A Light-weight Method to Send and Receive SMS messages in an Emulator

以作者查詢圖書館館藏

、以作者查詢臺灣博碩士

、以作者查詢全國書目

、勘誤回報

、線上人數：27

、訪客IP：3.144.45.197

姓名

游棋鈺(Chi-Yu You) 查詢紙本館藏

畢業系所

資訊工程學系

論文名稱

(A Light-weight Method to Send and Receive SMS messages in an Emulator)

相關論文

★ USB WORM KILLER: Cure USB Flash Worms Through a USB Flash Worm	★ Discoverer- Rootkit即時偵測系統
★ 一項Android手機上詐騙簡訊的偵測與防禦機制	★ SRA系統防禦ARP欺騙劫持路由器
★ A Solution for Detecting and Defending ARP Spoofing on Virtual Machines	★ 針對遠端緩衝區溢位攻擊之自動化即時反擊系統
★ 即時血清系統: 具攻性防壁之自動化蠕蟲治癒系統	★ DNSPD: Entrap Botnets Through DNS Cache Poisoning Detection
★ TransSQL: A Translation and Validation-based Solution for SQL-Injection Attacks	★ A Spam Mail-based Solution for Botnet Detection and Network Bandwidth Protection
★ Shark: Phishing Information Recycling from Spam Mails	★ FFRTD: Beat Fast-Flux by Response Time Differences
★ Antivirus Software Shield against Antivirus Terminators	★ MAC-YURI : My ACcount, YoUr ResponsIbility
★ KKBB: Kernel Keylogger Bye-Bye	★ CIDP Treatment: An Innovative Mobile Botnet Covert Channel based on Caller IDs with P8 Treatment

檔案

[Endnote RIS 格式]

[Bibtex 格式]

[相關文章]

[文章引用]

[完整記錄]

[館藏目錄]

[檢視]

[下載]

本電子論文使用權限為同意立即開放。
已達開放權限電子全文僅授權使用者為學術研究之目的，進行個人非營利性質之檢索、閱讀、列印。
請遵守中華民國著作權法之相關規定，切勿任意重製、散佈、改作、轉貼、播送，以免觸法。

摘要(中)

隨著電信設備系統的成熟發展，簡訊系統所造成的系統安全問題逐漸增多，諸如透過簡訊散播惡意程式、進行詐騙、散佈廣告，或甚至藉此作為殭屍網路溝通的媒介等等。在卡巴斯基 2016 年第一季的報告，指出了新型手機惡意程式的散播中，簡訊型木馬占了 20.5 %，位居第二。有鑑於此，本篇論文提出了 SMS Helper 這個架構來解決這些簡訊系統相關的問題。本論文提供了兩個模式：雲端服務模式（cloud service mode）以及實機輔助模式（real device mode）。由於現今 Android 動態分析框架中，並無法真正地進行收發簡訊，而 SMS Helper 能夠幫助這些框架來達到這個功能。本系統確保簡訊紀錄的完整性，並增強了這些框架，使他們能夠更進一步檢測出惡意程式的簡訊行為，同時，虛擬環境下的運行能夠降低研究成本。除此之外，本篇論文指出了一個透過簡訊的方式，來指出 Android 應用程式所運行的環境是否為虛擬環境，並又藉由 SMS Helper 來規避這樣的檢測方式。接著，個人資料的洩漏導致廣告與詐騙，不斷的騷擾使用者，將 SMS Helper 套用於實體設備上，可以用來保護用戶手機號碼的隱私性。

摘要(英)

As the mature technology development in telecommunication systems, the security issues caused by SMS are growing including propagation of malware, fraud, adverting and even botnets. In Q1 2016 reports issued by Kaspersky, SMS Trojan is occupied by 20.5% as second place of the distribution of new mobile malware. Thus, this paper proposes an architecture called SMS Helper aiming to provide a solution to addresses SMS-related issues. This paper provides two modes: cloud service mode and real device mode. Since current Android dynamic analysis frameworks cannot send and receive SMS messages authentically, SMS Helper can help these frameworks to send and receive messages. This system keep the integrity of SMS logs and strengthen the frameworks to observe malware’s further behaviors. Meanwhile, the virtual environment can low the cost of researches. In addition, this paper finds a new way to figure out the operating environment through SMS and by means of SMS Helper to evade this kind of detecting method. Also, the information leaks result in advisements and frauds harassing users frequently. SMS Helper can be adopted in a real device as well to protect the privacy of users’ real numbers.

關鍵字(中)

★ 安卓
★ 模擬器
★ 沙盒
★ 簡訊

關鍵字(英)

論文目次

中文摘要 i
ABSTRACT ii
ACKNOWLEDGMENTS iii
TABLE OF CONTENTS iv
LIST OF TABLES vi
LIST OF FIGURES vii
CHAPTER I: INTRODUCTION 1
1.1 MOTIVATION 1
1.2 CONTRIBUTION 2
1.3 THESIS ORGANIZATION 2
CHAPTER II: BACKGROUND AND RELATED WORK 4
2.1 ANDROID EMULATORS 4
2.2 ANDROID DYNAMIC ANALYSIS 5
2.3 MOBILE BOTNETS 6
2.4 SMS BONETS 8
CHAPTER III: SYSTEM DESIGN 11
3.1 DESIGN CONSIDERATIONS 11
3.2 OVERVIEW 12
3.3 CLOUD SERVICE MODE 13
3.4 REAL DEVICE MODE 15
3.5 IMPLEMENTATION 17
CHAPTER IV: EVALUATION 19
4.1 EXPERIMENTAL SETUP 19
4.2 EFFECTIVENESS 19
4.3 PERFORMANCE EVALUATION 21
4.4 DEPLOYMENTS 27
CHAPTER V: DISCUSSION 29
5.1 SMS SECURITY ISSUES IN ANDROID 29
5.2 HIDE THE REAL PHONE NUMBER 29
CHAPTER VI: CONCLUTION 31
6.1 Conclusion 31
6.2 Future Work 31
REFERENCES 32

參考文獻

[1] A. Gostev, R. Unuchek, M. Garnaeva, D. Makrushin, and A. Ivanov, “IT THREAT EVOLUTION IN Q1 2016.”
[2] R. Nigam, “A Timeline of Mobile Botnets,” in Botconf, 2014.
[3] K. Darbar and T. Chaudhari, “A Review on : SMS Botnet Detection,” Int. J. Emerg. Technol. Adv. Eng., vol. 5, no. 2, 2015.
[4] A. J. Alzahrani and A. A. Ghorbani, “SMS mobile botnet detection using a multi-agent system,” Proc. 1st Int. Work. Agents CyberSecurity - ACySE ’14, pp. 1–8, 2014.
[5] 趙閩 and 倪超, “逃离安卓动态检测,” in HITCON, 2013.
[6] T. Vidas and N. Christin, “Evading android runtime analysis via sandbox detection,” ASIA CCS ’14 (9th ACM Symp. Information, Comput. Commun. Secur., pp. 447–458, 2014.
[7] P. Lantz, “Droidbox.” [Online]. Available: https://github.com/pjlantz/droidbox.
[8] L. Weichselbaum, M. Neugschwandtner, M. Lindorfer, Y. Fratantonio, V. Van Der Veen, and C. Platzer, “ANDRUBIS : Android Malware Under The Magnifying Glass,” Vienna Univ. Technol. Tech. Rep. TRISECLAB-0414-001, no. February, 2012.
[9] M. Eslahi, M. R. Rostami, H. Hashim, N. M. Tahir, and M. V. Naseri, “A data collection approach for Mobile Botnet analysis and detection,” IEEE Symp. Wirel. Technol. Appl. ISWTA, no. September, pp. 199–204, 2014.
[10] A. Flo and A. Josang, “Consequences of botnets spreading to mobile devices,” Short-Paper Proc. 14th Nord. Conf. Secur. IT Syst. (NordSec 2009), no. October, pp. 37–43, 2009.
[11] I. Vural and H. Venter, “Mobile Botnet Detection Using Network Forensics,” in Third Future Internet Symposium, 2010, vol. 6369, pp. 55–67.
[12] A. Feizollah, N. B. Anuar, R. Salleh, F. Amalina, R. R. Ma’arof, and S. Shamshirband, “A study of machine learning classifiers for anomaly-based mobile botnet detection,” Malaysian J. Comput. Sci., vol. 26, no. 4, pp. 251–265, 2013.
[13] B. Choi, S. K. Choi, and K. Cho, “Detection of mobile botnet using VPN,” Proc. - 7th Int. Conf. Innov. Mob. Internet Serv. Ubiquitous Comput. IMIS 2013, pp. 142–148, 2013.
[14] C. Mulliner and J. P. Seifert, “Rise of the iBots: Owning a telco network,” Proc. 5th IEEE Int. Conf. Malicious Unwanted Software, Malware 2010, pp. 71–80, 2010.
[15] McAfee, “Android/SmsHowU.A.” [Online]. Available: http://home.mcafee.com/virusinfo/virusprofile.aspx?key=367587. [Accessed: 10-Apr-2016].
[16] C. Mulliner and C. Miller, “Fuzzing the Phone in your Phone,” Black Hat USA 2009, pp. 1–21, 2009.
[17] Y. Zeng, K. Shin, and X. Hu, “Design of SMS commanded-and-controlled and P2P-structured mobile botnets,” … Secur. Priv. Wirel. Mob. …, no. February, pp. 137–148, 2012.
[18] J. Hua and K. Sakurai, “A SMS-based mobile botnet using flooding algorithm,” Lect. Notes Comput. Sci. (including Subser. Lect. Notes Artif. Intell. Lect. Notes Bioinformatics), vol. 6633 LNCS, pp. 264–279, 2011.
[19] S. Zhao, P. P. C. Lee, J. C. S. Lui, X. Guan, X. Ma, and J. Tao, “Cloud-based Push-Styled Mobile Botnets : A Case Study of Exploiting the Cloud to Device Messaging Service,” ACSAC ’12 Proc. 28th Annu. Comput. Secur. Appl. Conf., pp. 119–128, 2012.
[20] J. Grunzweig, “NickiSpy.C - Android Malware Analysis & Demo,” 2011. [Online]. Available: https://www.trustwave.com/Resources/SpiderLabs-Blog/NickiSpy-C---Android-Malware-Analysis--Demo/. [Accessed: 10-Apr-2016].
[21] A. Nguyan and L. Pan, “Detecting SMS-based Control Commands in a Botnet from Infected Android Devices,” 2012.
[22] W. Wang, I. Murynets, J. Bickford, C. Van Wart, and G. Xu, “What you see predicts what you get—lightweight agent-based malware detection,” Secur. Commun. Networks, vol. 6, no. 1, pp. 33–48, 2013.
[23] “SMS Text Messaging API for Web Applications - Twilio.” [Online]. Available: https://www.twilio.com/sms. [Accessed: 09-Nov-2015].
[24] “REST API: Sending SMS or MMS.” [Online]. Available: https://www.twilio.com/docs/api/rest/sending-messages. [Accessed: 09-Nov-2015].
[25] “REST API: Messages.” [Online]. Available: https://www.twilio.com/docs/api/rest/message. [Accessed: 09-Nov-2015].
[26] “Ranking - AnTuTu Benchmark -- Know Your Android Better.” [Online]. Available: http://www.antutu.com/en/Ranking.shtml. [Accessed: 08-Nov-2015].
[27] “A Free SMS.” [Online]. Available: http://www.afreesms.com/.
[28] “Globfone.” [Online]. Available: https://globfone.com/sms/.
[29] “Receive SMS Online.” [Online]. Available: http://www.receive-sms-online.info/.
[30] M. Zuhair, M. Saudi, and N. Basir, “A Comprehensive Review of Mobile Botnet Detection Using Genetic Algorithm : a Systematic Review,” vol. 10, no. 3, pp. 1399–1404, 2015.
[31] TextR.Us, “Anonytext.” [Online]. Available: https://play.google.com/store/apps/details?id=us.textr.Anonytext.

指導教授

許富皓(Fu-Hau Hsu)

審核日期

2016-8-2

推文