Mobile Viruses and Worms (Project Group 6) Amit Kumar Jain Amogh Asgekar Jeevan Chalke Manoj Kumar Ramdas Rao 31st October 2006 Mobile Worms and Viruses Outline  Introduction  Classification  Threats posed by mobile worms and viruses  Case Studies  Futuristic Threats  Protective Measures Introduction 31st October 2006 Mobile Worms and Viruses Introduction  What is a Mobile Virus? – “Mobile” : pertaining to mobile devices • cell phones, smart phones, PDAs,  Mobile Virus vs. Computer Virus  Mobile Malware: – “Malware”: Malicious Software – All kinds of unwanted malicious software 31st October 2006 Mobile Worms and Viruses Differences with PC  Although similar OSes are being used, differences exist: − Lesser users of mobiles are less “tech literate” − Implies that it is difficult to “rollout security patches” to phones already sold − Mobiles are always “connected” and switched on − “Environment” keeps changing  Imagine one infected phone in a stadium full of people 31st October 2006 Mobile Worms and Viruses Differences  On the positive side: − Several variants of phones exist  A malware for one type of phone may not necessarily be able to infect others − E.g., A virus that uses an MMS exploit cannot infect a phone that does not have that facility at all − Mobile malware not yet causing critical harm  At most − they increase the user's billing, or − cause the mobile phone to stop working (can be restored by a factory reset) Classification of Mobile Worms and Viruses 31st October 2006 Mobile Worms and Viruses Classification  Behavior  Virus  Worm  Trojan  Environment  Operating System  Vulnerable Application  Family name and Variant identifier 31st October 2006 Mobile Worms and Viruses Classification (examples) Source: Kaspersky Labs 31st October 2006 Mobile Worms and Viruses Mobile Virus Families The increase of known mobile malware variants Increases in known mobile malware families Complete (as of 30th August 2006) list of mobile virus families according to Kaspersky Lab classification. http://www.viruslist.com/en/analysis?pubid=200119916 [...]... October 2006 Mobile Worms and Proactive Approach Virus Throttling Algorithm  Quarantine  Source: Bose, Shin (2006) 31st October 2006 Mobile Worms and Questions??? 31st October 2006 Mobile Worms and References  Kaspersky Labs' Report on Mobile Viruses (September 2006) – – http://www.viruslist.com/en/analysis?pubid=200119916 –  http://www.viruslist.com/en/analysis?pubid=198981193 http://www.viruslist.com/en/analysis?pubid=201225789... 2006 Mobile Worms and Case Study - ComWar Second landmark in mobile worms  Spread vector - Bluetooth and MMS  Large spread area due to MMS  Not as proof of concept – Intention to harm by charging the mobile user  Multiple variants detected  31st October 2006 Mobile Worms and Case Study - CardTrap First cross-over mobile virus found  Can migrate from mobile to PC  Propogates as infected mobile. .. October 2006 Mobile Worms and Futuristic Threats Futuristic Developments Location Tracking  Camera and Microphone Bug  Leaking Sensitive Information  DDOS attack on Mobile Service Provider  31st October 2006 Mobile Worms and Protective Measures Securing against attacks  System level security   MOSES Network Level Security  Proactive approach 31st October 2006 Mobile Worms and MOSES  MObile SEcurity... Fencing  Software – Encryption  31st October 2006 Mobile Worms and MOSES • Secure boot and run-time memory protection – prevents software (virus) and physical (code modification) attacks • Provides crypto functions and meets performance and power targets • Provides protection to any sensitive data or cryptographic keys against common attacks 31st October 2006 Mobile Worms and Proactive Approach Paper by...Current threats by mobile malware  For financial gain / loss Unnecessary calls / SMS / MMS  Send and sell private information    Cause phones to work slowly or crash Wipe out contact books and other information on the phone  Remote control of the phone  Install “false” applications 31st October 2006 Mobile Worms and Case Studies Case Study – CABIR First mobile worm  Only as Proof-Of-Concept... http://www.darknet.org.uk/2006/02/locate-anyone-in-the-uk-via-sms/ Protective Measures: – MOSES: http://www.princeton.edu/∼sravi/security.htm – Bose, Shin, “Proactive Security for Mobile Messaging Networks”, WiSe '06, September 29, 2006 31st October 2006 Mobile Worms and Thank You . Viruses Introduction  What is a Mobile Virus? – Mobile : pertaining to mobile devices • cell phones, smart phones, PDAs,  Mobile Virus vs. Computer Virus  Mobile Malware: – “Malware”:. and Viruses Classification (examples) Source: Kaspersky Labs 31st October 2006 Mobile Worms and Viruses Mobile Virus Families The increase of known mobile