Epidemic Spreading with External Agents

We study epidemic spreading processes in large networks, when the spread is assisted by a small number of external agents: infection sources with bounded spreading power, but whose movement is unrestricted vis-\`a-vis the underlying network topology. For networks which are `spatially constrained', we show that the spread of infection can be significantly speeded up even by a few such external agents infecting randomly. Moreover, for general networks, we derive upper-bounds on the order of the spreading time achieved by certain simple (random/greedy) external-spreading policies. Conversely, for certain common classes of networks such as line graphs, grids and random geometric graphs, we also derive lower bounds on the order of the spreading time over all (potentially network-state aware and adversarial) external-spreading policies; these adversarial lower bounds match (up to logarithmic factors) the spreading time achieved by an external agent with a random spreading policy. This demonstrates that random, state-oblivious infection-spreading by an external agent is in fact order-wise optimal for spreading in such spatially constrained networks

Distributed interaction between computer virus and patch: A modeling study

The decentralized patch distribution mechanism holds significant promise as an alternative to its centralized counterpart. For the purpose of accurately evaluating the performance of the decentralized patch distribution mechanism and based on the exact SIPS model that accurately captures the average dynamics of the interaction between viruses and patches, a new virus-patch interacting model, which is known as the generic SIPS model, is proposed. This model subsumes the linear SIPS model. The dynamics of the generic SIPS model is studied comprehensively. In particular, a set of criteria for the final extinction or/and long-term survival of viruses or/and patches are presented. Some conditions for the linear SIPS model to accurately capture the average dynamics of the virus-patch interaction are empirically found. As a consequence, the linear SIPS model can be adopted as a standard model for assessing the performance of the distributed patch distribution mechanism, provided the proper conditions are satisfied

Simulations of Large-scale WiFi-based Wireless Networks: Interdisciplinary Challenges and Applications

Wireless Fidelity (WiFi) is the fastest growing wireless technology to date. In addition to providing wire-free connectivity to the Internet WiFi technology also enables mobile devices to connect directly to each other and form highly dynamic wireless adhoc networks. Such distributed networks can be used to perform cooperative communication tasks such ad data routing and information dissemination in the absence of a fixed infrastructure. Furthermore, adhoc grids composed of wirelessly networked portable devices are emerging as a new paradigm in grid computing. In this paper we review computational and algorithmic challenges of high-fidelity simulations of such WiFi-based wireless communication and computing networks, including scalable topology maintenance, mobility modelling, parallelisation and synchronisation. We explore similarities and differences between the simulations of these networks and simulations of interacting many-particle systems, such as molecular dynamics (MD) simulations. We show how the cell linked-list algorithm which we have adapted from our MD simulations can be used to greatly improve the computational performance of wireless network simulators in the presence of mobility, and illustrate with an example from our simulation studies of worm attacks on mobile wireless adhoc networks.Comment: Future Generation Computer Systems, Article in Pres

Least Effort Strategies for Cybersecurity

Cybersecurity is an issue of increasing concern since the events of September 11th. Many questions have been raised concerning the security of the Internet and the rest of the US's information infrastructure. This paper begins to examine the issue by analyzing the Internet's autonomous system (AS) map. Using the AS map, malicious infections are simulated and different defense strategies are considered in a cost benefit framework. The results show that protecting the most connected nodes provides significant gains in security and that after the small minority of most connected nodes are protected there are diminishing returns for further protection. Although if parts of the small minority are not protected, such as non-US networks, protection levels are significantly decreased.Comment: 15 pages, 6 figure

Assessing the risk of advanced persistent threats

As a new type of cyber attacks, advanced persistent threats (APTs) pose a severe threat to modern society. This paper focuses on the assessment of the risk of APTs. Based on a dynamic model characterizing the time evolution of the state of an organization, the organization's risk is defined as its maximum possible expected loss, and the risk assessment problem is modeled as a constrained optimization problem. The influence of different factors on an organization's risk is uncovered through theoretical analysis. Based on extensive experiments, we speculate that the attack strategy obtained by applying the hill-climbing method to the proposed optimization problem, which we call the HC strategy, always leads to the maximum possible expected loss. We then present a set of five heuristic attack strategies and, through comparative experiments, show that the HC strategy causes a higher risk than all these heuristic strategies do, which supports our conjecture. Finally, the impact of two factors on the attacker's HC cost profit is determined through computer simulations. These findings help understand the risk of APTs in a quantitative manner.Comment: advanced persistent threat, risk assessment, expected loss, attack strategy, constrained optimizatio

Visibility-Aware Optimal Contagion of Malware Epidemics

Recent innovations in the design of computer viruses have led to new trade-offs for the attacker. Multiple variants of a malware may spread at different rates and have different levels of visibility to the network. In this work we examine the optimal strategies for the attacker so as to trade off the extent of spread of the malware against the need for stealth. We show that in the mean-field deterministic regime, this spread-stealth trade-off is optimized by computationally simple single-threshold policies. Specifically, we show that only one variant of the malware is spread by the attacker at each time, as there exists a time up to which the attacker prioritizes maximizing the spread of the malware, and after which she prioritizes stealth.Comment: Amended to include more explanations on assumptions, add more real-world context on new stealthy malware, and improve figure

Got the Flu (or Mumps)? Check the Eigenvalue!

For a given, arbitrary graph, what is the epidemic threshold? That is, under what conditions will a virus result in an epidemic? We provide the super-model theorem, which generalizes older results in two important, orthogonal dimensions. The theorem shows that (a) for a wide range of virus propagation models (VPM) that include all virus propagation models in standard literature (say, [8][5]), and (b) for any contact graph, the answer always depends on the first eigenvalue of the connectivity matrix. We give the proof of the theorem, arithmetic examples for popular VPMs, like flu (SIS), mumps (SIR), SIRS and more. We also show the implications of our discovery: easy (although sometimes counter-intuitive) answers to `what-if' questions; easier design and evaluation of immunization policies, and significantly faster agent-based simulations.Comment: 26 pages, 12 figures, uses Tik

Information Propagation in Clustered Multilayer Networks

In today's world, individuals interact with each other in more complicated patterns than ever. Some individuals engage through online social networks (e.g., Facebook, Twitter), while some communicate only through conventional ways (e.g., face-to-face). Therefore, understanding the dynamics of information propagation among humans calls for a multi-layer network model where an online social network is conjoined with a physical network. In this work, we initiate a study of information diffusion in a clustered multi-layer network model, where all constituent layers are random networks with high clustering. We assume that information propagates according to the SIR model and with different information transmissibility across the networks. We give results for the conditions, probability, and size of information epidemics, i.e., cases where information starts from a single individual and reaches a positive fraction of the population. We show that increasing the level of clustering in either one of the layers increases the epidemic threshold and decreases the final epidemic size in the whole system. An interesting finding is that information with low transmissibility spreads more effectively with a small but densely connected social network, whereas highly transmissible information spreads better with the help of a large but loosely connected social network

Modified SI Epidemic Model for Combating Virus Spread in Spatially Correlated Wireless Sensor Networks

In wireless sensor networks (WSNs), main task of each sensor node is to sense the physical activity (i.e., targets or disaster conditions) and then to report it to the control center for further process. For this, sensor nodes are attached with many sensors having ability to measure the environmental information. Spatial correlation between nodes exists in such wireless sensor network based on common sensory coverage and then the redundant data communication is observed. To study virus spreading dynamics in such scenario, a modified SI epidemic model is derived mathematically by incorporating WSN parameters such as spatial correlation, node density, sensing range, transmission range, total sensor nodes etc. The solution for proposed SI model is also determined to study the dynamics with time. Initially, a small number of nodes are attacked by viruses and then virus infection propagates through its neighboring nodes over normal data communication. Since redundant nodes exists in correlated sensor field, virus spread process could be different with different sensory coverage. The proposed SI model captures spatial and temporal dynamics than existing ones which are global. The infection process leads to network failure. By exploiting spatial correlation between nodes, spread control scheme is developed to limit the further infection in the network. Numerical result analysis is provided with comparison for validation