Annual Computer Security Applications Conference (ACSAC) 2012

Full Program »

Cloud-based Push-Styled Mobile Botnets: A Case Study of Exploiting the Cloud to Device Messaging Service

Paper
View File
pdf
454KB

Shuang Zhao
Xi'an Jiatong University
China

Patrick P. C. Lee
The Chinese University of Hong Kong
Hong Kong

John C. S. Lui
The Chinese University of Hong Kong
Hong Kong

Xiaohong Guan
Xi'an Jiatong University
China

Xiaobo Ma
Xi'an Jiatong University
China

Jing Tao
Xi'an Jiatong University
China

Abstract:
Given the popularity of smartphones and mobile devices, mobile botnets are becoming an emerging threat to users and network operators. We propose a new form of cloud-based push-styled mobile botnets that exploits today’s push notification services as a means of command dissemination. To motivate its practicality, we present a new command and control (C&C) channel using Google’s Cloud to Device Messaging (C2DM) service, and develop a C2DM botnet specifically for the Android platform. We present strategies to enhance its scalability to large botnet coverage and its resilience against service disruption. We prototype a C2DM botnet, and perform evaluation to show that the C2DM botnet is stealthy in generating heartbeat and command traffic, resource-efficient in bandwidth and power consumptions, and controllable in quickly delivering a command to all bots. We also discuss how one may deploy a C2DM botnet, and demonstrate its feasibility in launching an SMS-Spam-and-Click attack. Lastly, we discuss how to generalize the design to other platforms, such as iOS or Window-based systems, and recommend possible defense methods. Given the wide adoption of push notification services, we believe that this type of mobile botnets requires special attention from our community.

 

Powered by OpenConf®
Copyright ©2002-2012 Zakon Group LLC