Optimal Distributed Malware Defense in Mobile Networks with Heterogeneous Devices

As malware attacks become more frequently in mobile networks, deploying an efficient defense system to protect against infection and to help the infected nodes to recover is important to prevent serious spreading and outbreaks. The technical challenges are that mobile devices are heterogeneous in terms of operating systems, the malware infects the targeted system in any opportunistic fashion via local and global connectivity, while the to-be-deployed defense system on the other hand would be usually resource limited. In this paper, we investigate the problem of how to optimally distribute the content-based signatures of malware, which helps to detect the corresponding malware and disable further propagation, to minimize the number of infected nodes. We model the defense system with realistic assumptions addressing all the above challenges that have not been addressed in previous analytical work. Based on the framework of optimizing the system welfare utility, which is the weighted summation of individual utility depending on the final number of infected nodes through the signature allocation, we propose an encounter-based distributed algorithm based on Metropolis sampler. Through theoretical analysis and simulations with both synthetic and realistic mobility traces, we show that the distributed algorithm achieves the optimal solution, and performs efficiently in realistic environments.

[1]  Kang G. Shin,et al.  On Mobile Viruses Exploiting Messaging and Bluetooth Services , 2006, 2006 Securecomm and Workshops.

[2]  Pan Hui,et al.  BUBBLE Rap: Social-Based Forwarding in Delay-Tolerant Networks , 2008, IEEE Transactions on Mobile Computing.

[3]  Eitan Altman,et al.  Dispatch then stop: Optimal dissemination of security patches in mobile wireless networks , 2010, 49th IEEE Conference on Decision and Control (CDC).

[4]  Ron J. Patton,et al.  Methods for fault diagnosis in rail vehicle traction and braking systems , 1995 .

[5]  Eitan Altman,et al.  Maximum Damage Malware Attack in Mobile Wireless Networks , 2010, 2010 Proceedings IEEE INFOCOM.

[6]  Eitan Altman,et al.  Decentralized Stochastic Control of Delay Tolerant Networks , 2009, IEEE INFOCOM 2009.

[7]  Jean-Yves Le Boudec,et al.  Optimal Channel Choice for Collaborative Ad-Hoc Dissemination , 2010, 2010 Proceedings IEEE INFOCOM.

[8]  George Lawton On the Trail of the Conficker Worm , 2009, Computer.

[9]  R. May,et al.  Infection dynamics on scale-free networks. , 2001, Physical review. E, Statistical, nonlinear, and soft matter physics.

[10]  Brian D. Noble,et al.  Modeling epidemic spreading in mobile environments , 2005, WiSe '05.

[11]  Jie Wu,et al.  CPMC: An Efficient Proximity Malware Coping Scheme in Smartphone-based Mobile Networks , 2010, 2010 Proceedings IEEE INFOCOM.

[12]  Hongyi Wu,et al.  Counting in Delay-Tolerant Mobile Networks , 2010, 2010 IEEE International Conference on Communications.

[13]  Guanhua Yan,et al.  Modeling Propagation Dynamics of Bluetooth Worms , 2007, 27th International Conference on Distributed Computing Systems (ICDCS '07).

[14]  John Odentrantz,et al.  Markov Chains: Gibbs Fields, Monte Carlo Simulation, and Queues , 2000, Technometrics.

[15]  Guanhua Yan,et al.  Bluetooth worm propagation: mobility pattern matters! , 2007, ASIACCS '07.

[16]  David Tse,et al.  Mobility increases the capacity of ad hoc wireless networks , 2002, TNET.

[17]  Daryl J. Daley,et al.  Epidemic Modelling: An Introduction , 1999 .

[18]  Christopher Krügel,et al.  Effective and Efficient Malware Detection at the End Host , 2009, USENIX Security Symposium.

[19]  Eitan Altman,et al.  Optimal Activation and Transmission Control in Delay Tolerant Networks , 2010, 2010 Proceedings IEEE INFOCOM.

[20]  Stratis Ioannidis,et al.  Distributed caching over heterogeneous mobile networks , 2010, SIGMETRICS '10.

[21]  Geoffrey M. Voelker,et al.  Defending Mobile Phones from Proximity Malware , 2009, IEEE INFOCOM 2009.

[22]  Julinda Stefa,et al.  SWIM: A Simple Model to Generate Small Mobile Worlds , 2008, IEEE INFOCOM 2009.

[23]  Stelios Sidiroglou,et al.  Proximity Breeds Danger: Emerging Threats in Metro-area Wireless Networks , 2007, USENIX Security Symposium.

[24]  Sencun Zhu,et al.  A Social Network Based Patching Scheme for Worm Containment in Cellular Networks , 2009, IEEE INFOCOM 2009.

[25]  Mikko Hypponen,et al.  Malware goes mobile. , 2006, Scientific American.

[26]  Jörg Ott,et al.  The ONE simulator for DTN protocol evaluation , 2009, SimuTools.

[27]  Geoffrey M. Voelker,et al.  Can you infect me now?: malware propagation in mobile phone networks , 2007, WORM '07.

[28]  Jari Saramäki,et al.  Emergence of communities in weighted networks. , 2007, Physical review letters.

[29]  Albert-László Barabási,et al.  Understanding the Spreading Patterns of Mobile Phone Viruses , 2009, Science.

[30]  Hongyi Wu,et al.  DFT-MSN: The Delay/Fault-Tolerant Mobile Sensor Network for Pervasive Information Gathering , 2006, Proceedings IEEE INFOCOM 2006. 25TH IEEE International Conference on Computer Communications.

[31]  Injong Rhee,et al.  SLAW: A New Mobility Model for Human Walks , 2009, IEEE INFOCOM 2009.