Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

Internet malware propagation: Dynamics and control through SEIRV epidemic model with relapse and intervention

Samiran Ghosh, V Anil Kumar

TL;DR

This work proposes a generic SEIRV model formulated using ordinary differential equations to study malware spread, establishes the positivity and boundedness of the system, derive the malware propagation threshold, and analyzes the local and global stability of the malware-free equilibrium.

Abstract

Malware attacks in today's vast digital ecosystem pose a serious threat. Understanding malware propagation dynamics and designing effective control strategies are therefore essential. In this work, we propose a generic SEIRV model formulated using ordinary differential equations to study malware spread. We establish the positivity and boundedness of the system, derive the malware propagation threshold, and analyze the local and global stability of the malware-free equilibrium. The separatrix defining epidemic regions in the control space is identified, and the existence of a forward bifurcation is demonstrated. Using normalized forward sensitivity indices, we determine the parameters most influential to the propagation threshold. We further examine the nonlinear dependence of key epidemic characteristics on the transmission rate, including the maximum number of infected, time to peak infection, and total number of infected. We propose a hybrid gradient-based global optimization framework using simulated annealing approach to identify effective and cost-efficient control strategies. Finally, we calibrate the proposed model using infection data from the "Windows Malware Dataset with PE API Calls" and investigated the effect of intervention onset time on averted cases, revealing an exponential decay relationship between delayed intervention and averted cases.

Internet malware propagation: Dynamics and control through SEIRV epidemic model with relapse and intervention

TL;DR

This work proposes a generic SEIRV model formulated using ordinary differential equations to study malware spread, establishes the positivity and boundedness of the system, derive the malware propagation threshold, and analyzes the local and global stability of the malware-free equilibrium.

Abstract

Malware attacks in today's vast digital ecosystem pose a serious threat. Understanding malware propagation dynamics and designing effective control strategies are therefore essential. In this work, we propose a generic SEIRV model formulated using ordinary differential equations to study malware spread. We establish the positivity and boundedness of the system, derive the malware propagation threshold, and analyze the local and global stability of the malware-free equilibrium. The separatrix defining epidemic regions in the control space is identified, and the existence of a forward bifurcation is demonstrated. Using normalized forward sensitivity indices, we determine the parameters most influential to the propagation threshold. We further examine the nonlinear dependence of key epidemic characteristics on the transmission rate, including the maximum number of infected, time to peak infection, and total number of infected. We propose a hybrid gradient-based global optimization framework using simulated annealing approach to identify effective and cost-efficient control strategies. Finally, we calibrate the proposed model using infection data from the "Windows Malware Dataset with PE API Calls" and investigated the effect of intervention onset time on averted cases, revealing an exponential decay relationship between delayed intervention and averted cases.
Paper Structure (23 sections, 3 theorems, 67 equations, 16 figures, 2 tables, 1 algorithm)

This paper contains 23 sections, 3 theorems, 67 equations, 16 figures, 2 tables, 1 algorithm.

Table of Contents

  1. Introduction
  2. Epidemic models: From biological to cyber epidemics
  3. SEIRV model formulation
  4. Susceptible ($S(t)$):
  5. Exposed ($E(t)$):
  6. Infected ($I(t)$):
  7. Recovered ($R(t)$):
  8. Vaccinated ($V(t)$):
  9. Positivity and boundedness
  10. Malware-free equilibrium
  11. Malware transmission threshold and the stability of MFE
  12. Existence of endemic equilibrium
  13. Local stability of the endemic equilibrium
  14. Malware growth and decay regions in control space
  15. Hybrid gradient-based global optimization using simulated annealing
  16. ...and 8 more sections

Key Result

Theorem 1

The MFE $\mathcal{E}^0$ is locally asymptotically stable if $\mathcal{R}_c<1$ and unstable if $\mathcal{R}_c>1$.

Figures (16)

  • Figure 1: The worldwide number of IoT attacks and IoT connected devices are represented by the red bars and blue line, respectively. The red bars correspond to the left vertical axis, while the blue line corresponds to the right vertical axis. The references for these data are lemevs2023roledanladi2022low.
  • Figure 2: Infection spread in IoT devices.
  • Figure 3: Schematic diagram for the model \ref{['model1']}.
  • Figure 4: Existence of forward bifurcation in the model \ref{['model1']} under the parameter setup as mentioned in Table \ref{['tab:parameters']}. Blue color corresponds to stable equilibrium point and red color corresponds to unstable equilibrium point.
  • Figure 5: (a) $\beta=2 \times 10^{-9}$; (b) $\beta=4 \times 10^{-9}$; (c) $\beta=6 \times 10^{-9}$. The dark green region corresponds to the malware growth region $\mathcal{S}_2$, while the light green region corresponds to the malware extinction region $\mathcal{S}_1$. The rest of the parameters are chosen as mentioned in Table \ref{['tab:parameters']}.
  • ...and 11 more figures

Theorems & Definitions (6)

  • Theorem 1
  • proof
  • Theorem 2
  • proof
  • Theorem 3
  • proof