260 likes | 274 Views
Explore the world of mobile viruses and worms, their classification, current threats, and future developments. Learn about case studies and discover proactive measures to secure your mobile devices.
E N D
Mobile Viruses and Worms (Project Group 6) Amit Kumar Jain Amogh Asgekar Jeevan Chalke Manoj Kumar Ramdas Rao
Mobile Worms and Viruses Outline • Introduction • Classification • Threats posed by mobile worms and viruses • Case Studies • Futuristic Threats • Protective Measures
Mobile Worms and Viruses Introduction • What is a Mobile Virus? • “Mobile” : pertaining to mobile devices • cell phones, smart phones, PDAs, ... • Mobile Virus vs. Computer Virus • Mobile Malware: • “Malware”: Malicious Software • All kinds of unwanted malicious software
Mobile Worms and Viruses Differences with PC • Although similar OSes are being used, differences exist: • Lesser users of mobiles are less “tech literate” • Implies that it is difficult to “rollout security patches” to phones already sold • Mobiles are always “connected” and switched on • “Environment” keeps changing • Imagine one infected phone in a stadium full of people
Mobile Worms and Viruses Differences... • On the positive side: • Several variants of phones exist • A malware for one type of phone may not necessarily be able to infect others • E.g., A virus that uses an MMS exploit cannot infect a phone that does not have that facility at all • Mobile malware not yet causing critical harm • At most • they increase the user's billing, or • cause the mobile phone to stop working (can be restored by a factory reset)
Mobile Worms and Viruses Classification • Behavior • Virus • Worm • Trojan • Environment • Operating System • Vulnerable Application • Family name and Variant identifier
Mobile Worms and Viruses Classification (examples) Source: Kaspersky Labs
Mobile Worms and Viruses Mobile Virus Families The increase of known mobile malware variants Increases in known mobile malware families Complete (as of 30th August 2006) list of mobile virus families according to Kaspersky Lab classification. http://www.viruslist.com/en/analysis?pubid=200119916
Mobile Worms and Viruses Current threats by mobile malware • For financial gain / loss • Unnecessary calls / SMS / MMS • Send and sell private information • Cause phones to work slowly or crash • Wipe out contact books and other information on the phone • Remote control of the phone • Install “false” applications
Mobile Worms and Viruses Case Study – CABIR • First mobile worm • Only as Proof-Of-Concept • Spread vector – Bluetooth • Infected file – caribe.sis • 15 new variants exist
Mobile Worms and Viruses Case Study - ComWar • Second landmark in mobile worms • Spread vector - Bluetooth and MMS • Large spread area due to MMS • Not as proof of concept – Intention to harm by charging the mobile user • Multiple variants detected
Mobile Worms and Viruses Case Study - CardTrap • First cross-over mobile virus found • Can migrate from mobile to PC • Propogates as infected mobile application as well as Windows worm • 2 variants found – Both install with legitimate applications – Black Symbian and Camcorder Pro
Mobile Worms and Viruses Futuristic Developments • Location Tracking • Camera and Microphone Bug • Leaking Sensitive Information • DDOS attack on Mobile Service Provider
Mobile Worms and Viruses Securing against attacks • System level security • MOSES • Network Level Security • Proactive approach
Mobile Worms and Viruses MOSES • MObile SEcurity processing System • Ravi (2005) • Two levels of defenses – Hardware and Software • Hardware – Application Fencing • Software – Encryption
Mobile Worms and Viruses MOSES • Secure boot and run-time memory protection • prevents software (virus) and physical (code modification) attacks • Provides crypto functions and meets performance and power targets • Provides protection to any sensitive data or cryptographic keys against common attacks
Mobile Worms and Viruses Proactive Approach • Paper by Bose, Shin • Reduce the impact of an attack • Generate Behavior Vectors • Form Behavioral Clusters
Mobile Worms and Viruses Proactive Approach • Virus Throttling Algorithm • Quarantine Source: Bose, Shin (2006)
Mobile Worms and Viruses Questions???
Mobile Worms and Viruses References • Kaspersky Labs' Report on Mobile Viruses (September 2006) • http://www.viruslist.com/en/analysis?pubid=198981193 • http://www.viruslist.com/en/analysis?pubid=200119916 • http://www.viruslist.com/en/analysis?pubid=201225789 • Bluetooth vulnerabilities • Haataja, K., “Two practical attacks against Bluetooth security using new enhanced implementations of security analysis tools”, CNIS 2005, Arizona, USA, November 14-16, 2005. • http://www.thebunker.net/security/bluetooth.htm • http://www.darknet.org.uk/2006/02/locate-anyone-in-the-uk-via-sms/ • Protective Measures: • MOSES:http://www.princeton.edu/∼sravi/security.htm • Bose, Shin, “Proactive Security for Mobile Messaging Networks”, WiSe '06, September 29, 2006.