Wireless intrusion prevention system and method

1. A malware detection and mitigation system, comprising:

• a plurality of mobile devices configured to execute a respective plurality of monitors operably adapted to scan network communications to determine destinations of the network communications, amounts of network traffic including one or more of the network communications to the destinations over time intervals, and average packet size of the network communications;
  
  a plurality of detection agents each executing on a respective one of the mobile devices and operably adapted to communicate with at least one of the plurality of monitors of the respective one of the plurality of mobile devices, to determine normal amounts of network traffic over the time intervals to the destinations, to determine normal average packet size of the network communications to the destinations, to detect changes in the amounts of network traffic over the time intervals to a particular destination relative to the determined normal amount of network traffic to the particular destination over the time intervals, to detect changes in the average packet size of the network communications to the particular destination relative to the determined normal average packet size of the network communications to the particular detection, to detect a malware attack based on at least one of detected changes in the amount of network traffic over the time intervals, detected changes in the average packet size, and the destinations of the network communications, and to communicate an attack indication when the malware attack is detected; and
  
  a network device separate from the one of the plurality of mobile devices, wherein the network device comprises a mitigating agent operably adapted to communicate with the plurality of detection agents via a mobile network to receive the attack indication and to trigger a mitigating action in response in the mobile network to the attack indication.