Evaluating Bluetooth As A Medium For Botnet Command And Control

Malware targeting mobile phones is being studied with increasing interest by the research community While such attention has previously focused on viruses and worms many of which use near-field communications in order to propagate, none have investigated whether more complex malware such as bot-nets can effectively operate in this environment In this paper, we investigate the challenges of constructing and maintaining mobile phone based bot-nets communicating nearly exclusively via Bluetooth Through extensive large scale simulation based on publicly available Bluetooth traces, we demonstrate that such a malicious infrastructure is possible in many areas due to the largely repetitive nature of human daily routines In particular we demonstrate that command and control messages can propagate to approximately 2/3 of infected nodes within 24 hours of being issued by the botmaster We then explore how traditional detense mechanisms can be modified to take advantage of the same information to more effectively mitigate such systems In so doing we demonstrate that mobile phone based botnets are a realistic threat and that defensive strategies should be modified to consider them