Title :
Network behavior based mobile virus detection
Author :
Ai-Fen Sui ; Dai-Fei Guo ; Tao Guo ; Ming-zhu Li
Author_Institution :
Corp. Technol., Siemens Ltd. China, Beijing, China
Abstract :
Fast spreading mobile viruses have caused major damage on both mobile users and carriers´ networks. Polymorphism and metamorphism make the detection even more difficult. Traditional signatures-based anti-virus systems yields excellent detection rates for existing and previously encountered viruses, but they lack the capacity to efficiently detect new unknown variants. In this paper, we study network behavior based mobile virus detection to figure out unknown viruses. We presented a network behavior feature selection method to find out generic features for different types of viruses. Real traffic from the GPRS (General Packet Radio Service) network is analyzed and plenty of tests are conducted to prove the effectiveness. The experiments show that many viruses can be classified into common virus families based on the similarities in network behaviors, and our feature selection method can detect unknown viruses with high possibility.
Keywords :
cellular radio; computer network security; computer viruses; feature extraction; mobile computing; packet radio networks; telecommunication traffic; GPRS network; carrier networks; general packet radio service; metamorphism; mobile users; mobile virus detection; network behavior feature selection method; network traffic; polymorphism; unknown virus detection; data mining; feature selection; mobile virus detection; network behavior;
Conference_Titel :
Communication Technology (ICCT), 2012 IEEE 14th International Conference on
Conference_Location :
Chengdu
Print_ISBN :
978-1-4673-2100-6
DOI :
10.1109/ICCT.2012.6511430
