Abstract
The capabilities of the modern smartphones make them the obvious platform for novel mobile applications. The open architectures, however, also create new vulnerabilities. Measures for prevention, detection, and reaction need to be explored with the peculiarities that resource-constrained devices impose. Smartphones, in addition to cellular broadband network capabilities, include WiFi interfaces that can even be deployed to set up a mobile ad hoc network (MANET). While intrusion detection in MANETs is typically evaluated with network simulators, we argue that it is important to implement and test the solutions in real devices to evaluate their resource footprint. This paper presents a modular implementation of an anomaly detection and mitigation mechanism on top of a dissemination protocol for intermittently-connected MANETs. The overhead of the security solution is evaluated in a small testbed based on three Android-based handsets and a laptop. The study shows the feasibility of the statistics-based anomaly detection regime, having low CPU usage, little added latency, and acceptable memory footprint.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
Similar content being viewed by others
References
Asplund, M., Nadjm-Tehrani, S.: A partition-tolerant manycast algorithm for disaster area networks. In: IEEE Symposium on Reliable Distributed Systems, pp. 156–165. IEEE Computer Society, Los Alamitos (2009)
Vergara, E.J., Nadjm-Tehrani, S., Asplund, M., Zurutuza, U.: Resource footprint of a manycast protocol implementation on multiple mobile platforms. In: The Fifth International Conference on Next Generation Mobile Applications, Services and Technologies, NGMAST 2011. IEEE (September 2011)
Hastily Formed Networks, http://www.ida.liu.se/~rtslab/HFN
Landman, M.: Managing smart phone security risks. In: Information Security Curriculum Development Conference, InfoSecCD 2010, pp. 145–155. ACM, New York (2010)
Cheng, J., Wong, S.H., Yang, H., Lu, S.: SmartSiren: virus detection and alert for smartphones. In: Proceedings of the 5th International Conference on Mobile Systems, Applications and Services, MobiSys 2007, pp. 258–271. ACM, New York (2007)
Bose, A., Hu, X., Shin, K.G., Park, T.: Behavioral detection of malware on mobile handsets. In: Proceeding of the 6th International Conference on Mobile Systems, Applications, and Services, MobiSys 2008, pp. 225–238. ACM, New York (2008)
Schmidt, A.D., Peters, F., Lamour, F., Albayrak, S.: Monitoring smartphones for anomaly detection. In: Proceedings of the 1st International Conference on MOBILe Wireless MiddleWARE, Operating Systems, and Applications, MOBILWARE 2008, pp. 40:1–40:6. ICST (Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering), Brussels (2007)
Kim, H., Smith, J., Shin, K.G.: Detecting energy-greedy anomalies and mobile malware variants. In: Proceeding of the 6th International Conference on Mobile Systems, Applications, and Services, MobiSys 2008, pp. 239–252. ACM, New York (2008)
Shabtai, A., Kanonov, U., Elovici, Y., Glezer, C., Weiss, Y.: Andromaly: a behavioral malware detection framework for Android devices. Journal of Intelligent Information Systems, 1–30 (2011)
Xenakis, C., Panos, C., Stavrakakis, I.: A comparative evaluation of intrusion detection architectures for mobile ad hoc networks. Computers & Security 30(1), 63–80 (2011)
Cucurull, J., Asplund, M., Nadjm-Tehrani, S.: Anomaly Detection and Mitigation for Disaster Area Networks. In: Jha, S., Sommer, R., Kreibich, C. (eds.) RAID 2010. LNCS, vol. 6307, pp. 339–359. Springer, Heidelberg (2010)
Vergara, E.J.: Implementation of a manycast protocol for intermittently connected mobile ad hoc networks in disaster areas, Master Thesis. Linköping University (2010), http://urn.kb.se/resolve?urn=urn:nbn:se:liu:diva-58603
IDC: Press Release (June 2011), http://www.idc.com/getdoc.jsp?containerId=prUS22871611
Enck, W., Ongtang, M., McDaniel, P.: Understanding Android security. IEEE Security Privacy 7(1), 50–57 (2009)
Shabtai, A., Fledel, Y., Kanonov, U., Elovici, Y., Dolev, S., Glezer, C.: Google android: A comprehensive security assessment. IEEE Security Privacy 8(2), 35–44 (2010)
Burguera, I., Zurutuza, U., Nadjm-Tehrani, S.: Crowdroid: Behavior-based malware detection system for Android. In: Workshop on Security and Privacy in Smartphones and Mobile Devices, SPSM 2011. ACM (October 2011)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2012 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Cucurull, J., Nadjm-Tehrani, S., Raciti, M. (2012). Modular Anomaly Detection for Smartphone Ad Hoc Communication. In: Laud, P. (eds) Information Security Technology for Applications. NordSec 2011. Lecture Notes in Computer Science, vol 7161. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-29615-4_6
Download citation
DOI: https://doi.org/10.1007/978-3-642-29615-4_6
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-29614-7
Online ISBN: 978-3-642-29615-4
eBook Packages: Computer ScienceComputer Science (R0)