Research On Key Techniques Of Botnet Based On Mobile Networks

Mobile networks security is an emerging field. In order to detect the potential security threats existing on this platform, it is necessary to study and analyze the representative malicious attacks. As a new platform starts to popularize, researchers on malicious attacks have to deal with many difficulties such as the lack of background knowledge, typical attack cases, and guidelines of research works. Moreover, an attacker using a mobile botnet platform can easily acquire the user’s private information, initiate a call eavesdropping attack, launch SMS and telephone DDoS attacks, and order high SP services etc. In this sense, the research on key techniques of botnet based on mobile networks determines to create an innovative work rather than to study a subject of science. Nowadays, the study on mobile botnet is still in its infancy, with a small number of related works both at home and abroad.The research fields of this thesis include the mobile network security, malicious attack techniques, and mobile intelligent terminal security. The key techniques address characteristics of mobile networks botnet, the command and control of network architecture, aggressive behavior and communication behavior. Meanwhile, the APT attack scene based on the mobile botnet, mobile botnet are studied. The main work is as follows:(1) A mobile botnet model based on SNS and SMS control is proposed in this thesis. The author analyzes the attack mode and the behavioral characteristics of the malicious attacks of the mobile intelligent terminal as well as the security threats faced by the mobile intelligent terminal. Attackers can control the entire botnet through public social networking server. In the server’s logical layer, the botnet presents a P2P structure of multiple-accounts, and its topology could be defined by the attacker. If a zombie node is out of the reach of the3G/WiFi network service, it is possible to detect the state of the zombie node by means SMS-services-built command control channel. Moreover, the collapsed social network control command channel could be recovered. Thereby the robustness of the botnet could be enhanced.(2) Based on the research of the mobile botnet, this thesis further explored the extended form of botnet attack—APT attacks. After that, it initiated the definition of APT attacks using formulation; APT is composed of five parts, which is mainly used to reflect the penetrating process of attacker. This paper designed and implemented the APT attack scenario based on mobile botnet behavior characteristics, focusing on the purpose of attack. In order to embody the multi-dimensional attack ideas, two levels of attack object sets are proposed, as well as to set up four types of attack channels and two kinds of aggressive behavior to interpret the attack ideology of the multi-path penetration.