Modeling, Analysis, and Mitigation of Dynamic Botnet Formation in Wireless IoT Networks

The Internet of Things (IoT) relies heavily on wireless communication devices that are able to discover and interact with other wireless devices in their vicinity. The communication flexibility coupled with software vulnerabilities in devices, due to low cost and short time-to-market, exposes them to a high risk of malware infiltration. Malware may infect a large number of network devices using device-to-device (D2D) communication resulting in the formation of a botnet, i.e., a network of infected devices controlled by a common malware. A botmaster may exploit it to launch a network-wide attack sabotaging infrastructure and facilities, or for malicious purposes such as collecting ransom. In this paper, we propose an analytical model to study the D2D propagation of malware in wireless IoT networks. Leveraging tools from dynamic population processes and point process theory, we capture malware infiltration and coordination process over a network topology. The analysis of mean-field equilibrium in the population is used to construct and solve an optimization problem for the network defender to prevent botnet formation by patching devices while causing minimum overhead to network operation. The developed analytical model serves as a basis for assisting the planning, design, and defense of such networks from a defender’s standpoint.

[1]  Georgios Kambourakis,et al.  DDoS in the IoT: Mirai and Other Botnets , 2017, Computer.

[2]  Yamir Moreno,et al.  Dynamics of rumor spreading in complex networks. , 2003, Physical review. E, Statistical, nonlinear, and soft matter physics.

[3]  Mohammed Anbar,et al.  Internet of Things (IoT) communication protocols: Review , 2017, 2017 8th International Conference on Information Technology (ICIT).

[4]  Quanyan Zhu,et al.  Secure and reconfigurable network design for critical information dissemination in the Internet of battlefield things (IoBT) , 2017, 2017 15th International Symposium on Modeling and Optimization in Mobile, Ad Hoc, and Wireless Networks (WiOpt).

[5]  Athanasios V. Vasilakos,et al.  Differential Game-Based Strategies for Preventing Malware Propagation in Wireless Sensor Networks , 2014, IEEE Transactions on Information Forensics and Security.

[6]  J. O. Irwin,et al.  MATHEMATICAL EPIDEMIOLOGY , 1958 .

[7]  Sven Dietrich,et al.  SkyNET: A 3G-Enabled Mobile Attack Drone and Stealth Botmaster , 2011, WOOT.

[8]  Natalija Vlajic,et al.  IoT as a Land of Opportunity for DDoS Hackers , 2018, Computer.

[9]  Piet Van Mieghem,et al.  Epidemic processes in complex networks , 2014, ArXiv.

[10]  Athanasios V. Vasilakos,et al.  Preventing Distributed Denial-of-Service Flooding Attacks With Dynamic Path Identifiers , 2017, IEEE Transactions on Information Forensics and Security.

[11]  Yamir Moreno,et al.  Effects of delayed recovery and nonuniform transmission on the spreading of diseases in complex networks , 2012, Physica A: Statistical Mechanics and its Applications.

[12]  James A. Jerkins,et al.  Mitigating IoT insecurity with inoculation epidemics , 2018, ACM Southeast Regional Conference.

[13]  Stephen P. Boyd,et al.  Simultaneous routing and resource allocation via dual decomposition , 2004, IEEE Transactions on Communications.

[14]  R. May,et al.  How Viruses Spread Among Computers and People , 2001, Science.

[15]  Nihar Jindal,et al.  Performance of ALOHA and CSMA in Spatially Distributed Wireless Networks , 2008, 2008 IEEE International Conference on Communications.

[16]  Kun Yang,et al.  A DDoS Attack Detection and Mitigation With Software-Defined Internet of Things Framework , 2018, IEEE Access.

[17]  Madhav V. Marathe,et al.  EpiNet: a simulation framework to study the spread of malware in wireless networks , 2009, SimuTools.

[18]  Srikanth V. Krishnamurthy,et al.  Denial of Service Attacks in Wireless Networks: The Case of Jammers , 2011, IEEE Communications Surveys & Tutorials.

[19]  Norman M. Abramson,et al.  THE ALOHA SYSTEM: another alternative for computer communications , 1899, AFIPS '70 (Fall).

[20]  Xinyu Yang,et al.  A Survey on Internet of Things: Architecture, Enabling Technologies, Security and Privacy, and Applications , 2017, IEEE Internet of Things Journal.

[21]  J. Kingman Markov population processes , 1969, Journal of Applied Probability.

[22]  Elisa Bertino,et al.  Botnets and Internet of Things Security , 2017, Computer.

[23]  Yi Zhou,et al.  Understanding the Mirai Botnet , 2017, USENIX Security Symposium.

[24]  Xinyu Yang,et al.  On Optimal PMU Placement-Based Defense Against Data Integrity Attacks in Smart Grid , 2017, IEEE Transactions on Information Forensics and Security.

[25]  Sureswaran Ramadass,et al.  A Survey of Botnet and Botnet Detection , 2009, 2009 Third International Conference on Emerging Security Information, Systems and Technologies.

[26]  Quanyan Zhu,et al.  On the Secure and Reconfigurable Multi-Layer Network Design for Critical Information Dissemination in the Internet of Battlefield Things (IoBT) , 2018, IEEE Transactions on Wireless Communications.

[27]  Giancarlo Fortino,et al.  Evaluating Critical Security Issues of the IoT World: Present and Future Challenges , 2018, IEEE Internet of Things Journal.

[28]  Sugata Sanyal,et al.  Survey of Security and Privacy Issues of Internet of Things , 2015, ArXiv.

[29]  Joachim Fabini,et al.  Botnet Communication Patterns , 2017, IEEE Communications Surveys & Tutorials.

[30]  Chao Chen,et al.  On the Characteristics of the Worm Infection Family Tree , 2012, IEEE Transactions on Information Forensics and Security.

[31]  Daniel Pérez Palomar,et al.  A tutorial on decomposition methods for network utility maximization , 2006, IEEE Journal on Selected Areas in Communications.

[32]  José M. F. Moura,et al.  A Stochastic Adaptive Model to Explore Mobile Botnet Dynamics , 2017, IEEE Communications Letters.

[33]  Cong Shen,et al.  Designing Security-Aware Incentives for Computation Offloading via Device-to-Device Communication , 2016, IEEE Transactions on Wireless Communications.

[34]  Zhuo Lu,et al.  On the Evolution and Impact of Mobile Botnets in Wireless Networks , 2016, IEEE Transactions on Mobile Computing.

[35]  Kang G. Shin,et al.  Open WiFi networks: Lethal weapons for botnets? , 2012, 2012 Proceedings IEEE INFOCOM.

[36]  Sudarshan K. Dhall,et al.  Measurement and analysis of worm propagation on Internet network topology , 2004, Proceedings. 13th International Conference on Computer Communications and Networks (IEEE Cat. No.04EX969).

[37]  Martin Haenggi,et al.  Outage, local throughput, and capacity of random wireless networks , 2008, IEEE Transactions on Wireless Communications.

[38]  Wei Yu,et al.  Dual methods for nonconvex spectrum optimization of multicarrier systems , 2006, IEEE Transactions on Communications.