CPMC: An Efficient Proximity Malware Coping Scheme in Smartphone-based Mobile Networks

Smartphones are envisioned to provide promising applications and services. At the same time, smartphones are also increasingly becoming the target of malware. Many emerging malware can utilize the proximity of devices to propagate in a distributed manner, thus remaining unobserved and making detections substantially more challenging. Different from existing malware coping schemes, which are either totally centralized or purely distributed, we propose a Community-based Proximity Malware Coping scheme, CPMC. CPMC utilizes the social community structure, which reflects a stable and controllable granularity of security, in smartphone-based mobile networks. The CPMC scheme integrates short-term coping components, which deal with individual malware, and long-term evaluation components, which offer vulnerability evaluation towards individual nodes. A closeness-oriented delegation forwarding scheme combined with a community level quarantine method is proposed as the short-term coping components. These components contain a proximity malware by quickly propagating the signature of a detected malware into all communities while avoiding unnecessary redundancy. The long-term components offer vulnerability evaluation towards neighbors, based on the observed infection history, to help users make comprehensive communication decisions. Extensive real- and synthetic-trace driven simulation results are presented to to evaluate the effectiveness of CPMC.

[1]  Christophe Diot,et al.  CRAWDAD dataset cambridge/haggle (v.2006-01-31) , 2006 .

[2]  Michalis Faloutsos,et al.  Information Survival Threshold in Sensor and P2P Networks , 2007, IEEE INFOCOM 2007 - 26th IEEE International Conference on Computer Communications.

[3]  Brian Gallagher,et al.  MaxProp: Routing for Vehicle-Based Disruption-Tolerant Networks , 2006, Proceedings IEEE INFOCOM 2006. 25TH IEEE International Conference on Computer Communications.

[4]  Vijay Erramilli,et al.  Delegation forwarding , 2008, MobiHoc '08.

[5]  Hector Garcia-Molina,et al.  The Eigentrust algorithm for reputation management in P2P networks , 2003, WWW '03.

[6]  Kang G. Shin,et al.  On Mobile Viruses Exploiting Messaging and Bluetooth Services , 2006, 2006 Securecomm and Workshops.

[7]  Pan Hui,et al.  CRAWDAD dataset cambridge/haggle (v.2009-05-29) , 2009 .

[8]  Mads Haahr,et al.  Social network analysis for routing in disconnected delay-tolerant MANETs , 2007, MobiHoc '07.

[9]  Ulrike von Luxburg,et al.  A tutorial on spectral clustering , 2007, Stat. Comput..

[10]  Nathan Eagle,et al.  CRAWDAD dataset mit/reality (v.2005-07-01) , 2005 .

[11]  Jie Wu,et al.  Mobility Reduces Uncertainty in MANETs , 2007, IEEE INFOCOM 2007 - 26th IEEE International Conference on Computer Communications.

[12]  Sencun Zhu,et al.  A Social Network Based Patching Scheme for Worm Containment in Cellular Networks , 2009, IEEE INFOCOM 2009.

[13]  Ahmed Helmy,et al.  Modeling Time-Variant User Mobility in Wireless Mobile Networks , 2007, IEEE INFOCOM 2007 - 26th IEEE International Conference on Computer Communications.

[14]  Jie Wu,et al.  Probability Delegation Forwarding in Delay Tolerant Networks , 2009, 2009 Proceedings of 18th International Conference on Computer Communications and Networks.

[15]  Stefan Saroiu,et al.  A preliminary investigation of worm infections in a bluetooth environment , 2006, WORM '06.

[16]  Amin Vahdat,et al.  Epidemic Routing for Partially-Connected Ad Hoc Networks , 2009 .

[17]  Jie Wu,et al.  DRBTS: Distributed Reputation-based Beacon Trust System , 2006, 2006 2nd IEEE International Symposium on Dependable, Autonomic and Secure Computing.

[18]  Audun Jøsang,et al.  A survey of trust and reputation systems for online service provision , 2007, Decis. Support Syst..

[19]  Donald F. Towsley,et al.  Worm propagation modeling and analysis under dynamic quarantine defense , 2003, WORM '03.

[20]  Jie Wu,et al.  MOPS: Providing Content-Based Service in Disruption-Tolerant Networks , 2009, 2009 29th IEEE International Conference on Distributed Computing Systems.

[21]  Pan Hui,et al.  BUBBLE Rap: Social-Based Forwarding in Delay-Tolerant Networks , 2008, IEEE Transactions on Mobile Computing.

[22]  Jean-Yves Le Boudec,et al.  Performance analysis of the CONFIDANT protocol , 2002, MobiHoc '02.

[23]  Jie Wu,et al.  LocalCom: A Community-based Epidemic Forwarding Scheme in Disruption-tolerant Networks , 2009, 2009 6th Annual IEEE Communications Society Conference on Sensor, Mesh and Ad Hoc Communications and Networks.

[24]  Guanhua Yan,et al.  Bluetooth worm propagation: mobility pattern matters! , 2007, ASIACCS '07.

[25]  Matthias Grossglauser,et al.  Island Hopping: Efficient Mobility-Assisted Forwarding in Partitioned Networks , 2006, 2006 3rd Annual IEEE Communications Society on Sensor and Ad Hoc Communications and Networks.

[26]  George Lawton On the Trail of the Conficker Worm , 2009, Computer.

[27]  Geoffrey M. Voelker,et al.  Defending Mobile Phones from Proximity Malware , 2009, IEEE INFOCOM 2009.

[28]  Gunnar Karlsson,et al.  Wireless opportunistic podcasting: implementation and design tradeoffs , 2007, CHANTS '07.

[29]  Eric Filiol,et al.  Behavioral detection of malware: from a survey towards an established taxonomy , 2008, Journal in Computer Virology.