submit Opinions CrossRef Open Access Subscribe New Journal Ideal

Click on image to enlarge

Indexed in Scopus

Journal of Cyber Security and Mobility

Ashutosh Dutta, AT&T, USA
Ruby Lee, Princeton University, USA
Neeli R. Prasad, International Technological University, San Jose, USA
Wojciech Mazurczyk, Warsaw University of Technology, Poland

Associate Editor:
Debdeep Mukhopadhyay, Indian Institute of Technology Kharagpur, India

ISSN: 2245-1439 (Print Version),

ISSN: 2245-4578 (Online Version)
Vol: 3   Issue: 2

Published In:   April 2014

Publication Frequency: Quarterly

Search Available Volume and Issue for Journal of Cyber Security and Mobility

Journal Description        Editorial Foreword        Read Full Articles        Editorial Board        Subscription        Indexed       Opinions

Characterizing Evaluation Practicesof Intrusion Detection Methodsfor Smartphones

doi: 10.13052/jcsm2245-1439.321
Abdullah J. Alzahrani, Natalia Stakhanova, Hugo Gonzalezand Ali A. Ghorbani

Information Security Center of Excellence, Faculty of Computer Science, University of New Brunswick

Abstract: [+]    |    Download File [ 1157KB ]   |    Read Article Online

Abstract: The appearance of a new Android platform and its popularity has resulted in a sharp rise in the number of reported vulnerabilities and consequently in the number of mobile threats. Mobile malware, a dominant threat for modern mobile devices, was almost non-existent before the official release of the Android platform in 2008. The rapid development of mobile platform apps and app markets coupled with the open nature of the Android platform triggered an explosive growth of specialized malware and subsequent search for effective defence mechanisms. In spite of considerable research efforts in this area, the majority of the proposed solutions have seen limited success, which has been attributed in the research community to the lack of proper datasets, lack of validation and other deficiencies of the experiments. We feel that many of these shortcomings are due to immaturity of the field and a lack of established and organized practice. To remedy the problem, we investigated the employed experimentation practices adopted by the smart phone security community through a review of 120 studies published during the period between2008–2013. In this paper, we give an overview of the research in the field of intrusion detection techniques for the Android platform and explore the deficiencies of the existing experimentation practices. Based on our analysis we present a set of guidelines that could help researchers to avoid common pit falls and improve the quality of their work.

Keywords: intrusion detection, smartphones, mobile malware.

Enabling Wireless Sensor Nodes for Self-Contained Jamming Detection

doi: 10.13052/jcsm2245-1439.322
Stephan Kornemann1, Steffen Ortmann1, Peter Langend¨orfer1 and Alexandros Fragkiadakis2

1 IHP, Im Technologiepark 25, D-15236 Frankfurt (Oder), Germany
2 Institute of Computer Science, Foundation for Research and Technology-Hellas(FORTH), Heraklion, Crete

Abstract: [+]    |    Download File [ 2809KB ]   |    Read Article Online

Abstract: Jamming is an easy to execute attack to which wireless sensor networks are extremely vulnerable. If the application requires reliability, jamming needs to be detected and reported in order to cope with this attack. In this article, we investigate different approaches to identify jamming. Available jamming detection schemes primarily suffer from the usage of fixed thresholds as well as required effort. We adapted a variance-based estimate of signal-to noise ratio measurements, called significance analysis, to the minor resources and computing efforts of wireless sensor nodes. As a start, we used real measurement data for theoretical analysis of the methods under investigation.

Independently of the location of the jamming device, our significance analysis approach provides an immediate indication of jamming and can in theory be run with almost least effort, i.e., with O(14). On top of that, we implemented this approach on our state of the art sensor node and tested it in a real world outdoor setting. Our jamming detection engine monitors the wireless channel with a sampling rate of 10 ms. It returns a jamming detection decision within less than 5 ms while though achieving a detection accuracy in between 84 to99 percent.

Keywords: Jamming detection, Wireless sensor networks, Security.

An Analysis of DoS Attack Strategies Against the LTE RAN

doi: 10.13052/jcsm2245-1439.323
Jill Jermyn1, Gabriel Salles-Loustau1, and Saman Zonouz2

1Department of Computer Science, Columbia University New York
2Department of Electrical and Computer Engineering, University of Miami,Miami, FL

Abstract: [+]    |    Download File [ 1110KB ]   |    Read Article Online

Abstract: Long Term Evolution (LTE) is the latest 3GPP mobile network standard, offering an all-IP network with higher efficiency and up to ten times the data rates of its predecessors. Due to an increase in cyber crime and the proliferation of mobile computing, attacks stemming from mobile devices are becoming more frequent and complex. Mobile malware can create smart-phone botnets in which a large number of mobile devices conspire to perform malicious activities on the cellular network. It has been shown that such botnets can cause a denial of service (DoS) by exhausting user traffic capacity over the air interface. Through simulation and with studies in a real-world deployment, this paper examines the impact of a botnet of devices seeking to attack the LTE network using different types of strategies. We quantify the adverse effects on legitimate users as the size of the botnet scales up in both sparsely and densely populated cells for varying traffic Quality of Service (QoS) requirements. Our results show that a single attacker can drastically reduce the QoS of legitimate devices in the same cell. Furthermore, we prove that the impact of the attack can be optimized by tuning the attack strategy, leveraging the LTE uplink MAC scheduler.

Keywords: LTE, DoS, security, mobile malware, botnets.

Triton: A Carrier-based Approach for Detecting and Mitigating Mobile Malware

doi: 10.13052/jcsm2245-1439.324
Arati Baliga1, Jeffrey Bickford2and Neil Daswani3

1 NYU Polytechnic School of Engineering
2AT&T Security Research Center
3Twitter Inc.

Abstract: [+]    |    Download File [ 593KB ]   |    Read Article Online

Abstract: The ubiquity of mobile devices and their evolution as computing plat formshas made them lucrative targets for malware. Malware, such as spyware, trojans, rootkits and botnets that have traditionally plagued PCs are now increasingly targeting mobile devices and are also referred to as mobile malware. Cybercriminal attacks have used mobile malware trojans to steal and transmit users’ personal information, including financial credentials, to bot master servers as well as abuse the capabilities of the device (e.g., send premium SMS messages) to generate fraudulent revenue streams. In this paper, we describe Triton, a new, network-based architecture, and a prototype implementation of it, for detecting and mitigating mobile malware. Our implementation of Triton for both Android and Linux environments was built in our 3G UMTS lab network, and was found to efficiently detect and neutralize mobile malware when tested using real malware samples from the wild. Triton employs a defense-in-depth approach and features: 1) in-the- network malware detectors to identify and prevent the spread of malware and 2) a server-side mitigation engine that sends threat profiles to anon-the-phone trusted software component to neutralize and perform fine-grained remediation of malware on mobile devices.

Keywords: spyware, trojans, rootkits and botnets

Reinforcement Learning for Reactive Jamming Mitigation

doi: 10.13052/jcsm2245-1439.325
Marc Lichtman and Jeffrey H. Reed

Wireless @ Virginia Tech, Virginia Tech, Blacksburg, VA

Abstract: [+]    |    Download File [ 1036KB ]   |    Read Article Online

Abstract: In this paper, we propose a strategy to avoid or mitigate reactive forms of jamming using a reinforcement learning approach. The mitigation strategy focuses on finding an effective channel hopping and idling pattern to maximize link throughput. Thus, the strategy is well-suited for frequency-hopping spread spectrum systems, and best performs in tandem with a channel selection lgorithm. By using a learning approach, there is no need to pre-programa radio with specific anti-jam strategies and the problem of having to classify jammers is avoided. Instead the specific anti-jam strategy is learned in real time and in the presence of the jammer.

Keywords: Reactive jamming, reinforcement learning, Markov decision process, repeater jamming, Q-learning

River Publishers: Journal of Cyber Security and Mobility