Your All-in-One AI-Powered Toolkit for Academic Success.

+13062052269

info@desklib.com

Available 24*7 on WhatsApp / Email

Company

Tools

Support

Comprehensive Review of Cybersecurity Research

Verified

Added on 2021/04/17

AI Summary

This document provides a comprehensive review of various cybersecurity research papers, including studies on botnets, malware attacks, and security analysis. It also includes past papers and solved assignments from renowned conferences and journals, such as SAE Technical Paper, IEEE, and ACM. The review covers topics like detection techniques for repackaged android malware, data leakage prevention systems, and identity inference from public resources.

Contribute Materials

Your contribution can guide someone’s learning journey. Share your documents today.

Running head: INFORMATION SECURITY
INFORMATION SECURITY
Name of the student
Name of the University
Authors note:

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

💎 Get Pro

1INFORMATION SECURITY
Executive Summary
With the rise and advent of popularity in various kinds of wireless devices, the number of small
enabled device has increase in due course of time. Mobile device is becoming more and more
used to people of various kinds of people. It can easily result in various threats which are
vulnerable to malicious codes. Mobile devices heavily depend on open and public transmission
media. It provides a large number of features like email address, downloading of software and
also e-banking. With the increase in the capabilities of these device the impact and threat of
malicious code have increased a lot.

2INFORMATION SECURITY
Table of Contents
Introduction..........................................................................................................................3
Literature Review................................................................................................................4
Structure of botnet...........................................................................................................6
Command and Control.....................................................................................................7
Infection Method.............................................................................................................9
Trigger Events...............................................................................................................10
Solution for detection of malicious activity between phone and server............................10
Distributed Denial of Service Prevention Methods.......................................................10
Mobile Ad Hoc Network (MANET).............................................................................12
Attacks.......................................................................................................................15
Security......................................................................................................................17
Theft of data...................................................................................................................18
Phone Hijacking.............................................................................................................18
Malicious code detection technique...............................................................................19
Signature based detection..........................................................................................19
Behavior Checking....................................................................................................19
Integrity checker........................................................................................................19
Conclusion.........................................................................................................................19
References..........................................................................................................................21

3INFORMATION SECURITY
Introduction
In the year of 2014 mobile malware completed ten years of existence. Cabir was
considered to be first mobile worm discovered in 2004. Mobile malware has been considered to
have the same evolution as the PC malware (Appala et al., 2015). This report mainly focused on
emergence of bots for mobile phones and piece of malware which can easily control by a remote
entity. Command and Control (C&C) server or botmaster is used for performing various kinds of
function. A botnet is nothing but a collection of compromised computer comprised controls done
by a botmaster. Bots or compromised control can be easily used for various kinds of attacks like
Distributed denial of service (DDoS), identification of theft and lastly spamming. Most of
botnets generally makes of command and control server which makes use of botmaster for issues
various kinds of commands to specific bots (Arora, Garg & Peddoju, 2014). Mobile applications
are gaining large amount of popularity in the era of mobile and cloud computing. Most of the
sensitive information is generally stored inside this kinds of mobile application like Facebook,
various authentication tokens and browsing histories of chrome. However, there are certain
number ways which can be used for private files from various application in an indirect way
(Arzt et al., 2014). It is generally achieved by exploiting files in indirect manner by making use
of trusted victims.
In the coming pages of the report a literature review has been done on the various
methods for detection of malicious activity between mobile phone and the server. It is generally
achieved by making use of command and control and by making use of MTM proxy. This paper
mainly discusses the problem that is attackers steal vital information without the consent of
client. Possible solution for detection of malware activity is the analyzation of transmitted
packets between mobile phone and server.

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

💎 Try AI Paraphraser

4INFORMATION SECURITY
Literature Review
Cryptolocker ransomware generally targets various kinds of Android platform which is
used for deactivation of commands from its botmaster. In the first section of the conceptual and
implementation differences between computers and mobile botnets will be discussed.
Platform of operation: According to Chou (2013), the platform for running botmasters
and slaves is considered to be a difference between mobile and PC botnets. In the matter of PC
malware both of the botmaster and salve run on the same kind of platform whereas in the case of
mobile botnets the bot slave is generally mobile phone. Botmaster running on computers or
phone is generally operated by an attacker.
Connectivity: It is stated by Ding, et al (2014) that Mobile botnets are generally
subjected to connectivity of a mobile phone with a cellular network for communication with the
help of cellular network for communication with Command and control (C and C) server.
Whereas PC botnets are generally subjected to internet access of PC that is generally affected by
networks faults and technical errors in the devices. This domain is generally considered to be
leveled for both kinds of botnets.
Lucrativeness: It is stated by Dua and Bansal (2014) that mobile devices generally
provide better lucrative attacks because of fact that they are carried by various kinds of user. It
focusses on providing large value of probability of having proper information from various kinds
of information from audio and video recordings and cameras. It generally focusses on PC botnets
which depend on uptime of device and availability of user. A key point to notice for mobile
botnets that their system counterparts they do not provide any kind of ability which can be used
for location of victim in real time.

5INFORMATION SECURITY
Detection: It is stated by Falcone and Garro (2014) that Possible ways or methods for
detection of sign of infection generally exist in both mobile and PC botnets. Apart from that
mobile botnets address various kinds of risk of detection resulting from various kinds of mobile
bills which can occur due to internet connection or any kind of SMS message in fixed amount or
any kind of unusual number in the call history.
Takedown: It is stated by Grymin and Farhood (2014) that Mobile botnets are generally
considered to be fair for taking down. All the cases addressed so far in the single point of taking
down that can be either a phone number, a sever and email associated with it. However due to
development of new variety with remotely upgraded Command and control, mobile botnets may
have headed towards a new level of complexity for various kinds of PC botnets.
This part mainly discusses Yxes malware for Symbian platform which is considered to be
first step for mobile botnets. In the year of 2009, Symbian malware known as Yxes was
discovered which focused on focused on forecast of mobile botnet.
Internet access: According to Guido et al. (2013), the malware collected information
from various kinds of information from infected phones like serial numbers and subscription
number and after that it is forwarded to remote server by fulfilling of requirement for various
kinds of qualification like bot client.
SMS propagation: According to Guri et al., (2015), Malware generally affect the sent
out message which contains the download link. After that the link is pointed to a copy of the
worm. There are no doubts regarding the fact that remote copy of malware can be easily
upgraded by attackers which focus on the ability for listing various kinds of commands.

6INFORMATION SECURITY
However, Yxes is not considered as a bot because it lacks certain functionality of bot like
ability of accepting commands from distance or remote location (Guri et al., 2014). In the same
year another kind of malware known as Eeki.B on iOS platform was discovered. This type of
variant is generally used for stealing information from infected mobile phones like database of
SMS, OS version of iPhone and SQL version to a remote server. This version was not included
because of two important reasons namely
Jailbroken devices: Malware generally worked as type of Jailbroken device. Apart from
this it only tends to work on SSH-enabled applications and makes use of ssh password known as
‘alpine’.
C and C down: The malware is generally needed or required so that it can easily qualify
as a bot. In this matter there are certain number of confirmed cases known as exact response
which is generally received from C and C.
Structure of botnet
In a generic botnet, various components are considered to be necessary which is mainly
inclusive of structure of command and control, a protocol for communication, functionality
related to bot, infection method and events (Hoekstra et al.,2013). After the infection, the system
of victim generally runs or executes a script known as shell. The main task of this to easily fetch
image of bot binary from a particular location or area. After that hot binary is generally installed
on the targeted machine.

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

💎 Get Pro

7INFORMATION SECURITY
Fig 1: Life cycle of generic botnet
(Source: Created by Author)
In the Fig 1 an idea has been gathered regarding generic botnet which focus on command
and control. The botmaster generates issues of commands by the help of internet relay chat (IRC)
servers with the help of infected host.
Command and Control
Among various kinds of command and control (C and C) of botnets, IRC is considered to
be successful and has been implemented by majority of botnets. The ultimate goal of IRC is to
provide synchronous way of messaging (Karim, Shah & Salleh, 2014). IRC is generally used for
online chat, audio and video conferencing and it also address text based function by various
kinds on multi-user. IRC generally enables various kinds of botmaster to generate commands to
individual kinds of bot. Another benefit of using IRC for a particular kind of botnet is the
command and control traffic which is considered to be difficult to normal kind of IRC usage.

8INFORMATION SECURITY
IRC depend botnet is considered to be a centralized way as the botmaster makes use of
one server or more than one server and can easily communicate directly with all the bots (Khan
et al., 2016). IRC is based on C and C architecture which is considered to be easy to build or
construct and aims in providing efficient and effective ways or method for distributing botmaster
commands. By making use of C and C server a single botmaster can easily control a large
number of bots.
Instead of making use of IRC channel, a few kind of botnet have make use of peer to peer
(P2P) mechanism for C and C. In proper peer to peer architecture, in the network architecture
any node can easily act like a server and client (Kharraz et al.,2014). For a kind of botnet, the
benefit of P2P is that there are is no single point of failure. It is considered to be extremely
difficult for law enforcement to stop P2P botnet even if the botnet is considered to be in offline
state, botnet may have considered to function. However, it is generally considered to be difficult
for developing of architecture of P2P botnet.
Some of the examples of botnets based on IRC-based botnets are AgoBot, SpyBot,
GTBot, SDBot. All the botnets have been described in details in the coming pages.
AgoBot is generally is encrypted in C/C++ and because of use standard structure of data
it becomes for various kinds of attackers to change and add new functions to it (Kim & Lie,
2015). It is a sophisticated type of malware which can easily launch various kinds of DDoS kind
of attacks and can easily harvest various kinds of sensitive information. It can easily evade
various kinds of detection by making use of vulnerabilities, closure of back door and stopping of
access to various kinds of internet sites.

9INFORMATION SECURITY
SpyBot is taken to be enhanced or upgraded form of SDBot and is generally written in C
language. It has only 3000 lines of codes and comes up with scanning capability and host
controlling functions. GTBot stands for Global threat Bot is also known as Aristotles can easily
perform, port scanning and RPC exploration. In comparison to AgoBot and SpyBot, GTBot
gives limited amount of controls over host (Konoth, van der Veen & Bos, 2016). A GT bot is
only capable of obtaining local type of system information and can easily affect local files.
SDBots are source codes which are written in C and generally consist of less than 2500
lines of codes. It has certain number of command set and specification much similar to AgoBot.
SDBot is considered to be powerful scanning tool which is used for locating various potential
victims. P2P botnets are generally considered to be difficult for construction and there are few
examples of such kinds of botnets (Kraunelis et al., 2013). Some recent example of P2P botnet
is Nugache and Storm. Storm is generally inclusive of distributed denial service (DDoS) which is
nothing but triggered based on information which is generally gathered from various kinds of
overlay networks.
Infection Method
Another important part of design of practical botnet is method which is used for infecting
various systems. Some of the generally methods used by Botnet are:
 Exploiting the vulnerabilities that is security bugs and followed by downloading
and installing of software.
 Exploiting of various kinds of network services like RPC or MSSQL.
 Tricking of various kinds of user by downloading and execution of various
programs.

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

💎 Try AI Paraphraser

10INFORMATION SECURITY
Trigger Events
A trigger event can be easily used for activation of botnet for performing various kinds of
malicious activities (Machado, Barreto & Yano, 2013). For example, a specific date can be easily
used on certain time of day and easily serve as a trigger event.
Convert channels
A convert channel is generally used for establishing communication path which is
generally not intended by a system designer. Convert channel arises in many situations within
network communication (Machado et al., 2015). Convert channels are generally considered to be
virtually impossible for elimination in high-security environment and main stress is only limited
to capacity of channels.
Solution for detection of malicious activity between phone and server
Distributed Denial of Service Prevention Methods
In the world of computers and smart phone a revolution came with the advancement of
internet. Internet has become an important in present society as it is changing the way of
communication, business mode (Machado et al., 2014). Various kinds of services like banking,
power and defense are now dependent on internet. Use of internet technology are now growing at
a rapid rate as various organization round the globe are large dependent on it.
A DOS attack generally makes use of various for launching coordinate attacks against
one or more targets. It is generally launched by sending a stream of computerized system by
transmitting a stream of useless aggregate traffic which is mainly focused to exploit various
kinds of victims (Nagy & Mezei, 2016). There are many kinds of side effects of DDoS attack
like it generally creates congestion on the way from the source to the target which ultimately

11INFORMATION SECURITY
disrupts the normal kind of network kind of internet operation. At present major of the internet
operation are carried by organized criminals which ultimately hampers financial institutions and
e-commerce. Classification of wide range of DDoS attacks are generally found in wild which
internet providers and users are needed to be well aware. It was launched in two forms namely
first one to exploiting of software vulnerabilities and second form is to make use of massive
volume (Nigam, 2015). The first form focus on target by sending packets and crashing of system.
The second form is to garbled packets so one can easily look for communication resource on
proper machine so that it cannot serve various kinds of legitimate users. The resource consumed
by various kinds of attacks focus on network bandwidth, disk space, data structure and various
kinds of network connection. It is possible to easily to establish protection for first form of
patching down of vulnerabilities, on the contrary second form cannot be easily prevented (Ning
& Yan, 2015). Various targets can be easily attacked as they are generally connected to a public
network.
DDoS is generally known as event in which a user or organization deprives certain
number of services like web, network connectivity. It is generally considered to be a resource
overloading problem. Resource can be anything like bandwidth, CPU cycles and buffers. The
attackers can easily bombard resources by flood of packets or can easily make use of single logic
packets that can activate a series of process.
Network bandwidth Resources: This is generally related with capacity of linking
various kinds of servers to wider value of internet or connectivity between clients and IPS
(Internet Service Provider). Major of the time bandwidth of client’s internal network is
considered to be less connectivity with the external kinds of network. Traffic which generally

12INFORMATION SECURITY
comes of the internet to the client can easily consume the entire value of bandwidth of the client
network.
System memory resources: An attack aiming the resources of system memory that is
mobile phone generally focus on crashing its network handling software rather than consumption
of bandwidth within the large traffic volume (Oladejo, 2014). Specific kinds of packets are
generally sent to create a confusion of the operating system or other kinds of resources of the
victim’s machine. This generally makes use of temporary buffer which is used for storing
arriving packets, tables for open connections and similar kind of memory data structure. The
second kind of system resource is to make use of packets which structure generally trigger a bug
in the network software (Petsas et al., 2014). Overloading the target machines or making a host
can easily result in host crush, freeze action mainly focus on the fact system cannot establish
longer communication until and unless the software is properly reloaded.
System CPU resources/ Computational capacity: An attack focusing on targeting
system’s resource focus on establishment on employment of sequence of quires which is used for
executing complex commands. Internet key exchange protocol (IKE) is the current tool for
various kinds of key establishment (Pieterse & Olivier, 2013). IKE’s aggregated model is still
very susceptible to various kinds of DoS attacks which can be against to both memory resource
and computational form.
Mobile Ad Hoc Network (MANET)
Mobile Ad Hoc Network (MANET) is nothing but an infrastructure based network and
wireless mobile nodes. MANET is a kind of Ad Hoc network which comes up with special
characteristic like open network boundary, dynamic kind of protocol, distributed network and
fast and quick implementation and lastly hop communication. The characteristic of MANET

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

💎 Get Pro

13INFORMATION SECURITY
made it popular in popular especially in military and disaster management application. There are
mainly three important aspects for security parameter for MANET. Three security parameter in
MANET are:
Network Overhead: According to () this parameter mainly refers to number of control
packets which are generated by various kinds of security approaches. As a result of shared to
wireless devices additional control packets can lead to congestion or collision in MANET
(Rahangdale et al., 2014). Packets which are lost are generally result of congestion and collision.
High packets overhead generally increases overhead packets which are lost and number of
packets which are retransmitted. This will ultimately waste node energy and various resources of
networks.
Processing time: Each of the security approaches generally need right amount of time
for proper detection of misbehaviors and elimination of malicious nodes (Raveendranath et al.,
2014). As a result of MANETs dynamic topology it is easily possible for creating routes between
two different nodes break due to mobility. Security approaches must have low value as much as
possible so that they can easily create flexibility and avoid rerouting of approaches.
Energy Consumption: In MANET various nodes have only limited value of energy
supply. So optimization of network can be considered to be highly challengeable in MANET.
High consumption of energy reduces the nodes and life of network.
Each of the security protocol must be well aware of the above mentioned network
parameters. In some of the cases a tradeoff must be there between parameters so that they can
easily perform a satisfaction level for them (Satapathy & Livingston, 2016). Security protocol

14INFORMATION SECURITY
which disregard the above mentioned parameters are not considered to be efficient because they
are generally considered to be waste of various network resources.
There are generally two aspects in security that are security services and attacks. Services
are generally referred to protecting policies for making a network secure while on the other hand
attacks makes use of network vulnerabilities which is used for defeating a security service. The
ultimate goal of security services is to increase is to secure a network before any kind of attack
take place and it also makes it harder for malicious node to break the security of network. As a
result of special features of MANET, it addresses a lot of challenges. For securing of MANET a
tradeoff generally lies between various services which are provided which ultimately focus on
the fact that one service can easily guarantee without other kind of services which results in
failing of various kinds of secure system. A proper kind of tradeoff between various kinds of
network services results in failing of security of system. Five important aspects of security
services and their challenges has been discussed.
Availability: Authorized node must access to various kinds of data and services which is
present in a network. Main challenges mainly arise due to MANET dynamic topology which
consist of open topology (Schutz et al., 2013). Time required for a node to access a network
service or data is known as accessing time is considered to be one of the important security
parameters. By making various kinds of security and authentication level the service is
disregarded by passing various kinds of security levels in time.
Authentication: The ultimate notion of this service is to provide proper kind of
communication between two dissimilar nodes (Shahriar & Clincy, 2014). When a node receives
packet from a source then it must be in such that it can easily identify various kinds of source

15INFORMATION SECURITY
nodes. Only method of providing this kind of service is to make use of certification whenever
there is control unit, key distribution and key management which are challengeable.
Data Confidentiality: As per this kind of service, each node of the application must have
proper access to specific kind of services which have permission to proper kind of access. Major
amount of service is generally makes use of encryption method while in the case MANET there
is no kind of central management (Tahboub & Saleh, 2014). Key distribution addresses a lot of
issues or challenges and is some of the cases is considered to be impossible. The basic goal or
idea is to transform a secret message into various kinds of multiple secret message into multiple
layers and after that delivering of sharing schemes into destination path.
Integrity: As per the various kinds of integrity services authorization nodes can create,
edit or make adjustment to packets. In the case of man in the middle attacks is considered to be
against the services. It is nothing but a method which is used for DSR routing protocol and
having integrity by securing various kinds of discovering phase of protocol.
Non-Repudiation: By making use of this service neither source or destination can easily
repudiate the behavior or data. It can be easily stated that if a particular node receives a packet
from node 2 and sends a reply then node 2 cannot repudiate the packet which has been
transmitted.
Attacks
Black hole attack: In this kind of attack, malicious node can easily inject fault routing
information which is present in a network and easily packet towards itself, followed by
discarding of all the things (Tariq & Baig, 2016). In this kind of approach when a source node
receives RREP packets, it is generally transmitting a conformation packet through the best path

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

💎 Try AI Paraphraser

16INFORMATION SECURITY
to the destination and also checks path to destination and also checks destination whether a route
to RREP generator or Next hop node will be considered as a malicious node.
Worm Hole Attack: In case of hole attack, malicious node generally records at one
location of the network and tunnels them to one other location. Fault routing information can
easily affect routes in a network. Securing of MANET is generally done by making use of
encryption and use of node information.
Byzantine attack: In this kind of attack malicious code generally inject fault kind of
routing information to a network so that one can easily packets in a loop. One of the method
which can be used for protection of network is making use of authentication (Tariq & Baig,
2016). It mainly addresses a mechanism which can be used for defeat against this type of attack
by making use of RSA authentication.
Routing attack: In this kind of attack, malicious code generally tries to make
modification or deletion of nodes by making use of routing tables. By making use of this kind of
attack malicious node can easily destroy, routing information table in the form of ordinal nodes.
This ultimately results in increase time required for packet overhead and processing.
Session hijacking: It is considered to be a critical kind of error and provides a platform
of opportunity for various malicious codes so that they can easily behave like legitimate system.
By making use of this attack, malicious code can easily affect the efficient ways to defeat various
kinds of attack.
Jamming attacks: Jamming attacks is nothing but a kind of DOS attack. The main
objective of a jammer is to interfere with various kinds of legitimate wireless based
communication (Vania, Meniya & Jethva, 2013). A jammer can easily achieve its goal by

17INFORMATION SECURITY
prevention of real kind of traffic source and sending out various kinds of packets. It can also be
achieved by having prevention of reception of various kinds of legitimate packets.
Man-in the middle attacks: In this kind of attack malicious node can be put between
source and destination. It then captures all the packets and drops followed by modification. Hop
modification can be easily achieved by MANET which is considered to be vulnerable to this
kinds of attacks. Authentication and cryptography is considered to be best way for dealing with
this kinds of attacks.
Security
The best way for providing network security in MANET is to easily decrease various
kinds of network overhead and to incorporate security approaches with other kinds of challenges.
Both of the challenges incorporated can be easily achieved by improvisation of various kinds of
security protocols.
Securing routing protocols: The ultimate goal of approach is easily providing some
kind of security in the domain of routing phase. When a node wants to create a path to
destination, it can make use of some kind of mechanism so that secure path can be found and
malicious node can be easily found. In MANET there are generally one path between two kinds
of nodes. Selection of best path is generally dependent on both routing and security which will
ultimately improvise security parameters.
Security in QOS: Use of security mechanism generally increases packet delivery time
and time of processing which is present in each kind of node. This ultimately results in creation
of negative impact on QOS. So providing QOS apart from security in MANET is generally
considered to be very challengeable.

18INFORMATION SECURITY
Cluster based security: This kind of approach makes use of clustering so that it can
easily provide more efficient kinds of situation related to security protocols. Cluster are generally
used for security goals as it is considered to be very important thing which can easily solve
problems of key distribution and key management (Zhou et al., 2013). Clusters can easily solve
some of security challenges while cluster creation and maintenance is considered to be
challengeable due to MANETS dynamic topology.
Theft of data
Hackers often makes use of mobile device so that transient information and static
information can be easily obtained. Transient information is generally inclusive of phone
location, power usage and kind of data which the device does not normally record (Zhou et al.,
2013). It generally attacks on the static kind of information which the cellular device store or
which is send over the network. This kind of attack is mainly used for gathering of data like
contact information, phones numbers and various kinds of programs which is generally stored on
smart phones. Bluesnarfing and bluebugging attacks are well known kinds of data theft. In the
case of bluebugging attack a hacker gets an unauthorized access to cellphone and this is
generally inclusive of listening of calls which is made from victim’s phones. In the beginning
bluebugging was limited to listening in and extension and extension recording which are made
from this conversation. However, this kind of attacks merely focus on manipulation of various
kinds of function which is present on the phone (Zhou et al., 2013). For example, a hacker can
easily make use of victims to make certain number of calls, send SMS and carry out certain
number of task which can the mobile phone can easily do. On the other hand, bluesnarfing
attacks generally consist of unauthorized kind of access or retrieval of data from various kinds of
application like calendar, contact list and gallery by making use of Bluetooth technology.

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

💎 Get Pro

19INFORMATION SECURITY
Downloading of information is can be easily done by making of various tools which is mainly
designed or done for bluesnarfing.
Phone Hijacking
Some of the malware can easily make use of resource which is present in victim’s phone.
Certain number of possibilities is inclusive of long distance call, sending and receiving of SMS.
Mosquito virus is well known example of phone hijacking (Zhou et al., 2013). Pirated copies of
computer game can easily damage with a virus which is sent expensive SMS message which the
user displays on ilicit copy of game. Hijacking of phone resources is generally not expected as
the malware authors have been considered to be victims of resources.
Malicious code detection technique
Signature based detection
Signature based technique is a popular kind of technique which is totally based on
searching form previously defined virus signature which is present in the input files (Zhou et al.,
2013). It has certain number of advantages of detection of malicious activity before the system
the system is affected by any kind of malicious code.
Behavior Checking
It is another kind of popular technique which is used for analyzing behavior which
generally resides in memory looking for unusual behavior. It has only a disadvantage by the time
in which malicious code is detected it has already some number of changes which have been
done to the system.

20INFORMATION SECURITY
Integrity checker
This technique is mainly used for maintaining a log of files which are generally present in
a system (Zhou et al., 2013). The log generally contains certain characteristic of file like size of
file, date or time for stamp. Whenever a integrity runs, it generally checks the certain number of
files which are present on the system and makes a comparison with the certain number of
characteristic which are saved earlier.
Conclusion
From the above discussion it can be easily stated that is report is all about literature
review on MITM project. The report mainly focuses on certain activities which can be used for
detection of malicious activities which occur between phone and server. The mode mainly makes
use of command and control mechanism. It generally addresses the fact that lot of attackers steal
information from clients without approval or consent. A list of solution has been provided which
can be used for detection of malware activity between phone and server which is only possible
by analyzing or checking various kinds of packets transmitted between them. In the above pages
an idea has been provided regarded botnet. Various aspects of botnet like platform of operation,
connectivity, lucrativeness, detection, takedown, internet access and SMS propagation has been
discussed in details. After that structure of botnet has been discussed along a proper kind of
figure has been provided. Various kinds of IRC based botnets like AgoBot, SpyBot and SDBots
has been discussed in details. Various kinds of infection methods, trigger events and convert
channels has been discussed in details. Various kinds of solution detection techniques like
distributed denial of service prevention (DDoS) has been discussed in details. While discussing
DDoS methods various kinds of aspects like network bandwidth resources, system memory
resources and System CPU resources. After that MANET that is mobile Ad Hoc Network has

21INFORMATION SECURITY
been discussed in details along with various kinds of aspects like network overhead, processing
time and energy consumption. Two aspects of security like security services and attacks has been
discussed. Five important terms of security services like availability, authentication, data
confidentiality, integrity and non-repudiation has been discussed in details. Various kinds of
attacks and security has been discussed in details. After that theft of data, phone hijacking and
malicious kinds of code techniques has been discussed in details.

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

💎 Try AI Paraphraser

22INFORMATION SECURITY
References
Appala, S., Cam-Winget, N., McGrew, D., & Verma, J. (2015, October). An actionable threat
intelligence system using a publish-subscribe communications model. In Proceedings of
the 2nd ACM Workshop on Information Sharing and Collaborative Security (pp. 61-70).
ACM.
Arora, A., Garg, S., & Peddoju, S. K. (2014, September). Malware detection using network
traffic analysis in android based mobile devices. In Next generation mobile apps, services
and technologies (NGMAST), 2014 eighth international conference on (pp. 66-71). IEEE.
Arzt, S., Rasthofer, S., Fritz, C., Bodden, E., Bartel, A., Klein, J., ... & McDaniel, P. (2014).
Flowdroid: Precise context, flow, field, object-sensitive and lifecycle-aware taint analysis
for android apps. Acm Sigplan Notices, 49(6), 259-269.
Chou, T. S. (2013). Security threats on cloud computing vulnerabilities. International Journal of
Computer Science & Information Technology, 5(3), 79.
Collaboration, S. A., Machado-Major, A. F., Barreto, A. B., & Yano, E. T. Architecture for
Cyber Defense Simulator in Military Applications.
Ding, J. H., Chien, R., Hung, S. H., Lin, Y. L., Kuo, C. Y., Hsu, C. H., & Chung, Y. C. (2014). A
framework of cloud-based virtual phones for secure intelligent information
management. International Journal of Information Management, 34(3), 329-335.
Dua, L., & Bansal, D. (2014). Review on mobile threats and detection techniques. International
Journal of Distributed and Parallel Systems, 5(4), 21.

23INFORMATION SECURITY
Falcone, A., & Garro, A. USING THE HLA STANDARD IN THE CONTEXT OF AN
INTERNATIONAL SIMULATION PROJECT: THE EXPERIENCE OF THE
“SMASHTEAM”. In Proc. of the 15th International Conference on Modeling and
Applied Simulation, MAS (Vol. 16, pp. 121-129).
Grymin, D. J., & Farhood, M. (2014, June). Two-step system identification for control of small
UAVs along pre-specified trajectories. In American Control Conference (ACC),
2014 (pp. 4404-4409). IEEE.
Guido, M., Ondricek, J., Grover, J., Wilburn, D., Nguyen, T., & Hunt, A. (2013). Automated
identification of installed malicious Android applications. Digital Investigation, 10, S96-
S104.
Guri, M., Kachlon, A., Hasson, O., Kedma, G., Mirsky, Y., & Elovici, Y. (2015, August).
GSMem: Data Exfiltration from Air-Gapped Computers over GSM Frequencies.
In USENIX Security Symposium (pp. 849-864).
Guri, M., Kedma, G., Kachlon, A., & Elovici, Y. (2014, October). AirHopper: Bridging the air-
gap between isolated networks and mobile phones using radio frequencies. In Malicious
and Unwanted Software: The Americas (MALWARE), 2014 9th International Conference
on (pp. 58-67). IEEE.
Hoekstra, M., Lal, R., Pappachan, P., Phegade, V., & Del Cuvillo, J. (2013). Using innovative
instructions to create trustworthy software solutions. HASP@ ISCA, 11.
Karim, A., Shah, S. A. A., & Salleh, R. (2014). Mobile botnet attacks: a thematic taxonomy.
In New Perspectives in Information Systems and Technologies, Volume 2 (pp. 153-164).
Springer, Cham.

24INFORMATION SECURITY
Khan, R., Maynard, P., McLaughlin, K., Laverty, D., & Sezer, S. (2016, August). Threat
Analysis of BlackEnergy Malware for Synchrophasor based Real-time Control and
Monitoring in Smart Grid. In ICS-CSR.
Kharraz, A., Kirda, E., Robertson, W., Balzarotti, D., & Francillon, A. (2014, June). Optical
delusions: A study of malicious QR codes in the wild. In Dependable Systems and
Networks (DSN), 2014 44th Annual IEEE/IFIP International Conference on (pp. 192-
203). IEEE.
Kim, B. H., & Lie, D. (2015, May). Caelus: Verifying the consistency of cloud services with
battery-powered devices. In Security and Privacy (SP), 2015 IEEE Symposium on (pp.
880-896). IEEE.
Konoth, R. K., van der Veen, V., & Bos, H. (2016, February). How anywhere computing just
killed your phone-based two-factor authentication. In International Conference on
Financial Cryptography and Data Security (pp. 405-421). Springer, Berlin, Heidelberg.
Kraunelis, J., Chen, Y., Ling, Z., Fu, X., & Zhao, W. (2013, December). On malware leveraging
the Android accessibility framework. In International Conference on Mobile and
Ubiquitous Systems: Computing, Networking, and Services(pp. 512-523). Springer,
Cham.
Machado, A. F., Barreto, A. B., & Yano, E. T. (2013). Architecture for cyber defense simulator
in military applications. AERONAUTICAL INST OF TECH SAO JOSE DOS CAMPOS
(BRAZIL).

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

💎 Get Pro

25INFORMATION SECURITY
Machado, D., Martins, A., Almeida, J. M., Ferreira, H. A., Amaral, G., Ferreira, B. M., ... &
Silva, E. (2015). Water jet based autonomous surface vehicle for coastal waters
operations.
Machado, D., Martins, A., Almeida, J. M., Ferreira, H., Amaral, G., Ferreira, B., ... & Silva, E.
(2014, September). Water jet based autonomous surface vehicle for coastal waters
operations. In Oceans-St. John's, 2014 (pp. 1-8). IEEE.
Mackay, H. Coordination in Crisis Response Networks: Empirical Results of Applying
Coordination Theory and Complex Networks Analysis. Handbook on Networks in
Innovation and Crisis Management: Theory and Practice in a Dynamic and Disruptive
Environment, 1.
Nagy, H. Z. A., & Mezei, K. (2016). The Organised Criminal Phenomenon on the Internet. JE-
Eur. Crim. L., 137.
Nigam, R. (2015). A timeline of mobile botnets. Virus Bulletin, March.
Ning, J., & Yan, F. (2015). Detection of injected urea quantity and correction for SCR urea
dosing control (No. 2015-01-1038). SAE Technical Paper.
Noori, N. S., & Miralles, F. The Role of C2C in Facilitating Coordination in Emergency
Response Networks.
Oladejo, M. O. (2014). Bounded Rationality Constraints. Research Journal of Applied
Sciences, 9(1), 1-11.

26INFORMATION SECURITY
Petsas, T., Voyatzis, G., Athanasopoulos, E., Polychronakis, M., & Ioannidis, S. (2014, April).
Rage against the virtual machine: hindering dynamic analysis of android malware.
In Proceedings of the Seventh European Workshop on System Security (p. 5). ACM.
Pieterse, H., & Olivier, M. (2013, January). Design of a hybrid command and control mobile
botnet. In Proceedings of the 8th International Conference on Information Warfare and
Security, ICIW (p. 183).
Rahangdale, T. G., Tijare, P. A., Sawalkar, S. N., Balhare, Z. J., & Gulhane, V. S. (2014). An
overview on security analysis of Session Initiation Protocol in VoIP
network. International Journal of Research in Advent Technology, 2(4), 190-195.
Raveendranath, R., Rajamani, V., Babu, A. J., & Datta, S. K. (2014, July). Android malware
attacks and countermeasures: Current and future directions. In Control, Instrumentation,
Communication and Computational Technologies (ICCICCT), 2014 International
Conference on (pp. 137-143). IEEE.
Satapathy, A., & Livingston, L. J. (2016). A Comprehensive Survey of Security Issues and
Defense Framework for VoIP Cloud. Indian Journal of Science and Technology, 9(6).
Schutz, P., Breuer, M., Hofken, H., & Schuba, M. (2013). Malware proof on mobile phone
exhibits based on GSM/GPRS traces. In The Second International Conference on Cyber
Security, Cyber Peacefare and Digital Forensic (CyberSec2013) (pp. 89-96). The Society
of Digital Information and Wireless Communication.
Shahriar, H., & Clincy, V. (2014, December). Detection of repackaged android malware.
In Internet Technology and Secured Transactions (ICITST), 2014 9th International
Conference for (pp. 349-354). IEEE.

27INFORMATION SECURITY
Tahboub, R., & Saleh, Y. (2014, January). Data leakage/loss prevention systems (DLP).
In Computer Applications and Information Systems (WCCAIS), 2014 World Congress
on (pp. 1-6). IEEE.
Tariq, F., & Baig, S. (2016). Botnet classification using centralized collection of network flow
counters in software defined networks. International Journal of Computer Science and
Information Security, 14(8), 1075.
Trivedi, B., & Noorani, Z. Botnet and Detection Technique.
Vania, J., Meniya, A., & Jethva, H. B. (2013). A review on botnet and detection
technique. International Journal of Computer Trends and Technology, 4(1), 23-29.
Zhou, X., Demetriou, S., He, D., Naveed, M., Pan, X., Wang, X., ... & Nahrstedt, K. (2013,
November). Identity, location, disease and more: Inferring your secrets from android
public resources. In Proceedings of the 2013 ACM SIGSAC conference on Computer &
communications security (pp. 1017-1028). ACM.

1 out of 28

+13062052269

info@desklib.com

Comprehensive Review of Cybersecurity Research

Contribute Materials

Secure Best Marks with AI Grader

Paraphrase This Document

Secure Best Marks with AI Grader

Paraphrase This Document

Secure Best Marks with AI Grader

Paraphrase This Document

Secure Best Marks with AI Grader

Paraphrase This Document

Secure Best Marks with AI Grader

Related Documents

Botnet operations and communication

(PDF) Study of Botnets and their threats to Internet Security

Security threats Assignment PDF

The Assignment on Information Security

Detecting Malicious Traffic between Server and Mobile Phones using MITM Proxy

Overview of Network Security Discussion 2022