Title:
Evaluating Bluetooth as a Medium for Botnet Command and Control
Evaluating Bluetooth as a Medium for Botnet Command and Control
Author(s)
Jain, Nehil
Lee, Wenke
Sangal, Samrit
Singh, Kapil
Traynor, Patrick
Lee, Wenke
Sangal, Samrit
Singh, Kapil
Traynor, Patrick
Advisor(s)
Editor(s)
Collections
Supplementary to
Permanent Link
Abstract
Malware targeting mobile phones is being studied with increasing interest by the research community. While
such attention has previously focused on viruses and worms, many of which use near-field communications in
order to propagate, none have investigated whether more complex malware such as botnets can effectively
operate in this environment. In this paper, we investigate the challenges of constructing and maintaining mobile
phone-based botnets communicating nearly exclusively via Bluetooth. Through extensive large-scale simulation
based on publicly available Bluetooth traces, we demonstrate that such a malicious infrastructure is possible in
many areas due to the largely repetitive nature of human daily routines. In particular, we demonstrate that
command and control messages can propagate to approximately 2/3 of infected nodes within 24 hours of being
issued by the botmaster. We then explore how traditional defense mechanisms can be modified to take advantage
of the same information to more effectively mitigate such systems. In so doing, we demonstrate that mobile
phone-based botnets are a realistic threat and that defensive strategies should be modified to consider them.
Sponsor
Date Issued
2009
Extent
Resource Type
Text
Resource Subtype
Technical Report