Ontology-based Mobile Malware Behavioral Analysis

Recently, Mobile malware such as Cabir, Duts, and Brador has caused harm by leaking of user privacy, depletion of battery power, and extra service charges by automatically sending expensive multimedia messages or making long-distance calls. Also, the convenience which can download programs from the Internet and share software with one another through shortrange Bluetooth connections, worldwide multimedia messaging service (MMS) communications and memory cards has created new vulnerabilities. As we know, anti-malware software is to play an essential role in defending against mobile malware. The majority of detection software relies on an up-to-date malware signature database to detect malware. However, mobile phone networks have very different characteristics in terms of limited processing power, storage capacity and battery power. It is a challenge to distribute malware signatures files to mobile devices in a timely manner, and therefore limits the effectiveness of complex anti-malware solutions in battery-powered handsets. This paper proposes an ontology-based behavioral analysis for mobile malware, and further provides information about mobile malware for end users or organizations to help them use their mobile phones securely. Keywords—Mobile malware, smart phone, ontology, behavioral analysis.

[1]  Zoubida Kedad,et al.  Dealing with Semantic Heterogeneity During Data Integration , 1999, ER.

[2]  Kang G. Shin,et al.  On Mobile Viruses Exploiting Messaging and Bluetooth Services , 2006, 2006 Securecomm and Workshops.

[3]  Brian D. Noble,et al.  Modeling epidemic spreading in mobile environments , 2005, WiSe '05.

[4]  Kang G. Shin,et al.  Detecting energy-greedy anomalies and mobile malware variants , 2008, MobiSys '08.

[5]  Dong Li,et al.  An Epidemic Model of Mobile Phone Virus , 2006, 2006 First International Symposium on Pervasive Computing and Applications.

[6]  Douglas B. Lenat,et al.  CYC: a large-scale investment in knowledge infrastructure , 1995, CACM.

[7]  Songwu Lu,et al.  SmartSiren: virus detection and alert for smartphones , 2007, MobiSys '07.

[8]  Kang G. Shin,et al.  Soft tamper-proofing via program integrity verification in wireless sensor networks , 2005, IEEE Transactions on Mobile Computing.

[9]  Asunción Gómez-Pérez,et al.  Methodologies, tools and languages for building ontologies: Where is their meeting point? , 2003, Data Knowl. Eng..

[10]  Kang G. Shin,et al.  Behavioral detection of malware on mobile handsets , 2008, MobiSys '08.

[11]  Sahin Albayrak,et al.  Monitoring Smartphones for Anomaly Detection , 2008, Mob. Networks Appl..

[12]  Daniel R. Ellis,et al.  A behavioral approach to worm detection , 2004, WORM '04.

[13]  Salvatore J. Stolfo,et al.  Anomalous Payload-Based Worm Detection and Signature Generation , 2005, RAID.

[14]  William H. Sanders,et al.  Quantifying the Effectiveness of Mobile Phone Virus Response Mechanisms , 2007, 37th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN'07).

[15]  Peter J. Clarke,et al.  Testing and evaluating virus detectors for handheld devices , 2006, Journal in Computer Virology.

[16]  Michael Gruninger,et al.  Methodology for the Design and Evaluation of Ontologies , 1995, IJCAI 1995.

[17]  Ramanathan V. Guha,et al.  Building Large Knowledge-Based Systems: Representation and Inference in the Cyc Project , 1990 .

[18]  Hayder Radha,et al.  A topologically-aware worm propagation model for wireless sensor networks , 2005, 25th IEEE International Conference on Distributed Computing Systems Workshops.

[19]  Kathleen Dahlgren,et al.  A linguistic ontology , 1995, Int. J. Hum. Comput. Stud..

[20]  George Lawton Is It Finally Time to Worry about Mobile Malware? , 2008, Computer.

[21]  Binshan Lin,et al.  Security aspects of mobile phone virus: a critical survey , 2008, Ind. Manag. Data Syst..

[22]  Jose Manuel Corera,et al.  Building and Reusing Ontologies for Electrical Network Applications , 1996, ECAI.

[23]  Mahadev Satyanarayanan,et al.  PowerScope: a tool for profiling the energy usage of mobile applications , 1999, Proceedings WMCSA'99. Second IEEE Workshop on Mobile Computing Systems and Applications.

[24]  Somesh Jha,et al.  Semantics-aware malware detection , 2005, 2005 IEEE Symposium on Security and Privacy (S&P'05).