@inproceedings{82594cdc45f046b494c8c7ee78ad9fb3,
title = "Blue-watchdog: Detecting bluetooth worm propagation in public areas",
abstract = "The rising popularity of mobile devices, such as cellular phones and PDAs, has made them a lucrative playground for mobile malware propagation. One common infection vector exploited by these mobile malware is Bluetooth. In this paper, we propose an architecture called Blue-Watchdog that detects Bluetooth worm propagation in public areas based on statistical methods. To achieve fast and accurate Bluetooth worm detection, Blue-Watchdog monitors abrupt changes of average paging rate per Bluetooth device from both temporal and temporal-spatial perspectives. The temporal scheme relies on the CUSUM (Cumulative Sum) sequential test together with the generalized likelihood ratio (GLR), and the temporal-spatial scheme aims to identify spatial regions with abnormally frequent paging attempts. Experimental results show that Blue-Watchdog not only has low false alarm rates, but also effectively detects Bluetooth worms that spread quickly in areas where Bluetooth devices are greatly mixed due to high mobility and also those that propagate relatively slowly in a spatially constrained fashion.",
keywords = "Bluetooth, Bluetooth worms, CUSUM, Temporal detection, Temporal-spatial detection",
author = "Guanhua Yan and Leticia Cuellar and Stephan Eidenbenz and Nicolas Hengartner",
year = "2009",
doi = "10.1109/DSN.2009.5270319",
language = "English",
isbn = "9781424444212",
series = "Proceedings of the International Conference on Dependable Systems and Networks",
pages = "317--326",
booktitle = "Proceedings of the 2009 IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2009",
note = "2009 IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2009 ; Conference date: 29-06-2009 Through 02-07-2009",
}