Seeking Best-Balanced Patch-Injecting Strategies through Optimal Control Approach

Huang, Kaifan; Li, Pengdeng; Yang, Lu-Xing; Yang, Xiaofan; Tang, Yuan Yan

doi:https://doi.org/10.1155/2019/2315627

Security and Communication Networks

On this page

Abstract Introduction Related Work Data Availability Conflicts of Interest Acknowledgments References Copyright Related Articles

Special Issue

Analytical Models and Decision Making in Adaptive Security

View this Special Issue

Research Article | Open Access

Volume 2019 | Article ID 2315627 | https://doi.org/10.1155/2019/2315627

Seeking Best-Balanced Patch-Injecting Strategies through Optimal Control Approach

Kaifan Huang,¹Pengdeng Li,¹Lu-Xing Yang,²Xiaofan Yang,¹and Yuan Yan Tang³

Guest Editor: Akbar S. Namin

Received28 Feb 2019

Revised04 May 2019

Accepted22 May 2019

Published10 Jun 2019

Abstract

To restrain escalating computer viruses, new virus patches must be constantly injected into networks. In this scenario, the patch-developing cost should be balanced against the negative impact of virus. This article focuses on seeking best-balanced patch-injecting strategies. First, based on a novel virus-patch interactive model, the original problem is reduced to an optimal control problem, in which (a) each admissible control stands for a feasible patch-injecting strategy and (b) the objective functional measures the balance of a feasible patch-injecting strategy. Second, the solvability of the optimal control problem is proved, and the optimality system for solving the problem is derived. Next, a few best-balanced patch-injecting strategies are presented by solving the corresponding optimality systems. Finally, the effects of some factors on the best balance of a patch-injecting strategy are examined. Our results will be helpful in defending against virus attacks in a cost-effective way.

1. Introduction

Computer networks bring huge convenience to our work and life [1, 2]. Meanwhile, digital viruses can propagate rapidly through computer networks, posing a severe threat to human society. For example, Wanna Decryptor, the notorious ransomware, has recently swept across the globe, leading to massive computer paralysis [3]. Consequently, the problem of how to mitigate the negative impact of computer virus in a cost-effective way has long been a hotspot of research in the field of cyber security [4].

To restrain evolving computer viruses, new virus patches must be constantly injected into networks. In this scenario, there is an obvious conflict between the patch-developing cost and the impact of virus; reducing the former would increase the latter, whereas mitigating the latter would enhance the former. Therefore, the patch-developing cost should be balanced against the impact of virus. We refer to a dynamic patch-injecting strategy that achieves the best balance between the two aspects as a best-balanced patch-injecting strategy, and we refer to the problem of seeking best-balanced patch-injecting strategies as the virus-patch tradeoff (VPT) problem. Solving the VPT problem would be helpful in defending against virus attacks in a cost-effective way.

This article addresses the VPT problem. First, based on a novel virus-patch interactive model, the original problem is reduced to an optimal control problem which we refer to as the VPT control problem, in which (a) each admissible control stands for a feasible patch-injecting strategy and (b) the objective functional measures the balance of a feasible patch-injecting strategy. Second, the solvability of the VPT control problem is shown, and the optimality system for solving the VPT control problem is derived. Next, a few best-balanced patch-injecting strategies are given by solving the corresponding optimality systems. Finally, the effects of some factors on the best balance of a patch-injecting strategy are examined.

The remaining materials are organized in this fashion: Section 2 reviews the related work. Sections 3 and 4 establish and solve the VPT control problem, respectively. Section 5 illustrates how to solve the VPT control problem, and Section 6 examines the effects of some factors on the best balance. This work is summarized by Section 7.

In order to solve the VPT problem, the expected total loss of all network users resulting from a patch-injecting strategy must be estimated [5, 6]. As this quantity relies on the expected network states at all times, we need to characterize the evolutionary process of the expected network state. The resulting evolutionary model is essentially a propagation model that captures the interactive propagation of viruses and patches [7, 8]. In the available literature, propagation models of this kind are referred to as Susceptible-Infected-Patched-Susceptible (SIPS) models.

Compartmental propagation models are propagation models in which all nodes of the same state are classified as a class, with the goal of understanding the evolutionary trend of the size or fraction of each class [9]. Compartmental models are suited to capturing propagation phenomena occurring on homogeneously mixed networks but fail to characterize propagation phenomena occurring on highly heterogeneous networks. The compartmental SIPS models proposed in [10–13] take patch forwarding into account but leave patch injection out of consideration. Very recently, [14] proposed a compartmental SIPS model with static patch-injecting mechanism and thereby assessed the effectiveness of patch injection.

Node-level propagation models are propagation models in which each node is regarded as a separate class, with the goal of gaining insight into the evolutionary trend of the expected network state [15, 16]. One striking advantage of node-level propagation models is that they can accurately characterize propagation phenomena occurring on arbitrary networks. With the progress of wireless and mobile communication technologies, most existing computer networks admit an irregular topology [17–19]. As a result, a number of node-level computer virus propagation models have been advised [20–25]. In particular, [26] introduced a node-level SIPS model with no patch injection. Recently, [27] proposed a node-level SIPS model with dynamic patch-injecting mechanism and thereby addressed a problem that is something like the VPT problem through differential game approach. In our opinion, this work has two weaknesses: (i) It is assumed that the network defender is aware of the total attack budget of all relevant cyber malefactors. However, in practice the budget is usually unknown to the defender. (ii) It is assumed that new patches can be injected into any network node. Due to the limited network bandwidth, in practice new patches are typically injected into a small subset of nodes and then forwarded to the unpatched nodes [28].

Optimal control theory [29, 30] provides a powerful tool for studying the problem of how to contain the prevalence of computer virus in a cost-effective way [31–35]. In view of the defects of the research approach used in [27], in this paper we deal with the VPT problem through optimal control approach. For this purpose, we propose a novel node-level SIPS model with dynamic patch-injecting mechanism, where new patches can be injected into only a small subset of nodes. Thereby, we accurately estimate the expected total loss of all network users. On this basis, we reduce the VPT problem to an optimal control problem and then solve the problem by means of optimal control theory. Our optimal control model is promising, because, by collecting and analyzing the relevant actual data, the model parameters can be estimated quite accurately.

3. The Modeling of the VPT Problem

This section is devoted to the modeling of the VPT problem. First, we introduce basic terms and notations. Second, we establish a node-level SIPS model. Finally, we model the VPT problem as an optimal control problem.

3.1. Terms and Notations

Consider a computer network with nodes labeled through . Let denote the topology of the network, i.e., , and each edge stands for a communication link between the two endpoints. Let denote the adjacency matrix of , i.e, or 0 according as or not. Suppose new computer viruses can be injected into any node of the network and can propagate over the network, and suppose new virus patches can be injected into only the node subset of the network and can be forwarded to other nodes through the network.

Consider the finite time horizon . Assume each and every node of the network is in one of three possible states: susceptible, infected, and patched. Susceptible nodes are nodes that are not infected with any virus but have not received the newest patch. This implies these nodes are vulnerable to new viruses. Infected nodes are nodes that are infected with some virus. Patched nodes are nodes that are not infected with any virus and have received the newest patch. This implies that these nodes possess temporary immunity to new viruses. Let , 1, and 2 denote that the node is susceptible, infected, and patched at time , respectively. Then the state of the network at time can be characterized by the vectorLet , , and denote the probabilities of the node being susceptible, infected, and patched at time , respectively.Since , the expected state of the network at time can be characterized by the vector

3.2. A Virus-Patch Interactive Model

In order to establish a virus-patch interactive model, we introduce a set of assumptions as follows.(A₁)Due to virus injection, each susceptible node gets infected at the average rate which we refer to as the virus injection rate.(A₂)Due to virus propagation, the susceptible node gets infected at time at the average rate , where is a constant which we refer to as the virus propagation rate.(A₃)Due to patch injection, each unpatched node in gets patched at time at the average rate which we refer to as the patch injection rate at time .(A₄)Due to patch forwarding, the unpatched node gets patched at time at the average rate , where is a constant which we refer to as the patch forwarding rate.(A₅)Due to appearance of new viruses, each patched node becomes susceptible at the average rate which we refer to as the patch failure rate.

Remark 1. The virus injection rate, the virus propagation rate, the patch forwarding rate, and the patch failure rate can be estimated accurately by collecting and analyzing the relevant historical data. All patch injection rates are under control of the network defender.

Figure 1 shows the above assumptions schematically.

(a)

(b)

Based on the above assumptions, the expected network state evolves over time according to the following differential dynamical system: This is a novel SIPS model, which can be written in matrix-vector notation as

3.3. The Modeling of the VPT Problem

The function defined by , , is under control of the network defender. We refer to the function as a patch-injecting strategy. Let denote the set of all Lebesgue integrable functions defined on the interval [36]. Henceforth, we assume the set of all allowable patch-injecting strategies is We refer to as the minimum allowable patch injection rate, as the maximum allowable patch injection rate.

Let denote the cost per unit time at time for patch developing. Obviously, is increasing with . In this paper we simply assume that is linearly proportional to . That is, , where is a constant which we refer to as the cost coefficient. As a result, the total patch-developing cost is units.

Remark 2. In practice, may be dependent on in a more complex way. For example, may be proportional to the square of . That is, , where is a constant. If this is the case, the total patch-developing cost would be units. The exact form in which depends on is yet to be determined through analysis of massive actual data. Nevertheless, our research approach can easily be applied to any other dependence relationship.

On the other hand, we assume that the average loss per unit time caused by the infected node is unit. Then, the expected total loss of all network users is units. Let . Therefore, we get a measure of the balance of a patch-injecting strategy as follows.

By combining the above discussions, the VPT problem is reduced to the following optimal control problem:We refer to the optimal control problem as the VPT control problem. In this problem, each admissible control stands for a feasible patch-injecting strategy, and the objective functional measures the balance of a feasible patch-injecting strategy. Each instance of the VPT control problem is given by the 11-tuple

4. Theoretical Study of the VPT Control Problem

This section is dedicated to the theoretical study of the VPT control problem. First, we show that the problem is solvable. Second, we present a method for solving this problem.

4.1. Solvability

Let . We have the following lemma [30].

Lemma 3. The VPT game problem (8) admits an optimal control if the following five conditions are met.(C₁) is closed and convex.(C₂)There is such that the differential system is solvable.(C₃) is bounded by a linear function in .(C₄) is concave on .(C₅) for some , and .

The solvability of the VPT control problem is guaranteed by the following theorem.

Theorem 4. The VPT control problem (8) admits an optimal control.

Proof. (a) Let be a limit point of . Then there is a sequence of points in , denoted , that approaches . As is complete [36], we get that . As , we get that . So, is closed. (b) Let , . . As is a real vector space [36], we have . As , we get that . So, is convex. (c) As is continuously differentiable, it follows from Continuation Theorem for Differential Systems [37] that the differential system is solvable. (d) Obviously, for , for , (e) Let , . As we get that is convex with respect to . (f) Obviously, . Hence, the five conditions in Lemma 3 are met. By Lemma 3, the VPT control problem admits an optimal control.
This theorem implies that the VPT problem admits a best-balanced patch-injecting strategy.

4.2. The Optimality System

According to optimal control theory [29], when the solvability of an optimal control problem is guaranteed, we may solve the problem by solving the optimality system associated with the problem. Now, let us derive the optimality system associated with the VPT control problem (8). The associated Hamiltonian iswhere is the adjoint.

The following result is a necessary condition for the optimal control of the VPT control problem.

Theorem 5. Suppose is an optimal control for the VPT control problem (8). Let be the solution to the differential system (5). Then there exists with such that

Proof. According to Pontryagin Minimum Principle [29], there exists such that Thus, the first equations in the system (14) follow by direct calculations. As the terminal cost is unspecified and the final state is free, the transversality condition holds true. Again by Pontryagin Minimum Principle, we have The last equation in the system (14) follows by direct calculations.
The optimality system associated with the VPT control problem (8) consists of the system (5), the system (14), and . In practice, we may apply the well-known Forward-Backward Euler Scheme [38] to solve the optimality system.

5. Examples of Best-Balanced Patch-Injecting Strategy

In this section, we present a few best-balanced patch-injecting strategies by solving the corresponding instances of the VPT control problem. For comparative purpose, for the VPT control problem (8) and the admissible control , we define the cumulative balance function asObviously, . For convenience, let denote an all-one row vector with appropriate number of dimensions.

Small-world networks are networks with small diameter and high clustering coefficient [39]. By invoking Pajek [40], the well-known social network analysis software, we get a synthetic small-world network , which is plotted in Figure 2, where the patch injection subset consists of the red nodes.

Example 1. Consider the following instance of the VPT control problem: By solving the corresponding optimality system, we get an optimal control, which is depicted in Figure 3(a). Figure 3(b) plots the cumulative balance functions for the optimal control and three static controls, from which it is seen that the optimal control is superior to these static controls in terms of the balance.

(a)

(b)

Scale-free networks are networks with power-law degree distribution [41]. Again by invoking Pajek, we get a synthetic scale-free network , which is portrayed in Figure 4, where the patch injection subset consists of the red nodes.

Example 2. Consider the following instance of the VPT control problem: By solving the corresponding optimality system, we get an optimal control, which is exhibited in Figure 5(a). Figure 5(b) plots the cumulative balance functions for the optimal control and three static controls, from which it is seen that the optimal control outperforms these static controls in terms of the balance.

(a)

(b)

Figure 6 exhibits a real-world email network , which comes from [42]. Here, the patch injection subset consists of the red nodes.

Example 3. Consider the following instance of the VPT control problem: By solving the corresponding optimality system, we get an optimal control, which is shown in Figure 7(a). Figure 7(b) plots the cumulative balance functions for the optimal control and three static controls, from which it is seen that the optimal control overmatches these static controls in terms of the balance.

(a)

(b)

We conclude from the above examples that a best-balanced patch-injecting strategy first stays at the maximum allowable patch injection rate, then sharply jumps to the minimum allowable patch injection rate, and finally stays at this rate.

6. Further Discussions

In this section, we examine the effects of some factors on the best balance of a patch-injecting strategy. For convenience, let denote a best-balanced patch-injecting strategy, the corresponding balance.

6.1. The Effects of the Four Rates

First, we inspect the effect of the four rates, , , , and , on the best balance.

Experiment 6. Consider the following instances of the VPT control problem: where , . Figure 8 exhibits the best balances of these instances.

It is concluded from this experiment that is increasing with . As a result, the best balance can be improved by persuading the network users not to install suspicious software.

Experiment 7. Consider the following instances of the VPT control problem: where , . Figure 9 displays the best balances of these instances.

It is concluded from this experiment that is increasing with . Again, this conclusion demonstrates that warning the network users not to install suspicious software would improve the best balance.

Experiment 8. Consider the following instances of the VPT control problem: where , . Figure 10 exhibits the best balances of these instances.

It is concluded from this experiment that is decreasing with . Therefore, the best balance can be improved by reminding the network users of timely installing new patches.

Experiment 9. Consider the following instances of the VPT control problem: where , . Figure 11 exhibits the best balances of these instances.

It is concluded from this experiment that is increasing with . It follows that the best balance can be improved by developing patches that can defend against future viruses.

6.2. The Effects of the Two Bounds

Second, let us investigate the effects of the minimum allowable patch injection rate and the maximum allowable patch injection rate on the best balance.

Experiment 10. Consider the following instances of the VPT control problem: where , . Figure 12 exhibits the best balances of these instances.

(a)

(b)

(c)

It is concluded from this experiment that is increasing with and is decreasing with . In practice, we should reduce the lowest allowable patch injection rate and enhance the highest allowable patch injection rate to achieve a better balance.

7. Concluding Remarks

Virus patches play an important role in restraining computer viruses. This paper has addressed the problem of seeking patch-injecting strategies that achieve the best balance between the patch-developing cost and the impact of virus. The problem has been reduced to an optimal control problem, and a scheme for solving the optimal control problem has been presented. Finally, the effects of some factors on the best balance of a patch-injecting strategy have been examined.

Some relevant problems are yet to be resolved. First, the problem of how to select a given number of patch injection nodes so that the balance is optimized is worth study. Second, in this article it is assumed that the patch propagation rate is fixed. In practice, the network defender may change this rate flexibly through rewriting the communication protocol. In this situation, we will face a new and more complex balance problem. Next, in this article the virus injection rate is assumed to be fixed. In reality, the virus maker may flexibly change the rate to avoid detection. In this context, it is appropriate to deal with the balance problem through game-theoretic approach [43–46]. Finally, the research approach used in this article may be applied to some other areas such as cloud security [47, 48] and Internet of Things security [49].

Data Availability

The data used to support the findings of this study are included within the article.

Conflicts of Interest

The authors declare that they have no conflicts of interest.

Acknowledgments

This work was funded by National Natural Science Foundation of China (Grant No. 61572006), Chongqing Basic Research and Front Exploration Project (Grant No. cstc2018jcyjA3093), and Australian Research Council (Grant No. LP170100458).

References

T. J. OLeary and L. I. OLeary, “Computing essentials 2014 complete edition, making it work for you,” in Computing Essentials 2014 Complete Edition, Making it Work for You, McGraw-Hill Education, 2014.
View at: Google Scholar
D. Comer, Computer Networks and Internets, Pearson, 6th edition, 2014.
S. Mohurle and M. Patil, “A brief study of wannacry threat: ransomware attack 2017,” International Journal of Advanced Research in Computer Science, vol. 8, no. 5, pp. 1938–1940, 2017.
View at: Publisher Site | Google Scholar
P. Szor, The Art of Computer Virus Research and Defense, Addison-Wesley Education, 2005.
View at: Publisher Site
J. Freund and J. Jones, Measuring and Managing Information Risk: A Fair Approach, Butterworth-Heinemann, 1st edition, 2014.
D. W. Hubbard and R. Seiersen, How to Measure Anything in Cybersecurity Risk, John Wiley & Sons, Inc., Hoboken, NJ, USA, 1st edition, 2016.
View at: Publisher Site
L. C. Chen and K. M. Carley, “The impact of countermeasure propagation on the prevalence of computer viruses,” IEEE Transactions on Systems, Man, and Cybernetics, Part B: Cybernetics, vol. 34, no. 2, pp. 823–833, 2004.
View at: Publisher Site | Google Scholar
J. Goldenberg, Y. Shavitt, E. Shir, and S. Solomon, “Distributive immunization of networks against viruses using the “honey-pot” architecture,” Nature Physics, vol. 1, no. 3, pp. 184–188, 2005.
View at: Publisher Site | Google Scholar
N. F. Britton, Essential Mathematical Biology, Springer Undergraduate Mathematics Series, Springer, 2003.
View at: MathSciNet
L.-X. Yang and X. Yang, “The effect of infected external computers on the spread of viruses: a compartment modeling study,” Physica A: Statistical Mechanics and its Applications, vol. 392, no. 24, pp. 6523–6535, 2013.
View at: Publisher Site | Google Scholar | MathSciNet
A. K. Misra, M. Verma, and A. Sharma, “Capturing the interplay between malware and anti-malware in a computer network,” Applied Mathematics and Computation, vol. 229, pp. 340–349, 2014.
View at: Publisher Site | Google Scholar
L.-X. Yang and X. Yang, “A novel virus-patch dynamic model,” PLoS ONE, vol. 10, no. 9, Article ID e0137858, 2015.
View at: Publisher Site | Google Scholar
B. Liu and C. Li, “A new virus-antivirus spreading model,” in Proceedings of International Symposium on Neural Networks (ISNN2015), pp. 481–488, Springer, 2015.
View at: Publisher Site | Google Scholar | MathSciNet
D.-W. Huang, L.-X. Yang, X. Yang, Y. Wu, and Y. Y. Tang, “Towards understanding the effectiveness of patch injection,” Physica A: Statistical Mechanics and its Applications, vol. 526, p. 120956, 2019.
View at: Publisher Site | Google Scholar | MathSciNet
P. Van Mieghem, J. Omic, and R. Kooij, “Virus spread in networks,” IEEE/ACM Transactions on Networking, vol. 17, no. 1, pp. 1–14, 2009.
View at: Publisher Site | Google Scholar
P. Van Mieghem, “The N-intertwined SIS epidemic network model,” Computing, vol. 93, no. 2, pp. 147–169, 2011.
View at: Publisher Site | Google Scholar | MathSciNet
I. Stojmenovic, Handbook of Wireless Networks and Mobile Computing, John Wiley & Sons, 2002.
A. Boukerche, Handbook of Algorithms for Wireless Networking and Mobile Computing, Taylor & Francis, 2006.
J. Rodriguez, Fundamentals of 5G Mobile Networks, John Wiley & Sons, 2015.
S. Xu, W. Lu, and Z. Zhan, “A stochastic model of multivirus dynamics,” IEEE Transactions on Dependable and Secure Computing, vol. 9, no. 1, pp. 30–45, 2012.
View at: Publisher Site | Google Scholar
S. Xu, W. Lu, and L. Xu, “Push- and pull-based epidemic spreading in networks: thresholds and deeper insights,” ACM Transactions on Autonomous and Adaptive Systems (TAAS), vol. 7, no. 32, 2012.
View at: Publisher Site | Google Scholar
S. Xu, W. Lu, L. Xu, and Z. Zhan, “Adaptive epidemic dynamics in networks: Thresholds and control,” ACM Transactions on Autonomous and Adaptive Systems (TAAS), vol. 8, no. 4, article no. 19, 2014.
View at: Publisher Site | Google Scholar
L.-X. Yang, M. Draief, and X. Yang, “The impact of the network topology on the viral prevalence: a node-based approach,” PLoS ONE, vol. 10, no. 7, article e0134507, 2015.
View at: Publisher Site | Google Scholar
L. X. Yang, M. Draief, and X. Yang, “Heterogeneous virus propagation in networks: a theoretical study,” Mathematical Methods in the Applied Sciences, vol. 40, pp. 1396–1413, 2016.
View at: Publisher Site | Google Scholar
L.-X. Yang, X. Yang, and Y. Yan Tang, “A bi-virus competing spreading model with generic infection rates,” IEEE Transactions on Network Science and Engineering, vol. 5, no. 1, pp. 2–13, 2017.
View at: Publisher Site | Google Scholar
L.-X. Yang, X. Yang, and Y. Wu, “The impact of patch forwarding on the prevalence of computer virus: a theoretical assessment approach,” Applied Mathematical Modelling, vol. 43, pp. 110–125, 2017.
View at: Publisher Site | Google Scholar | MathSciNet
L. Yang, P. Li, X. Yang, Y. Xiang, and W. Zhou, “A differential game approach to patch injection,” IEEE Access, vol. 6, pp. 58924–58938, 2018.
View at: Publisher Site | Google Scholar
J. Balthrop, S. Forrest, M. E. J. Newman, and M. M. Williamson, “Technological networks and the spread of computer viruses,” Computer Science, vol. 304, no. 5670, pp. 527–529, 2004.
View at: Publisher Site | Google Scholar
E. K. Donald, Optimal Control Theory: An Introduction, Dover Publications, 2012.
D. Liberzon, Calculus of Variations and Optimal Control Theory: A Concise Introduction, Princeton University Press, Princeton, NJ, USA, 2012.
View at: MathSciNet
L. Chen, K. Hattaf, and J. T. Sun, “Optimal control of a delayed SLBS computer virus model,” Physica A: Statistical Mechanics and its Applications, vol. 427, pp. 244–250, 2015.
View at: Publisher Site | Google Scholar | MathSciNet
L.-X. Yang, M. Draief, and X. Yang, “The optimal dynamic immunization under a controlled heterogeneous node-based SIRS model,” Physica A: Statistical Mechanics and its Applications, vol. 450, pp. 403–415, 2016.
View at: Publisher Site | Google Scholar | MathSciNet
Y. Pei, H. Pei, X. Liang, and M. Zhu, “Optimal control of a computer virus model with network attacks,” Communications in Mathematical Biology and Neuroscience, vol. 2016, Article ID 17, 2016.
View at: Google Scholar
T. Zhang, L.-X. Yang, X. Yang, Y. Wu, and Y. Y. Tang, “Dynamic malware containment under an epidemic model with alert,” Physica A: Statistical Mechanics and its Applications, vol. 470, pp. 249–260, 2017.
View at: Publisher Site | Google Scholar | MathSciNet
J. Bi, X. Yang, Y. Wu, Q. Xiong, J. Wen, and Y. Y. Tang, “On the optimal dynamic control strategy of disruptive computer virus,” Discrete Dynamics in Nature and Society, vol. 2017, Article ID 8390784, 2017.
View at: Publisher Site | Google Scholar | MathSciNet
E. M. Stein and R. Shakarchi, Real Analysis: Measure Theory, Integration, Hilbert Spaces, Princeton University Press, Princeton, NJ, Texas, 2005.
View at: MathSciNet
R. C. Robinson, An Introduction to Dynamical Systems: Continuous and Discrete, Prentice Hall, New York, NY, USA, 2004.
View at: MathSciNet
K. E. Atkinson, W. Han, and D. Stewart, Numerical Solution of Ordinary Differential Equations, John Wiley & Sons, 2009.
View at: Publisher Site | MathSciNet
D. J. Watts and S. H. Strogatz, “Collective dynamics of “small-world” networks,” Nature, vol. 393, no. 6684, pp. 440–442, 1998.
View at: Publisher Site | Google Scholar | MathSciNet
W. de Nooy, A. Mrvar, and V. Batagelj, Exploratory Social Network Analysis with Pajek, Cambridge University Press, Cambridge, UK, 2005.
View at: Publisher Site
A. Barabasi and R. Albert, “Emergence of scaling in random networks,” Science, vol. 286, no. 5439, pp. 509–512, 1999.
View at: Publisher Site | Google Scholar | MathSciNet
http://konect.uni-koblenz.de/networks/arenas-email.
View at: Publisher Site
M. J. Osborne, An Introduction to Game Theory, Oxford University Press, 2003.
T. Alpcan and T. Başar, Network Security: A Decision and Game-Theoretic Approach, Cambridge University Press, Cambridge, UK, 2010.
View at: MathSciNet
L. Yang, P. Li, Y. Zhang, X. Yang, Y. Xiang, and W. Zhou, “Effective repair strategy against advanced persistent threat: a differential game approach,” IEEE Transactions on Information Forensics and Security, vol. 14, no. 7, pp. 1713–1728, 2019.
View at: Publisher Site | Google Scholar
L. Yang, P. Li, X. Yang, and Y. Tang, “A risk management approach to defending against the advanced persistent threat,” IEEE Transactions on Dependable and Secure Computing, pp. 1–1, 2018.
View at: Publisher Site | Google Scholar
M. A. Khan, “A survey of security issues for cloud computing,” Journal of Network and Computer Applications, vol. 71, pp. 11–29, 2016.
View at: Publisher Site | Google Scholar
A. Singh and K. Chatterjee, “Cloud security issues and challenges: A survey,” Journal of Network and Computer Applications, vol. 79, pp. 88–115, 2017.
View at: Publisher Site | Google Scholar
F. A. Alaba, M. Othman, I. A. T. Hashem, and F. Alotaibi, “Internet of things security: a survey,” Journal of Network and Computer Applications, vol. 88, pp. 10–28, 2017.
View at: Publisher Site | Google Scholar

Copyright

Copyright © 2019 Kaifan Huang et al. This is an open access article distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.

PDF Download Citation

Download other formats

Order printed copies

Views

599

Downloads

946

Citations

Security and Communication Networks

Analytical Models and Decision Making in Adaptive Security

Seeking Best-Balanced Patch-Injecting Strategies through Optimal Control Approach

Abstract

1. Introduction

2. Related Work

3. The Modeling of the VPT Problem

3.1. Terms and Notations

3.2. A Virus-Patch Interactive Model

3.3. The Modeling of the VPT Problem

4. Theoretical Study of the VPT Control Problem

4.1. Solvability

4.2. The Optimality System

5. Examples of Best-Balanced Patch-Injecting Strategy

6. Further Discussions

6.1. The Effects of the Four Rates

6.2. The Effects of the Two Bounds

7. Concluding Remarks

Data Availability

Conflicts of Interest

Acknowledgments

References

Copyright