Computer Ecology: Responding to Mobile Worms with Location-Based Quarantine Boundaries

The emerging malware that can spread through local wireless networks among mobile devices has so far received less attention than computer worms in the Internet. The local wireless links provide an alternative propagation path that circumvents intrusion detection at the service provider gateways. On the mobile nodes, conventional intrusion detection and intrusion response techniques such as address blacklisting and content filtering are more difficult to deploy due to the lack of central entities and the resource constraints of mobile nodes. We propose a new architecture for an intrusion response system that takes advantage of an infrastructure network (e.g., cell phone network) to manage security of the mobile nodes. Infection patterns in ad hoc networks are highly correlated with geographic proximity. Thus an ecologically inspired diffusion-reaction and advection models can provide estimates for the current spread of the worm. These estimates allow the service provider to precisely target a containment re-

[1]  J. G. Skellam Random dispersal in theoretical populations , 1951, Biometrika.

[2]  C. Elton The Ecology of Invasions by Animals and Plants , 1960, Springer US.

[3]  Charles C. Elton,et al.  The Ecology of Invasions by Animals and Plants. , 1959 .

[4]  Alexander Grey,et al.  The Mathematical Theory of Infectious Diseases and Its Applications , 1977 .

[5]  N. Ling The Mathematical Theory of Infectious Diseases and its applications , 1978 .

[6]  F. Walsh Toxic metal chemistry in marine environments , 1992 .

[7]  N. Shigesada,et al.  Modeling Stratified Diffusion in Biological Invasions , 1995, The American Naturalist.

[8]  Stephanie Forrest,et al.  Infect Recognize Destroy , 1996 .

[9]  L. Briesemeister,et al.  Disseminating messages among highly mobile hosts based on inter-vehicle communication , 2000, Proceedings of the IEEE Intelligent Vehicles Symposium 2000 (Cat. No.00TH8511).

[10]  N. Shigesada,et al.  A dynamical model for the growth and size distribution of multiple metastatic tumors. , 2000, Journal of theoretical biology.

[11]  Ross J. Anderson Security engineering - a guide to building dependable distributed systems (2. ed.) , 2001 .

[12]  Vern Paxson,et al.  How to Own the Internet in Your Spare Time , 2002, USENIX Security Symposium.

[13]  Stephanie Forrest,et al.  Email networks and the spread of computer viruses. , 2002, Physical review. E, Statistical, nonlinear, and soft matter physics.

[14]  Saswati Sarkar,et al.  Signature based intrusion detection for wireless ad-hoc networks: a comparative study of various routing protocols , 2003, 2003 IEEE 58th Vehicular Technology Conference. VTC 2003-Fall (IEEE Cat. No.03CH37484).

[15]  David Moore,et al.  Internet quarantine: requirements for containing self-propagating code , 2003, IEEE INFOCOM 2003. Twenty-second Annual Joint Conference of the IEEE Computer and Communications Societies (IEEE Cat. No.03CH37428).

[16]  Qing Xu,et al.  Design and analysis of highway safety communication protocol in 5.9 GHz dedicated short range communication spectrum , 2003, The 57th IEEE Semiannual Vehicular Technology Conference, 2003. VTC 2003-Spring..

[17]  Srdjan Capkun,et al.  The security and privacy of smart vehicles , 2004, IEEE Security & Privacy Magazine.

[18]  Tom Martin,et al.  Mobile phones as computing devices: the viruses are coming! , 2004, IEEE Pervasive Computing.

[19]  Hayder Radha,et al.  Analyzing the spread of active worms over VANET , 2004, VANET '04.

[20]  Kaan Ozbay South Jersey Real-Time Motorist Information System : final report / submitted by Kaan Ozbay, Bekir Bartin. , 2004 .

[21]  T. Imielinski,et al.  Ascertaining viability of WiFi based vehicle-to-vehicle network for traffic information dissemination , 2004, Proceedings. The 7th International IEEE Conference on Intelligent Transportation Systems (IEEE Cat. No.04TH8749).

[22]  Bekir Bartin South Jersey Real-Time Motorist Information System , 2004 .

[23]  Hariharan Krishnan,et al.  Performance evaluation of safety applications over DSRC vehicular ad hoc networks , 2004, VANET '04.

[24]  Michael S. Hsiao,et al.  Denial-of-service attacks on battery-powered mobile computers , 2004, Second IEEE Annual Conference on Pervasive Computing and Communications, 2004. Proceedings of the.

[25]  Wade Trappe,et al.  Robust statistical methods for securing wireless localization in sensor networks , 2005, IPSN 2005. Fourth International Symposium on Information Processing in Sensor Networks, 2005..

[26]  Peter Szor,et al.  The Art of Computer Virus Research and Defense , 2005 .

[27]  Maxim Raya,et al.  The security of vehicular ad hoc networks , 2005, SASN '05.

[28]  Stefan Saroiu,et al.  A preliminary investigation of worm infections in a bluetooth environment , 2006, WORM '06.

[29]  Kang G. Shin,et al.  On Mobile Viruses Exploiting Messaging and Bluetooth Services , 2006, 2006 Securecomm and Workshops.

[30]  Kang G. Shin,et al.  Proactive security for mobile messaging networks , 2006, WiSe '06.

[31]  Randy C. Marchany,et al.  Using Battery Constraints within Mobile Hosts to Improve Network Security , 2006, IEEE Security & Privacy.

[32]  Toshio Atsuta,et al.  Kawasaki and I , 2007 .

[33]  Liu Yu-zhen A New Algorithm for Determining Whether a Point is Inside of a Polygon , 2008 .