Simulating email worm propagation based on social network and user behavior

Email worms pose a significant security threat to organizations and computer users today. Because they propagate over a logical network, the traditional epidemic model is unsuitable for modeling their propagation over the internet. However, it is no doubt that accurate modeling the propagation of email worms is helpful to contain th9eir attacks in advance. This paper presents a novel email worms’ propagation model, which is based on a directed and weighted social network. Moreover, the effects of user’s behavior are also considered in this model. To the author’s knowledge, there is little information available considering the effects of them in modeling their propagation. A simulation algorithm is designed for verifying the effectiveness of the presented model. The results show that the presented model can describe the propagation of email worms accurately. Through simulating different containing strategies, we demonstrate that the infected key nodes in email social community can speed up the worm propagating. Last, a new General Susceptible Infectious Susceptible (G-SIS) email worm model is presented, which can predict the propagation scale of email worms accurately.

[1]  周涛,et al.  Epidemic Spread in Weighted Scale-Free Networks , 2005 .

[2]  Jeffrey O. Kephart,et al.  Directed-graph epidemiological models of computer viruses , 1991, Proceedings. 1991 IEEE Computer Society Symposium on Research in Security and Privacy.

[3]  Donald F. Towsley,et al.  Code red worm propagation modeling and analysis , 2002, CCS '02.

[4]  Jun Zhang,et al.  Modeling and Analysis on the Propagation Dynamics of Modern Email Malware , 2014, IEEE Transactions on Dependable and Secure Computing.

[5]  Yiming Yang,et al.  Introducing the Enron Corpus , 2004, CEAS.

[6]  Weibo Gong,et al.  Modeling and Simulation Study of the Propagation and Defense of Internet Email Worm , 2006 .

[7]  George Kesidis,et al.  Coupled Kermack-McKendrick Models for Randomly Scanning and Bandwidth-Saturating Internet Worms , 2005, QoS-IP.

[8]  Mark E. J. Newman,et al.  The Structure and Function of Complex Networks , 2003, SIAM Rev..

[10]  Wang Yue Topology Aware Worm Simulation and Analysis , 2008 .

[11]  Alessandro Vespignani,et al.  Weighted evolving networks: coupling topology and weight dynamics. , 2004, Physical review letters.

[12]  Felipe G. Massa Guardians of the Internet: Building and Sustaining the Anonymous Online Community , 2017 .

[13]  Yang Xiang,et al.  Modeling the Propagation of Worms in Networks: A Survey , 2014, IEEE Communications Surveys & Tutorials.

[14]  Donald F. Towsley,et al.  Monitoring and early warning for internet worms , 2003, CCS '03.

[15]  Hai Jin,et al.  Modeling Modern Social-Network-Based Epidemics: A Case Study of Rose , 2008, ATC.

[16]  Kevin A. Kwiat,et al.  Modeling the spread of active worms , 2003, IEEE INFOCOM 2003. Twenty-second Annual Joint Conference of the IEEE Computer and Communications Societies (IEEE Cat. No.03CH37428).

[17]  Vladimir Batagelj,et al.  Pajek - Program for Large Network Analysis , 1999 .

[18]  Yang Wang,et al.  Modeling the effects of timing parameters on virus propagation , 2003, WORM '03.

[19]  M. Fava,et al.  Poor sleep quality and suicide attempt among adults with internet addiction: A nationwide community sample of Korea , 2017, PloS one.

[20]  Steve R. White,et al.  Computers and epidemiology , 1993, IEEE Spectrum.

[21]  Sureswaran Ramadass,et al.  Employing machine learning algorithms to detect unknown scanning and email worms , 2014, Int. Arab J. Inf. Technol..

[22]  Yukio Hayashi,et al.  Oscillatory epidemic prevalence in growing scale-free networks. , 2004, Physical review. E, Statistical, nonlinear, and soft matter physics.