A static approach towards mobile botnet detection

The use of mobile devices, including smartphones, tablets, smart watches and notebooks are increasing day by day in our societies. They are usually connected to the Internet and offer nearly the same functionality, same memory and same speed like a PC. To get more benefits from these mobile devices, applications should be installed in advance. These applications are available from third party websites, such as google play store etc. In existing mobile devices operating systems, Android is very easy to attack because of its open source environment. Android OS use of open source facilty attracts malware developers to target mobile devices with their new malicious applications having botnet capabilities. Mobile botnet is one of the crucial threat to mobile devices. In this study we propose a static approach towards mobile botnet detection. This technique combines MD5, permissions, broadcast receivers as well as background services and uses machine learning algorithm to detect those applications that have capabilities for mobile botnets. In this technique, the given features are extracted from android applications in order to build a machine learning classifier for detection of mobile botnet attacks. Initial experiments conducted on a known and recently updated dataset: UNB ISCX Android botnet dataset, having the combination of 14 different malware families, shows the efficiency of our approach. The given research is in progress.

[1]  Madihah Mohd Saudi,et al.  Systematic Analysis on Mobile Botnet Detection Techniques Using Genetic Algorithm , 2015 .

[2]  Ali A. Ghorbani,et al.  Android Botnets: What URLs are Telling Us , 2015, NSS.

[3]  Irwan,et al.  Confidentiality and privacy information security risk assessment for Android-based mobile devices , 2015, 2015 International Conference on Data and Software Engineering (ICoDSE).

[4]  Shahaboddin Shamshirband,et al.  Mobile Botnet Attacks - an Emerging Threat: Classification, Review and Open Issues , 2015, KSII Trans. Internet Inf. Syst..

[5]  Nor Badrul Anuar,et al.  Intrusion response systems: Foundations, design, and challenges , 2016, J. Netw. Comput. Appl..

[6]  Julius Beneoluchi Odili,et al.  Response option for attacks detected by intrusion detection system , 2015, 2015 4th International Conference on Software Engineering and Computer Systems (ICSECS).

[7]  Zolkipli Mohamad Fadli,et al.  A Review Paper on Botnet and Botnet Detection Techniques in Cloud Computing , 2014 .

[8]  Ali A. Ghorbani,et al.  SMS mobile botnet detection using a multi-agent system: research in progress , 2014, ACySE '14.

[9]  M. Sheelagh T. Carpendale,et al.  Papilio: Visualizing Android Application Permissions , 2014, Comput. Graph. Forum.

[10]  Isil Dillig,et al.  Apposcopy: semantics-based detection of Android malware through static analysis , 2014, SIGSOFT FSE.

[11]  David A. Wagner,et al.  Android permissions: user attention, comprehension, and behavior , 2012, SOUPS.

[12]  Hein S. Venter,et al.  Mobile Botnet Detection Using Network Forensics , 2010, FIS.

[13]  Gonzalo Álvarez,et al.  MAMA: MANIFEST ANALYSIS FOR MALWARE DETECTION IN ANDROID , 2013, Cybern. Syst..

[14]  Juan E. Tapiador,et al.  Evolution, Detection and Analysis of Malware for Smart Devices , 2014, IEEE Communications Surveys & Tutorials.

[15]  Erol Gelenbe,et al.  Mobile Network Anomaly Detection and Mitigation: The NEMESYS Approach , 2013, ISCIS.