ABSTRACT
Cell phones are increasingly becoming attractive targets of various worms, which cause the leakage of user privacy, extra service charges and depletion of battery power. In this work, we study propagation of cell-phone worms, which exploit Multimedia Messaging Service (MMS) and/or Bluetooth for spreading. We then propose a systematic countermeasure against the worms. At the terminal level, we adopt Graphic Turing test and identity-based signature to block unauthorized messages from leaving compromised phones; at the network level, we propose a push-based automated patching scheme for cleansing compromised phones. Through experiments on phone devices and a wide variety of networks, we show that cellular systems taking advantage of our defense can achieve a low infection rate (e.g., less than 3% within 30 hours) even under severe attacks.
- http://www.f-secure.com/v-descs/flexispy_a.shtml.Google Scholar
- http://www.f-secure.com/wireless/threats.Google Scholar
- L. Ahn, M. Blum, N. Hopper, and J. Langford. CAPTCHA: Using Hard AI Problems for Security. In EUROCRYPT'03, 2003. Google ScholarDigital Library
- A. Barabasi and R. Albert. Emergence of scaling in random networks. In Science, pages 509--512, Oct., 1999.Google Scholar
- A. Bose and K. Shin. Proactive security for mobile messaging networks. In Proc. of WiSe'06, 2006. Google ScholarDigital Library
- J. Chen, S. Wongand, H. Yang, and S. Lu. Smartsiren: Virus detection and alert for smartphones. In Proc. of MobiSys'07, 2007. Google ScholarDigital Library
- E. Chien. Security response: Symbos.mabir, symantec, 2005.Google Scholar
- E. Chien. Security response: Symbos.skull, symantec, 2004.Google Scholar
- C. Mulliner, G. Vigna, D. Dagon, and W. Lee. Using labeling to prevent cross-service attacks against smartphones. In DIMVA'06, 2006. Google ScholarDigital Library
- M. Newman, S. Forrest, and J. Balthrop. Email networks and the spread of computer viruses. In Physical Review, 2002.Google Scholar
- A. Shamir. Identity-base cryptosystems and signature schemes. In Proc. of Crypto'84, Springer-Verlag, 1984. Google ScholarDigital Library
Index Terms
- A systematic approach for cell-phone worm containment
Recommendations
A Host-Based Approach for Unknown Fast-Spreading Worm Detection and Containment
Special Section on Best Papers from SEAMS 2012The fast-spreading worm, which immediately propagates itself after a successful infection, is becoming one of the most serious threats to today’s networked information systems. In this article, we present WormTerminator, a host-based solution for fast ...
Collaborative Internet Worm Containment
Large-scale worm outbreaks that lead to distributed denial-of-service (DDoS) attacks pose a major threat to the Internet infrastructureýs security. Fast containment is crucial for minimizing damage and preventing flooding attacks against network hosts. ...
Modeling host-based detection and active worm containment
CNS '08: Proceedings of the 11th communications and networking simulation symposiumRecent advancements in Internet worms propagation techniques has generated interest in the development of appropriate defense techniques against such worms. Modeling the behaviour of worm defense techniques to better understand and measure their defense ...
Comments