| Smart phone has become the mainly computing and communication equipment of people’s daily life. As the capabilities of smart phone increase, makes it one step towards realizing the vision of Mark Weiser called ubiquitous computing, which was mentioned by "The computer for the21st century". However, with the powerful function and rich application of smart phone more and more new mobile phone malwares are targeting these devices, especially the attacks from mobile botnets.The first mobile phone malware Cabir was detected in2004, since then, the number of mobile phone malware its variants increased every month, the main mobile phone platforms include Symbian OS, iOS, Android, BlackBerry OS, Windows Mobile. In the same year, Dagon and Piercy put forward respectively that mobile phone will be the target of the next-generation malware. The development of mobile phone malware drove into the fast lane in2009, also the first mobile botnet was detected in the same year, and its main target is smart phone. Most traditional botnet techniques can be used in the design of mobile botnet, from the first low risk level mobile botnet SymbOS. Exy. C that was detected in July2009to March2012that the high risk level of mobile botnet RootSmart was detected, we can see the mobile botnet present a rapid development tendency. It already has many different methods of spread mobile botnet program, such as the third party APP, Bluetooth, SMS and MMS. It has flexible command and control network and covert attack methods. The information security threats of mobile botnet to mobile internet are gradually revealed. At present, the research of mobile botnets has just begun, so there is an urgent need to carry out a systematic study of mobile botnetIn order to effectively deal with the threat of mobile botnet, we should not only focus on the study of the detection methods of mobile botnet, but also focus on the study of the mobile botnet key technologies of security analysis from the perspective of the botnet controller, so that we can predict the development direction of mobile botnet, and propose more targeted mobile botnet defense measures. This thesis studied the basic problems of mobile botnet and the key technologies of security analysis of mobile botnet, including the basic research work of mobile botnet (attack target, application environment and characteristics), mobile botnet model, dynamic key management scheme and the development trend of mobile botnet. The specific contents are the definiton, characteristics, spreading methods and the threads of mobile botnet, the SMS based proof-of-concept mobile botnet design, the SMS-HTTP based hierarchy proof-of-concept mobile botnet design, the study of dynamic key management of mobile botnet and the study of the detection method of mobile botnet. We briefly summarized the main innovation work as follows.1. We implement the positive analysis of the threats of mobile botnet, we propose the mobile botnet definition, analyze the security threats, predict its new attack method. We propose the more accurate definiton of smartphone and mobile phone malware, clarify the relationship between smart phones and the Internet, the relationship between smart phones and the telecommunication networks, analyzed the differences and similarities between smartphone and computer.2. We introduced the concept of heterogeneous network, the degree of network and the height of network into the study of mobile botnet, and proposeed the SMS based proof-of-concept model of heterogeneous mobile botnet. We analyzed the mobile botnet construction methods, attack technologies and communication algorithms. We predict the threats and development direction of mobile botnet, provide the valuable proof-of-concept mobile botnet for the research of mobile botnet detection and prevention methods.3. For the more conplex mobile botnet evolution tendency, we proposed the SMS-HTTP based proof-of-concept model of mobile botnet. The network structure of the mobile botnet model is more suitable for large amounts of data transmission, and can improve the security of mobile botnet. Since the mobile botnet can have a large scale of bot node and the botnet node can be easily affected by many causes, and a network construction algorithm with bot node dynamic refresh mechanism was proposed, the algorithm can effectively refresh the captured or failed bot node, and improved the robustness of mobile botnet.4. As for the mobile botnet communication security, we proposed the dynamic key management scheme for mobile botnet. we introduced the EBS matrix and the bivariate t-degree polynomial, using predistribution key, pairwise key, session key and shared key, proposed the dynamic key management scheme that with a different security level. We proposed the EBS matrix and the bivariate t-degree polynomial based dynamic key management scheme for the communications between the key node of mobile botnet, the EBS matrix and shared key based dynamic key management scheme for the communications between the bot node of mobile botnet. The dynamic key management scheme of mobile botnet can effectively refresh the exposed or failed communication keys. |
PDF Full Text Request