The increasing popularity and improvement in capabilities offered by smartphones caught the attention of botnet developers. Now the threat of botnets is moving towards the mobile environment. A mobile botnet is defined as a collection of compromised smartphones controlled by a botmaster through a command and control network to serve a malicious purpose. This study presents the design of a hybrid command and control mobile botnet. It describes the propagation vectors, command and control channels, and topology of the design. The hybrid design explores the efficiency of multiple command and control channels against the following objectives: no single point of failure must exist in the topology, low cost for command dissemination, limited network activities and low battery consumption per bot. The objectives are measured with a prototype that is deployed on a small collection of Android-based smartphones. In addition, the prototype is evaluated against mobile security software and anti-virus software. The results indicate that current mobile technology exhibits all the capabilities needed to create a mobile botnet.
Reference:
Pieterse, H and Olivier, M. 2013. Design of a hybrid command and control mobile botnet. In: 8th International Conference on Information Warfare and Security (ICIW), Denver, Colorado, USA, 25-26 March 2013, 10pp
Pieterse, H., & Olivier, M. (2013). Design of a hybrid command and control mobile botnet: Presentation. http://hdl.handle.net/10204/6784
Pieterse, Heloise, and M Olivier "Design of a hybrid command and control mobile botnet: Presentation." (2013) http://hdl.handle.net/10204/6784
Pieterse H, Olivier M. Design of a hybrid command and control mobile botnet: Presentation. 2013; http://hdl.handle.net/10204/6784.
