中文摘要：

移动僵尸网络进行恶意扣费、泄露隐私信息等恶意行为,给移动用户构成了巨大隐患.通过构建实用的移动僵尸网络,可以更好地了解其工作机制,从而提出直接有效的防御策略.提出结合短信（SMS）和HTTP协议作为移动僵尸网络的命令与控制（Command and Control,C＆C）的通信信道的设计方法,设计了一种移动僵尸程序HybirdBot.在减少消耗的同时确保命令信息能准确接收和高效执行,又能将僵尸网络流量隐藏在其他良性的HTTP流量中.实验结果表明,HybirdBot命令执行时间基本控制在1s以内,运行时CPU占用率只达1-2%,平均每条命令所产的流量也只有0.62kb.证明该移动僵尸网络具有高效性,隐匿性好而且消耗少,最后本文还提出了几种防御策略.

英文摘要：

Mobile botnets performing malicious behavior such as malicious chargeback,disclosure of private information, constitutes a huge risk for mobile users. By constructing practical mobile botnets, we can better understand the mechanism of its working, and to make a direct and effective defense strategy. In this paper, we propose a design of integrated SMS and HTrP Protocol as command and control communication channel of the mobile botnets, and design a mobile botuet called HybirdBot. Ensure the command information accurate receiving and efficient execution while reduce consumption, and botnet traffic can be well hidden in other benign http traffic. The experimental results show that the execution time of HybirdBot basic controls in less than 1 second, and the CPU utiliza- tion rate of bot only 1% to 2%, and with an average traffic produced by each command only 0.62kb. The evaluation results prove that the mobile botnets with high efficiency, good stealthiness and less consuming. To conclude our paper, we suggest several defense strategies.