Skip to main content
SpringerLink
Log in

Mobile botnet detection: a comprehensive survey

  • Survey
  • Published:
International Journal of Information Security Aims and scope Submit manuscript

Abstract

The number of people using mobile devices is increasing as mobile devices offer different features and services. Many mobile users install various applications on their mobile devices to use features like payment, business services, social networks, health, entertainment, and education. Besides, all these services require access to the internet. Therefore, mobile devices are becoming prime targets for cybercriminals due to their functionalities. A mobile botnet is a set of mobile devices infected with a malicious program. A mobile botnet is controlled by an attacker called Botmaster to perform illegal operations such as eavesdropping, sending malicious codes using SMS, DDoS attacks, or stealing important information. There are different techniques proposed to detect mobile botnets with various accuracies. This paper presents a detailed background about mobile botnets, including their lifecycle, architecture, and C&C channel. Besides, it briefly overviews mobile botnets' evolution and compares PC and mobile botnets using different criteria. Next, it studies, classifies, and discusses the existing intrusion detection system-based techniques available for detecting mobile botnets. It focuses on the 42 most related papers submitted between 2010 and 2021, highlighting their drawbacks. To conclude, it discusses open issues and proposes ideas to improve the current methods.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4

Similar content being viewed by others

Data availability

Data sharing not applicable to this article as no datasets were generated or analyzed during the current study.

References

  1. Farina, P., Cambiaso, E., Papaleo, G., Aiello, M.: Understanding ddos attacks from mobile devices. In: 2015 3rd International Conference on Future Internet of Things and Cloud, 2015, pp. 614–619. IEEE (2015)

  2. He, D., Chan, S., Guizani, M.: Mobile application security: malware threats and defenses. IEEE Wirel. Commun. 22(1), 138–144 (2015)

    Article  Google Scholar 

  3. Oulehla, M., Malanik, D.: Insight into Contemporary Dissemination Techniques of Mobile Botnet Clients (Bots) (2016)

  4. IDC: Smartphone Market Share. Available: https://www.idc.com/promo/smartphone-market-share/os. Accessed on: February, 2020

  5. Feizollah, A., Anuar, N.B., Salleh, R., Wahab, A.W.A.: A review on feature selection in mobile malware detection. Digit. Investig. 13, 22–37 (2015)

    Article  Google Scholar 

  6. MacAfee: McAfee Labs Threats Report. Available https://www.mcafee.com/enterprise/en-us/assets/reports/rp-mobile-threat-report-2019.pdf, Accessed on February 2020

  7. Abdullah, Z., Saudi, M.M., Anuar, N.B.: Mobile botnet detection: proof of concept, In: 2014 IEEE 5th control and system graduate research colloquium, pp. 257–262. IEEE (2014)

  8. Hashim, H.A.-B., Saudi, M.M., Basir, N.: A systematic review analysis of root exploitation for mobile botnet detection. In: Advanced Computer and Communication Engineering Technology, pp. 113–122. Springer (2016)

  9. Eslahi, M., Salleh, R., Anuar, N.B.: "MoBots: a new generation of botnets on mobile devices and networks. In: 2012 International Symposium on Computer Applications and Industrial Electronics (ISCAIE), pp. 262–266. IEEE (2012)

  10. Alzahrani, A.J., Ghorbani, A.A.: SMS mobile botnet detection using a multi-agent system: research in progress. In: Proceedings of the 1st International Workshop on Agents and CyberSecurity, p. 2. ACM (2014)

  11. Feizollah, A., Anuar, N.B., Salleh, R., Amalina, F., Shamshirband, S.: A study of machine learning classifiers for anomaly-based mobile botnet detection. Malays. J. Comput. Sci. 26(4), 251–265 (2013)

    Google Scholar 

  12. Karim, A., Shah, S.A.A., Salleh, R.: Mobile botnet attacks: a thematic taxonomy. In: New Perspectives in Information Systems and Technologies, Volume 2, pp. 153–164. Springer (2014)

  13. Karim, A., Salleh, R., Shah, S.A.A.: DeDroid: a mobile botnet detection approach based on static analysis. In: 2015 IEEE 12th International Conference on Ubiquitous Intelligence and Computing and 2015 IEEE 12th International Conference on Autonomic and Trusted Computing and 2015 IEEE 15th International Conference on Scalable Computing and Communications and Its Associated Workshops (UIC-ATC-ScalCom), pp. 1327–1332. IEEE (2015)

  14. Anwar, S., Zolkipli, M.F., Inayat, Z., Odili, J., Ali, M., Zain, J.M.: Android botnets: a serious threat to android devices. Pertanika J. Sci. Technol. 26(1) (2018)

  15. Feily, M., Shahrestani, A., Ramadass, S.: A survey of botnet and botnet detection. In: 2009 Third International Conference on Emerging Security Information, Systems and Technologies, pp. 268–273. IEEE (2009)

  16. Silva, S.S., Silva, R.M., Pinto, R.C., Salles, R.M.: Botnets: a survey. Comput. Netw. 57(2), 378–403 (2013)

    Article  Google Scholar 

  17. Khattak, S., Ramay, N.R., Khan, K.R., Syed, A.A., Khayam, S.A.: A taxonomy of botnet behavior, detection, and defense. IEEE Commun. Surv. Tutor. 16(2), 898–924 (2013)

    Article  Google Scholar 

  18. Khan, W.Z., Khan, M.K., Muhaya, F.T.B., Aalsalem, M.Y., Chao, H.-C.: A comprehensive study of email spam botnet detection. IEEE Commun. Surv. Tutor. 17(4), 2271–2295 (2015)

    Article  Google Scholar 

  19. Mahmoud, M., Nir, M., Matrawy, A.: A Survey on Botnet Architectures, Detection and Defences. IJ Netw. Secur. 17(3), 264–281 (2015)

    Google Scholar 

  20. Ramu, S.: Mobile malware evolution, detection and defense. EECE 571B, term survey paper (2012)

  21. La Polla, M., Martinelli, F., Sgandurra, D.: A survey on security for mobile devices. IEEE Commun. Surv. Tutor. 15(1), 446–471 (2012)

    Article  Google Scholar 

  22. Yan, P., Yan, Z.: A survey on dynamic mobile malware detection. Software Qual. J. 26(3), 891–919 (2018)

    Article  Google Scholar 

  23. Abd Rahman, M.Z.B., Saudi, M., Basir, N.: A comprehensive review of mobile botnet detection using genetic algorithm: a systematic review. ARPN J. Eng. Appl. Sci. 10, 1399–1404 (2015)

    Google Scholar 

  24. Malatras, A., Freyssinet, E., Beslay, L.: Mobile botnets taxonomy and challenges. In: 2015 European Intelligence and Security Informatics Conference, pp. 149–152. IEEE (2015)

  25. Alzahrani, A.J., Ghorbani, A.A.: SMS-based mobile botnet detection framework using intelligent agents. J. Cyber Secur. Mobil. 5(2), 47–74 (2016)

    Article  Google Scholar 

  26. Eslahi, M., Rostami, M.R., Hashim, H., Tahir, N., Naseri, M.V.: A data collection approach for Mobile Botnet analysis and detection. In: 2014 IEEE symposium on wireless technology and applications (ISWTA), pp. 199–204. IEEE (2014)

  27. Kitana, A., Traore, I., Woungang, I.: Impact study of a mobile botnet over LTE networks. J. Internet Serv. Inf. Secur. 6(2), 1–22 (2016)

    Google Scholar 

  28. Li, N., Du, Y., Chen, G.: Mobile botnet propagation modeling in Wi-Fi networks. In: Proceedings of the 4th International Conference on Computer Engineering and Networks, pp. 1147–1154. Springer (2015)

  29. Rahimipour, M., Jamali, S.: A survey on botnets and web-based botnet characteristics. Int. J. Sci. Eng. Comput. Technol. 4(11), 282 (2014)

    Google Scholar 

  30. Karim, A., Salleh, R., Khan, M.K., Siddiqa, A., Choo, K.-K.R.: On the analysis and detection of mobile botnet applications. J. UCS 22(4), 567–588 (2016)

    Google Scholar 

  31. Anagnostopoulos, M., Kambourakis, G., Gritzalis, S.: New facets of mobile botnet: architecture and evaluation. Int. J. Inf. Secur. 15(5), 455–473 (2016)

    Article  Google Scholar 

  32. Pieterse, H., Olivier, M.S.: Android botnets on the rise: Trends and characteristics. In: 2012 Information Security for South Africa, pp. 1–5. IEEE (2012)

  33. Dong, Y., Dai, J., Sun, X.: A mobile botnet that meets up at Twitter. In: International Conference on Security and Privacy in Communication Systems, pp. 3–21. Springer (2018)

  34. Choi, B., Choi, S.-K., Cho, K.: Detection of mobile botnet using VPN. In: 2013 Seventh International Conference on Innovative Mobile and Internet Services in Ubiquitous Computing, pp. 142–148. IEEE (2013)

  35. Acarali, D., Rajarajan, M.: Botnet-based attacks and defence mechanisms. In: Versatile Cybersecurity, pp. 169–199. Springer (2018)

  36. Liu, C.-Y., Peng, C.-H., Lin, I.-C.: A survey of botnet architecture and batnet detection techniques. Int. J. Netw. Secur. 16(2), 81–89 (2014)

    Google Scholar 

  37. Hua, J., Sakurai, K.: A sms-based mobile botnet using flooding algorithm. In: IFIP International Workshop on Information Security Theory and Practices, pp. 264–279. Springer 2011

  38. Geng, G., Xu, G., Zhang, M., Guo, Y., Yang, G., Wei, C.: The design of SMS based heterogeneous mobile botnet. JCP 7(1), 235–243 (2012)

    Google Scholar 

  39. Hamandi, K., Elhajj, I.H., Chehab, A., Kayssi, A.: Android SMS botnet: a new perspective. In: Proceedings of the 10th ACM International Symposium on Mobility Management and Wireless Access, pp. 125–130. ACM (2012)

  40. Pieterse, H., Olivier, M.: Design of a hybrid command and control mobile botnet. J. Inform. Warfare 12(1), 70–82 (2013)

    Google Scholar 

  41. Singh, K., Sangal, S., Jain, N., Traynor, P., Lee, W.: Evaluating bluetooth as a medium for botnet command and control. In: International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment, pp. 61–80. Springer (2010)

  42. Li, F., Yang, Y., Wu, J.: Cpmc: an efficient proximity malware coping scheme in smartphone-based mobile networks. In: 2010 Proceedings IEEE INFOCOM, pp. 1–9. IEEE (2010)

  43. Farina, P., Cambiaso, E., Papaleo, G., Aiello, M.: Mobile Botnets development: issues and solutions. Int. J. Future Comput. Commun. 3(6), 385–390 (2014)

    Article  Google Scholar 

  44. Dietrich, C.J., Rossow, C., Freiling, F.C., Bos, H., Van Steen, M., Pohlmann, N.: On Botnets that use DNS for Command and Control. In: 2011 Seventh European Conference on Computer Network Defense, pp. 9–16. IEEE (2011)

  45. Dingledine, R., Mathewson, N., Syverson, P.: Tor: The Second-Generation Onion Router. Naval Research Lab Washington DC2004

  46. Unuchek, R.: The First Tor Trojan for Android (2014)

  47. Kang, L.: Efficient botnet herding within the Tor network. J. Comput. Virol. Hack. Tech. 11(1), 19–26 (2015)

    Article  Google Scholar 

  48. Sanatinia, A., Noubir, G.: Onionbots: subverting privacy infrastructure for cyber attacks. In 2015 45th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, pp. 69–80. IEEE (2015)

  49. Anagnostopoulos, M., Kambourakis, G., Drakatos, P., Karavolos, M., Kotsilitis, S., Yau, D.K.: Botnet command and control architectures revisited: Tor hidden services and fluxing. In: International Conference on Web Information Systems Engineering, pp. 517–527. Springer (2017)

  50. Faghani, M.R., Nguyen, U.T.: Mobile botnets meet social networks: design and analysis of a new type of botnet. Int. J. Inf. Secur. 18(4), 423–449 (2019)

    Article  Google Scholar 

  51. Xiang, C., Binxing, F., Lihua, Y., Xiaoyi, L., Tianning, Z.: Andbot: towards advanced mobile botnets. In: Proceedings of the 4th USENIX Conference on Large-Scale Exploits and Emergent Threats, p. 11. USENIX Association (2011)

  52. Wang, P., Zhang, C., Li, X., Zhang, C.: A mobile botnet model based on android system. In: International Conference on Trustworthy Computing and Services, pp. 54–61. Springer (2013)

  53. Hasan, R., Saxena, N., Haleviz, T., Zawoad, S., Rinehart, D.: Sensing-enabled channels for hard-to-detect command and control of mobile devices. In: Proceedings of the 8th ACM SIGSAC Symposium on Information, Computer and Communications Security, pp. 469–480. ACM (2013)

  54. Apvrille, A.: Symbian worm Yxes: towards mobile botnets? J. Comput. Virol. 8(4), 117–131 (2012)

    Article  Google Scholar 

  55. Porras, P., Saidi, H., Yegneswaran, V.: An analysis of the ikee. b iphone botnet. In: International Conference on Security and Privacy in Mobile Information and Communication Systems, pp. 141–152. Springer (2010)

  56. Strazzere, T., Wyatt, T.: Geinimi trojan technical teardown. Lookout Mobile Security (2011)

  57. Nigam, R.: A timeline of mobile botnets. Virus Bulletin (2015)

  58. Maslennikov, D.: Zeus-in-the-Mobile—Facts and Theories. Kaspersky Labs (2011)

  59. Kadir, A.F.A., Stakhanova, N., Ghorbani, A.A.: Android botnets: what urls are telling us. In: International Conference on Network and System Security, pp. 78–91. Springer (2015)

  60. Karim, A., Shah, S.A.A., Salleh, R.B., Arif, M., Noor, R.M.: Mobile botnet attacks—An emerging threat: classification, review and open issues. KSII Trans. Internet and Inform. Syst. (TIIS) 9(4), 1471–1492 (2015)

    Google Scholar 

  61. Zhou, Y., Jiang, X.: An analysis of the anserverbot trojan Tech. Rep., 9 (2011)

  62. Yamamoto, A.: Android.Tigerbot. Available: https://www.symantec.com/security-center/writeup/2012-041010-2221-99, Accessed on September 2019

  63. Katsuki, T.: Android.Tascudap. Available: https://www.symantec.com/security-center/writeup/2012-121312-4547-99, Accessed on: September 2019

  64. Fortinet: Android/Wroba.I!tr. Available: https://fortiguard.com/encyclopedia/virus/6275091, Accessed on September 2019

  65. MacAfee: "Android/Tediss," Available: https://www.mcafee.com/enterprise/en-us/threat-intelligence.malwaretc.html?vid=9609528, Accessed on September 2019

  66. Lyle, F.: Avira now identifies SilverPush ad-tracking as malware. Available: https://blog.avira.com/silverpush-malware/, Accessed on September 2019

  67. Symantec: Mazar BOT malware invades and erases Android devices. Norton, Available: https://us.norton.com/internetsecurity-emerging-threats-mazar-bot-malware-invades-and-erases-android-devices.html. Accessed on September 2019

  68. Geng, G., Xu, G., Zhang, M., Yang, Y., Yang, G.: An improved sms based heterogeneous mobile botnet model. In: 2011 IEEE International Conference on Information and Automation, pp. 198–202. IEEE (2011)

  69. Meng, X., Spanoudakis, G.: MBotCS: a mobile botnet detection system based on machine learning. In: International Conference on Risks and Security of Internet and Systems, pp. 274–291. Springer (2015)

  70. Liao, H.-J., Lin, C.-H.R., Lin, Y.-C., Tung, K.-Y.: Intrusion detection system: a comprehensive review. J. Netw. Comput. Appl. 36(1), 16–24 (2013)

    Article  Google Scholar 

  71. Kumar, S., Spafford, E.H.: A pattern matching model for misuse intrusion detection (1994)

  72. Verwoerd, T., Hunt, R.: Intrusion detection techniques and approaches. Comput. Commun. 25(15), 1356–1365 (2002)

    Article  Google Scholar 

  73. Axelsson, S.: Intrusion detection systems: a survey and taxonomy. Technical report2000

  74. Anderson, D., Frivold, T., Valdes, A.: Next-generation intrusion detection expert system (NIDES): a summary 1(995)

  75. Sebring, M., Shellhouse, E., Hanna, M., Whitehurst, R.: Midas: multics intrusion detection and alerting system. Technical report, National Computer Security Center, SRI International Ft (1998)

  76. Buczak, A.L., Guven, E.: A survey of data mining and machine learning methods for cyber security intrusion detection. IEEE Commun. Surv. Tutor. 18(2), 1153–1176 (2015)

    Article  Google Scholar 

  77. Ahmed, M., Mahmood, A.N., Hu, J.: A survey of network anomaly detection techniques. J. Netw. Comput. Appl. 60, 19–31 (2016)

    Article  Google Scholar 

  78. Agrawal, S., Agrawal, J.: Survey on anomaly detection using data mining techniques. Procedia Comput. Sci. 60, 708–713 (2015)

    Article  Google Scholar 

  79. Karim, A., Salleh, R., Khan, M.K.: SMARTbot: A behavioral analysis framework augmented with machine learning to identify mobile botnet applications. PLoS ONE 11(3), e0150077 (2016)

    Article  Google Scholar 

  80. Mishra, P., Varadharajan, V., Tupakula, U., Pilli, E.S.: A detailed investigation and analysis of using machine learning techniques for intrusion detection. IEEE Commun. Surv. Tutor. 21(1), 686–728 (2018)

    Article  Google Scholar 

  81. Xin, Y., et al.: Machine learning and deep learning methods for cybersecurity. IEEE Access 6, 35365–35381 (2018)

    Article  Google Scholar 

  82. Chandola, V., Banerjee, A., Kumar, V.: Anomaly detection: a survey. ACM Comput. Surv. (CSUR) 41(3), 1–58 (2009)

    Article  Google Scholar 

  83. Vural, I., Venter, H.S.: Combating mobile spam through botnet detection using artificial immune systems (2012)

  84. Kotsiantis, S.B., Zaharakis, I., Pintelas, P.: Supervised machine learning: a review of classification techniques. Emerg. Artif. Intell. Appl. Comput. Eng. 160, 3–24 (2007)

    Google Scholar 

  85. Heckerman, D.: A tutorial on learning with Bayesian networks. In: Innovations in Bayesian Networks, pp. 33–82. Springer (2008)

  86. Friedman, N., Geiger, D., Goldszmidt, M.: Bayesian network classifiers. Mach. Learn. 29(2–3), 131–163 (1997)

    Article  MATH  Google Scholar 

  87. Rish, I.: An empirical study of the naive Bayes classifier. In: IJCAI 2001 Workshop on Empirical Methods in Artificial Intelligence, vol. 3, no. 22, pp. 41–46 (2001)

  88. Singh, J., Nene, M.J.: A survey on machine learning techniques for intrusion detection systems. Int. J. Adv. Res. Comput. Commun. Eng. 2(11), 4349–4355 (2013)

    Google Scholar 

  89. Mahajan, A., Ganpati, A.: Performance evaluation of rule based classification algorithms. Int. J. Adv. Res. Comput. Eng. Technol. (IJARCET) 3(10), 3546–3550 (2014)

    Google Scholar 

  90. Tsai, C.-F., Hsu, Y.-F., Lin, C.-Y., Lin, W.-Y.: Intrusion detection by machine learning: a review. Expert Syst. Appl. 36(10), 11994–12000 (2009)

    Article  Google Scholar 

  91. Kirubavathi, G., Anitha, R.: Structural analysis and detection of android botnets using machine learning techniques. Int. J. Inf. Secur. 17(2), 153–167 (2018)

    Article  Google Scholar 

  92. Resende, P.A.A., Drummond, A.C.: A survey of random forest based methods for intrusion detection systems. ACM Comput. Surv. (CSUR) 51(3), 1–36 (2018)

    Article  Google Scholar 

  93. Chen, R., Yu, J.: An improved bagging neural network ensemble algorithm and its application. In: Third International Conference on Natural Computation (ICNC 2007), vol. 5, pp. 730–734. IEEE (2007)

  94. Bühlmann, P., Yu, B.: Analyzing bagging. Ann. Stat. 30(4), 927–961 (2002)

    Article  MATH  Google Scholar 

  95. Zhu, X., Goldberg, A.B.: Introduction to semi-supervised learning. Synth. Lect. Artif. Intell. Mach. Learn. 3(1), 1–130 (2009)

    MATH  Google Scholar 

  96. Zhu, X.J.: Semi-supervised Learning Literature Survey. University of Wisconsin-Madison Department of Computer Sciences, Wisconsin (2005)

    Google Scholar 

  97. Celebi, M.E., Aydin, K.: Unsupervised Learning Algorithms. Springer, New York (2016)

    Book  Google Scholar 

  98. Ghahramani, Z.: Unsupervised learning. In: Summer School on Machine Learning, pp. 72–112. Springer (2003)

  99. Friedman, J., Hastie, T., Tibshirani, R.: The elements of statistical learning (no. 10). Springer Series in Statistics, New York (2001)

  100. Xu, R., Wunsch, D.: Survey of clustering algorithms. IEEE Trans. Neural Netw. 16(3), 645–678 (2005)

    Article  Google Scholar 

  101. Berkhin, P.: A survey of clustering data mining techniques. In: Grouping Multidimensional Data, pp. 25–71. Springer (2006)

  102. Maimon, O., Rokach, L.: A Survey of Clustering Algorithms, Data Mining and Knowledge Discovery Handbook. Springer (2010)

  103. Bacquet, C., Gumus, K., Tizer, D., Zincir-Heywood, A.N., Heywood, M.I.: A comparison of unsupervised learning techniques for encrypted traffic identification. J. Inform. Assur. Secur. 5(1), 464–472 (2010)

    Google Scholar 

  104. Boiarov, A.A., Granichin, O.N.: Stochastic approximation algorithm with randomization at the input for unsupervised parameters estimation of Gaussian mixture model with sparse parameters. Autom. Remote. Control. 80(8), 1403–1418 (2019)

    Article  MATH  Google Scholar 

  105. Schmidhuber, J.: Deep learning in neural networks: an overview. Neural Netw. 61, 85–117 (2015)

    Article  Google Scholar 

  106. Basheer, I.A., Hajmeer, M.: Artificial neural networks: fundamentals, computing, design, and application. J. Microbiol. Methods 43(1), 3–31 (2000)

    Article  Google Scholar 

  107. Garg, S., Peddoju, S.K., Sarje, A.K.: Network-based detection of Android malicious apps. Int. J. Inf. Secur. 16(4), 385–400 (2017)

    Article  Google Scholar 

  108. Steinwart, I., Christmann, A.: Support vector machines. Springer, New York (2008)

    MATH  Google Scholar 

  109. Garcia-Teodoro, P., Diaz-Verdejo, J., Maciá-Fernández, G., Vázquez, E.: Anomaly-based network intrusion detection: techniques, systems and challenges. Comput. Secur. 28(1–2), 18–28 (2009)

    Article  Google Scholar 

  110. Cunningham, P., Delany, S.J.: k-Nearest neighbour classifiers. Multiple Classif. Syst. 34(8), 1–17 (2007)

    Google Scholar 

  111. Kumar, A., Bhatia, P., Goel, A., Kole, S.: Implementation and comparison of decision tree based algorithms. Int. J. Innov. Adv. Comput. Sci. 4, 190–196 (2015)

    Google Scholar 

  112. Rahman, M., Saudi, M.M.: Systematic analysis on mobile botnet detection techniques using genetic algorithm. In: Advanced Computer and Communication Engineering Technology, pp. 389–397. Springer (2015)

  113. W. Li, "Using genetic algorithm for network intrusion detection," Proceedings of the United States department of energy cyber security group, vol. 1, pp. 1–8, 2004.

  114. H. Yang, T. Li, X. Hu, F. Wang, and Y. Zou, "A survey of artificial immune system based intrusion detection," The Scientific World Journal, vol. 2014, 2014.

  115. M. Read, P. Andrews, and T. Jon, "An Introduction to Artificial Immune Systems," Handbook of Natural Computing, pp. 1575–1597, 2012.

  116. Breiman, L.: Random forests. Mach. Learn. 45(1), 5–32 (2001)

    Article  MATH  Google Scholar 

  117. Buckley, J.J., Hayashi, Y.: Fuzzy neural networks: a survey. Fuzzy Sets Syst. 66(1), 1–13 (1994)

    Article  Google Scholar 

  118. J. E. Dickerson, J. Juslin, O. Koukousoula, and J. A. Dickerson, "Fuzzy intrusion detection. In: Proceedings Joint 9th IFSA World Congress and 20th NAFIPS International Conference (Cat. No. 01TH8569), 2001, vol. 3, pp. 1506–1510. IEEE.

  119. Zarpelão, B.B., Miani, R.S., Kawakani, C.T., de Alvarenga, S.C.: A survey of intrusion detection in Internet of Things. J. Netw. Comput. Appl. 84, 25–37 (2017)

    Article  Google Scholar 

  120. Butun, I., Morgera, S.D., Sankar, R.: A survey of intrusion detection systems in wireless sensor networks. IEEE Commun. Surv. Tutor. 16(1), 266–282 (2013)

    Article  Google Scholar 

  121. A. Nguyen and L. Pan, "Detecting sms-based control commands in a botnet from infected android devices. In: ATIS 2012: Proceedings of the 3rd Applications and Technologies in Information Security Workshop, 2012, pp. 23–27: School of Information Systems, Deakin University.

  122. E. Johnson and I. Traore, "Sms botnet detection for android devices through intent capture and modeling. In: 2015 IEEE 34th Symposium on Reliable Distributed Systems Workshop (SRDSW), 2015, pp. 36–41. IEEE.

  123. A. J. Alzahrani and A. A. Ghorbani, "Real-time signature-based detection approach for sms botnet. In: 2015 13th Annual Conference on Privacy, Security and Trust (PST), 2015, pp. 157–164. IEEE.

  124. D. A. Girei, M. A. Shah, and M. B. Shahid, "An enhanced botnet detection technique for mobile devices using log analysis. In: 2016 22nd International Conference on Automation and Computing (ICAC), 2016, pp. 450–455. IEEE.

  125. M. Yusof, M. M. Saudi, and F. Ridzuan, "A New Android Botnet Classification for GPS Exploitation Based on Permission and API Calls. In: International Conference on Advanced Engineering Theory and Applications, 2017, pp. 27–37: Springer.

  126. I. Vural and H. Venter, "Mobile botnet detection using network forensics. In: Future Internet Symposium, 2010, pp. 57–67: Springer.

  127. S. Jadhav, S. Dutia, K. Calangutkar, T. Oh, Y. H. Kim, and J. N. Kim, "Cloud-based Android botnet malware detection system. In: 2015 17th International Conference on Advanced Communication Technology (ICACT), 2015, pp. 347–352. IEEE.

  128. Eslahi, M., Yousefi, M., Naseri, M.V., Yussof, Y., Tahir, N., Hashim, H.: Mobile botnet detection model based on retrospective pattern recognition. Int. J. Secur. Appl. 10(9), 39–44 (2016)

    Google Scholar 

  129. M. Eslahi, M. Yousefi, M. V. Naseri, Y. Yussof, N. Tahir, and H. Hashim, "Cooperative network behaviour analysis model for mobile Botnet detection. In: 2016 IEEE Symposium on Computer Applications & Industrial Electronics (ISCAIE), 2016, pp. 107–112. IEEE.

  130. C. Tansettanakorn, S. Thongprasit, S. Thamkongka, and V. Visoottiviseth, "ABIS: a prototype of android botnet identification system. In: 2016 Fifth ICT International Student Project Conference (ICT-ISPC), 2016, pp. 1–5. IEEE.

  131. M. Yang and Q. Wen, "A multi-level feature extraction technique to detect moble botnet. In: 2016 2nd IEEE International Conference on Computer and Communications (ICCC), 2016, pp. 2495–2498. IEEE.

  132. B. Rashidi and C. Fung, "Bottracer: Bot user detection using clustering method in recdroid. In: NOMS 2016–2016 IEEE/IFIP Network Operations and Management Symposium, 2016, pp. 1239–1244. IEEE.

  133. Anwar, S., Zain, J.M., Inayat, Z., Haq, R.U., Karim, A., Jabir, A.N.: A static approach towards mobile botnet detection. In: 2016 3rd International Conference on Electronic Design (ICED), pp. 563–567. IEEE (2016)

  134. Oulehla, M., Oplatková, Z.K., Malanik, D.: Detection of mobile botnets using neural networks. In: 2016 Future Technologies Conference (FTC), pp. 1324–1326. IEEE (2016)

  135. da Costa, V.G., Barbon, S., Miani, R.S., Rodrigues, J.J., Zarpelão, B.B.: Detecting mobile botnets through machine learning and system calls analysis. In: 2017 IEEE International Conference on Communications (ICC), pp. 1–6. IEEE (2017)

  136. Alothman, B., Rattadilok, P.: Android botnet detection: an integrated source code mining approach. In: 2017 12th International Conference for Internet Technology and Secured Transactions (ICITST), pp. 111–115. IEEE (2017)

  137. Alqatawna, J.f., Faris, H.: Toward a Detection Framework for Android Botnet. In: 2017 International Conference on New Trends in Computing Sciences (ICTCS), pp. 197–202. IEEE (2017)

  138. Yusof, M., Saudi, M.M., Ridzuan, F.: A new mobile botnet classification based on permission and API calls. In: 2017 Seventh International Conference on Emerging Security Technologies (EST), pp. 122–127. IEEE (2017)

  139. Abdullah, Z., Saudi, M.M., Anuar, N.B.: ABC: android botnet classification using feature selection and classification algorithms. Adv. Sci. Lett. 23(5), 4717–4720 (2017)

    Article  Google Scholar 

  140. Maimó, L.F., Gómez, Á.L.P., Clemente, F.J.G., Pérez, M.G., Pérez, G.M.: A self-adaptive deep learning-based system for anomaly detection in 5G networks. IEEE Access 6, 7700–7712 (2018)

    Article  Google Scholar 

  141. Faghihi, F., Abadi, M., Tajoddin, A.: "SMSBotHunter: A Novel Anomaly Detection Technique to Detect SMS Botnets. In: 2018 15th International ISC (Iranian Society of Cryptology) Conference on Information Security and Cryptology (ISCISC), pp. 1–6. IEEE (2018)

  142. Yusof, M., Saudi, M.M., Ridzuan, F.: Mobile Botnet classification by using hybrid analysis. Int. J. Eng. Technol. 7(4), 103–108 (2018)

    Article  Google Scholar 

  143. Mongkolluksamee, S., Visoottiviseth, V., Fukuda, K.: Robust peer to peer mobile botnet detection by using communication patterns. In: Proceedings of the Asian Internet Engineering Conference, pp. 38–45: ACM (2018)

  144. Bernardeschi, C., Mercaldo, F., Nardone, V., Santone, A.: Exploiting model checking for mobile botnet detection. Procedia Comput. Sci. 159, 963–972 (2019)

    Article  Google Scholar 

  145. Hojjatinia, S., Hamzenejadi, S., Mohseni, H.: Android botnet detection using convolutional neural networks. In: 2020 28th Iranian Conference on Electrical Engineering (ICEE), pp. 1–6. IEEE (2020)

  146. Moodi, M., Ghazvini, M., Moodi, H., Ghavami, B.: A smart adaptive particle swarm optimization–support vector machine: android botnet detection application. J. Supercomput. 76(12), 9854–9881 (2020)

    Article  Google Scholar 

  147. Yerima, S.Y., Alzaylaee, M.K.: Mobile botnet detection: a deep learning approach using convolutional neural networks. In: 2020 International Conference on Cyber Situational Awareness, Data Analytics and Assessment (CyberSA), pp. 1–8. IEEE (2020)

  148. Alqatawna, Jf., Ala’M, A.-Z., Hassonah, M.A., Faris, H.: Android botnet detection using machine learning models based on a comprehensive static analysis approach. J. Inform. Secur. Appl. 58, 102735 (2021)

    Google Scholar 

  149. Moodi, M., Ghazvini, M.: A new method for assigning appropriate labels to create a 28 Standard Android Botnet Dataset (28-SABD). J. Ambient. Intell. Humaniz. Comput. 10(11), 4579–4593 (2019)

    Article  Google Scholar 

  150. Oh, T., Jadhav, S., Kim, Y.H.: Android botnet categorization and family detection based on behavioural and signature data. In: 2015 International Conference on Information and Communication Technology Convergence (ICTC), pp. 647–652. IEEE (2015)

  151. Alzahrani, A.J., Ghorbani, A.A.: Towards android malware detection using intelligent agents. In: 2016 2nd International Symposium on Agent, Multi-Agent Systems and Robotics (ISAMSR), pp. 1–8. IEEE (2016)

  152. Alzahrani, A.J., Ghorbani, A.A.: A multi-agent system for smartphone intrusion detection framework. In: Proceedings of the 18th Asia Pacific Symposium on Intelligent and Evolutionary Systems, Volume 1, pp. 101–113. Springer (2015)

  153. Al-Dayil, R.A., Dahshan, M.H.: Detecting social media mobile botnets using user activity correlation and artificial immune system. In: 2016 7th International Conference on Information and Communication Systems (ICICS), pp. 109–114. IEEE (2016)

  154. Moodi, M., Ghazvini, M., Moodi, H.: A hybrid intelligent approach to detect Android Botnet using Smart Self-Adaptive Learning-based PSO-SVM. Knowl.-Based Syst. 222, 106988 (2021)

    Article  Google Scholar 

  155. Alzahrani, A.J., Ghorbani, A.A.: Sms-based mobile botnet detection module. In: 2016 6th International Conference on IT Convergence and Security (ICITCS), pp. 1–7. IEEE (2016)

  156. Maimó, L.F., Celdrán, A.H., Pérez, M.G., Clemente, F.J.G., Pérez, G.M.J.J.o.A.I., H.: Computing, "Dynamic management of a deep learning-based anomaly detection system for 5G networks," vol. 10, no. 8, pp. 3083–3097 (2019)

  157. Wu, D., Fang, B. Wang, J., Liu, Q., Cui, X.: Evading machine learning botnet detection models via deep reinforcement learning. In: ICC 2019–2019 IEEE International Conference on Communications (ICC), pp. 1–6. IEEE (2019)

  158. Mahdavifar, S., Ghorbani, A.A.: Application of deep learning to cybersecurity: A survey. Neurocomputing 347, 149–176 (2019)

    Article  Google Scholar 

  159. Yerima, S.Y., Alzaylaee, M.K., Shajan, A.: Deep learning techniques for android botnet detection. Electronics 10(4), 519 (2021)

    Article  Google Scholar 

Download references

Funding

This research did not receive any specific grant from funding agencies in the public, commercial, or not-for-profit sectors.

Author information

Authors and Affiliations

  1. Polytechnic University of Milan, Milan, Italy

    Sajad Hamzenejadi

  2. Computer Engineering Department, Faculty of Engineering, Shahid Bahonar University, Kerman, Iran

    Mahdieh Ghazvini

  3. University of Victoria, Victoria, British Columbia, Canada

    Seyedamiryousef Hosseini

Authors
  1. Sajad Hamzenejadi
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Mahdieh Ghazvini
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Seyedamiryousef Hosseini
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Mahdieh Ghazvini.

Ethics declarations

Conflict of interest

The authors declare that they have no competing interests.

Ethical approval

This article does not contain any studies with human participants or animals performed by any of the authors.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Hamzenejadi, S., Ghazvini, M. & Hosseini, S. Mobile botnet detection: a comprehensive survey. Int. J. Inf. Secur. 22, 137–175 (2023). https://doi.org/10.1007/s10207-022-00624-4

Download citation

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s10207-022-00624-4

Keywords

Search

Navigation