The goal of this thesis was a study of classic and mobile botnets and the possibilities of their detection, implementation of a network traffic based botnet detector and a mobile application for malware detection on the Android operating system. We created a botnet detector that uses a machine learning model for classification of network flows as either legitimate or botnet-induced traffic. We evaluated the detector by two distinct testing procedures and commented on its advantages and limitations. We developed an Android application that detects malware by observing network connections to malicious resources and exploiting some of the known security vulnerabilities in the operating system. We tested the application on some malware samples and offered it to the users of the official Android marketplace.
|