A Comprehensive SMS-Based Intrusion Detection Framework

The vast expansion of interconnectivity within the Internet and the rapid evolution of highly capable but largely insecure mobile devices threaten cellular networks. Mobile botnets utilize SMS-based architecture, which allows attacks to be performed through SMS without user knowledge of such activity on their phones. In this chapter, we introduce a comprehensive SMS-based intrusion detection framework using intelligent agents that are used to detect malicious SMS messages and monitor smartphone resources that are typically targeted by SMS-based botnet attacks. The proposed framework is based on a multilayer model, which consists of three modules and JADE agents. We developed an adaptive hybrid detection module that used a combination of signature-based and anomaly-based approaches. This framework includes a defense module that generates signatures and rules. These modules utilize multiagent technology to observe Android mobile devices and to interact with service provider agents. We used approximately 60,000 test messages to evaluate the overall performance of our proposed framework and provided a thorough analysis of JADE agents monitoring mechanism after demonstrating the capability of each module individually.