Can You Infect Me Now? A Treatise on the Propagation of Malware in a Cellular Phone Network

Chris Fleizach
CS2007-0894
June 14, 2007

The prolific spread of mobile phones through all corners of the globe has only been matched by their rapid increase in computing power. As cellular phones become further integrated into the fabric of everyday life, their value to attackers will rise accordingly. As a result, the widespread debilitating outbreak of self-propagating malware in the cell phone environment is a matter of "when", rather than "if." Although self-propagating malware is well understood in the Internet, mobile phone networks have very different characteristics in terms of topologies, services, provisioning and capacity, devices, and communication patterns. To understand the propagation of malware in this new environment, we have developed an event-driver simulator that captures the characteristics and constraints of mobile phone networks. Key elements of the simulator are a network topology generator (RACoON), which creates realistic topologies and provisioned capacities of the network infrastructure, and a social network topology generator, which models address books and the resulting contact graph that would be used by propagating malware. Using the simulator, we evaluate the speed and severity of random-contact worms in mobile phone networks, characterize the denial-of-service effects such worms would have on the network, investigate techniques that malware writers could use to accelerate the rate of infection, and, finally, explore various methods network operators could take to defend against such attacks.


How to view this document


The authors of these documents have submitted their reports to this technical report series for the purpose of non-commercial dissemination of scientific work. The reports are copyrighted by the authors, and their existence in electronic format does not imply that the authors have relinquished any rights. You may copy a report for scholarly, non-commercial purposes, such as research or instruction, provided that you agree to respect the author's copyright. For information concerning the use of this document for other than research or instructional purposes, contact the authors. Other information concerning this technical report series can be obtained from the Computer Science and Engineering Department at the University of California at San Diego, techreports@cs.ucsd.edu.


[ Search ]


NCSTRL
This server operates at UCSD Computer Science and Engineering.
Send email to webmaster@cs.ucsd.edu