Android botnets on the rise: Trends and characteristics

Smartphones are the latest technology trend of the 21st century. Today´s social expectation of always staying connected and the need for an increase in productivity are the reasons for the increase in smartphone usage. One of the leaders of the smartphone evolution is Google´s Android Operating System (OS). The openness of the design and the ease of customizing are the aspects that are placing Android ahead of the other smartphone OSs. Such popularity has not only led to an increase in Android usage but also to the rise of Android malware. Although such malware is not having a significant impact on the popularity of Android smartphones, it is however creating new possibilities for threats. One such threat is the impact of botnets on Android smartphones. Recently, malware has surfaced that revealed specific characteristics relating to traditional botnet activities. Malware such as Geinimi, Pjapps, DroidDream, and RootSmart all display traditional botnet functionalities. These malicious applications show that Android botnets is a reality. From a security perspective it is important to understand the underlying structure of an Android botnet. This paper evaluates Android malware with the purpose of identifying specific trends and characteristics relating to botnet behaviour. The botnet trends and characteristics are detected by a comprehensive literature study of well-known Android malware applications. The identified characteristics are then further explored in terms of the Android Botnet Development Model and the Android Botnet Discovery Process. The common identified trends and characteristics aid the understanding of Android botnet activities as well as the possible discovery of an Android bot.