3,291 research outputs found
The Opportunistic Transmission of Wireless Worms between Mobile Devices
The ubiquity of portable wireless-enabled computing and communications
devices has stimulated the emergence of malicious codes (wireless worms) that
are capable of spreading between spatially proximal devices. The potential
exists for worms to be opportunistically transmitted between devices as they
move around, so human mobility patterns will have an impact on epidemic spread.
The scenario we address in this paper is proximity attacks from fleetingly
in-contact wireless devices with short-range communication range, such as
Bluetooth-enabled smart phones. An individual-based model of mobile devices is
introduced and the effect of population characteristics and device behaviour on
the outbreak dynamics is investigated. We show through extensive simulations
that in the above scenario the resulting mass-action epidemic models remain
applicable provided the contact rate is derived consistently from the
underlying mobility model. The model gives useful analytical expressions
against which more refined simulations of worm spread can be developed and
tested.Comment: Submitted for publicatio
Worm Epidemics in Wireless Adhoc Networks
A dramatic increase in the number of computing devices with wireless
communication capability has resulted in the emergence of a new class of
computer worms which specifically target such devices. The most striking
feature of these worms is that they do not require Internet connectivity for
their propagation but can spread directly from device to device using a
short-range radio communication technology, such as WiFi or Bluetooth. In this
paper, we develop a new model for epidemic spreading of these worms and
investigate their spreading in wireless ad hoc networks via extensive Monte
Carlo simulations. Our studies show that the threshold behaviour and dynamics
of worm epidemics in these networks are greatly affected by a combination of
spatial and temporal correlations which characterize these networks, and are
significantly different from the previously studied epidemics in the Internet
Malware "Ecology" Viewed as Ecological Succession: Historical Trends and Future Prospects
The development and evolution of malware including computer viruses, worms,
and trojan horses, is shown to be closely analogous to the process of community
succession long recognized in ecology. In particular, both changes in the
overall environment by external disturbances, as well as, feedback effects from
malware competition and antivirus coevolution have driven community succession
and the development of different types of malware with varying modes of
transmission and adaptability.Comment: 13 pages, 3 figure
Recommended from our members
Modelling the Spread of Botnet Malware in IoT-Based Wireless Sensor Networks
The propagation approach of a botnet largely dictates its formation, establishing a foundation of bots for future exploitation. The chosen propagation method determines the attack surface, and consequently, the degree of network penetration, as well as the overall size and the eventual attack potency. It is therefore essential to understand propagation behaviours and influential factors in order to better secure vulnerable systems. Whilst botnet propagation is generally well-studied, newer technologies like IoT have unique characteristics which are yet to be thoroughly explored. In this paper, we apply the principles of epidemic modelling to IoT networks consisting of wireless sensor nodes. We build IoT-SIS, a novel propagation model which considers the impact of IoT-specific characteristics like limited processing power, energy restrictions, and node density on the formation of a botnet. Focusing on worm-based propagation, this model is used to explore the dynamics of spread using numerical simulations and the Monte Carlo method, and to discuss the real-life implications of our findings
Epidemic Thresholds with External Agents
We study the effect of external infection sources on phase transitions in
epidemic processes. In particular, we consider an epidemic spreading on a
network via the SIS/SIR dynamics, which in addition is aided by external agents
- sources unconstrained by the graph, but possessing a limited infection rate
or virulence. Such a model captures many existing models of externally aided
epidemics, and finds use in many settings - epidemiology, marketing and
advertising, network robustness, etc. We provide a detailed characterization of
the impact of external agents on epidemic thresholds. In particular, for the
SIS model, we show that any external infection strategy with constant virulence
either fails to significantly affect the lifetime of an epidemic, or at best,
sustains the epidemic for a lifetime which is polynomial in the number of
nodes. On the other hand, a random external-infection strategy, with rate
increasing linearly in the number of infected nodes, succeeds under some
conditions to sustain an exponential epidemic lifetime. We obtain similar sharp
thresholds for the SIR model, and discuss the relevance of our results in a
variety of settings.Comment: 12 pages, 2 figures (to appear in INFOCOM 2014
Epidemic Spreading with External Agents
We study epidemic spreading processes in large networks, when the spread is
assisted by a small number of external agents: infection sources with bounded
spreading power, but whose movement is unrestricted vis-\`a-vis the underlying
network topology. For networks which are `spatially constrained', we show that
the spread of infection can be significantly speeded up even by a few such
external agents infecting randomly. Moreover, for general networks, we derive
upper-bounds on the order of the spreading time achieved by certain simple
(random/greedy) external-spreading policies. Conversely, for certain common
classes of networks such as line graphs, grids and random geometric graphs, we
also derive lower bounds on the order of the spreading time over all
(potentially network-state aware and adversarial) external-spreading policies;
these adversarial lower bounds match (up to logarithmic factors) the spreading
time achieved by an external agent with a random spreading policy. This
demonstrates that random, state-oblivious infection-spreading by an external
agent is in fact order-wise optimal for spreading in such spatially constrained
networks
Hybrid Epidemics - A Case Study on Computer Worm Conficker
Conficker is a computer worm that erupted on the Internet in 2008. It is
unique in combining three different spreading strategies: local probing,
neighbourhood probing, and global probing. We propose a mathematical model that
combines three modes of spreading, local, neighbourhood and global to capture
the worm's spreading behaviour. The parameters of the model are inferred
directly from network data obtained during the first day of the Conifcker
epidemic. The model is then used to explore the trade-off between spreading
modes in determining the worm's effectiveness. Our results show that the
Conficker epidemic is an example of a critically hybrid epidemic, in which the
different modes of spreading in isolation do not lead to successful epidemics.
Such hybrid spreading strategies may be used beneficially to provide the most
effective strategies for promulgating information across a large population.
When used maliciously, however, they can present a dangerous challenge to
current internet security protocols
- …