A cloud-based intrusion detection system for Android smartphones

Cloud computing is primarily being use for eliminating the need of local information resources. The ability of cloud provides vast range of services on web. As Smartphone usage has been continuously increasing in recent years, but due to its complexity and functionality, they are also vulnerable to the attacks such as virus, Trojans and worms. The smart phones have limited storage, processing and computational power to execute highly complex algorithms for intrusion detection and implementing signature based attack detection. In this paper, we propose a cloud based intrusion detection and recovery system for Android smart mobile phones that provides continuous in-depth forensic analysis to detect any misbehaviour in network. The mechanism performs analysis on the virtualized and synchronized replica of an actual device in the cloud environment. The analysis on the emulated device includes running multiple detection engines in parallel, memory scanners and system call anomaly detection that generate responses in event of attack. The responses are instructs to mobile agent installed on the device to take essential actions and perform recovery of device if needed.

[1]  Sahin Albayrak,et al.  Static Analysis of Executables for Collaborative Malware Detection on Android , 2009, 2009 IEEE International Conference on Communications.

[2]  Kang G. Shin,et al.  Behavioral detection of malware on mobile handsets , 2008, MobiSys '08.

[3]  Christoph Reich,et al.  Enhancing Mobile Device Security by Security Level Integration in a Cloud Proxy , 2012, CLOUD 2012.

[4]  Yajin Zhou,et al.  Dissecting Android Malware: Characterization and Evolution , 2012, 2012 IEEE Symposium on Security and Privacy.

[5]  Herbert Bos,et al.  Paranoid Android: versatile protection for smartphones , 2010, ACSAC '10.

[6]  Hatem Hamad,et al.  Managing Intrusion Detection as a Service in Cloud Networks , 2012 .

[7]  Jason Flinn,et al.  Virtualized in-cloud security services for mobile devices , 2008, MobiVirt '08.

[8]  Prashant Pandey,et al.  Cloud computing , 2010, ICWET.

[9]  P. Coulton,et al.  Mobile phone vulnerabilities: a new generation of malware , 2004, IEEE International Symposium on Consumer Electronics, 2004.

[10]  Saman A. Zonouz,et al.  A cloud-based intrusion detection and response system for mobile phones , 2011, 2011 IEEE/IFIP 41st International Conference on Dependable Systems and Networks Workshops (DSN-W).

[11]  R.J. Enbody,et al.  Buffer-Overflow Protection: The Theory , 2006, 2006 IEEE International Conference on Electro/Information Technology.

[12]  Yan Chen,et al.  Network-based and Attack-resilient Length Signature Generation for Zero-day Polymorphic Worms , 2007, 2007 IEEE International Conference on Network Protocols.

[13]  Danco Davcev,et al.  Mobile Cloud Computing Environment as a Support for Mobile Learning , 2012, CLOUD 2012.