{"id":411,"date":"2011-06-07T17:21:09","date_gmt":"2011-06-07T17:21:09","guid":{"rendered":"http:\/\/www.syslog.cl.cam.ac.uk\/?p=411"},"modified":"2011-06-07T17:21:09","modified_gmt":"2011-06-07T17:21:09","slug":"mobware","status":"publish","type":"post","link":"https:\/\/www.syslog.cl.cam.ac.uk\/2011\/06\/07\/mobware\/","title":{"rendered":"Temporal Complex Network Measures for Mobile Malware Containment"},"content":{"rendered":"

Picture the scene: you've bought a shiny new smartphone and have been customising it all weekend by installing various apps from the app store, however the following week you encounter a run of bad luck...<\/p>\n

...first your house is burgled when you're at work, next your credit card is maxed out, your friends have been receiving spam text messages from you and to top it off, weeks later, some of your colleagues have had the same experience; what is going on<\/em>?<\/p>\n

\"\"<\/p>\n

Little beknown to you, within one of these seemingly innocuous apps lurks a piece of mobile malware (mobware) which has access to a wealth of personal information which an attacker can access remotely. \u00c2\u00a0First, the app can track your location using the GPS which can be used to infer when you are away from the house; secondly it can key-log your mobile banking app to gain access to your credit card; an attacker can send messages on your behalf to everyone in your phonebook; and finally, the app can use bluetooth to jump from your device to another near-by device.<\/p>\n

This might all seem far fetched but the technology is available right now. A recent ENISA report highlights the threats that mobware can have on personal and business users [1] and the latest McAfee Labs report shows that mobware is on the rise [2].<\/p>\n

What makes mobile malware interesting, compared to traditional fixed networks is that it can replicate itself via both long range (SMS, MMS, email etc.) and short range (Bluetooth, WiFi etc.) methods. \u00c2\u00a0Long range worms could be filtered by your service operator however short range worms evade such detection and hence stopping the spread such worms are of considerable interest.<\/p>\n

Since mobile phones are commonly carried on person, these short-range bluetooth worms spread like biological viruses, however due to limited bandwidth we can't send a patch directly to the tens of millions of devices. \u00c2\u00a0The key question is then, can we identify the best devices to patch and how do we disseminate the patch?<\/p>\n

We address this problem in a paper to be presented at the upcoming IEEE WoWMoM 2011 conference<\/a><\/strong>, which was also highlighted in MIT Tech Review<\/a><\/strong>.<\/p>\n

Epidemics and network robustness is a well studied area in traditional complex network research [3], however they are based on a static<\/strong> representation of the network. \u00c2\u00a0Clearly the network of device-to-device encounters changes over time<\/strong>; our paper describes techniques to model this time-varying network more realistically and also how to identify two types of key devices: devices which mediate alot of communication channels and devices which can spread a message quickly to many devices. \u00c2\u00a0We call these measures\u00c2\u00a0temporal betweenness centrality<\/strong> and temporal closeness centrality<\/strong>, respectively.<\/p>\n

From this, we investigate two possible methods for stopping mobware in its tracks:<\/p>\n