Lei Liu, Department of Computer Science, George Mason University Guanhua Yan, Information Sciences Group, Los Alamos National Laboratory Xinwen Zhang,

VIRUSMETER: PREVENTING YOUR CELLPHONE FROM SPIESRAID 2009

Lei Liu, Department of Computer Science, George Mason UniversityGuanhua Yan, Information Sciences Group, Los Alamos National LaboratoryXinwen Zhang, Computer Science Lab, Samsung Information Systems AmericaSongqing Chen, Department of Computer Science, George Mason University

Outline

Introduction Related Work Overview

Introduction

1 billion camera phones to be shipped in 2008 Smartphones: about 10%, 100 million

units By the end of 2007, over 370

different mobile malware Information stealing, overcharging,

battery exhaustion, network congestion

Introduction

Signature-based Encryption, obfuscation, packing

Anomaly-based High false alarm rate

Behavioral signatures Resource-constrained FlexiSPY-like malware doesn’t show

anomalies in the order of relevant API calls

Introduction

VirusMeter Based on battery power

Challenges Require power model Need to measure battery power in real-

time Lightweight. Cannot consume too much

CPU and power

Related Work

Infection vectors Bluetooth, MMS, memory cards, user

downloading Epidemic spreading in mobile, 2005

ACM WiSe Use user interaction to identify

vulnerable users, 2006 ACM WiSe Behavioral signatures for mobile mal

ware detection, 2008 Mobisys

Related Work

Limit Targeting particular situations (e.g.,

attack through MMS) Demand significant infrastructure

support Demand non-trivial computing resoures

from mobile devices

Overview