Estimating Infection Sources in Networks Using Partial Timestamps

We study the problem of identifying infection sources in a network based on the network topology, and a subset of infection timestamps. In the case of a single infection source in a tree network, we derive the maximum likelihood estimator of the source and the unknown diffusion parameters. We then introduce a new heuristic involving an optimization over a parametrized family of Gromov matrices to develop a single source estimation algorithm for general graphs. Compared with the breadth-first search tree heuristic commonly adopted in the literature, simulations demonstrate that our approach achieves better estimation accuracy than several other benchmark algorithms, even though these require more information like the diffusion parameters. We next develop a multiple sources estimation algorithm for general graphs, which first partitions the graph into source candidate clusters, and then applies our single source estimation algorithm to each cluster. We show that if the graph is a tree, then each source candidate cluster contains at least one source. Simulations using synthetic and real networks, and experiments using real-world data suggest that our proposed algorithms are able to estimate the true infection source(s) to within a small number of hops with a small portion of the infection timestamps being observed.Comment: 15 pages, 15 figures, accepted by IEEE Transactions on Information Forensics and Securit

Evolution of Malware Threats and Techniques: a Review

The rapid development of technology, and its usage, in our everyday lives caused us to depend on many of the aspects it offers. The evolution of the Internet in recent decades has changed human life drastically as accessing knowledge, communication, and social interaction, became readily available. Nowadays, we have become dependent on our PCs and smart devices in accomplishing everyday tasks. People are using these devices to store valuable information. This information became the target of cybercriminals who are constantly creating new ways to gain unauthorized access to it. In the past few decades, cybercrime and the construction of malicious software (malware), have seen a significant rise. In this research, we present a literature review of the historical evolution of malware. We describe the common characteristics and propagation methods for the types of malware in each phase of its evolution. Furthermore, we illustrate the purpose of its creation and the damages it has caused. The purpose of this study is to provide researchers with background about malware and its evolution leading up to present day threats

Weak ties: Subtle role of information diffusion in online social networks

As a social media, online social networks play a vital role in the social information diffusion. However, due to its unique complexity, the mechanism of the diffusion in online social networks is different from the ones in other types of networks and remains unclear to us. Meanwhile, few works have been done to reveal the coupled dynamics of both the structure and the diffusion of online social networks. To this end, in this paper, we propose a model to investigate how the structure is coupled with the diffusion in online social networks from the view of weak ties. Through numerical experiments on large-scale online social networks, we find that in contrast to some previous research results, selecting weak ties preferentially to republish cannot make the information diffuse quickly, while random selection can achieve this goal. However, when we remove the weak ties gradually, the coverage of the information will drop sharply even in the case of random selection. We also give a reasonable explanation for this by extra analysis and experiments. Finally, we conclude that weak ties play a subtle role in the information diffusion in online social networks. On one hand, they act as bridges to connect isolated local communities together and break through the local trapping of the information. On the other hand, selecting them as preferential paths to republish cannot help the information spread further in the network. As a result, weak ties might be of use in the control of the virus spread and the private information diffusion in real-world applications.Comment: Final version published in PR

From ZeuS to Zitmo : trends in banking malware

In the crimeware world, financial botnets are a global threat to banking organizations. Such malware purposely performs financial fraud and steals critical information from clients' computers. A common example of banking malware is the ZeuS botnet. Recently, variants of this malware have targeted mobile platforms, as The-ZeuS-in-the-Mobile or Zitmo. With the rise in mobile systems, platform security is becoming a major concern across the mobile world, with rising incidence of compromising Android devices. In similar vein, there have been mobile botnet attacks on iPhones, Blackberry and Symbian devices. In this setting, we report on trends and developments of ZeuS and its variants

Mobile Malware Implications for IT Management

Since the turn of the century malicious software, called malware, has been generated to infect not only computer systems but also ‘smart’ mobile phones. This malicious code is designed specifically to infect the mobile devices and disrupt the operation of the device or to send messages or make calls, resulting in financial loss to the user. The paper analyses trends in mobile malware from the listings of the malware descriptions. These trends show the increasing severity of the mobile malware problem, the introduction of new malware types, and the changing focus on the malware objectives; predictions of possible future trends are made. The implications of these trends for organisational management are discussed, and possible countermeasures to the risks are suggested