• DocumentCode
    1996937
  • Title

    Real-time signature-based detection approach for SMS botnet

  • Author

    Alzahrani, Abdullah J. ; Ghorbani, Ali A.

  • Author_Institution
    Inf. Security Center of Excellence, Univ. of New Brunswick, Fredericton, NB, Canada
  • fYear
    2015
  • fDate
    21-23 July 2015
  • Firstpage
    157
  • Lastpage
    164
  • Abstract
    As an open platform for mobile electronic devices, Android is experiencing a steady growth in the number of published applications (apps). Features of the Android platform have caught the attention of malicious users who have targeted the Short Message Service (SMS) to abuse its permissions. Various types of attack, referred to as botnets, can be executed without the user´s knowledge by taking advantage of SMS messages, such as sending text message spam, transferring all command and control (C&C) instructions, launching denial-of-service (DoS) attacks, sending premium-rate SMS messages, or distributing malicious applications via URLs embedded in text messages. In this paper, we propose a real-time signature-based detection mechanism to combat SMS botnets, in which we first apply pattern-matching detection approaches for incoming and outgoing SMS text messages, and then use rule-based techniques to label unknown SMS messages as suspicious or normal. This approach was evaluated using over 12,000 test messages. It was able to detect all 747 malicious SMS messages in the dataset (100% detection rate with no false negatives). It also flagged 351 SMS messages as suspicious.
  • Keywords
    computer crime; computer network security; digital signatures; electronic messaging; invasive software; mobile computing; pattern matching; smart phones; Android platform; C&C instructions; DoS attacks; SMS botnets; SMS messages labelling; URL; attack types; command and control instructions; denial-of-service attacks; malicious applications distribution; malicious users; mobile electronic devices; pattern-matching detection; premium-rate SMS messages; real-time signature-based detection approach; rule-based techniques; short message service; text message spam; Feature extraction; Malware; Mobile communication; Pattern matching; Smart phones; Android; Botnet Detection; Mobile Malware; SMS;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Privacy, Security and Trust (PST), 2015 13th Annual Conference on
  • Conference_Location
    Izmir
  • Type

    conf

  • DOI
    10.1109/PST.2015.7232968
  • Filename
    7232968