The effect of infected external computers on the spread of viruses: A compartment modeling study

https://doi.org/10.1016/j.physa.2013.08.024Get rights and content

Highlights

  • We propose a novel virus–antivirus mixed spreading model.

  • We prove that this model has a globally asymptotically stable viral equilibrium.

  • We find that computer viruses cannot be eradicated.

  • We analyze the effect of different parameters on the steady virus prevalence.

  • We make a number of suggestions for containing the spread of computer viruses.

Abstract

Inevitably, there exist infected computers outside of the Internet. This paper aims to understand how infected external computers affect the spread of computer viruses. For that purpose, a new virus–antivirus spreading model, which takes into account the effect of infected/immune external computers, is established. A systematic study shows that, unlike most previous models, the proposed model admits no virus-free equilibrium and admits a globally asymptotically stable viral equilibrium. This result implies that it would be practically impossible to eradicate viruses on the Internet. As a result, inhibiting the virus prevalence to below an acceptable level would be the next best thing. A theoretical study reveals the effect of different parameters on the steady virus prevalence. On this basis, a number of suggestions are made so as to contain virus spreading.

Introduction

Computer viruses, ranging from conventional viruses to network worms, are defined as malicious programs that can propagate among computers with no human awareness, and the widely popularized Internet has been used by evil people as the major propagation channel of viruses  [1]. The past few decades have witnessed the rapid progress of computer viruses and the resulting great financial losses. It is generally appreciated that there is an inevitable lag from the emergence of a new virus to the release of the antivirus software targeting the virus and, during that lag, the virus can spread freely through the Internet, resulting in huge losses. Therefore, it is of the utmost importance to impede the rapid propagation of a new virus before its natural enemy appears. For that purpose, it is crucial to understand the laws governing the spread of computer viruses. Due to the noticeable similarity between computer viruses and their biological counterparts, Cohen  [2] and Murray  [3] suggested to exploit the compartment modeling technique developed in the epidemics of infectious diseases to study the spreading behavior of computer viruses. From then on, multifarious computer virus spreading models, ranging from conventional models  [4], [5], [6], [7], [8], [9], [10], [11], [12], [13], [14], [15], [16], [17], [18], [19], [20] to delayed models  [21], [22], [23], [24], [25], to impulsive models  [26], [27] to stochastic models  [28], to network-based models  [29], [30], [31], have been proposed.

As the structures of computer viruses are much simpler than those of their biological counterparts, the development of an antivirus program can be achieved on a timescale comparable to that of the propagation of the targeted virus. For the purpose of suppressing the prevalence of a virus, the latest released antivirus software must be disseminated to different computers in an efficient way  [32], [33], [34]. With this motivation, very recently Zhu et al.  [35] proposed a virus–antivirus mixed spreading model, which is known as the SICS model. In our opinion, this work offers an effective approach to the assessment of efficiency of different dissemination strategies of antivirus software.

At any time, every computer worldwide is either on the Internet or outside of the Internet; a computer on the Internet is called internal, whereas a computer outside the Internet is called external. Inevitably, there are infected external computers. The dominating majority of previous models, however, were established based on the assumption that external computers are all uninfected, in disagreement with the actual conditions. Recently, a virus spreading model was reported by considering the effect of infected external computers  [36]. One major defect suffered by this model is that the disseminating strategy of antivirus software is ignored completely. In our opinion, the effect of infected external computers on virus spreading should be investigated in the virus–antivirus mixed spreading framework.

This paper aims to understand how infected external computers affect the propagation of computer viruses. For that purpose, a new virus–antivirus spreading model, which takes into account the effect of infected/immune external computers, is established. A qualitative analysis shows that, unlike most previous models, the proposed model admits no virus-free equilibrium and possesses a globally asymptotically stable viral equilibrium. This result implies that it would be unachievable to eradicate all viruses on the Internet. Consequently, the next best thing is to suppress the prevalence of viruses to below an acceptable level. Based on a theoretical study of the effect of different parameters on the steady number of infected internal computers, a collection of suggestions for containing virus spreading are proposed.

The remaining materials in this paper are organized in this fashion: Section  2 formulates the new model. Section  3 focuses on the dynamical properties of the proposed model. The effect of different parameters on the steady virus prevalence is examined in Section  4. Finally, Section  5 concludes this work.

Section snippets

Model formulation

Let us assume that the Internet can offer a point-to-point communication service for each pair of computers on the Internet. For brevity, computers shall be called nodes. A node is internal if it is currently on the Internet, otherwise it is external. All nodes worldwide are assumed to be in one of three possible states: susceptible, infected, and immune. Although susceptible and immune nodes are both uninfected, a susceptible node is not installed with the latest version of antivirus software

Model analysis

We are ready to study the dynamical properties of system (1).

Further discussions

The main result in this paper (i.e.,  Theorem 3.3 given in the previous section) tells us the cruel reality that, in practice, computer viruses cannot be eradicated from the Internet. As a result, the next best thing is to take proper measures so that the virus prevalence is suppressed to below an acceptable level. For that purpose, it is critical to have a comprehensive knowledge of the effect of different parameters on the steady virus prevalence (i.e.,  I). To this end, let us first

Concluding remarks

For the purpose of understanding the effect of infected external computers on the spread of computer viruses, a novel virus–antivirus spreading model has been established. It has been shown that, in any case, this model has a globally asymptotically stable viral equilibrium. As thus, restraining the virus prevalence to below an acceptable level would be the next best thing. Based on a theoretical study of the effect of different parameters on the steady virus prevalence, a number of suggestions

Acknowledgment

This work is supported by Doctorate Foundation of Educational Ministry of China (Grant No. 20110191110022).

References (41)

  • Q. Zhu et al.

    Optimal control of computer virus under a delayed model

    Appl. Math. Comput.

    (2012)
  • L.-X. Yang et al.

    A computer virus model with graded cure rates

    Nonlinear Anal. RWA

    (2013)
  • B.K. Mishra et al.

    Fixed period of temporary immunity after run of anti-malicious software on computer nodes

    Appl. Math. Comput.

    (2007)
  • B.K. Mishra et al.

    SEIRS epidemic model with delay for transmission of malicious objects in computer network

    Appl. Math. Comput.

    (2007)
  • X. Han et al.

    Dynamical behavior of computer virus on internet

    Appl. Math. Comput.

    (2010)
  • L. Feng et al.

    Hopf bifurcation analysis of a delayed viral infection model in computer networks

    Math. Comput. Model.

    (2012)
  • J. Ren et al.

    A delayed computer virus propagation model and its dynamics

    Chaos Solitons Fractals

    (2012)
  • Y. Yao et al.

    Pulse quarantine strategy of internet worm propagation: modeling and analysis

    Comput. Electr. Eng.

    (2012)
  • L.-X. Yang et al.

    Epidemics of computer viruses: a complex-network approach

    Appl. Math. Comput.

    (2013)
  • P. Szor

    The Art of Computer Virus Research and Defense

    (2005)
  • Cited by (43)

    • Optimal control strategies for a computer network under virus threat

      2023, Journal of Computational and Applied Mathematics
    • Towards understanding the effectiveness of patch injection

      2019, Physica A: Statistical Mechanics and its Applications
    • A hardware friendly unsupervised memristive neural network with weight sharing mechanism

      2019, Neurocomputing
      Citation Excerpt :

      Under these technique limitations, realizing memristive characteristics by mature circuit methods [23] becomes a practicable way. Specially, standard integrated circuit technologies [24,25], such as digital signal processing (DSP), field programmable gate arrays (FPGA) and application specific integrated circuits (ASIC), have advantages like high operation speed, good noise robustness and great expansibility, which are convenient for memristive characteristics’ implementations [26]. Likewise, realizing neural networks by mature hardware is also an achievable way for extremely high operation speed and relative low cost [27-29].

    View all citing articles on Scopus
    View full text