On the effort to create smartphone worms in windows mobile

Proceedings of the 2007 IEEE Workshop on Information Assurance, IAW

Volumn , Issue , 2007, Pages 199-206

  Becher, Michael ^a   Freiling, Felix C ^a   Leider, Boris ^b  

^a UNIVERSITY OF MANNHEIM   (Germany)

^b RWTH AACHEN UNIVERSITY   (Germany)

Author keywords

[No Author keywords available]

Indexed keywords

COMPUTER CRIME; CONTROL THEORY; MILITARY DATA PROCESSING; MOBILE DEVICES; SIGNAL ENCODING; SOFTWARE ENGINEERING; TARGETS; TELECOMMUNICATION EQUIPMENT; WINDOWS;

ENGINEERING TECHNIQUES; INDIVIDUAL (PSS 544-7); INFORMATION ASSURANCE (IA); LOWER BOUNDS; MALWARE; METRICS (CO); MODERN TOOLS; OPERATING SYSTEMS; SERVER SYSTEMS; SMART PHONES; SMARTPHONES; WORK HOURS; WORK TIME;

WINDOWS OPERATING SYSTEM;

EID: 48749129898     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/IAW.2007.381933     Document Type: Conference Paper

References (23)

1. C. Peikari, S. Fogie, and Ratter/29A, "Details Emerge on the First Windows Mobile Virus," September 2004. http://www.informit.com/articles/ article.asp?p=337071.
2. C. Peikari, S. Fogie, Ratter/29A, and J. Read, "Reverse-Engineering the First Pocket PC Trojan," Oct. 2004. http://www.informit.com/articles/ article.asp?p=340544.
3. C. Peikari, "Analyzing the Crossover Virus: The First PC to Windows Handheld Cross-infector," Mar. 2006. http://www.informit.com/articles/ article.asp?p=458169.
4. S. E. Schechter, Computer Security Strength & Risk: A Quantitative Approach. PhD thesis, Harvard, 2004. http://citeseer.ist.psu.edu/ schechter04computer.html.
5. B. Leidner, "Voraussetzungen für die Entwicklung von Malware unter Windows Mobile 5," Diploma thesis, RWTH Aachen, Feb. 2007. (in German); http://pi1.informatik.uni-mannheim.de/filepool/theses/diplomarbeit- 2007-leidner.pdf.
6. S. Töyssy and M. Helenius, "About malicious software in smartphones," Journal in Computer Virology, vol. 2, no. 2, pp. 109-119, 2006.
7. T. Hurman, "Exploring Windows CE Shellcode," June 2005. http://www.pentest.co.uk/documents/exploringwce/exploring_wce_shellcode.html.
8. san@xfocus.org, "Hacking Windows CE," Phrack Magazin, vol. 6, July 2005. http://www.phrack.org/archives/63/p63-0x06_Hacking_WindowsCE. txt.
9. C. Mulliner, "Exploiting PocketPC." What The Hack 2005, Netherlands, July 2005. Slides at http://wiki.whatthehack.org/images/c/c0/ Collinmulliner_wth2005_exploiting_pocketpc.pdf.
10. S. Fogie, "Reverse Engineering Mobile Binaries." DEF CON 11, Las Vegas, USA, Aug. 2003. Slides at http://www.airscanner.com/pubs/fogieDC11. pdf.
11. C. Mulliner and G. Vigna, "Vulnerability Analysis of MMS User Agents," in ACSAC '06: Proceedings of the 22nd Annual Computer Security Applications Conference on Annual Computer Security Applications Conference, (Washington, DC, USA), pp. 77-88, IEEE Computer Society, 2006.
12. E. Jonsson and T. Olovsson, "A Quantitative Model of the Security Intrusion Process Based on Attacker Behavior," IEEE Trans. Softw. Eng., vol. 23, no. 4, pp. 235-245, 1997.
13. "Microsoft Developer Network Library," Aug. 2006. http://msdn.microsoft.com/library.
14. D. Seal, ARM Architecture Reference Manual. Addison-Wesley Professional, second edition ed., June 2000.
15. "GNU.org homepage." http://www.gnu.org.
16. "The Metasploit Project." http://www.metasploit.org.
17. J. Koziol, The Shellcoder's Handbook. Wiley Publishing, first ed., Mar. 2004.
18. "CeGCC's web page." http://cegcc.berlios.de/.
19. "Protocol Standard for a NetBIOS Service on a TCP/UDP Transport: Concepts and Methods, RFC 1001," in Request for Comments, Network Working Group, Mar. 1987. http://www.faqs.org/rfcs/rfc1001.html.
20. "WinPcap, The Packet Capture and Network Monitoring Library for Windows," 2006. http://www.winpcap.org.
21. C. Cowan, P. Wagle, C. Pu, S. Beattie, and J. Walpole, "Buffer overflows: attacks and defenses for the vulnerability of the decade," Foundations of Intrusion Tolerant Systems, 2003.
22. B. Bray, "Compiler security checks in depth," Feb. 2002. http://msdn2.microsoft.com/en-us/library/aa290051(VS.71).aspx.
23. D. Litchfield, "Defeating the Stack Based Buffer Overflow Prevention Mechanism of Microsoft Windows 2003 Server," Sept. 2003. http://www.ngssoftware.com/papers/defeating-w2k3-stack-protection.pdf.