TY - GEN
T1 - This network is infected
T2 - 3rd ACM Workshop on Security and Privacy in Smartphones and Mobile Devices, SPSM 2013, Held in Association with the 20th ACM Conference on Computer and Communications Security, CCS 2013
AU - Vasilomanolakis, Emmanouil
AU - Karuppayah, Shankar
AU - Fischer, Mathias
AU - Mühlhäuser, Max
AU - Plasoianu, Mihai
AU - Pandikow, Lars
AU - Pfeiffer, Wulf
PY - 2013
Y1 - 2013
N2 - In recent years, the number of sophisticated cyber attacks has increased rapidly. At the same time, people tend to utilize unknown, in terms of trustworthiness, wireless networks in their daily life. They connect to these networks, e.g., airports, without knowledge of whether they are safe or infected with actively propagating malware. In traditional networks, malicious behavior can be detected via Intrusion Detection Systems (IDSs). However, IDSs cannot be applied easily to mobile environments and to resource constrained devices. Another common defense mechanism is honeypots, i.e., systems that pretend to be an attractive target to attract malware and attackers. As a honeypot has no productive use, each attempt to access it can be interpreted as an attack. Hence, they can provide an early indication on malicious network environments. Since low interaction honeypots do not demand high CPU or memory requirements, they are suitable to resource constrained devices like smartphones or tablets. In this paper we present the idea of Honeypot-To-Go. We envision portable honeypots on mobile devices that aim on the fast detection of malicious networks and thus boost the security awareness of users. Moreover, to demonstrate the feasibility of this proposal we present our prototype HosTaGe, a low-interaction honeypot implemented for the Android OS. We present some initial results regarding the performance of this application as well as its ability to detect attacks in a realistic environment. To the best of our knowledge, HosTaGe is the first implementation of a generic low-interaction honeypot for mobile devices.
AB - In recent years, the number of sophisticated cyber attacks has increased rapidly. At the same time, people tend to utilize unknown, in terms of trustworthiness, wireless networks in their daily life. They connect to these networks, e.g., airports, without knowledge of whether they are safe or infected with actively propagating malware. In traditional networks, malicious behavior can be detected via Intrusion Detection Systems (IDSs). However, IDSs cannot be applied easily to mobile environments and to resource constrained devices. Another common defense mechanism is honeypots, i.e., systems that pretend to be an attractive target to attract malware and attackers. As a honeypot has no productive use, each attempt to access it can be interpreted as an attack. Hence, they can provide an early indication on malicious network environments. Since low interaction honeypots do not demand high CPU or memory requirements, they are suitable to resource constrained devices like smartphones or tablets. In this paper we present the idea of Honeypot-To-Go. We envision portable honeypots on mobile devices that aim on the fast detection of malicious networks and thus boost the security awareness of users. Moreover, to demonstrate the feasibility of this proposal we present our prototype HosTaGe, a low-interaction honeypot implemented for the Android OS. We present some initial results regarding the performance of this application as well as its ability to detect attacks in a realistic environment. To the best of our knowledge, HosTaGe is the first implementation of a generic low-interaction honeypot for mobile devices.
KW - android
KW - malware
KW - mobile honeypot
KW - security
UR - http://www.scopus.com/inward/record.url?scp=84889035895&partnerID=8YFLogxK
U2 - 10.1145/2516760.2516763
DO - 10.1145/2516760.2516763
M3 - Article in proceeding
AN - SCOPUS:84889035895
SN - 9781450324915
T3 - Proceedings of the ACM Conference on Computer and Communications Security
SP - 43
EP - 48
BT - SPSM 2013 - Proceedings of the 2013 ACM Workshop on Security and Privacy in Smartphones and Mobile Devices, Co-located with CCS 2013
Y2 - 8 November 2013 through 8 November 2013
ER -