Abstract
Malicious software (malware) infects large numbers of computers around the world. This malware can be used to promote unwanted products, disseminate offensive content, or provide unauthorized access to personal and financial information. Until recently mobile networks have been relatively isolated from the Internet, so there has been little need to protect them against Botnets. Mobile networks are now well integrated with the internet, so threats on the internet such as Botnets have started to migrate onto mobile networks. Botnets on mobile devices will probably appear very soon, there are already signs that this is happening. This paper studies the potential threat of Botnets based on mobile networks, and proposes the use of computational intelligence techniques to detect Botnets. We then simulate anomaly detection followed by an interpretation of the simulated values.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Internet Service Providers’ Association, ‘What is Spam?’ (2008), http://www.ispa.org.za/spam/whatisspam.shtml (April 2009)
More malware – adware, spyware, spam and spim, High tech crime brief, Australian institute of criminology (2006)
Security Vision from McFee Avert Labs, The Future of Security (2007)
McFee (2010), http://vil.mcafeesecurity.com/vil/content/v_138726.htm
Cooke, E., Jahanian, F., McPherson, D.: The advanced computing systems association. The Zombie Roundup: Understanding, Detecting, and Disrupting Botnets (2005), http://www.usenix.org/events/sruti05/tech/full_papers/cooke/cooke_html/ (April 2009)
The Economist “Big brother bosses” (September 11, 2009), http://www.economist.com/businessfinance/displaystory.cfm?story_id=14413380 (September 2009)
Kasera, S., Narang, N.: 3G Mobile Networks. Architecture, Protocols and Procedure, limited edn. Tata MCGraw-Hill Publishing Company, New York (2005)
Mehrotra, A., Golding, L.S.: Mobility and security management in the gsm system and some proposed future improvements. Proceedings of the IEEE 86(7), 1480–1497 (1998)
Bodic, G.L.: Mobile Messaging technologies and services, 2nd edn. Wiley and Sons Ltd., Chichester (2005)
Flo, A.R., Josang, A.: Consequences of Botnets Spreading to Mobile Devices. In: Short-Paper Proceedings of the 14th Nordic Conference on Secure IT Systems (NordSec 2009), Oslo (October 2009)
Kim, J.-Y., Choi, H.-K.: Spam Traffic Characterization. In: The 23rd International Technical Conference on Circuits/Systems, Computers and Communications
Information Security Magazine, “Network Security”, http://searchsecurity.techtarget.com/sDefinition/0sid_gci859579.00.html (September 2009)
Mukkamala, S., Sung, A.H.: Identifying significant features for network forensic analysis using artificial intelligent techniques. Int’l Journal of Digital Evidence 1(4), 1–7 (2003)
Garfinkel, S.: Web Security, Privacy & Commerce, 2nd edn, http://www.oreillynet.com/pub/a/network/2002/04/26/nettap.html
Negnevitsky, M., Lim, M.J.-H., Hartnett, J., Reznik, L.: Sms Communications Analysis: How to Use Computational Intelligence Methods and Tools? In: Proceedings of the 2005 IEEE International Conference Computational Intelligence for Homeland Security and Personal Safety, CIHSPS 2005, March 31-April 1, pp. 16–23 (2005)
Negnevitsky, M.: Artificial Intelligence: A Guide to Intelligent Systems, 2nd edn. Addison Wesley, Essex (2005)
Sharafat, R., Rasti, M., Yazdian, A.: Neural network based anomaly detection in computer networks: a novel training paradigm. In: ISCA 16th International Conference: Computer Applications in Industry and Engineering, Las Vegas, NV, pp. 50–53. ISCA, Cary (2003)
Dunn, P.F.: Measurement and Data Analysis for Engineering and Science. McGraw–Hill, New York (2005), ISBN 0-07-282538-3
Chatfield, C.: The Analysis of Time Series: An Introduction, 5th edn. Chapman and Hall, London (1996)
Lim, M.J.-H., Negnevitsky, M., Hartnett, J.: A fuzzy approach for detecting anomalous behaviour in e-mail traffic. In: Valli, C., Woodward, A. (eds.) 4th Australian Digital Forensics Conference, pp. 36–49. School of Computer and Information Science, Edith Cowan University, Perth (2006)
Kim, J.-Y., Choi, H.-K.: Spam Traffic Characterization. In: The 23rd International Technical Conference on Circuits/Systems, Computers and Communications
Cho, S.B.: Incorporating soft computing techniques into a probabilistic intrusion detection system. IEEE Transactions on Systems Manand Cybernetics Part C-Applications and Reviews 32(2), 154–160 (2002)
Dickerson, J.E., Juslin, J., Koukousoula, O., Dickerson, J.A.: Fuzzy intrusion detection. In: Proceedings Joint 9th IFSA World Congress and 20th NAFIPS International Conference, vol. 3, pp. 1506–1510 (2001)
Butto, M., Naldi, M., Neri, A.: Fuzzy logic-based diagnosis of traffic anomalies in voice networks. Journal of Network and Systems Management 9(2), 161–182 (2001)
Gomez, J., Gonzalez, F., Dasgupta, D.: An immuno-fuzzy approachto anomaly detection. In: 12th IEEE International Conference on Fuzzy Systems, vol. 2, pp. 1219–1224 (2003)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2010 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Vural, I., Venter, H. (2010). Mobile Botnet Detection Using Network Forensics. In: Berre, A.J., Gómez-Pérez, A., Tutschku, K., Fensel, D. (eds) Future Internet - FIS 2010. FIS 2010. Lecture Notes in Computer Science, vol 6369. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-15877-3_7
Download citation
DOI: https://doi.org/10.1007/978-3-642-15877-3_7
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-15876-6
Online ISBN: 978-3-642-15877-3
eBook Packages: Computer ScienceComputer Science (R0)