Exploiting temporal complex network metrics in mobile malware containment

Malicious mobile phone worms spread between devices via short-range Bluetooth contacts, similar to the propagation of human and other biological viruses. Recent work has employed models from epidemiology and complex networks to analyse the spread of malware and the effect of patching specific nodes. These approaches have adopted a static view of the mobile networks, i.e., by aggregating all the edges that appear over time, which leads to an approximate representation of the real interactions: instead, these networks are inherently dynamic and the edge appearance and disappearance are highly influenced by the ordering of the human contacts, something which is not captured at all by existing complex network measures. In this paper we first study how the blocking of malware propagation through immunisation of key nodes (even if carefully chosen through static or temporal betweenness centrality metrics) is ineffective: this is due to the richness of alternative paths in these networks. Then we introduce a time-aware containment strategy that spreads a patch message starting from nodes with high temporal closeness centrality and show its effectiveness using three real-world datasets. Temporal closeness allows the identification of nodes able to reach most nodes quickly: we show that this scheme reduces the cellular network resource consumption and associated costs, achieving, at the same time, complete containment of malware in a limited amount of time.

[1]  Massimo Marchiori,et al.  Error and attacktolerance of complex network s , 2004 .

[2]  Thomas F. La Porta,et al.  Exploiting open functionality in SMS-capable cellular networks , 2005, CCS '05.

[3]  William H. Sanders,et al.  Quantifying the Effectiveness of Mobile Phone Virus Response Mechanisms , 2007, 37th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN'07).

[4]  V Latora,et al.  Small-world behavior in time-varying graphs. , 2009, Physical review. E, Statistical, nonlinear, and soft matter physics.

[5]  Geoffrey M. Voelker,et al.  Defending Mobile Phones from Proximity Malware , 2009, IEEE INFOCOM 2009.

[6]  Nathan Eagle,et al.  Persistence and periodicity in a dynamic proximity network , 2012, ArXiv.

[7]  Peter Grindrod,et al.  Evolving graphs: dynamical models, inverse problems and propagation , 2010, Proceedings of the Royal Society A: Mathematical, Physical and Engineering Sciences.

[8]  Maksym Schipka,et al.  Dollars for downloading , 2009 .

[9]  Sencun Zhu,et al.  A Social Network Based Patching Scheme for Worm Containment in Cellular Networks , 2009, IEEE INFOCOM 2009.

[10]  Cecilia Mascolo,et al.  Analysing information flows and key mediators through temporal centrality metrics , 2010, SNS '10.

[11]  Cecilia Mascolo,et al.  Temporal distance metrics for social network analysis , 2009, WOSN '09.

[12]  Daniel P. W. Ellis,et al.  White Worms Don't Work , 2006, Login: The Usenix Magazine.

[13]  Ahmed Helmy,et al.  Modeling Spatial and Temporal Dependencies of User Mobility in Wireless Mobile Networks , 2008, IEEE/ACM Transactions on Networking.

[14]  Neal Leavitt,et al.  Mobile phones: the next frontier for hackers? , 2005, Computer.

[15]  Pele Li,et al.  A survey of internet worm detection and containment , 2008, IEEE Communications Surveys & Tutorials.

[16]  Pan Hui,et al.  BUBBLE Rap: Social-Based Forwarding in Delay-Tolerant Networks , 2008, IEEE Transactions on Mobile Computing.

[17]  Cecilia Mascolo,et al.  On Nonstationarity of Human Contact Networks , 2010, 2010 IEEE 30th International Conference on Distributed Computing Systems Workshops.

[18]  Albert-László Barabási,et al.  Understanding the Spreading Patterns of Mobile Phone Viruses , 2009, Science.

[19]  Albert-László Barabási,et al.  Error and attack tolerance of complex networks , 2000, Nature.

[20]  C. H. Evans,et al.  Small Clinical Trials: Issues and Challenges , 2001 .

[21]  Mads Haahr,et al.  Social Network Analysis for Information Flow in Disconnected Delay-Tolerant MANETs , 2009, IEEE Transactions on Mobile Computing.

[22]  Alex Pentland,et al.  Reality mining: sensing complex social systems , 2006, Personal and Ubiquitous Computing.

[23]  G. G. Stokes "J." , 1890, The New Yale Book of Quotations.

[24]  Pan Hui,et al.  CRAWDAD dataset cambridge/haggle (v.2009-05-29) , 2009 .

[25]  Christos Gkantsidis,et al.  Planet scale software updates , 2006, SIGCOMM 2006.

[26]  Rob Stringer News Feature: Six months of cyber-crime , 2008 .

[27]  Cecilia Mascolo,et al.  EmotionSense: a mobile phones based adaptive platform for experimental social psychology research , 2010, UbiComp.

[28]  P ? ? ? ? ? ? ? % ? ? ? ? , 1991 .