A study on formal methods to generalize heterogeneous mobile malware propagation and their impacts

Mobile personal devices, such as smartphones, USB thumb drives, and sensors, are becoming essential elements of our modern lives. Their large-scale pervasive deployment within the population has already attracted many malware authors, cybercriminals, and even governments. Since the first demonstration of mobile malware by Marcos Velasco, millions of these have been developed with very sophisticated capabilities. They infiltrate highly secure networks using air-gap jumping capability (e.g., “Hammer Drill”and “Brutal Kangaroo”) and spread through heterogeneous computing and communication platforms. Some of these cross-platform malware attacks are capable of infiltrating isolated control systems which might be running a variety of operating systems, such as Windows, Mac OS X, Solaris, and Linux. This paper investigates cross-platform/heterogeneous mobile malware that uses removable media, such as USB connection, to spread between incompatible computing platforms and operating systems. Deep analysis and modeling of cross-platform mobile malware are conducted at the micro (infection) and macro (spread) levels. The micro-level analysis aims to understand the cross-platform malware states and transitions between these states during node-to-node infection. The micro-level analysis helps derive the parameters essential for macro-level analysis, which are also crucial for the elaboration of suitable detection and prevention solutions. The macro-level analysis aims to identify the most important factors affecting cross-platform mobile malware spread within a digitized population. Through simulation, we show that identifying these factors helps to mitigate any outbreaks.