Maximum Damage Malware Attack in Mobile Wireless Networks

Malware attacks constitute a serious security risk that threatens to slow down the large-scale proliferation of wireless applications. As a first step toward thwarting this security threat, we seek to quantify the maximum damage inflicted on the system due to such outbreaks and identify the most vicious attacks. We represent the propagation of malware in a battery-constrained mobile wireless network by an epidemic model in which the worm can dynamically control the rate at which it kills the infected node and also the transmission ranges and/or the media scanning rates. At each moment of time, the worm at each node faces the following tradeoffs: 1) using larger transmission ranges and media scanning rates to accelerate its spread at the cost of exhausting the battery and thereby reducing the overall infection propagation rate in the long run; or 2) killing the node to inflict a large cost on the network, however at the expense of losing the chance of infecting more susceptible nodes at later times. We mathematically formulate the decision problems and utilize Pontryagin Maximum Principle from optimal control theory to quantify the damage that the malware can inflict on the network by deploying optimum decision rules. Next, we establish structural properties of the optimal strategy of the attacker over time. Specifically, we prove that it is optimal for the attacker to defer killing of the infective nodes in the propagation phase until reaching a certain time and then start the slaughter with maximum effort. We also show that in the optimal attack policy, the battery resources are used according to a decreasing function of time, i.e., most aggressively during the initial phase of the outbreak. Finally, our numerical investigations reveal a framework for identifying intelligent defense strategies that can limit the damage by appropriately selecting network parameters.

[1]  A. Helmy,et al.  VACCINE : War of the Worms in Wired and Wireless Networks , 2005 .

[2]  Donald F. Towsley,et al.  Worm propagation modeling and analysis under dynamic quarantine defense , 2003, WORM '03.

[3]  Vasileios Karyotis,et al.  Risk-based attack strategies for mobile ad hoc networks under probabilistic attack modeling framework , 2007, Comput. Networks.

[4]  Jeffrey O. Kephart,et al.  Measuring and modeling computer virus prevalence , 1993, Proceedings 1993 IEEE Computer Society Symposium on Research in Security and Privacy.

[5]  Eitan Altman,et al.  Optimal Quarantining of Wireless Malware Through Reception Gain Control , 2012, IEEE Transactions on Automatic Control.

[6]  Saswati Sarkar,et al.  Maximum Damage Battery Depletion Attack in Mobile Sensor Networks , 2011, IEEE Transactions on Automatic Control.

[7]  Crispan Cowan,et al.  StackGuard: Automatic Adaptive Detection and Prevention of Buffer-Overflow Attacks , 1998, USENIX Security Symposium.

[8]  Ger Koole,et al.  The message delay in mobile ad hoc networks , 2005, Perform. Evaluation.

[9]  Jeffrey O. Kephart,et al.  Directed-graph epidemiological models of computer viruses , 1991, Proceedings. 1991 IEEE Computer Society Symposium on Research in Security and Privacy.

[10]  Eric Filiol,et al.  Open Problems in Computer Virology , 2006, Journal in Computer Virology.

[11]  Donald F. Towsley,et al.  Code red worm propagation modeling and analysis , 2002, CCS '02.

[12]  John R. Douceur,et al.  The Sybil Attack , 2002, IPTPS.

[13]  Yang Xiao,et al.  Self-Propagate Mal-Packets in Wireless Sensor Networks: Dynamics and Defense Implications , 2008, GLOBECOM.

[14]  E. Lee,et al.  Optimal control for nonlinear processes , 1961 .

[15]  Sencun Zhu,et al.  Improving sensor network immunity under worm attacks: a software diversity approach , 2008, MobiHoc '08.

[16]  Vern Paxson,et al.  A Worst-Case Worm , 2004 .

[17]  J. Caulkins,et al.  Optimal Control of Nonlinear Processes: With Applications in Drugs, Corruption, and Terror , 2008 .

[18]  Vern Paxson,et al.  How to Own the Internet in Your Spare Time , 2002, USENIX Security Symposium.

[19]  Daryl J. Daley,et al.  Epidemic Modelling: An Introduction , 1999 .

[20]  C. Karlof,et al.  Secure routing in wireless sensor networks: attacks and countermeasures , 2003, Proceedings of the First IEEE International Workshop on Sensor Network Protocols and Applications, 2003..

[21]  Weisong Shi,et al.  Wireless Sensor Network Security: A Survey , 2006 .

[22]  Stefan Savage,et al.  Inside the Slammer Worm , 2003, IEEE Secur. Priv..

[23]  George Kesidis,et al.  Coupled Kermack-McKendrick Models for Randomly Scanning and Bandwidth-Saturating Internet Worms , 2005, QoS-IP.

[24]  Eitan Altman,et al.  Optimal propagation of security patches in mobile wireless networks: extended abstract , 2010, SIGMETRICS '10.

[25]  David A. Wagner,et al.  Secure routing in wireless sensor networks: attacks and countermeasures , 2003, Ad Hoc Networks.

[26]  Sencun Zhu,et al.  A Social Network Based Patching Scheme for Worm Containment in Cellular Networks , 2009, IEEE INFOCOM 2009.

[27]  Giuseppe Serazzi,et al.  Computer virus propagation models , 2004 .

[28]  Kevin A. Kwiat,et al.  Modeling the spread of active worms , 2003, IEEE INFOCOM 2003. Twenty-second Annual Joint Conference of the IEEE Computer and Communications Societies (IEEE Cat. No.03CH37428).

[29]  Nahid Shahmehri,et al.  An Ontology of Information Security , 2007, Int. J. Inf. Secur. Priv..

[30]  M. Hirsch,et al.  Differential Equations, Dynamical Systems, and Linear Algebra , 1974 .

[31]  Geoffrey M. Voelker,et al.  Can you infect me now?: malware propagation in mobile phone networks , 2007, WORM '07.

[32]  Bernhard Plattner,et al.  Experiences with worm propagation simulations , 2003, WORM '03.

[33]  Steve R. White,et al.  Computers and epidemiology , 1993, IEEE Spectrum.

[34]  Eitan Altman,et al.  Dispatch then stop: Optimal dissemination of security patches in mobile wireless networks , 2010, 49th IEEE Conference on Decision and Control (CDC).

[35]  Eitan Altman,et al.  Maximum Damage Malware Attack in Mobile Wireless Networks , 2010, 2010 Proceedings IEEE INFOCOM.

[36]  Kang G. Shin,et al.  Proactive security for mobile messaging networks , 2006, WiSe '06.

[37]  Yih-Chun Hu,et al.  Packet leashes: a defense against wormhole attacks in wireless networks , 2003, IEEE INFOCOM 2003. Twenty-second Annual Joint Conference of the IEEE Computer and Communications Societies (IEEE Cat. No.03CH37428).

[38]  Haiyun Luo,et al.  Security in mobile ad hoc networks: challenges and solutions , 2004, IEEE Wireless Communications.

[39]  Yun Zou,et al.  Optimal Internet Worm Treatment Strategy Based on the Two‐Factor Model , 2008 .

[40]  Knut Sydsæter,et al.  Optimal control theory with economic applications , 1987 .

[41]  Scott D. Lathrop,et al.  Wireless security threat taxonomy , 2003, IEEE Systems, Man and Cybernetics SocietyInformation Assurance Workshop, 2003..

[42]  Ahmed Helmy,et al.  Encounter-based worms: analysis and defense , 2006, 2006 2nd IEEE Workshop on Wireless Mesh Networks.

[43]  Jean-Yves Le Boudec,et al.  Vulnerabilities in Epidemic Forwarding , 2007, 2007 IEEE International Symposium on a World of Wireless, Mobile and Multimedia Networks.

[44]  Donald E. Kirk,et al.  Optimal control theory : an introduction , 1970 .

[45]  Robert G. Cole Initial Studies on Worm Propagation in Manets for Future Army Combat Systems , 2004 .

[46]  Kang G. Shin,et al.  Propagation, Detection and Containment of Mobile Malware , 2008 .

[47]  T. Kurtz Solutions of ordinary differential equations as limits of pure jump markov processes , 1970, Journal of Applied Probability.

[48]  Christian Bettstetter,et al.  Mobility modeling in wireless networks: categorization, smooth movement, and border effects , 2001, MOCO.

[49]  Eitan Altman,et al.  Optimal quarantining of wireless malware through power control , 2009, 2009 Information Theory and Applications Workshop.