Physica A: Statistical Mechanics and its Applications
The effect of infected external computers on the spread of viruses: A compartment modeling study
Introduction
Computer viruses, ranging from conventional viruses to network worms, are defined as malicious programs that can propagate among computers with no human awareness, and the widely popularized Internet has been used by evil people as the major propagation channel of viruses [1]. The past few decades have witnessed the rapid progress of computer viruses and the resulting great financial losses. It is generally appreciated that there is an inevitable lag from the emergence of a new virus to the release of the antivirus software targeting the virus and, during that lag, the virus can spread freely through the Internet, resulting in huge losses. Therefore, it is of the utmost importance to impede the rapid propagation of a new virus before its natural enemy appears. For that purpose, it is crucial to understand the laws governing the spread of computer viruses. Due to the noticeable similarity between computer viruses and their biological counterparts, Cohen [2] and Murray [3] suggested to exploit the compartment modeling technique developed in the epidemics of infectious diseases to study the spreading behavior of computer viruses. From then on, multifarious computer virus spreading models, ranging from conventional models [4], [5], [6], [7], [8], [9], [10], [11], [12], [13], [14], [15], [16], [17], [18], [19], [20] to delayed models [21], [22], [23], [24], [25], to impulsive models [26], [27] to stochastic models [28], to network-based models [29], [30], [31], have been proposed.
As the structures of computer viruses are much simpler than those of their biological counterparts, the development of an antivirus program can be achieved on a timescale comparable to that of the propagation of the targeted virus. For the purpose of suppressing the prevalence of a virus, the latest released antivirus software must be disseminated to different computers in an efficient way [32], [33], [34]. With this motivation, very recently Zhu et al. [35] proposed a virus–antivirus mixed spreading model, which is known as the SICS model. In our opinion, this work offers an effective approach to the assessment of efficiency of different dissemination strategies of antivirus software.
At any time, every computer worldwide is either on the Internet or outside of the Internet; a computer on the Internet is called internal, whereas a computer outside the Internet is called external. Inevitably, there are infected external computers. The dominating majority of previous models, however, were established based on the assumption that external computers are all uninfected, in disagreement with the actual conditions. Recently, a virus spreading model was reported by considering the effect of infected external computers [36]. One major defect suffered by this model is that the disseminating strategy of antivirus software is ignored completely. In our opinion, the effect of infected external computers on virus spreading should be investigated in the virus–antivirus mixed spreading framework.
This paper aims to understand how infected external computers affect the propagation of computer viruses. For that purpose, a new virus–antivirus spreading model, which takes into account the effect of infected/immune external computers, is established. A qualitative analysis shows that, unlike most previous models, the proposed model admits no virus-free equilibrium and possesses a globally asymptotically stable viral equilibrium. This result implies that it would be unachievable to eradicate all viruses on the Internet. Consequently, the next best thing is to suppress the prevalence of viruses to below an acceptable level. Based on a theoretical study of the effect of different parameters on the steady number of infected internal computers, a collection of suggestions for containing virus spreading are proposed.
The remaining materials in this paper are organized in this fashion: Section 2 formulates the new model. Section 3 focuses on the dynamical properties of the proposed model. The effect of different parameters on the steady virus prevalence is examined in Section 4. Finally, Section 5 concludes this work.
Section snippets
Model formulation
Let us assume that the Internet can offer a point-to-point communication service for each pair of computers on the Internet. For brevity, computers shall be called nodes. A node is internal if it is currently on the Internet, otherwise it is external. All nodes worldwide are assumed to be in one of three possible states: susceptible, infected, and immune. Although susceptible and immune nodes are both uninfected, a susceptible node is not installed with the latest version of antivirus software
Model analysis
We are ready to study the dynamical properties of system (1).
Further discussions
The main result in this paper (i.e., Theorem 3.3 given in the previous section) tells us the cruel reality that, in practice, computer viruses cannot be eradicated from the Internet. As a result, the next best thing is to take proper measures so that the virus prevalence is suppressed to below an acceptable level. For that purpose, it is critical to have a comprehensive knowledge of the effect of different parameters on the steady virus prevalence (i.e., ). To this end, let us first
Concluding remarks
For the purpose of understanding the effect of infected external computers on the spread of computer viruses, a novel virus–antivirus spreading model has been established. It has been shown that, in any case, this model has a globally asymptotically stable viral equilibrium. As thus, restraining the virus prevalence to below an acceptable level would be the next best thing. Based on a theoretical study of the effect of different parameters on the steady virus prevalence, a number of suggestions
Acknowledgment
This work is supported by Doctorate Foundation of Educational Ministry of China (Grant No. 20110191110022).
References (41)
Computer viruses: theory and experiments
Comput. Secur.
(1987)- et al.
Network virus-epidemic model with the point-to-group information
Appl. Math. Comput.
(2008) - et al.
Dynamic models for computer viruses
Comput. Secur.
(2008) - et al.
A modified epidemiological model for computer viruses
Appl. Math. Comput.
(2009) - et al.
SEIQRS model for the transmission of malicious objects in computer network
Appl. Math. Model.
(2010) - et al.
Dynamic model of worms with vertical transmission in computer network
Appl. Math. Comput.
(2011) - et al.
A novel computer virus model and its dynamics
Nonlinear Anal. RWA
(2012) - et al.
Stability analysis of VEISV propagation modeling for network worm attack
Appl. Math. Model.
(2012) - et al.
The spread of computer viruses under the influence of removable storage devices
Appl. Math. Comput.
(2012) - et al.
Modeling and analysis of the spread of computer virus
Commun. Nonlinear Sci. Numer. Simul.
(2012)
Optimal control of computer virus under a delayed model
Appl. Math. Comput.
A computer virus model with graded cure rates
Nonlinear Anal. RWA
Fixed period of temporary immunity after run of anti-malicious software on computer nodes
Appl. Math. Comput.
SEIRS epidemic model with delay for transmission of malicious objects in computer network
Appl. Math. Comput.
Dynamical behavior of computer virus on internet
Appl. Math. Comput.
Hopf bifurcation analysis of a delayed viral infection model in computer networks
Math. Comput. Model.
A delayed computer virus propagation model and its dynamics
Chaos Solitons Fractals
Pulse quarantine strategy of internet worm propagation: modeling and analysis
Comput. Electr. Eng.
Epidemics of computer viruses: a complex-network approach
Appl. Math. Comput.
The Art of Computer Virus Research and Defense
Cited by (43)
Optimal control strategies for a computer network under virus threat
2023, Journal of Computational and Applied MathematicsTowards understanding the effectiveness of patch injection
2019, Physica A: Statistical Mechanics and its ApplicationsA hardware friendly unsupervised memristive neural network with weight sharing mechanism
2019, NeurocomputingCitation Excerpt :Under these technique limitations, realizing memristive characteristics by mature circuit methods [23] becomes a practicable way. Specially, standard integrated circuit technologies [24,25], such as digital signal processing (DSP), field programmable gate arrays (FPGA) and application specific integrated circuits (ASIC), have advantages like high operation speed, good noise robustness and great expansibility, which are convenient for memristive characteristics’ implementations [26]. Likewise, realizing neural networks by mature hardware is also an achievable way for extremely high operation speed and relative low cost [27-29].
A predator–prey model on the attacking behavior of malicious objects in wireless nanosensor networks
2018, Nano Communication NetworksGlobal attractivity and optimal dynamic countermeasure of a virus propagation model in complex networks
2018, Physica A: Statistical Mechanics and its Applications