Optimal control analysis of malware propagation in cloud environments

Cloud computing has become a widespread technology that delivers a broad range of services across various industries globally. One of the crucial features of cloud infrastructure is virtual machine (VM) migration, which plays a pivotal role in resource allocation flexibility and reducing energy consumption, but it also provides convenience for the fast propagation of malware. To tackle the challenge of curtailing the proliferation of malware in the cloud, this paper proposes an effective strategy based on optimal dynamic immunization using a controlled dynamical model. The objective of the research is to identify the most efficient way of dynamically immunizing the cloud to minimize the spread of malware. To achieve this, we define the control strategy and loss and give the corresponding optimal control problem. The optimal control analysis of the controlled dynamical model is examined theoretically and experimentally. Finally, the theoretical and experimental results both demonstrate that the optimal strategy can minimize the incidence of infections at a reasonable loss

An Extensive Validation of a SIR Epidemic Model to Study the Propagation of Jamming Attacks against IoT Wireless Networks.

This paper describes the utilization of an epidemic approach to study the propagation of jamming attacks, which can affect to different communication layers of all nodes in a variety of Internet of Things (IoT) wireless networks, regardless of the complexity and computing power of the devices. The jamming term considers both the more classical approach of interfering signals focusing on the physical level of the systems, and the cybersecurity approach that includes the attacks generated in upper layers like Medium Access Control (MAC), producing the same effect on the communication channel. In order to study the accuracy of the proposed epidemic model to estimate the propagation of jamming attacks, this paper uses the results of public simulations and experiments. It is of special interest the data obtained from experiments based on protocols such as Multi-Parent Hierarchical Protocol (MPH), Ad-hoc On-demand Distance Vector (AODV), and Dynamic Source Routing (DSR), working over the IEEE 802.15.4 standard. Then, using the formulation of the deterministic epidemiological model Susceptible–Infected–Recovered (SIR), together the abovementioned simulation, it has been seen that the proposed epidemic model could be used to estimate in that kind of IoT networks, the impact of the jamming attack in terms of attack severity and attack persistenceThis research has been partially supported by Ministerio de Economía, Industria y Competitividad (MINECO), Agencia Estatal de Investigación (AEI), and Fondo Europeo de Desarrollo Regional (FEDER, UE) under projects TIN2017-84844-C2-1-R and PGC2018-098813-B-C32

Modelling the malware propagation in mobile computer devices

Nowadays malware is a major threat to the security of cyber activities. The rapid development of the Internet and the progressive implementation of the Internet of Things (IoT) increase the security needs of networks. This research presents a theoretical model of malware propagation for mobile computer devices. It is based on the susceptible-exposed-infected-recovered-susceptible (SEIRS) epidemic model. The scheme is based on a concrete connection pattern between nodes defined by both a particular neighbourhood which fixes the connection between devices, and a local rule which sets whether the link is infective or not. The results corroborate the ability of our model to perform the behaviour patterns provided by the ordinary differential equation (ODE) traditional method

Cyber Network Resilience against Self-Propagating Malware Attacks

Self-propagating malware (SPM) has led to huge financial losses, major data breaches, and widespread service disruptions in recent years. In this paper, we explore the problem of developing cyber resilient systems capable of mitigating the spread of SPM attacks. We begin with an in-depth study of a well-known self-propagating malware, WannaCry, and present a compartmental model called SIIDR that accurately captures the behavior observed in real-world attack traces. Next, we investigate ten cyber defense techniques, including existing edge and node hardening strategies, as well as newly developed methods based on reconfiguring network communication (NodeSplit) and isolating communities. We evaluate all defense strategies in detail using six real-world communication graphs collected from a large retail network and compare their performance across a wide range of attacks and network topologies. We show that several of these defenses are able to efficiently reduce the spread of SPM attacks modeled with SIIDR. For instance, given a strong attack that infects 97% of nodes when no defense is employed, strategically securing a small number of nodes (0.08%) reduces the infection footprint in one of the networks down to 1%.Comment: 20 page