摘要
随着智能终端的普及和4G通信的高速发展,移动僵尸网络的生存环境已经成熟,逐渐威胁到移动互联网的基础设施和移动网民的财产安全。现有的防御措施对这类攻击不再适用,移动僵尸网络已成为移动网络面临的重要安全问题之一。移动僵尸网络的构建依赖于移动恶意软件的传播,因此文章首先介绍了手机恶意软件的发展,随后介绍了移动僵尸网络的演化发展历程。控制与命令信道是僵尸网络研究中攻防双方争夺控制权的关键点,也是僵尸网络构建技术中重要的一环,同样也是区别于恶意软件的重要特征,移动僵尸网络不同于传统的僵尸网络,在控制与命令信道的选择上也略有差异,因此文章对移动僵尸网络的命令与控制信道进行了深入的剖析,重点讨论了短信、蓝牙、HTTP、Web2.0和一些特殊的命令与控制信道国内外研究现状。还进一步探讨了移动僵尸网络不同的传播载体、传播方式和的传播模型的发展,从经典传播模型、围绕蓝牙技术和短信技术的传播模型到更能反映移动僵尸网络特性的时空传播模型,都给出了相应的说明,并介绍了用于研究移动僵尸网络的仿真与模拟工具。最后文章结合实际的情况给出了移动僵尸网络的防御政策,为打击移动网络犯罪提供技术支撑与保障。
ith the popularity of smart devices and the rapid development of 4G technology, the living environment of mobile botnet has been ripe. Mobile botnet has made great damages to infrastructural facilities and property of people. But current security solutions for smart phones and mobile devices are very limited in preventing those attacks. So mobile botnet has become one of the important security problems of the mobile network. Mobile botnet has a close relationship to mobile malware, because construction of mobile botnet dependents on the propagation of mobile malware. This paper first introduces the evolution process of mobile malware. The important part of a botnet construction is the command and control (C&C) channel which is the key point for both the attacker and defender for mobile network control. The mobile botnet is different than the traditional botnet in command and control channel design. Command and control channel is also a mainly sign which is the mobile botnet be distinguish from mobile malware. In order to understand the current research works and the evolution process of mobile botnet, the command and control mechanisms of mobile botnet are discussed. The situation of the command and control based on SMS, Bluetooth, HTTP, Web 2.0 and others researches are analyzed and compared. And the different kinds of propagation of mobile botnet are further more discussed. In this part, to understand the propagation behavior of mobile botnets, many propagation models of mobile botnet as a foundation for further exploration. Those propagation models include deterministic epidemic models, stochastic models and spatialtemporal models. To study the mobile botnet is to connect with the simulator of mobile botnet. Mathematical models simulator, event-based simulator, trace-driven simulator and agent-based simulator of mobile botnet are reviewed. At last, the defense policies of mobile botnet are proposed. The defense policies can help defenders develop defense strategies or make prevention policy to block the propagation of the moblie botnet. And it is important and practical significance for protecting mobile network security and attacking mobile network crime. So the study mobile botnet is very valuable to provide a workable solution to enhance the defense ability of mobile network.
出处
《信息网络安全》
2015年第4期19-27,共9页
Netinfo Security
基金
国家自然科学基金[71173199]