Your browser does not support JavaScript!
http://iet.metastore.ingenta.com
1887

access icon free Dynamical model for individual defence against cyber epidemic attacks

  • Author(s): Dingyu Yan 1, 2 ; Feng Liu 1, 2 ; Yaqin Zhang 1, 2 ; Kun Jia 1, 2
    • View affiliations
  • Source: Volume 13, Issue 6, November 2019, p. 541 – 551
    DOI:  10.1049/iet-ifs.2018.5147 , Print ISSN 1751-8709, Online ISSN 1751-8717
© The Institution of Engineering and Technology
Received 20/04/2018, Accepted 05/04/2019, Revised 12/02/2019, Published 09/04/2019

When facing the on-going cyber epidemic threats, individuals usually set up cyber defences to protect their own devices. In general, the individual-level cyber defence is considered to mitigate the cyber threat to some extent. However, few previous studies focus on the interaction between individual-level defence and cyber epidemic attack from the perspective of dynamics. In this study, the authors propose a two-way dynamical framework by coupling the individual defence model with the cyber epidemic model to study the interaction between the network security situation and individual-level defence decision. A new individual-based heterogeneous model for cyber epidemic attacks is established to emphasise the individual heterogeneity in defence strategy. In the meanwhile, a Markov decision process is used to characterise the defence decision in the individual defence decision model. The theoretical and numerical results illustrate that the individual-level defence can dampen the cyber epidemic attack, but the current network security situation, in turn, influences the individual defence decision. Moreover, they obtain a glimpse of the network security situation and the individual defence with respect to different cyber epidemic scenarios.

Inspec keywords: Markov processes; security of data

Other keywords: cyber threat; individual-based heterogeneous model; cyber epidemic scenarios; cyber epidemic model; cyber epidemic attack; defence strategy; individual defence decision model; cyber epidemic threats; individual-level defence decision; cyber defences

Subjects: Data security; Markov processes

References

    1. 1)
      • 35. Van Mieghem, P.: ‘Performance analysis of complex networks and systems’ (Cambridge University Press, Cambridge, UK, 2014).
    2. 2)
      • 10. Yang, R., Kiekintveld, C., Ordóñez, F., et al: ‘Improving resource allocation strategies against human adversaries in security games: an extended study’, Artif. Intell., 2013, 195, pp. 440469.
    3. 3)
      • 32. Zhang, H.-F., Yang, Z., Wu, Z.-X., et al: ‘Braess's paradox in epidemic game: better condition results in less payoff’, Sci. Rep., 2013, 3, p. 3292.
    4. 4)
      • 36. Theys, J.: ‘Joint spectral radius: theory and approximations’. PhD dissertation, Universite Catholique de Louvain, 2005.
    5. 5)
      • 30. Wang, Z., Andrews, M.A., Wu, Z.-X., et al: ‘Coupled disease–behavior dynamics on complex networks: a review’, Phys. Life Rev., 2015, 15, pp. 129.
    6. 6)
      • 7. Van Mieghem, P., Omic, J., Kooij, R.: ‘Virus spread in networks’, IEEE/ACM Trans. Netw., 2009, 17, (1), pp. 114.
    7. 7)
      • 15. Chakrabarti, D., Wang, Y., Wang, C., et al: ‘Epidemic thresholds in real networks’, ACM Trans. Inf. Syst. Secur. (TISSEC), 2008, 10, (4), p. 1.
    8. 8)
      • 25. Maleki, H., Valizadeh, S., Koch, W., et al: ‘Markov modeling of moving target defense games’. Proc. 2016 ACM Workshop on Moving Target Defense, Vienna, Austria, 2016, pp. 8192.
    9. 9)
      • 20. Okhravi, H., Comella, A., Robinson, E., et al: ‘Creating a cyber moving target for critical infrastructure applications’, Int. J. Crit. Infrastruct. Prot., 2012, 5, (1), pp. 3039.
    10. 10)
      • 17. Cai, G.L., Wang, B.S., Wei, H.U., et al: ‘Moving target defense: state of the art and characteristics’, Front. Inf. Technol. Electron. Eng., 2016, 17, (11), pp. 11221153.
    11. 11)
      • 12. Pastor-Satorras, R., Castellano, C., Van Mieghem, P., et al: ‘Epidemic processes in complex networks’, Rev. Mod. Phys., 2015, 87, (3), p. 925.
    12. 12)
      • 19. Luo, Y.B., Wang, B.S., Wang, X.F., et al: ‘RPAH: random port and address hopping for thwarting internal and external adversaries’. IEEE Trustcom/Bigdatase/ISPA, Helsinki, Finland, 2015, pp. 263270.
    13. 13)
      • 3. A. Comparatives: ‘It security survey 2017’, 2017. Available at https://www.av-comparatives.org/wp-content/uploads/2017/01/security_survey2017_en.pdf.
    14. 14)
      • 6. Pastor-Satorras, R., Vespignani, A.: ‘Epidemic spreading in scale-free networks’, Phys. Rev. Lett., 2001, 86, (14), p. 3200.
    15. 15)
      • 31. Fu, F., Rosenbloom, D.I., Wang, L., et al: ‘Imitation dynamics of vaccination behaviour on social networks’, Proc. Biol. Sci., 2011, 278, (1702), p. 42.
    16. 16)
      • 26. Vadlamudi, S.G., Sengupta, S., Taguinod, M., et al: ‘Moving target defense for web applications using Bayesian Stackelberg games’. Proc. 2016 Int. Conf. on Autonomous Agents & Multiagent Systems, Singapore, 2016, pp. 13771378.
    17. 17)
      • 9. Pita, J., John, R., Maheswaran, R., et al: ‘A robust approach to addressing human adversaries in security games’. Proc. 20th European Conf. on Artificial Intelligence, Montpellier, France, 2012, pp. 660665.
    18. 18)
      • 37. Cohen, J.E.: ‘Random evolutions and the spectral radius of a non-negative matrix’, Math. Proc. Camb. Philos. Soc., 1979, 86, (2), pp. 345350.
    19. 19)
      • 33. Kiss, I.Z., Cassell, J., Recker, M., et al: ‘The impact of information transmission on epidemic outbreaks’, Math. Biosci., 2010, 225, (1), pp. 110.
    20. 20)
      • 34. Preciado, V.M., Zargham, M., Enyioha, C., et al: ‘Optimal vaccine allocation to control epidemic outbreaks in arbitrary networks’. 2013 IEEE 52nd Annual Conf. on Decision and Control (CDC), Florence, Italy, 2013, pp. 74867491.
    21. 21)
      • 1. Chen, Q., Bridges, R.A.: ‘Automated behavioral analysis of malware: a case study of Wannacry ransomware’. IEEE Int. Conf. on Machine Learning and Applications, Cancun, Mexico, 2017, pp. 454460.
    22. 22)
      • 28. Fan, W., Du, Z., Fernández, D., et al: ‘Enabling an anatomic view to investigate honeypot systems: a survey’, IEEE Syst. J., 2017, PP, (99), pp. 114.
    23. 23)
      • 39. A. Comparatives: ‘Review of free antivirus software 2017’, 2017, Available at https://www.av-comparatives.org/tests/review-of-free-antivirus-software-2017/.
    24. 24)
      • 29. Nawrocki, M., Wählisch, M., Schmidt, T.C., et al: ‘A survey on honeypot software and data analysis’, 2016, arXiv preprint arXiv:1608.06249.
    25. 25)
      • 24. Han, Y., Lu, W., Xu, S.: ‘Characterizing the power of moving target defense via cyber epidemic dynamics’. Proc. 2014 Symp. and Bootcamp on the Science of Security, Raleigh, USA, 2014, p. 10.
    26. 26)
      • 8. Tambe, M.: ‘Security and game theory: algorithms, deployed systems, lessons learned’ (Cambridge University Press, Cambridge, UK, 2011).
    27. 27)
      • 5. Nowzari, C., Preciado, V.M., Pappas, G.J.: ‘Analysis and control of epidemics: a survey of spreading processes on complex networks’, IEEE Control Syst., 2016, 36, (1), pp. 2646.
    28. 28)
      • 22. Jackson, T., Salamat, B., Homescu, A., et al: ‘Compiler-generated software diversity’, Adv. Inf. Secur., 2011, 54, pp. 7798.
    29. 29)
      • 18. Jafarian, J.H., Al-Shaer, E., Duan, Q.: ‘Openflow random host mutation: transparent moving target defense using software defined networking’. The Workshop on Hot Topics in Software Defined Networks, Helsinki, Finland, 2012, pp. 127132.
    30. 30)
      • 21. Giuffrida, C., Kuijsten, A., Tanenbaum, A.S.: ‘Enhanced operating system security through efficient and fine-grained address space randomization’. Proc. Usenix Security Symp., Bellevue, USA, 2012, p. 40.
    31. 31)
      • 11. Anderson, R.M., May, R.M., Anderson, B.: ‘Infectious diseases of humans: dynamics and control’, Wiley Online Library, vol. 28, 1992.
    32. 32)
      • 13. Kephart, J.O., White, S.R.: ‘Directed-graph epidemiological models of computer viruses’. 1991 IEEE Computer Society Symp. on Research in Security and Privacy Proc., Oakland, USA, 1991, pp. 343359.
    33. 33)
      • 23. Okhravi, H., Hobson, T., Bigelow, D., et al: ‘Finding focus in the blur of moving-target techniques’, IEEE Secur. Priv., 2014, 12, (2), pp. 1626.
    34. 34)
      • 16. Xu, S., Lu, W., Xu, L.: ‘Push-and pull-based epidemic spreading in networks: thresholds and deeper insights’, ACM Trans. Auton. Adapt. Syst. (TAAS), 2012, 7, (3), p. 32.
    35. 35)
      • 38. Stavova, V., Matyas, V., Just, M., et al: ‘Factors influencing the purchase of security software for mobile devices – case study’, Infocommun. J., 2017, 9, (1), pp. 1823.
    36. 36)
      • 2. Ernst and Young: ‘Global information security survey 2015’, 2016. Available at http://www.ey.com/Publication/vwLUAssets/ey-global-information-security-survey-2015/$FILE/ey-global-information-security-survey-2015.pdf.
    37. 37)
      • 27. Campbell, R.M., Padayachee, K., Masombuka, T.: ‘A survey of honeypot research: trends and opportunities’. 10th Int. Conf. for Internet Technology and Secured Transactions (ICITST), London, UK, 2015, pp. 208212.
    38. 38)
      • 14. Wang, Y., Chakrabarti, D., Wang, C., et al: ‘Epidemic spreading in real networks: an eigenvalue viewpoint’. IEEE Proc. 22nd Int. Symp. on Reliable Distributed Systems, Florence, Italy, 2003, pp. 2534.
    39. 39)
      • 4. Castillo-Chavez, C., Brauer, F.: ‘Mathematical models in population biology and epidemiology’ (Springer, New York, 2012).
http://iet.metastore.ingenta.com/content/journals/10.1049/iet-ifs.2018.5147
Loading

Related content

content/journals/10.1049/iet-ifs.2018.5147
pub_keyword,iet_inspecKeyword,pub_concept
6
6
Loading
Print this page
This is a required field
Please enter a valid email address