[go: up one dir, main page]
More Web Proxy on the site http://driver.im/ skip to main content
research-article

Dynamical model for individual defence against cyber epidemic attacks

Published: 01 November 2019 Publication History

Abstract

When facing the on‐going cyber epidemic threats, individuals usually set up cyber defences to protect their own devices. In general, the individual‐level cyber defence is considered to mitigate the cyber threat to some extent. However, few previous studies focus on the interaction between individual‐level defence and cyber epidemic attack from the perspective of dynamics. In this study, the authors propose a two‐way dynamical framework by coupling the individual defence model with the cyber epidemic model to study the interaction between the network security situation and individual‐level defence decision. A new individual‐based heterogeneous model for cyber epidemic attacks is established to emphasise the individual heterogeneity in defence strategy. In the meanwhile, a Markov decision process is used to characterise the defence decision in the individual defence decision model. The theoretical and numerical results illustrate that the individual‐level defence can dampen the cyber epidemic attack, but the current network security situation, in turn, influences the individual defence decision. Moreover, they obtain a glimpse of the network security situation and the individual defence with respect to different cyber epidemic scenarios.

7 References

[1]
Chen, Q., Bridges, R.A.: ‘Automated behavioral analysis of malware: a case study of Wannacry ransomware’. IEEE Int. Conf. on Machine Learning and Applications, Cancun, Mexico, 2017, pp. 454–460
[3]
[4]
Castillo‐Chavez, C., Brauer, F.: ‘Mathematical models in population biology and epidemiology’ (Springer, New York, 2012)
[5]
Nowzari, C., Preciado, V.M., Pappas, G.J.: ‘Analysis and control of epidemics: a survey of spreading processes on complex networks’, IEEE Control Syst., 2016, 36, (1), pp. 26–46
[6]
Pastor‐Satorras, R., Vespignani, A.: ‘Epidemic spreading in scale‐free networks’, Phys. Rev. Lett., 2001, 86, (14), p. 3200
[7]
Van Mieghem, P., Omic, J., Kooij, R.: ‘Virus spread in networks’, IEEE/ACM Trans. Netw., 2009, 17, (1), pp. 1–14
[8]
Tambe, M.: ‘Security and game theory: algorithms, deployed systems, lessons learned’ (Cambridge University Press, Cambridge, UK, 2011)
[9]
Pita, J., John, R., Maheswaran, R. et al: ‘A robust approach to addressing human adversaries in security games’. Proc. 20th European Conf. on Artificial Intelligence, Montpellier, France, 2012, pp. 660–665
[10]
Yang, R., Kiekintveld, C., Ordóñez, F. et al: ‘Improving resource allocation strategies against human adversaries in security games: an extended study’, Artif. Intell., 2013, 195, pp. 440–469
[11]
Anderson, R.M., May, R.M., Anderson, B.: ‘Infectious diseases of humans: dynamics and control’, Wiley Online Library, vol. 28, 1992
[12]
Pastor‐Satorras, R., Castellano, C., Van Mieghem, P. et al: ‘Epidemic processes in complex networks’, Rev. Mod. Phys., 2015, 87, (3), p. 925
[13]
Kephart, J.O., White, S.R.: ‘Directed‐graph epidemiological models of computer viruses’. 1991 IEEE Computer Society Symp. on Research in Security and Privacy Proc., Oakland, USA, 1991, pp. 343–359
[14]
Wang, Y., Chakrabarti, D., Wang, C. et al: ‘Epidemic spreading in real networks: an eigenvalue viewpoint’. IEEE Proc. 22nd Int. Symp. on Reliable Distributed Systems, Florence, Italy, 2003, pp. 25–34
[15]
Chakrabarti, D., Wang, Y., Wang, C. et al: ‘Epidemic thresholds in real networks’, ACM Trans. Inf. Syst. Secur. (TISSEC), 2008, 10, (4), p. 1
[16]
Xu, S., Lu, W., Xu, L.: ‘Push‐and pull‐based epidemic spreading in networks: thresholds and deeper insights’, ACM Trans. Auton. Adapt. Syst. (TAAS), 2012, 7, (3), p. 32
[17]
Cai, G.L., Wang, B.S., Wei, H.U. et al: ‘Moving target defense: state of the art and characteristics’, Front. Inf. Technol. Electron. Eng., 2016, 17, (11), pp. 1122–1153
[18]
Jafarian, J.H., Al‐Shaer, E., Duan, Q.: ‘Openflow random host mutation: transparent moving target defense using software defined networking’. The Workshop on Hot Topics in Software Defined Networks, Helsinki, Finland, 2012, pp. 127–132
[19]
Luo, Y.B., Wang, B.S., Wang, X.F. et al: ‘RPAH: random port and address hopping for thwarting internal and external adversaries’. IEEE Trustcom/Bigdatase/ISPA, Helsinki, Finland, 2015, pp. 263–270
[20]
Okhravi, H., Comella, A., Robinson, E. et al: ‘Creating a cyber moving target for critical infrastructure applications’, Int. J. Crit. Infrastruct. Prot., 2012, 5, (1), pp. 30–39
[21]
Giuffrida, C., Kuijsten, A., Tanenbaum, A.S.: ‘Enhanced operating system security through efficient and fine‐grained address space randomization’. Proc. Usenix Security Symp., Bellevue, USA, 2012, p. 40
[22]
Jackson, T., Salamat, B., Homescu, A. et al: ‘Compiler‐generated software diversity’, Adv. Inf. Secur., 2011, 54, pp. 77–98
[23]
Okhravi, H., Hobson, T., Bigelow, D. et al: ‘Finding focus in the blur of moving‐target techniques’, IEEE Secur. Priv., 2014, 12, (2), pp. 16–26
[24]
Han, Y., Lu, W., Xu, S.: ‘Characterizing the power of moving target defense via cyber epidemic dynamics’. Proc. 2014 Symp. and Bootcamp on the Science of Security, Raleigh, USA, 2014, p. 10
[25]
Maleki, H., Valizadeh, S., Koch, W. et al: ‘Markov modeling of moving target defense games’. Proc. 2016 ACM Workshop on Moving Target Defense, Vienna, Austria, 2016, pp. 81–92
[26]
Vadlamudi, S.G., Sengupta, S., Taguinod, M. et al: ‘Moving target defense for web applications using Bayesian Stackelberg games’. Proc. 2016 Int. Conf. on Autonomous Agents & Multiagent Systems, Singapore, 2016, pp. 1377–1378
[27]
Campbell, R.M., Padayachee, K., Masombuka, T.: ‘A survey of honeypot research: trends and opportunities’. 10th Int. Conf. for Internet Technology and Secured Transactions (ICITST), London, UK, 2015, pp. 208–212
[28]
Fan, W., Du, Z., Fernández, D. et al: ‘Enabling an anatomic view to investigate honeypot systems: a survey’, IEEE Syst. J., 2017, PP, (99), pp. 1–14
[29]
Nawrocki, M., Wählisch, M., Schmidt, T.C. et al: ‘A survey on honeypot software and data analysis’, 2016, arXiv preprint arXiv:1608.06249
[30]
Wang, Z., Andrews, M.A., Wu, Z.‐X. et al: ‘Coupled disease–behavior dynamics on complex networks: a review’, Phys. Life Rev., 2015, 15, pp. 1–29
[31]
Fu, F., Rosenbloom, D.I., Wang, L. et al: ‘Imitation dynamics of vaccination behaviour on social networks’, Proc. Biol. Sci., 2011, 278, (1702), p. 42
[32]
Zhang, H.‐F., Yang, Z., Wu, Z.‐X. et al: ‘Braess's paradox in epidemic game: better condition results in less payoff’, Sci. Rep., 2013, 3, p. 3292
[33]
Kiss, I.Z., Cassell, J., Recker, M. et al: ‘The impact of information transmission on epidemic outbreaks’, Math. Biosci., 2010, 225, (1), pp. 1–10
[34]
Preciado, V.M., Zargham, M., Enyioha, C. et al: ‘Optimal vaccine allocation to control epidemic outbreaks in arbitrary networks’. 2013 IEEE 52nd Annual Conf. on Decision and Control (CDC), Florence, Italy, 2013, pp. 7486–7491
[35]
Van Mieghem, P.: ‘Performance analysis of complex networks and systems’ (Cambridge University Press, Cambridge, UK, 2014)
[36]
Theys, J.: ‘Joint spectral radius: theory and approximations’. PhD dissertation, Universite Catholique de Louvain, 2005
[37]
Cohen, J.E.: ‘Random evolutions and the spectral radius of a non‐negative matrix’, Math. Proc. Camb. Philos. Soc., 1979, 86, (2), pp. 345–350
[38]
Stavova, V., Matyas, V., Just, M. et al: ‘Factors influencing the purchase of security software for mobile devices – case study’, Infocommun. J., 2017, 9, (1), pp. 18–23
[39]
A. Comparatives : ‘Review of free antivirus software 2017’, 2017, Available at https://www.av‐comparatives.org/tests/review‐of‐free‐antivirus‐software‐2017/

Recommendations

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image IET Information Security
IET Information Security  Volume 13, Issue 6
November 2019
192 pages
EISSN:1751-8717
DOI:10.1049/ise2.v13.6
Issue’s Table of Contents

Publisher

John Wiley & Sons, Inc.

United States

Publication History

Published: 01 November 2019

Author Tags

  1. security of data
  2. Markov processes

Author Tags

  1. cyber epidemic attack
  2. defence strategy
  3. individual defence decision model
  4. cyber epidemic threats
  5. cyber defences
  6. cyber threat
  7. cyber epidemic model
  8. individual‐level defence decision
  9. individual‐based heterogeneous model
  10. cyber epidemic scenarios

Qualifiers

  • Research-article

Contributors

Other Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

  • 0
    Total Citations
  • 0
    Total Downloads
  • Downloads (Last 12 months)0
  • Downloads (Last 6 weeks)0
Reflects downloads up to 13 Dec 2024

Other Metrics

Citations

View Options

View options

Media

Figures

Other

Tables

Share

Share

Share this Publication link

Share on social media