Department of Computer Science & Engineering

The prolific spread of mobile phones through all corners of the globe has only been matched by their rapid increase in computing power. As cellular phones become further integrated into the fabric of everyday life, their value to attackers will rise accordingly. As a result, the widespread debilitating outbreak of self-propagating malware in the cell phone environment is a matter of "when", rather than "if." Although self-propagating malware is well understood in the Internet, mobile phone networks have very different characteristics in terms of topologies, services, provisioning and capacity, devices, and communication patterns. To understand the propagation of malware in this new environment, we have developed an event-driver simulator that captures the characteristics and constraints of mobile phone networks. Key elements of the simulator are a network topology generator (RACoON), which creates realistic topologies and provisioned capacities of the network infrastructure, and a social network topology generator, which models address books and the resulting contact graph that would be used by propagating malware. Using the simulator, we evaluate the speed and severity of random-contact worms in mobile phone networks, characterize the denial-of-service effects such worms would have on the network, investigate techniques that malware writers could use to accelerate the rate of infection, and, finally, explore various methods network operators could take to defend against such attacks.

Pre-2018 CSE ID: CS2007-0894