Smartphone strategic sampling in defending enterprise network security

Smartphones have made their inroads in enterprise environment, manifested in the Bring Your Own Device (BYOD) policy: More employees are bringing their own smartphones to work and are using them to access enterprise information assets. The dilemma between responsiveness to security incidents and convenience/cost-effectiveness demands BYOD security solutions beyond the straightforward all-inclusive full-scanning or uniformly random sampling approaches. In this paper, we propose a carefully planned but otherwise random, or strategic, sampling approach out of this dilemma. Strategic sampling provides a balance between security responsiveness and cost effectiveness by identifying and periodically sampling those representative smartphones (security-wise). We validate the efficiency and effectiveness of the proposed strategic sampling via simulations driven by publicly available, real-world collected traces.

[1]  P ? ? ? ? ? ? ? % ? ? ? ? , 1991 .

[2]  Geoffrey M. Voelker,et al.  Defending Mobile Phones from Proximity Malware , 2009, IEEE INFOCOM 2009.

[3]  M. McPherson,et al.  Birds of a Feather: Homophily in Social Networks , 2001 .

[4]  David C. Hoaglin,et al.  Some Implementations of the Boxplot , 1989 .

[5]  J. O. Irwin,et al.  MATHEMATICAL EPIDEMIOLOGY , 1958 .

[6]  Guofei Gu,et al.  BotMiner: Clustering Analysis of Network Traffic for Protocol- and Structure-Independent Botnet Detection , 2008, USENIX Security Symposium.

[7]  Jie Wu,et al.  CPMC: An Efficient Proximity Malware Coping Scheme in Smartphone-based Mobile Networks , 2010, 2010 Proceedings IEEE INFOCOM.

[8]  M. Pontil,et al.  Inferring Interests from Mobility and Social Interactions , 2009 .

[9]  Srikanth Kandula,et al.  Botz-4-sale: surviving organized DDoS attacks that mimic flash crowds , 2005, NSDI.

[10]  Geoffrey M. Voelker,et al.  Usage Patterns in an Urban WiFi Network , 2010, IEEE/ACM Transactions on Networking.

[11]  Guanling Chen,et al.  Sharing location in online social networks , 2010, IEEE Network.

[12]  Jie Wu,et al.  FRAME: An Innovative Incentive Scheme in Vehicular Networks , 2009, 2009 IEEE International Conference on Communications.

[13]  Helen J. Wang,et al.  Characterizing Botnets from Email Spam Records , 2008, LEET.

[14]  Gordon Thomson BYOD: enabling the chaos , 2012, Netw. Secur..

[15]  Elena Deza,et al.  Encyclopedia of Distances , 2014 .

[16]  Martin May,et al.  Impact of packet sampling on anomaly detection metrics , 2006, IMC '06.

[17]  Yong Wang,et al.  Smartphone Security Challenges , 2012, Computer.

[18]  Binxing Fang,et al.  Andbot: Towards Advanced Mobile Botnets , 2011, USENIX Workshop on Large-Scale Exploits and Emergent Threats.

[19]  Christopher Krügel,et al.  Effective and Efficient Malware Detection at the End Host , 2009, USENIX Security Symposium.

[20]  John R. Douceur,et al.  Lottery trees: motivational deployment of networked systems , 2007, SIGCOMM '07.

[21]  Steve Mansfield-Devine,et al.  Interview: BYOD and the enterprise network , 2012 .

[22]  Bojan Zdrnja Malicious JavaScript Insertion through ARP Poisoning Attacks , 2009, IEEE Security & Privacy.