Abstract
Recently, cellular phone networks have begun allowing third-party applications to run over certain open-API phone operating systems such as Windows Mobile, Iphone and Google’s Android platform. However, with this increased openness, the fear of rogue programs written to propagate from one phone to another becomes ever more real. This chapter proposes a counter-mechanism to contain the propagation of a mobile worm at the earliest stage by patching an optimal set of selected phones. The counter-mechanism continually extracts a social relationship graph between mobile phones via an analysis of the network traffic. As people are more likely to open and download content that they receive from friends, this social relationship graph is representative of the most likely propagation path of a mobile worm. The counter-mechanism partitions the social relationship graph via two different algorithms, balanced and clustered partitioning and selects an optimal set of phones to be patched first as those have the capability to infect the most number of other phones. The performance of these partitioning algorithms is compared against a benchmark random partitioning scheme. Through extensive trace-driven experiments using real IP packet traces from one of the largest cellular networks in the US, we demonstrate the efficacy of our proposed counter-mechanism in containing a mobile worm.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
A. Bose, X. Hu, K.G. Shin, and T. Park. Behavioral detection of malware on mobile handsets. In Proceeding of the 6th international conference on Mobile systems, applications, and services, pages 225–238. ACM, 2008.
A. Bose and K.G. Shin. Proactive security for mobile messaging networks. In Proceedings of the 5th ACM workshop on Wireless security, page 104. ACM, 2006.
J. Cheng, S.H.Y. Wong, H. Yang, and S. Lu. SmartSiren: virus detection and alert for smartphones. In Proceedings of the 5th international conference on Mobile systems, applications and services, page 271. ACM, 2007.
D. David, C. Zou, and W. Lee. Model Botnet Propagation Using Time Zones. In Proceeding of the Network and Distributed System Security (NDSS) Symposium 2006.
W. Enck, P. Traynor, P. McDaniel, and T. La Porta. Exploiting open functionality in SMS-capable cellular networks. In Proceedings of the 12th ACM conference on Computer and communications security, page 404. ACM, 2005.
F-SECURE. Close the zero-hour gap: Protection from emerging virus threats, http://www.f-secure.com/f-secure/marketing/white~_papers.
F-SECURE. F-secure deepguard – a proactive response to the evolving threat scenario, http://www.f-secure.com/f-secure/marketing/white~_papers.
F-SECURE. F-secure malware information pages: Sms-worm:symbos/feak, http://www.f-secure.com/v-descs/sms-worm~_symbos~_feak.shtml.
F-SECURE. F-secure virus information pages: Cabir, http://www.f-secure.com/v-descs/cabir.shtml.
F-SECURE. F-secure virus information pages: Commwarrior, http://www.f-secure.com/v-descs/commwarrior.shtml.
C. Fleizach, M. Liljenstam, P. Johansson, G.M. Voelker, and A. Mehes. Can you infect me now?: malware propagation in mobile phone networks. In Proceedings of the 2007 ACM workshop on Recurring malcode, page 68. ACM, 2007.
M.R. Garey and D.S. Johnson. Computers and intractability. A guide to the theory of NP-completeness. A Series of Books in the Mathematical Sciences. WH Freeman and Company, San Francisco, Calif, 1979.
M. Ghaderi and S. Keshav. Multimedia messaging service: system description and performance analysis. In First International Conference on Wireless Internet, 2005. Proceedings, pages 198–205, 2005.
J.C. Haartsen, E.R.S. BV, and N. Emmen. The Bluetooth radio system. IEEE Personal Communications, 7(1):28–36, 2000.
B. Hendrickson and T.G. Kolda. Graph partitioning models for parallel computing* 1. Parallel Computing, 26(12):1519–1534, 2000.
G. Karypis and V. Kumar. A fast and high quality multilevel scheme for partitioning irregular graphs. SIAM Journal on Scientific Computing, 20(1):359, 1999.
G. Karypis, K. Schloegel, and V. Kumar. ParMETIS: Parallel Graph Partitioning and Sparse Matrix Ordering Library Version 3.1. University of Minnesota, Minneapolis, 2003.
B.W. Kernighan and S. Lin. An efficient heuristic procedure for partitioning graphs. Bell System Technical Journal, 49(2):291–307, 1970.
M. Khouzani, S. Sarkar, and E. Altman. Maximum Damage Malware Attack in Mobile Wireless Networks. In IEEE Societies INFOCOM 2010. Twenty-Nine Annual Joint Conference of the IEEE Computer and Communications.
H. Kim, J. Smith, and K.G. Shin. Detecting energy-greedy anomalies and mobile malware variants. In Proceeding of the 6th international conference on Mobile systems, applications, and services, pages 239–252. ACM, 2008.
F. Li, Y. Yang, and J. Wu. CPMC: An Efficient Proximity Malware Coping Scheme in Smartphone-based Mobile Networks. In IEEE Societies INFOCOM 2010. Twenty-Nine Annual Joint Conference of the IEEE Computer and Communications.
X. Meng, P. Zerfos, V. Samanta, S.H.Y. Wong, and S. Lu. Analysis of the reliability of a nationwide short message service. In IEEE INFOCOM 2007. 26th IEEE International Conference on Computer Communications, pages 1811–1819, 2007.
J.W. Mickens and B.D. Noble. Modeling epidemic spreading in mobile environments. In Proceedings of the 4th ACM workshop on Wireless security, page 86. ACM, 2005.
A.G. Miklas, K.K. Gollu, K.K.W. Chan, S. Saroiu, K.P. Gummadi, and E. De Lara. Exploiting social interactions in mobile systems. In Proceedings of the 9th international conference on Ubiquitous computing, pages 409–428. Springer-Verlag, 2007.
D. Moore, V. Paxson, S. Savage, C. Shannon, S. Staniford, and N. Weaver. The spread of the sapphire/slammer worm, http://www.caida.org/publications/papers/2003/sapphire/ sapphire.html, 2003.
D. Moore, C. Shannon, G.M. Voelker, and S. Savage. Internet quarantine: Requirements for containing self-propagating code. In IEEE Societies INFOCOM 2003. Twenty-Second Annual Joint Conference of the IEEE Computer and Communications, pages 1901–1910.
K. Schloegel, G. Karypis, and V. Kumar. Graph partitioning for high-performance scientific simulations, Sourcebook of parallel computing, 2003.
E. Van Ruitenbeek, T. Courtney, W.H. Sanders, and F. Stevens. Quantifying the effectiveness of mobile phone virus response mechanisms. In 37th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, 2007. DSN’07, pages 790–800, 2007.
M. VojnoviĆ and A. Ganesh. On the effectiveness of automatic patching. In Proceedings of the 2005 ACM workshop on Rapid malcode, page 50. ACM, 2005.
C. Walshaw and M. Cross. Parallel optimisation algorithms for multilevel mesh partitioning. Parallel Computing, 26(12):1635–1660, 2000.
P. Wang, M.C. Gonzalez, C.A. Hidalgo, and A.L. Barabasi. Understanding the spreading patterns of mobile phone viruses. Science, 324(5930):1071, 2009.
N. Weaver and D. Ellis. White worms don’t work. Login, 31:33–38, 2006.
C. Wong, S. Bielski, A. Studer, and C. Wang. Empirical analysis of rate limiting mechanisms. In Recent Advances in Intrusion Detection, pages 22–42. Springer, 2006.
Y. Yang, S. Zhu, and G. Cao. Improving sensor network immunity under worm attacks: a software diversity approach. In Proceedings of the 9th ACM international symposium on Mobile ad hoc networking and computing, pages 149–158. ACM, 2008.
B. Zhao, C. Chi, W. Gao, S. Zhu, and G. Cao. A chain reaction DoS attack on 3G networks: analysis and defenses. In IEEE Societies INFOCOM 2009. Twenty-Eight Annual Joint Conference of the IEEE Computer and Communications.
Z. Zhu and G. Cao. Worms in Cellular Networks. Book Chapter in Encyclopedia of cryptography and security (2nd Ed.). Springer Verlag, 2010.
Z. Zhu, G. Cao, S. Zhu, S. Ranjan, and A. Nucci. A Social Network Based Patching Scheme for Worm Containment in Cellular Networks. In IEEE Societies INFOCOM 2009. Twenty-Eight Annual Joint Conference of the IEEE Computer and Communications, pages 1476–1484.
C.C. Zou, L. Gao, W. Gong, and D. Towsley. Monitoring and early warning for internet worms. In Proceedings of the 10th ACM conference on Computer and communications security, pages 190–199. ACM, 2003.
G. Zyba, G.M. Voelker, M. Liljenstam, A. Méhes, and P. Johansson. Defending mobile phones from proximity malware. In IEEE Societies INFOCOM 2009. Twenty-Eight Annual Joint Conference of the IEEE Computer and Communications, 2009.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2012 Springer Science+Business Media, LLC
About this chapter
Cite this chapter
Zhu, Z., Cao, G., Zhu, S., Ranjan, S., Nucci, A. (2012). A Social Network Based Patching Scheme for Worm Containment in Cellular Networks. In: Thai, M., Pardalos, P. (eds) Handbook of Optimization in Complex Networks. Springer Optimization and Its Applications(), vol 58. Springer, New York, NY. https://doi.org/10.1007/978-1-4614-0857-4_17
Download citation
DOI: https://doi.org/10.1007/978-1-4614-0857-4_17
Published:
Publisher Name: Springer, New York, NY
Print ISBN: 978-1-4614-0856-7
Online ISBN: 978-1-4614-0857-4
eBook Packages: Mathematics and StatisticsMathematics and Statistics (R0)