mohamed Cheriet,et al.  Taxonomy of intrusion risk assessment and response system , 2014, Comput. Secur..

[41]  David J. Miller,et al.  Botnet Detection Through Fine Flow Classification , 2011 .

[42]  Juan E. Tapiador,et al.  Dendroid: A text mining approach to analyzing and classifying code structures in Android malware families , 2014, Expert Syst. Appl..

[43]  Yong Wang,et al.  Mobile malware security challeges and cloud-based detection , 2014, 2014 International Conference on Collaboration Technologies and Systems (CTS).

[44]  Farnam Jahanian,et al.  The Zombie Roundup: Understanding, Detecting, and Disrupting Botnets , 2005, SRUTI.

[45]  Arash Habibi Lashkari,et al.  A Wide Survey on Botnet , 2011, DICTAP.

[46]  Erol Gelenbe,et al.  Mobile Network Anomaly Detection and Mitigation: The NEMESYS Approach , 2013, ISCIS.

[47]  Ying Wu,et al.  Deep Analysis of Intending Peer-to-Peer Botnet , 2008, 2008 Seventh International Conference on Grid and Cooperative Computing.

[48]  Nor Badrul Anuar,et al.  Intrusion response systems: Foundations, design, and challenges , 2016, J. Netw. Comput. Appl..

[49]  Ali A. Ghorbani,et al.  Botnet detection based on traffic behavior analysis and flow intervals , 2013, Comput. Secur..

[50]  Chun-Ying Huang,et al.  A fuzzy pattern-based filtering algorithm for botnet detection , 2011, Comput. Networks.

[51]  Farnam Jahanian,et al.  A Survey of Botnet Technology and Defenses , 2009, 2009 Cybersecurity Applications & Technology Conference for Homeland Security.

[52]  Mohamed Zaki,et al.  Design and Implementation of Anti Spyware System using Design Patterns , 2015 .

[53]  Stefano Zanero,et al.  HelDroid: Dissecting and Detecting Mobile Ransomware , 2015, RAID.

[54]  Juan E. Tapiador,et al.  Evolution, Detection and Analysis of Malware for Smart Devices , 2014, IEEE Communications Surveys & Tutorials.

[55]  Somesh Jha,et al.  A semantics-based approach to malware detection , 2008, TOPL.

[56]  Herbert Bos,et al.  Paranoid Android: versatile protection for smartphones , 2010, ACSAC '10.

[57]  Francesco Palmieri,et al.  A botnet-based command and control approach relying on swarm intelligence , 2014, J. Netw. Comput. Appl..

[58]  Heng Yin,et al.  DroidScope: Seamlessly Reconstructing the OS and Dalvik Semantic Views for Dynamic Android Malware Analysis , 2012, USENIX Security Symposium.

[59]  B. M. Rajesh,et al.  DROIDSWAN: Detecting Malicious Android Applications Based on Static Feature Analysis , 2015 .

[60]  Nor Badrul Anuar,et al.  Cloud-Based Intrusion Detection and Response System: Open Research Issues, and Solutions , 2017 .

[61]  Julius Beneoluchi Odili,et al.  Convergence Analysis of the African Buffalo Optimization Algorithm , 2016 .

[62]  Patrick D. McDaniel,et al.  Semantically rich application-centric security in Android , 2012 .

[63]  Julius Beneoluchi Odili,et al.  Solving the Traveling Salesman's Problem Using the African Buffalo Optimization , 2016, Comput. Intell. Neurosci..

[64]  Julius Beneoluchi Odili,et al.  Response option for attacks detected by intrusion detection system , 2015, 2015 4th International Conference on Software Engineering and Computer Systems (ICSECS).

[65]  Zolkipli Mohamad Fadli,et al.  A Review Paper on Botnet and Botnet Detection Techniques in Cloud Computing , 2014 .

[66]  Byung-Gon Chun,et al.  TaintDroid: An Information-Flow Tracking System for Realtime Privacy Monitoring on Smartphones , 2010, OSDI.

[67]  Victor I. Chang,et al.  From Intrusion Detection to an Intrusion Response System: Fundamentals, Requirements, and Future Directions , 2017, Algorithms.

[68]  Marianne Loock,et al.  Characteristics and responsibilities involved in a Phishing attack , 2005 .

[69]  Thomas Schreck,et al.  Mobile-sandbox: having a deeper look into android applications , 2013, SAC '13.

[70]  Vinod Yegneswaran,et al.  BotHunter: Detecting Malware Infection Through IDS-Driven Dialog Correlation , 2007, USENIX Security Symposium.

[71]  Adem Karahoca,et al.  BotNet Detection: Enhancing Analysis by Using Data Mining Techniques , 2012 .

[72]  Wei Jiang,et al.  Botnet: Survey and Case Study , 2009, 2009 Fourth International Conference on Innovative Computing, Information and Control (ICICIC).

[73]  练启光 Android , 2018, Encyclopedia of Social Network Analysis and Mining. 2nd Ed..

[74]  Lei Liu,et al.  BotTracer: Execution-Based Bot-Like Malware Detection , 2008, ISC.

[75]  Konrad Rieck,et al.  Structural detection of android malware using embedded call graphs , 2013, AISec.

[76]  Nor Badrul Anuar,et al.  Cross-VM cache-based side channel attacks and proposed prevention mechanisms: A survey , 2017, J. Netw. Comput. Appl..

[77]  Yanick Fratantonio,et al.  ANDRUBIS -- 1,000,000 Apps Later: A View on Current Android Malware Behaviors , 2014, 2014 Third International Workshop on Building Analysis Datasets and Gathering Experience Returns for Security (BADGERS).

[78]  Radha Poovendran,et al.  LIDAR: a layered intrusion detection and remediationframework for smartphones , 2013, ISARCS '13.

[79]  Ge Yu,et al.  Online Botnet Detection Based on Incremental Discrete Fourier Transform , 2010, J. Networks.

[80]  Mohd Nizam Mohmad Kahar,et al.  Tutorials on African Buffalo Optimization for Solving the Travelling Salesman Problem , 2017 .

[81]  Sahin Albayrak,et al.  An Android Application Sandbox system for suspicious software detection , 2010, 2010 5th International Conference on Malicious and Unwanted Software.