Android botnets for multi-targeted attacks
Tóm tắt
Today, mobile Botnets are well known in the IT security field. Whenever we talk about Botnets on mobile phones, we mostly deal with denial of service attacks (Kifayat and Wilson
http://www.cms.livjm.ac.uk/pgnet2012/Proceedings/Papers/1569607737.pdf
, 2012). This is due to the fact that we refer to classical Botnets on computers. But mobile phones are “mobiles” by definition. Indeed, they offer a lot of information not present on personal computers. They have a lot of sensors which are interesting for attackers. Most of the time, we used to think that targeted attacks have a single target. But with mobile phones, targeting a group of people does make sense. Coupled with data collected by the Sat Nav, we could so be able to localize with a certain probability meeting points in a criminal organization. By this way of attacking, we can deduce lots of things by cross-checking information obtained on devices. Thereby, this paper will aim to show the potential offered by such attacks. Firstly, this paper will focus on localization data. Furthermore, an implementation of an Android botnet and its server side part will be presented for illustrative purposes. Besides, the major part of the source code used will be included step by step in this paper. This paper aims to be technical because the author does not want to show any theory without trying some practicals tests with real and technical constraints.
Tài liệu tham khảo
Arai, K., Barakbah, A.R.: Hierarchical K-means: an algorithm for centroids initialization for K-means. Technical report (2007)
Android official documentation (2013). http://developer.android.com/
Barber, I.: K-means clustering (2009). http://phpir.com/clustering
Symantec Corporation. Industrial espionage: Targeted attacks and advanced persistent threats (apts) (2011). http://www.symantec.com/threatreport/topic.jsp?id=malicious_code_trends&aid=industrial_espionage
Geo midpoint calculation (2013). http://www.geomidpoint.com
Khan, S.S., Ahmad, A.: Cluster center initialization algorithm for k-means clustering. Pattern Recogn. Lett. 25(11), 1293–1302 (August 2004)
Hamandi, K., Elhajj, I.H., Chehab, A., Kayssi, A.: Android sms botnet: a new perspective (2012). http://dl.acm.org/citation.cfm?id=2387016
Dorian, L.: Android betrays you: data that you are unaware of on your android smartphone. In: EICAR Conference (2013)
Mysql 5.1 syntax documentation (2013). http://dev.mysql.com/doc/refman/5.1/en/sql-syntax.html
Perl PCRE official documentation (2013). http://perldoc.perl.org/perlre.html
Peña, J.M., Lozano, J.A., Larrañaga, P.: An empirical comparison of four initialization methods for the k-means algorithm. Pattern Recogn. Lett. 20(10), 1027–1040 (1999)
Kifayat, K., Wilson, S.: When the droid became the bot: trends, threats and investigation of a mobile botnet (2012). http://www.cms.livjm.ac.uk/pgnet2012/Proceedings/Papers/1569607737.pdf
Xiang, C., Binxing, F., Lihua, Y., Xiaoyi, L., Tianning, Z.: Andbot: Towards advanced mobile botnets (2011). https://www.usenix.org/conference/leet11/andbot-towards-advanced-mobile-botnets