Simple and Ingenious Mobile Botnet Covert Network Based on Adjustable Unit (SIMBAIDU)

Various services through smartphones or personal computers have become common nowadays. Accordingly, embedded malware is rapidly increasing. The malware is infiltrated by using short message service (SMS), wireless networks, and random calling and makes smartphones bots in botnets. Therefore, in a system without an appropriate deterrent, smartphones are infiltrated easily. In the security threats by malware, random calling has become serious nowadays. To develop the defensive system against random calling and prevent the infiltration of the malware through random calling, it is required to understand the exact process of how to make bots in the botnet. Thus, this research develops a simple and ingenious mobile botnet covert network based on adjustable ID units (SIMBAIDU) to investigate how a botnet network is established by using phone numbers. Perfect octave coding (P8 coding) turns out to be effective in infiltrating smartphones and executing commands, which is used for botnets. The results provide the basic process of P8 coding which is useful for developing defensive systems of smartphones.

Android Botnets

Mobile botnets are gaining popularity with the expressive demand of smartphone technologies. Similarly, the majority of mobile botnets are built on a popular open source OS, e.g., Android. A mobile botnet is a network of interconnected smartphone devices intended to expand malicious activities, for example; spam generation, remote access, information theft, etc., on a wide scale. To avoid this growing hazard, various approaches are proposed to detect, highlight and mark mobile malware applications using either static or dynamic analysis. However, few approaches in the literature are discussing mobile botnet in particular. In this article, the authors have proposed a hybrid analysis framework combining static and dynamic analysis as a proof of concept, to highlight and confirm botnet phenomena in Android-based mobile applications. The validation results affirm that machine learning approaches can classify the hybrid analysis model with high accuracy rate (98%) than classifying static or dynamic individually.

Android Botnets

Mobile botnets are gaining popularity with the expressive demand of smartphone technologies. Similarly, the majority of mobile botnets are built on a popular open source OS, e.g., Android. A mobile botnet is a network of interconnected smartphone devices intended to expand malicious activities, for example; spam generation, remote access, information theft, etc., on a wide scale. To avoid this growing hazard, various approaches are proposed to detect, highlight and mark mobile malware applications using either static or dynamic analysis. However, few approaches in the literature are discussing mobile botnet in particular. In this article, the authors have proposed a hybrid analysis framework combining static and dynamic analysis as a proof of concept, to highlight and confirm botnet phenomena in Android-based mobile applications. The validation results affirm that machine learning approaches can classify the hybrid analysis model with high accuracy rate (98%) than classifying static or dynamic individually.

XSS MBot: Mobile Botnet for Stealthy DDoS Attacks

Mobile devices are overgrowing; nowadays people are using mobile devices for different activities. Over the years malware attacks on mobile devices are increasing, the primary intention of the attacker is to steal sensitive information and turn the infected mobile device into a member of the botnet. We studied differences between traditional botnets and mobile botnets, also analyzed different mobile botnet attacks. Mobile malware applications spread through Cross-site Scripting vulnerabilities in trusted websites. Developed a mobile malware which can perform Denial-of-service attacks and used this malware to test and review mobile botnet attacks. We also studied solutions to prevent these mobile botnet attacks.

Hybrid Machine Learning Techniques Applied in Real Engineering Applications

Smartphone devices, particularly android devices used by billions of people everywhere in the world. Similarly, this increasing rate attracts mobile botnet attackers that is a network of interconnected nodes operated by command and control (C&C) method to expand malicious activities. At present, mobile botnet attacks carried Distributed denial of services (DDoS) that causes to steal sensitive data, remote access, spam generation, etc. Consequently, various approaches are defined in the literature to detect mobile botnet using static or dynamic analysis. In this paper, we have proposed a novel hybrid model, which is a combination of static and dynamic method that relies on machine learning to identify android botnet applications having C&C capability. The results evaluated through machine learning classifiers in which Random forest classifier outperform other ML techniques, i.e. Naïve Bayes, Support Vector Machine, and Simple logistics. Our proposed framework can achieve 97.48% accuracy in detecting such harmful applications. Furthermore, we highlight some research directions and possible solutions regarding botnet attacks for the entire community.