Modelling the Spread of Botnet Malware in IoT-Based Wireless Sensor Networks

The propagation approach of a botnet largely dictates its formation, establishing a foundation of bots for future exploitation. The chosen propagation method determines the attack surface, and consequently, the degree of network penetration, as well as the overall size and the eventual attack potency. It is therefore essential to understand propagation behaviours and influential factors in order to better secure vulnerable systems. Whilst botnet propagation is generally well-studied, newer technologies like IoT have unique characteristics which are yet to be thoroughly explored. In this paper, we apply the principles of epidemic modelling to IoT networks consisting of wireless sensor nodes. We build IoT-SIS, a novel propagation model which considers the impact of IoT-specific characteristics like limited processing power, energy restrictions, and node density on the formation of a botnet. Focusing on worm-based propagation, this model is used to explore the dynamics of spread using numerical simulations and the Monte Carlo method, and to discuss the real-life implications of our findings

Malware propagation in Wireless Sensor Networks: global models vs Individual-based models

The main goal of this work is to propose a new framework to design a novel family of mathematical models to simulate malware spreading in wireless sensor networks (WSNs). An analysis of the proposed models in the scientific literature reveals that the great majority are global models based on systems of ordinary differential equations such that they do not consider the individual characteristics of the sensors and their local interactions. This is a major drawback when WSNs are considered. Taking into account the main characteristics of WSNs (elements and topologies of network, life cycle of the nodes, etc.) it is shown that individual-based models are more suitable for this purpose than global ones. The main features of this new type of malware propagation models for WSNs are stated

An information diffusion model in social networks with carrier compartment and delay

With the wide applications of the communication networks, the topic of information networks security is getting more and more attention from governments and individuals. This paper is devoted to investigating a malware propagation model with carrier compartment and delay to describe the process of malware propagation in mobile wireless sensor networks. Based on matrix theory for characteristic values, the local stability criterion of equilibrium points is established. Applying the linear approximation method of nonlinear systems, we study the existence of Hopf bifurcation at the equilibrium points. At the same time, we identify some sensitive parameters in the process of malware propagation. Finally, numerical simulations are performed to illustrate the theoretical results

A survey of intrusion detection system technologies

This paper provides an overview of IDS types and how they work as well as configuration considerations and issues that affect them. Advanced methods of increasing the performance of an IDS are explored such as specification based IDS for protecting Supervisory Control And Data Acquisition (SCADA) and Cloud networks. Also by providing a review of varied studies ranging from issues in configuration and specific problems to custom techniques and cutting edge studies a reference can be provided to others interested in learning about and developing IDS solutions. Intrusion Detection is an area of much required study to provide solutions to satisfy evolving services and networks and systems that support them. This paper aims to be a reference for IDS technologies other researchers and developers interested in the field of intrusion detection

Reliability Evaluation for Clustered WSNs under Malware Propagation.

We consider a clustered wireless sensor network (WSN) under epidemic-malware propagation conditions and solve the problem of how to evaluate its reliability so as to ensure efficient, continuous, and dependable transmission of sensed data from sensor nodes to the sink. Facing the contradiction between malware intention and continuous-time Markov chain (CTMC) randomness, we introduce a strategic game that can predict malware infection in order to model a successful infection as a CTMC state transition. Next, we devise a novel measure to compute the Mean Time to Failure (MTTF) of a sensor node, which represents the reliability of a sensor node continuously performing tasks such as sensing, transmitting, and fusing data. Since clustered WSNs can be regarded as parallel-serial-parallel systems, the reliability of a clustered WSN can be evaluated via classical reliability theory. Numerical results show the influence of parameters such as the true positive rate and the false positive rate on a sensor node's MTTF. Furthermore, we validate the method of reliability evaluation for a clustered WSN according to the number of sensor nodes in a cluster, the number of clusters in a route, and the number of routes in the WSN