Online Promiscuity: Prophylactic Patching and the Spread of Computer Transmitted Infections

There is a long history of studying the epidemiology of computer malware. Much of this work has focused on the behaviors of specific viruses, worms, or botnets. In contrast, we seek to utilize an extension of the simple SIS model to examine the efficacy of various aggregate patching and recovery behaviors. We use the SIS model because we are interested in the global prevalence of malware, rather than the dynamics, such as recovery, covered in previous work. We consider four populations: vigilant and non-vigilant with infected or not for both sets. Using our model we show that small increases in patch rates and recovery speed are the most effective approaches to reduce system-wide vulnerabilities due to unprotected computers. Our results illustrate that a public health approach may be feasible, requiring a subpopulation adopt prophylactic actions rather than near-universal immunization.

[1]  Jeffrey F Peipert,et al.  The Contraceptive CHOICE Project: recruiting women at highest risk for unintended pregnancy and sexually transmitted infection. , 2010, Journal of women's health.

[2]  Giuseppe Serazzi,et al.  Computer Virus Propagation Models , 2003, MASCOTS Tutorials.

[3]  Yang Wang,et al.  Modeling the effects of timing parameters on virus propagation , 2003, WORM '03.

[4]  Atanu Lahiri Revisiting the incentive to tolerate illegal distribution of software products , 2012, Decis. Support Syst..

[5]  Matthew C. Elder,et al.  On computer viral infection and the effect of immunization , 2000, Proceedings 16th Annual Computer Security Applications Conference (ACSAC'00).

[6]  W. O. Kermack,et al.  A contribution to the mathematical theory of epidemics , 1927 .

[7]  Terrence August,et al.  Let the Pirates Patch? An Economic Analysis of Software Security Patch Restrictions , 2008, Inf. Syst. Res..

[8]  David Moore,et al.  Code-Red: a case study on the spread and victims of an internet worm , 2002, IMW '02.

[9]  Stephanie Forrest,et al.  Email networks and the spread of computer viruses. , 2002, Physical review. E, Statistical, nonlinear, and soft matter physics.

[10]  Vern Paxson,et al.  How to Own the Internet in Your Spare Time , 2002, USENIX Security Symposium.

[11]  Marie-Claude Boily,et al.  Changes in the Transmission Dynamics of the HIV Epidemic After the Wide-Scale Use of Antiretroviral Therapy Could Explain Increases in Sexually Transmitted Infections: Results From Mathematical Models , 2004, Sexually transmitted diseases.

[12]  D. Sornette,et al.  Heavy-tailed distribution of cyber-risks , 2008, 0803.2256.

[13]  Alessandro Vespignani,et al.  Epidemic spreading in scale-free networks. , 2000, Physical review letters.

[14]  Steve Hanna,et al.  A survey of mobile malware in the wild , 2011, SPSM '11.

[15]  Tim Brown,et al.  Modelling HIV epidemics in the antiretroviral era: the UNAIDS Estimation and Projection package 2009 , 2010, Sexually Transmitted Infections.

[16]  S. Shiboski,et al.  Population- and individual-based approaches to the design and analysis of epidemiologic studies of sexually transmitted disease transmission. , 1996, The Journal of infectious diseases.

[17]  K. Pedersen,et al.  An assessment of cost, quality and outcomes for five HIV prevention youth peer education programs in Zambia. , 2012, Health education research.

[18]  B. Vuylsteke,et al.  Evidence of Declining STD Prevalence in a South African Mining Community Following a Core‐Group Intervention , 2000, Sexually transmitted diseases.

[19]  Neil M Ferguson,et al.  Modelling the Impact of Antiretroviral Use in Resource-Poor Settings , 2006, PLoS medicine.

[20]  Hadi Dowlatabadi,et al.  Sensitivity and Uncertainty Analysis of Complex Models of Disease Transmission: an HIV Model, as an Example , 1994 .

[21]  Richard T. Gray,et al.  Modeling the impact of potential vaccines on epidemics of sexually transmitted Chlamydia trachomatis infection. , 2009, The Journal of infectious diseases.

[22]  Stefan Savage,et al.  Inside the Slammer Worm , 2003, IEEE Secur. Priv..

[23]  Alessandro Vespignani,et al.  Towards a Characterization of Behavior-Disease Models , 2011, PloS one.

[24]  Alessandro Vespignani,et al.  Epidemic dynamics and endemic states in complex networks. , 2001, Physical review. E, Statistical, nonlinear, and soft matter physics.

[25]  C. Warren,et al.  Systematic Review: The use of vouchers for reproductive health services in developing countries: systematic review , 2011, Tropical medicine & international health : TM & IH.

[26]  Chaim Fershtman,et al.  Network Security: Vulnerabilities and Disclosure Policy , 2007, WEIS.

[27]  Stefano Longhi Spiral waves in optical parametric oscillators , 2001 .

[28]  Donald F. Towsley,et al.  Code red worm propagation modeling and analysis , 2002, CCS '02.

[29]  Tyler Moore,et al.  Evil Searching: Compromise and Recompromise of Internet Hosts for Phishing , 2009, Financial Cryptography.

[30]  Don Towsley,et al.  Routing worm: a fast, selective attack worm based on IP address information , 2005, Workshop on Principles of Advanced and Distributed Simulation (PADS'05).

[31]  Alessandro Vespignani,et al.  Structural analysis of behavioral networks from the Internet , 2008 .

[32]  Hawoong Jeong,et al.  Modeling the Internet's large-scale topology , 2001, Proceedings of the National Academy of Sciences of the United States of America.

[33]  N. Ferguson,et al.  More Realistic Models of Sexually Transmitted Disease Transmission Dynamics: Sexual Partnership Networks, Pair Models, and Moment Closure , 2000, Sexually transmitted diseases.

[34]  David Watson,et al.  The Blaster worm: then and now , 2005, IEEE Security & Privacy Magazine.

[35]  Christine Markham,et al.  Projected economic costs due to health consequences of teenagers' loss of confidentiality in obtaining reproductive health care services in Texas. , 2004, Archives of pediatrics & adolescent medicine.

[36]  Nick Feamster,et al.  Building a Dynamic Reputation System for DNS , 2010, USENIX Security Symposium.

[37]  A. Barabasi,et al.  Scale-free characteristics of random networks: the topology of the world-wide web , 2000 .

[38]  T. Moores An Analysis of the Impact of Economic Wealth and National Culture on the Rise and Fall of Software Piracy Rates , 2008 .

[39]  HighWire Press Proceedings of the Royal Society of London. Series A, Containing papers of a mathematical and physical character , 1934 .

[40]  Donald F. Towsley,et al.  Worm propagation modeling and analysis under dynamic quarantine defense , 2003, WORM '03.

[41]  Jeffrey O. Kephart,et al.  Measuring and modeling computer virus prevalence , 1993, Proceedings 1993 IEEE Computer Society Symposium on Research in Security and Privacy.

[42]  A. Renton,et al.  Heterosexual HIV transmission and STD prevalence: predictions of a theoretical model. , 1998, Sexually Transmitted Infections.

[43]  D. Kirschner,et al.  A methodology for performing global uncertainty and sensitivity analysis in systems biology. , 2008, Journal of theoretical biology.

[44]  Jeffrey O. Kephart,et al.  Directed-graph epidemiological models of computer viruses , 1991, Proceedings. 1991 IEEE Computer Society Symposium on Research in Security and Privacy.

[45]  Ian Askew,et al.  Feasibility and effectiveness of integrating provider-initiated testing and counselling within family planning services in Kenya , 2009, AIDS.