A theoretical method for assessing disruptive computer viruses
Introduction
The convenience and popularization of the Internet have brought huge benefits to human society. Meanwhile, it offers a shortcut to spread computer viruses, inflicting large economic losses [1]. Consequently, the problem of how to effectively suppress digital viruses has long been a hot spot in the field of network security research. The epidemic modeling of computer infections is recognized as a feasible approach to the assessment of prevalence of electronic viruses as well as that of effectiveness of different virus-containing strategies [2]. Since the seminal work by Kephart and White [3], [4], multifarious computer virus spreading models, ranging from the coarsest population-level models [5], [6], [7], [8], [9], [10], [11], [12] and the intermediate network-level models [13], [14], [15], [16], [17] to the finest node-level epidemic models, have been proposed [18], [19], [20], [21], [22], [23].
Disruptive computer virusese are defined as those whose life period consists of two consecutive phases: the latent phase and the disruptive phase. In the latent phase, a disruptive virus staying in a host does not perform any disruptive operations. Rather, the virus tries to infect as many hosts as possible by sending its copies to them. In the disruptive phase, a disruptive virus staying in a host performs a variety of operations that disrupt the host, such as distorting data, deleting data or files, and destroying the operating system. For example, the notorious Melissa virus propagates by means of emails, paralyzing the email server. As the second instance, the CIH virus propagates through the Internet and emails, destroying the BIOS of all infected hosts on some prescribed dates. To assess the prevalence of disruptive viruses, a number of epidemic models, which are referred to as the Susceptible–Latent–Bursting–Susceptible (SLBS) models, have been suggested [24], [25], [26], [27], [28], which have been extended towards different directions [29], [30], [31], [32], [33], [34]. Recently, Yang et al. [35] established a node-level SLBS model, where all nodes have the same infecting rate, the same curing rate, and the same disruptive rate. In real-world applications, different nodes may enjoy different attributes and different safety levels. Therefore, they may have different infecting rates, different curing rates, and different bursting rates. In such scenarios, heterogeneous SLBS models may be more appropriate.
This paper addresses the issue of assessing the prevalence of disruptive computer viruses in the situation that every node in a network has its own virus-related attributes. For that purpose, a heterogeneous epidemic model is proposed. A criterion for the global stability of the virus-free equilibrium and a criterion for the existence of a unique viral equilibrium are given, respectively. Furthermore, extensive simulation experiments are conducted, and some interesting results are drawn from the experimental results. On this basis, some measures of suppressing disruptive malware are recommended.
The remaining materials of this work are organized in the following pattern. Section 2 formulates the new epidemic model. Section 3 theoretically studies this model, and Section 4 conducts extensive simulation experiments. This work is closed by Section 5.
Section snippets
The new model
Given a population of hosts (nodes) numbered . Let be the virus-spreading network, where , and if and only if disruptive viruses can propagate between node and node . From now on, is assumed to be unvaried and connected. Let denote the adjacency matrix of . Then is irreducible.
As with the traditional SLBS models, it is assumed that at any time every node in the network is in one of three possible states: susceptible, latent, and disruptive;
Analysis of the new model
This section addresses the dynamics of the heterogeneous SLBS model.
Simulation analysis
Let denote the fraction of infected nodes at time . That is,
Although Theorem 1 gives a sufficient condition for the global stability of the virus-free equilibrium, and Theorem 2 offers a sufficient condition for the existence of a viral equilibrium, the following questions are yet to be answered.
If the condition in Theorem 1 holds true, how fast does approach zero?
If the condition in Theorem 2 holds true, how about the dynamics of ?
If neither the
Conclusions and remarks
For the purpose of assessing the prevalence of disruptive computer viruses, a heterogeneous node-level SLBS model has been proposed. A criterion for the global stability of the virus-free equilibrium has been given, and a criterion for the existence of a unique viral equilibrium has been presented. Furthermore, extensive simulation experiments have been conducted, and thereby some interesting results have been concluded. On this basis, some measures of containing the prevalence of disruptive
Acknowledgments
The authors are grateful to the anonymous reviewers for their valuable suggestions. This work was supported by Science and Technology Support Program of China (Grant No. 2015BAF05B03), Natural Science Foundation of China (Grant Nos. 61572006, 71301177), Basic and Advanced Research Program of Chongqing (Grant No. cstc2013jcyjA1658), and Fundamental Research Funds for the Central Universities (Grant No. 106112014CDJZR008823).
References (55)
- et al.
A modified epidemiological model for computer viruses
Appl. Math. Comput.
(2009) - et al.
Influence of removable devices on computer worms: Dynamic analysis and control strategies
Comput. Math. Appl.
(2011) - et al.
Hopf bifurcation in an Internet worm propagation model with time delay in quarantine
Math. Comput. Modelling
(2013) - et al.
The impact of patch forwarding on the prevalence of computer virus: A theoretical assessment approach
Appl. Math. Model.
(2017) - et al.
A modified SIS model with an infective medium on complex networks and its global stability
Physica A
(2011) - et al.
Investigation of dynamics of a virus-antivirus model in complex network
Physica A
(2016) - et al.
Modeling the dynamics of a network-based model of virus attacks on targeted resources
Commun. Nonlinear Sci. Numer. Simul.
(2016) - et al.
The spread of computer viruses under the influence of removable storage devices
Appl. Math. Comput.
(2012) - et al.
A computer virus model with graded cure rates
Nonlinear Anal.: Real-World Appl.
(2013) - et al.
Epidemics of computer viruses: A complex-network approach
Appl. Math. Comput.
(2013)