Abstract
In this paper, the spreading of malicious software over ad hoc networks, where legitimate nodes are prone to propagate the infections they receive from either an attacker or their already infected neighbors, is analyzed. Considering the Susceptible-Infected-Susceptible (SIS) node infection paradigm we propose a probabilistic model, on the basis of the theory of closed queuing networks, that aims at describing the aggregated behavior of the system when attacked by malicious nodes. Because of its nature, the model is also able to deal more effectively with the stochastic behavior of attackers and the inherent probabilistic nature of the wireless environment. The proposed model is able to describe accurately the asymptotic behavior of malware-propagative large scale ad hoc networking environments. Using the Norton equivalent of the closed queuing network, we obtain analytical results for its steady state behavior, which in turn is used for identifying the critical parameters affecting the operation of the network. Finally, through modeling and simulation, some additional numerical results are obtained with respect to the behavior of the system when multiple attackers are present, and regarding the time-dependent evolution and impact of an attack.
Similar content being viewed by others
References
Peeters J, Dyson P. Cost-effective security. IEEE Security and Privacy Magazine, May-June 2007, 5(3): 85–87.
Pastor-Satorras R, Vespignani A. Epidemics and Immunization in Scale-Free Network. Handbook of Graphs and Networks: From the Genome to the Internet, Bornholdt S, Schuster H (eds.), Berlin: Wiley-VCH, 2002, pp.113–132.
Chen Z, Gao L, Kwiat K. Modeling the spread of active worms. In Proc. 22nd Annual Joint Conference of the IEEE Computer and Communications Societies (INFOCOM), Vol. III, San Francisco, CA, USA, March-April 2003, 1890–1900.
Zou C C, Gong W, Towsley D. Code red worm propagation modeling and analysis. In Proc. the 9th ACM Conference on Computer and Communications Security (CCS), Washington, DC, USA, November 2002, pp.138–147.
Zou C C, Gong W, Towsley D, Gao L. The monitoring and early detection of Internet worms. IEEE/ACM Trans. Networking, October 2005, 13(5): 961–974.
Rohloff K, Basar T. Stochastic behavior of random constant scanning worms. In Proc. the 14th International Conference on Computer Communications and Networks (ICCCN), San Diego, CA, USA, October 2005, pp.339–344.
Garetto M, Gong W, Towsley D. Modeling malware spreading dynamics. In Proc. 22nd Annual Joint Conference of the IEEE Computer and Communications Societies (INFOCOM), Vol. III, San Francisco, CA, USA, March-April 2003, pp.1869–1879.
Ganesh A, Massoulie L, Towsley D. The effect of network topology on the spread of epidemics. In Proc. 24th IEEE Conference on Computer Communications (INFOCOM), Vol. II, Miami, FL, USA, March 2005, pp.1455–1466.
Karyotis V, Papavassiliou S, Grammatikou M, Maglaris B. On the characterization and evaluation of mobile attack strategies in wireless ad hoc networks. In Proc. the 11th IEEE Symposium on Computers and Communications (ISCC 2006), Pula-Cagliari, Sardinia, Italy, June 2006, pp.29–34.
Le Boudec J-Y, Vojnovic M. Perfect simulation and stationarity of a class of mobility models. In Proc. 24th IEEE Conference on Computer Communications (INFOCOM), Vol. IV, Miami, FL, USA, March 2005, pp.2743–2754.
Gilbert E N. Random plane networks. Journal of the Society for Industrial and Applied Mathematics, December 1961, 9(4): 533–543.
Wan P-J, Yi C-W. Asymptotic critical transmission ranges for connectivity in wireless ad hoc networks with Bernoulli nodes. In Proc. the 6th IEEE Wireless Communications and Networking Conference (WCNC), Vol. 4, New Orleans, LA, USA, March 2005, pp.2219–2224.
Karyotis V, Papavassiliou S, Grammatikou M, Maglaris B. A novel framework for mobile attack strategy modeling and vulnerability analysis in wireless ad-hoc networks. International Journal of Security and Networks (IJSN), 2006, 1(3/4): 255–265.
Lazar A A. Optimal control of an M/M/m queue. In Proc. the ACM SIGMETRICS Conference on Measurement and Modeling of Computer Systems, Performance Evaluation Review, College Park, Maryland, USA, April 1982, 11(1): 14–20.
Author information
Authors and Affiliations
Corresponding author
Additional information
This work was partially supported by Greek General Secretariat for Research and Technology of the Ministry of Development (PENED project under Grant No. 03ED840).
Rights and permissions
About this article
Cite this article
Karyotis, V., Kakalis, A. & Papavassiliou, S. Malware-Propagative Mobile Ad Hoc Networks: Asymptotic Behavior Analysis. J. Comput. Sci. Technol. 23, 389–399 (2008). https://doi.org/10.1007/s11390-008-9141-z
Revised:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11390-008-9141-z