This Article 
   
 Share 
   
 Bibliographic References 
   
 Add to: 
 
Digg
Furl
Spurl
Blink
Simpy
Google
Del.icio.us
Y!MyWeb
 
 Search 
   
Behavioral Malware Detection in Delay Tolerant Networks
Jan. 2014 (vol. 25 no. 1)
pp. 53-63
Wei Peng, Indiana University-Purdue University Indianapolis, Indianapolis
Feng Li, Indiana University-Purdue University Indianapolis, Indianapolis
Xukai Zou, Indiana University-Purdue University Indianapolis, Indianapolis
Jie Wu, Temple University, Philadelphia
The delay-tolerant-network (DTN) model is becoming a viable communication alternative to the traditional infrastructural model for modern mobile consumer electronics equipped with short-range communication technologies such as Bluetooth, NFC, and Wi-Fi Direct. Proximity malware is a class of malware that exploits the opportunistic contacts and distributed nature of DTNs for propagation. Behavioral characterization of malware is an effective alternative to pattern matching in detecting malware, especially when dealing with polymorphic or obfuscated malware. In this paper, we first propose a general behavioral characterization of proximity malware which based on naive Bayesian model, which has been successfully applied in non-DTN settings such as filtering email spams and detecting botnets. We identify two unique challenges for extending Bayesian malware detection to DTNs ("insufficient evidence versus evidence collection risk" and "filtering false evidence sequentially and distributedly"), and propose a simple yet effective method, look ahead, to address the challenges. Furthermore, we propose two extensions to look ahead, dogmatic filtering, and adaptive look ahead, to address the challenge of "malicious nodes sharing false evidence." Real mobile network traces are used to verify the effectiveness of the proposed methods.
Index Terms:
Malware,Mathematical model,Equations,Aging,Bayesian methods,Bluetooth,Silicon,Bayesian filtering,Delay-tolerant networks,proximity malware,behavioral malware characterization
Citation:
Wei Peng, Feng Li, Xukai Zou, Jie Wu, "Behavioral Malware Detection in Delay Tolerant Networks," IEEE Transactions on Parallel and Distributed Systems, vol. 25, no. 1, pp. 53-63, Jan. 2014, doi:10.1109/TPDS.2013.27
Usage of this product signifies your acceptance of the Terms of Use.