M. H. R. Khouzani

Maximum damage malware attack in mobile wireless networks

Malware attacks constitute a serious security risk that threatens to slow down the large-scale proliferation of wireless applications. As a first step toward thwarting this security threat, we seek to quantify the maximum damage inflicted on the system due to such outbreaks and identify the most vicious attacks. We represent the propagation of malware in a battery-constrained mobile wireless network by an epidemic model in which the worm can dynamically control the rate at which it kills the infected node and also the transmission ranges and/or the media scanning rates. At each moment of time, the worm at each node faces the following tradeoffs: 1) using larger transmission ranges and media scanning rates to accelerate its spread at the cost of exhausting the battery and thereby reducing the overall infection propagation rate in the long run; or 2) killing the node to inflict a large cost on the network, however at the expense of losing the chance of infecting more susceptible nodes at later times. We mathematically formulate the decision problems and utilize Pontryagin Maximum Principle from optimal control theory to quantify the damage that the malware can inflict on the network by deploying optimum decision rules. Next, we establish structural properties of the optimal strategy of the attacker over time. Specifically, we prove that it is optimal for the attacker to defer killing of the infective nodes in the propagation phase until reaching a certain time and then start the slaughter with maximum effort. We also show that in the optimal attack policy, the battery resources are used according to a decreasing function of time, i.e., most aggressively during the initial phase of the outbreak. Finally, our numerical investigations reveal a framework for identifying intelligent defense strategies that can limit the damage by appropriately selecting network parameters.

Optimal control of epidemic evolution

Epidemic models based on nonlinear differential equations have been extensively applied in a variety of systems as diverse as infectious outbreaks, marketing, diffusion of beliefs, etc., to the dissemination of messages in MANET or p2p networks. Control of such systems is achieved at the cost of consuming the resources. We construct a unifying framework that models the interactions of the control and the elements in systems with epidemic behavior. Specifically, we consider non-replicative and replicative dissemination of messages in a network: a pre-determined set of disseminators distribute the messages in the former, whereas the disseminator set continually grows in the latter as the nodes that receive the patch become disseminators themselves. In both cases, the desired trade-offs can be attained by activating at any given time only fractions of disseminators and selecting their dissemination rates. We formulate the above trade-offs as optimal control problems that seek to minimize a general aggregate cost function which cogently depends on both the states and the overall resource consumption. We prove that the dynamic control strategies have simple structures: (1) it is never optimal to activate a partial fraction of the disseminators (all or none) (2) when the resource consumption cost is concave, the distribution rate of the activated nodes are bang-bang with at most one jump from the maximum to the minimum value. When the resource consumption cost is convex, the above transition is strict but continuous. We compare the efficacy and robustness of different dispatch models and also those of the optimum dynamic and static controls using numerical computations.

Optimal energy-aware epidemic routing in DTNs

In this work, we investigate the use of epidemic routing in energy constrained delay tolerant networks (DTNs). In epidemic routing, messages are relayed by intermediate nodes at contact opportunities, i.e., when pairs of nodes come within the transmission range of each other. Each node needs to decide whether to forward its message upon contact with a new node based on its own residual energy level and the age of that message. We mathematically characterize the fundamental trade-off between energy conservation and a measure of Quality of Service as a dynamic energy-dependent optimal control problem. We prove that in the mean-field regime, the optimal dynamic forwarding decisions follow simple threshold-based structures in which the forwarding threshold for each node depends on its current remaining energy. We then characterize the nature of this dependence. Our simulations reveal that the optimal dynamic policy significantly outperforms heuristics.

Maximum Damage Malware Attack in Mobile Wireless Networks

Malware attacks constitute a serious security risk that threatens to slow down the large scale proliferation of wireless applications. As a first step towards thwarting this security threat, we seek to quantify the maximum damage inflicted on the system owing to such outbreaks and identify the most vicious attacks. We represent the propagation of malware in a battery-constrained mobile wireless network by an epidemic model in which the worm can dynamically control the rate at which it kills the infected node and also the transmission range and/or the media scanning rate. At each moment of time, the worm at each node faces the following trade-offs: (i)~using larger transmission range and media scanning rate to accelerate its spread at the cost of exhausting the battery and thereby reducing the overall infection propagation rate in the long run or (ii)~killing the node to inflict a large cost on the network, however at the expense of loosing the chance of infecting more susceptible nodes at later times. We mathematically formulate the decision problems and utilize Pontryagin Maximum Principle from optimal control theory to quantify the damage that the malware can inflict on the network by deploying optimum decision rules. Next, we establish structural properties of the optimal strategy of the attacker over time. Specifically, we prove that it is optimal for the attacker to defer killing of the infective nodes in the propagation phase until reaching a certain time and then start the slaughter with maximum effort. We also show that in the optimal attack policy, the battery resources are used according to a decreasing function of time, i.e., mostly during the initial phase of the outbreak. Finally, our numerical investigations reveal a framework for identifying intelligent defense strategies that can limit the damage by appropriately selecting network parameters.

Optimal patching in clustered malware epidemics

Studies on the propagation of malware in mobile networks have revealed that the spread of malware can be highly inhomogeneous. Platform diversity, contact list utilization by the malware, clustering in the network structure, etc., can also lead to differing spreading rates. In this paper, a general formal framework is proposed for leveraging such heterogeneity to derive optimal patching policies that attain the minimum aggregate cost due to the spread of malware and the surcharge of patching. Using Pontryagins Maximum Principle for a stratified epidemic model, it is analytically proven that in the mean-field deterministic regime, optimal patch disseminations are simple single-threshold policies. These policies are amenable to implementation and can serve as benchmarks for policies that have less knowledge of the network. Through numerical simulations, the behavior of optimal patching policies is investigated in sample topologies, and their advantages are demonstrated.

Dispatch then stop: Optimal dissemination of security patches in mobile wireless networks

The security threat posed by malware in mobile wireless networks can be countered through immunization using security patches. The distribution of patches however consumes bandwidth which is specially scarce in wireless networks, and must therefore be judiciously controlled in order to attain desired trade-offs between security risks and resource consumption. The desired tradeoffs can be attained by activating at any given time only fractions of dispatchers and selecting their packet transmission rates. We formulate the above tradeoffs as optimal control problems that seek to minimize the aggregate network costs that depend on security risks and resource consumed by the countermeasures. We prove that the optimal control strategies have simple structures. When the resource consumption cost rate is concave, the control strategies are bang-bang with at most one jump from the maximum to the minimum value. When the resource consumption cost rate is convex, the above transition is strict but continuous.

Optimal Routing and Scheduling in Multihop Wireless Renewable Energy Networks

We design routing and scheduling policies that optimize network throughput in multi-hop wireless networks where nodes are powered by renewable energy sources. The policies that we propose deliver maximum throughput, and yet do not require explicit knowledge of the statistics of the energy harvesting or the traffic generation processes. We consider both the cases of infinite and finite energy storage capacity at nodes. The results in the latter case provide bounds on the capacity of the energy storage devices at the individual nodes that is minimally required for obtaining maximum throughput.

Optimal Quarantining of Wireless Malware Through Reception Gain Control

Containment of worms constitutes an important challenge in mobile wireless networks as recent outbreaks have revealed actual vulnerabilities. We introduce a defense strategy that quarantines the malware by reducing the communication range. This countermeasure confronts us with a tradeoff: reducing the communication range suppresses the spread of the malware; however, it also deteriorates the network performance. We model the propagation of the malware as a deterministic epidemic. Using an optimal control framework, we select the optimal communication range that captures the above tradeoff by minimizing a global cost function. Using Pontryagins Maximum Principle, we derive structural characteristics of the optimal communication range as a function of time for general cost functions. Our numerical computations reveal that the dynamic optimal control of the communication range significantly outperforms static choices and is also robust to errors in estimation of the network and attack parameters.

Saddle-Point Strategies in Malware Attack

Given the flexibility that software-based operation provides, it is unreasonable to expect that new malware will demonstrate a fixed behavior over time. Instead, malware can dynamically change the parameters of their infective hosts in response to the dynamics of the network, in order to maximize their overall damage. However, in return, the network can also dynamically change its counter-measure parameters in order to attain a robust defense against the spread of malware while minimally affecting the normal performance of the network. The infinite dimension of freedom introduced by variation over time and antagonistic and strategic optimization of malware and network against each other demand new attempts for modeling and analysis. We develop a zero-sum dynamic game model and investigate the structural properties of the saddle-point strategies. We specifically show that saddle-point strategies are simple threshold-based policies and hence, a robust dynamic defense is practicable.

A dynamic game solution to malware attack

Given the flexibility that software-based operation provides, it is unreasonable to expect that new malware will demonstrate a fixed behavior over time. Instead, malware can dynamically change the parameters of their infective hosts in response to the dynamics of the network, in order to maximize their overall damage. However, in return, the network can also dynamically change its counter-measure parameters in order to attain a robust defense against the spread of malware while minimally affecting the normal performance of the network. The infinite dimension of freedom introduced by variation over time and antagonistic and strategic optimization of malware and network against each other demand new attempts for modeling and analysis. We develop a zero-sum dynamic game model and investigate the structural properties of the saddle-point strategies. We specifically show that saddle-point strategies are simple threshold-based policies and hence, a robust dynamic defense is practicable.