A mobile botnet detection and response model

Mobile botnet exploitation in smartphone could implicate to the leakage of sensitive and private information, loss of financial and degradation of smartphone’s performance thus affecting organisations or users that rely on smartphones for business and personal activities. Detecting mobile botnet is...

Full description

Saved in:
Bibliographic Details
Main Author: Abdullah, Zubaile
Format: Thesis
Language:English
Published: 2019
Subjects:
Online Access:http://eprints.uthm.edu.my/10773/1/24p%20ZUBAILE%20ABDULLAH.pdf
http://eprints.uthm.edu.my/10773/
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:Mobile botnet exploitation in smartphone could implicate to the leakage of sensitive and private information, loss of financial and degradation of smartphone’s performance thus affecting organisations or users that rely on smartphones for business and personal activities. Detecting mobile botnet is a challenge for the existing antimalware software which depends on signature-based detection. Nonetheless, existing works on mobile botnet that are mostly focused on the development of detection model have issues on feature selection, detection accuracy rate and its detection model. In addition the existing works also lack on the mobile botnet threat response. Hence, based on the mobile botnet implication and existing gaps in the extant research, the objectives of this research are to construct a new mobile botnet classification using features based on mobile botnet architecture and feature’s risk impact, to develop a mobile botnet detection and response model based on the mobile botnet classification, risk level and by applying apoptosis concept and to evaluate the proposed mobile botnet detection and response model based on accuracy rate. The new mobile botnet classification is used for mobile botnet detection whereas, for the response model, apoptosis is triggered to respond to mobile botnet detection and on risk level of mobile application. The experiment was conducted in a controlled lab environment, using static and dynamic analyses and by applying knowledge discovery procedure (KDD). 1500 mobile botnet samples from University of New Brunswick (UNB) dataset and 1000 benign samples from Google Play Store are used for training whereas 600 mobile botnet samples from Drebin dataset and another 400 benign samples from Google Play Store are used for testing. From the experiment, the proposed model has produced 98.8% detection accuracy rate and 2% false alarm rate. This result outperformed the existing work of ABIS by 6% and 5% improvement in true positive rate and detection accuracy rate respectively. Furthermore, the proposed model is also able to countermeasure the mobile botnet threat using apoptosis mechanism that triggered by application’s risk level. Based on the evaluation, the result indicated significant improvement compared to other research findings, thus, fulfilling the abovementioned research gaps. As a conclusion, this research has produced a new model, which can detect and respond to mobile botnet threat effectively. For future work, this research can be used as a reference for the other researchers with the same interest. Keywords: Mobile Botnet, Classification, Detection, Response, Apoptosis, Risk Level