KSII Transactions on Internet and Information Systems (TIIS)

Korean Society for Internet Information (한국인터넷정보학회)
권호 표지
DOI QR코드

DOI QR Code

A Novel Approach to Trojan Horse Detection in Mobile Phones Messaging and Bluetooth Services

  • Ortega, Juan A. (Computer Languages and Systems Department, University of Seville) ;
  • Fuentes, Daniel (Computer Languages and Systems Department, University of Seville) ;
  • Alvarez, Juan A. (Computer Languages and Systems Department, University of Seville) ;
  • Gonzalez-Abril, Luis (Applied Economics Department I, University of Seville) ;
  • Velasco, Francisco (Applied Economics Department I, University of Seville)
  • Received : 2010.10.13
  • Accepted : 2011.01.24
  • Published : 2011.08.29
Download PDF
⟨ Previous Next ⟩

Abstract

A method to detect Trojan horses in messaging and Bluetooth in mobile phones by means of monitoring the events produced by the infections is presented in this paper. The structure of the detection approach is split into two modules: the first is the Monitoring module which controls connection requests and sent/received files, and the second is the Graphical User module which shows messages and, under suspicious situations, reports the user about a possible malware. Prototypes have been implemented on different mobile operating systems to test its feasibility on real cellphone malware. Experimental results are shown to be promising since this approach effectively detects various known malware.

Keywords

References

  1. Physorg, "Five Billion People to Use Mobile Phones in 2010: UN," 2010. http://www.physorg.com/news185467439.html.
  2. IBM X Force Threat Reports, "IBM Internet Security Systems X-Force, Trend and Risk Report," 2009. http://www-935.ibm.com/services/us/iss/xforce/trendreports.
  3. Neo-Call. http://www.neo-call.com.
  4. C. Fleizach, M. Liljenstam, P. Johansson, G.M. Voelker, A. Mehes, "Can You Infect Me Now?: Malware Propagation in Mobile Phone Networks," in Proc. of the 2007 ACM Workshop on Recurring Malcode (WORM '07), pp. 61-68, Nov. 2007.
  5. Cabir. http://www.f-secure.com/v-descs/cabir.shtml
  6. Commwarrior. http://www.f-secure.com/v-descs/commwarrior.shtml
  7. G. Zyba, G.M. Voelker, M. Liljenstam, A. Méhes, P. Johansson, "Defending Mobile Phones from Proximity Malware," in Proc. of INFOCOM 2009, pp. 1503-1511, Apr. 2009.
  8. J. Cheng, H.Y. Wong, H. Yang, S. Lu, "SmartSiren: Virus Detection and Alert for Smartphones," in Proc. of the 2007 International Conference on Mobile Systems, Applications, and Services (Mobysis '07), pp. 258-271, June 2007.
  9. G. Yan, S. Eidenbenz, E. Galli, "SMS-Watchdog: Profiling Social Behaviors of SMS Users for Anomaly Detection," Lecture Notes in Computer Science, vol. 5758, pp. 202-223, 2009.
  10. A.D. Schmidt, F. Peters, F. Lamour, S. Albayrak, "Monitoring Smartphones for Anomaly Detection," in Proc. of Mobilware 2008, pp. 92-96, June 2007.
  11. A. Bose, K. Shin, "On Mobile Viruses Exploiting Messaging and Bluetooth Services," in Proc. of International Conference on Security and Privacy in Communication Networks (SecureComm'06), pp. 1-10. May 2007.
  12. A. Bose, X. Hu, K.G. Shin, T. Park, "Behavioral Detection of Malware on Mobile Handsets," in Proc. of the 6th International Conference on Mobile Systems, Applications, and Services, pp. 225-238. June 2008.
  13. L. Xie, X. Zhang, J. Seifert, S. Zhu, "pBMDS: a Behavior-based Malware Detection System for Cellphone Devices," in Proc. of the WISEC 2010. pp. 37-48, Mar. 2010.
  14. S. Zahid, M. Shahzad, S.A. Khayam, M. Farooq, "Keystroke-Based User Identification on Smart Phones," in Proc. of the RAID 2009. pp. 224-243, Sep. 2009.
  15. H. Kim, J. Smith, K.G. Shin, "Detecting Energy-Greedy Anomalies and Mobile Malware Variants," in Proc. of the 5th International Conference on Mobile Systems, Applications, and Services, pp. 17-20, June 2008.
  16. L. Liu, G. Yan, X. Zhang, S. Chen, "VirusMeter: Preventing Your Cellphone from Spies," in Proc. of the RAID 2009, pp. 244-264, Sep. 2009,
  17. Open Handset Alliance Project Android. http://www.android.com
  18. Apple iPhone. http://www.apple.com/iphone
  19. AirScanner Mobile Software. http://www.airscanner.com
  20. BullGuard Antivirus. http://www.spyphone.es
  21. RedFiveLabs. http://www.redfivelabs.com
  22. Spyphone. http://www.spyphone.es
  23. S60 5th Edition C++ Developer's Library v2.1. http://library.forum.nokia.com
  24. Cabir code. http://www.offensivecomputing.net/?q=node/773