TY - GEN
T1 - Cloud-based push-styled mobile botnets
T2 - 28th Annual Computer Security Applications Conference, ACSAC 2012
AU - Zhao, Shuang
AU - Lee, Patrick P.C.
AU - Lui, John C.S.
AU - Guan, Xiaohong
AU - Ma, Xiaobo
AU - Tao, Jing
PY - 2012
Y1 - 2012
N2 - Given the popularity of smartphones and mobile devices, mobile botnets are becoming an emerging threat to users and network operators. We propose a new form of cloud-based push-styled mobile botnets that exploits today's push notification services as a means of command dissemination. To motivate its practicality, we present a new command and control (C&C) channel using Google's Cloud to Device Messaging (C2DM) service, and develop a C2DM botnet specifically for the Android platform. We present strategies to enhance its scalability to large botnet coverage and its resilience against service disruption. We prototype a C2DM botnet, and perform evaluation to show that the C2DM botnet is stealthy in generating heartbeat and command traffic, resource-efficient in bandwidth and power consumptions, and controllable in quickly delivering a command to all bots. We also discuss how one may deploy a C2DM botnet, and demonstrate its feasibility in launching an SMS-Spam-and-Click attack. Lastly, we discuss how to generalize the design to other platforms, such as iOS or Window-based systems, and recommend possible defense methods. Given the wide adoption of push notification services, we believe that this type of mobile botnets requires special attention from our community.
AB - Given the popularity of smartphones and mobile devices, mobile botnets are becoming an emerging threat to users and network operators. We propose a new form of cloud-based push-styled mobile botnets that exploits today's push notification services as a means of command dissemination. To motivate its practicality, we present a new command and control (C&C) channel using Google's Cloud to Device Messaging (C2DM) service, and develop a C2DM botnet specifically for the Android platform. We present strategies to enhance its scalability to large botnet coverage and its resilience against service disruption. We prototype a C2DM botnet, and perform evaluation to show that the C2DM botnet is stealthy in generating heartbeat and command traffic, resource-efficient in bandwidth and power consumptions, and controllable in quickly delivering a command to all bots. We also discuss how one may deploy a C2DM botnet, and demonstrate its feasibility in launching an SMS-Spam-and-Click attack. Lastly, we discuss how to generalize the design to other platforms, such as iOS or Window-based systems, and recommend possible defense methods. Given the wide adoption of push notification services, we believe that this type of mobile botnets requires special attention from our community.
UR - https://www.scopus.com/pages/publications/84872116111
U2 - 10.1145/2420950.2420968
DO - 10.1145/2420950.2420968
M3 - 会议稿件
AN - SCOPUS:84872116111
SN - 9781450313124
T3 - ACM International Conference Proceeding Series
SP - 119
EP - 128
BT - Proceedings - 28th Annual Computer Security Applications Conference, ACSAC 2012
Y2 - 3 December 2012 through 7 December 2012
ER -