Title :
A Malware Signature Extraction and Detection Method Applied to Mobile Networks
Author :
Hu, Guoning ; Venugopal, Deepak
Author_Institution :
SMobile Syst., Columbus, OH
Abstract :
The rapid development of mobile phone networks has facilitated the need for better protection against malware. Malware detection is a core component of a security system protecting mobile networks. In this paper, we describe a system for detecting malware within the network traffic using malware signatures. Our system contains two key components. The first one automatically extracts a set of signatures from existing malware samples. In particular, we reduce the number of signatures by using a common signature for a malware and its variants. In addition, we minimize the total false alarm rate of malware detection by extracting signatures that are most uncommon within mobile network traffic. The second one is an efficient method that scans the network traffic using a hash table and sub-signature matching. Our evaluation on Symbian viruses show that our system detects existing malware and their new variants within the network traffic efficiently.
Keywords :
mobile communication; telecommunication security; telecommunication traffic; Symbian viruses; detection method; hash table; malware signature extraction; mobile network traffic; mobile phone networks; network traffic; security system; sub-signature matching; Communication system security; Computer viruses; Hardware; Information security; Mobile communication; Mobile handsets; Personal communication networks; Protection; Streaming media; Telecommunication traffic;
Conference_Titel :
Performance, Computing, and Communications Conference, 2007. IPCCC 2007. IEEE Internationa
Conference_Location :
New Orleans, LA
Print_ISBN :
1-4244-1138-6
Electronic_ISBN :
1097-2641
DOI :
10.1109/PCCC.2007.358875
