• by Viven Rajendra
• Guide : Prof. Bernard
Menezes
CONTENT
• Introduction
• Survey of current mobile malware
• Malware propagation in mobile
phone networks.(Experiments)
• Futuristic threats
• Conclusions
• Brief case studies
Why is this study important ?
Background picture
is a skull :X
Secret admirer ?? :)
2) Attacks exploiting software
vulnerabilities.
2 a) Protocol Complexity
2 b) Cryptographic vulnerability
1) Discoverable bluetooth
enabled devices are prevalent
today.
2) The device population is relatively homogenous.
P(x,y) = probability
person x is a friend
1 with person y
p( x , y )
d ( x, y )
d(x,y) = number of
people between
person x and person y
Congestion in VoIP scenario
Major bottleneck
is at the RNC ->
SGSN link.
Congestion also
decreases over
time
- Phones finish
enumerating
their contacts,
start randomly
dialing
Image coutesy [2]
Combining Strategies
• Transferring
contacts and
avoiding
congestion can be
very effective
• Infection reaches
90% rate 4x faster
than the standard
scenario
Standard
malware only Image coutesy [2]
Network based Defenses
• Since the infrastructure is centrally managed and
owned, defenses can be inserted at critical points to
affect the spread
• However, the fact that the end nodes (phones) can
be hard to disinfect introduces challenges
• A few defensive scenarios:
Removing the infected reduces congestion!
– Blacklisting
Removing the infected reduces congestion!
– Rate limiting
Can be effective for MMS. But difficult, for VoIP
– Filtering
Futuristics threats
1) Location Tracking.
2) Espionage bug.
3) Loss of security.
4) DDOS attack.
Common protection against mobile malware
1) Non-discoverable mode.
2) Install antivirus/IDS.
3) Firmware Updates.
Image courtesy FSecure Corp.
4) Untrusted sites & softwares.