Abstract | ||
---|---|---|
Network security is an important task of network management. One threat to network security is malware (malicious software) propagation. One type of malware is called topological scanning that spreads based on topology information. The focus of this work is on modeling the spread of topological malwares, which is important for understanding their potential damages, and for developing countermeasures to protect the network infrastructure. Our model is motivated by probabilistic graphs, which have been widely investigated in machine learning. We first use a graphical representation to abstract the propagation of malwares that employ different scanning methods. We then use a spatial-temporal random process to describe the statistical dependence of malware propagation in arbitrary topologies. As the spatial dependence is particularly difficult to characterize, the problem becomes how to use simple (i.e., biased) models to approximate the spatially dependent process. In particular, we propose the independent model and the Markov model as simple approximations. We conduct both theoretical analysis and extensive simulations on large networks using both real measurements and synthesized topologies to test the performance of the proposed models. Our results show that the independent model can capture temporal dependence and detailed topology information and, thus, outperforms the previous models, whereas the Markov model incorporates a certain spatial dependence and, thus, achieves a greater accuracy in characterizing both transient and equilibrium behaviors of malware propagation. |
Year | DOI | Venue |
---|---|---|
2005 | 10.1109/TNN.2005.853425 | IEEE Transactions on Neural Networks |
Keywords | Field | DocType |
previous model,network security,certain spatial dependence,independent model,large network,network infrastructure,markov model,network management,spatial-temporal modeling,malware propagation,malware,stochastic process,security,stochastic processes,spatial dependence,markov processes,probability,graph theory,graphical models,modeling,random process,machine learning,graphical model | Data mining,Markov process,Computer science,Theoretical computer science,Artificial intelligence,Probabilistic logic,Network management,Markov model,Network security,Network topology,Graphical model,Malware,Machine learning | Journal |
Volume | Issue | ISSN |
16 | 5 | 1045-9227 |
Citations | PageRank | References |
50 | 2.19 | 9 |
Authors | ||
2 |
Name | Order | Citations | PageRank |
---|---|---|---|
Zesheng Chen | 1 | 292 | 23.18 |
Chuanyi Ji | 2 | 812 | 124.04 |