Mobile devices have excelled in the 21st century due to the increasing popularity and
continuous improvement of mobile technology. Today mobile devices have become all-in-one portable devices, providing inter-connectivity, device-to-device communication and the capability to compete with personal computers. The improved capabilities and
popularity of mobile devices have, however, caught the attention of botnet developers,
allowing the threat of botnets to move into the mobile environment. A mobile botnet is
de fined as a collection of compromised mobile devices, controlled by a botmaster through a command and control (C&C) network to serve a malicious purpose. Previous studies of mobile botnet designs focused mostly on the C&C structure, investigating other mechanisms as potential C&C channels. None of these studies dealt with the use of a hybrid C&C structure within a mobile botnet design. This research consequently examines the problem of designing a new mobile botnet that uses a hybrid C&C structure. A model of this new hybrid design is proposed, describing the propagation vectors, C&C channels, and the topology. This hybrid design, called the Hybrid Mobile Botnet, explores the efficiency of multiple C&C channels against the following characteristics: no single point of failure must exist in the topology, low cost for command dissemination, limited network activities and low battery consumption per bot. The objectives were measured by using a prototype built according to the Hybrid Mobile Botnet model. The prototype was deployed on a small collection of mobile devices running the Android operating system. In addition, the prototype allowed for the design of a physical Bluetooth C&C channel, showing that such a channel is feasible, able to bypass security and capable of establishing a stealthy C&C channel. The successful execution of the prototype shows that a hybrid C&C structure is possible, allowing for a stealthy and cost-eff ective design. It also revels that current mobile technology is capable of supporting the development and execution of hybrid mobile botnets. Finally, this dissertation concludes with an exploration of the future of mobile botnets and the identifi cation of security steps users of mobile devices can follow to protect against their attacks.
Dissertation (MSc)--University of Pretoria, Pretoria 2014