Monitoring stealthy diffusion

A broad variety of problems, such as targeted marketing and the spread of viruses and malware, have been modeled as maximizing the reach of diffusion through a network. In cyber-security applications, however, a key consideration largely ignored in this literature is stealth. In particular, an attacker who has a specific target in mind succeeds only if the target is reached before the malicious payload is detected and corresponding countermeasures deployed. The dual side of this problem is deployment of a limited number of monitoring units, such as cyber-forensics specialists, to limit the success of such targeted and stealthy diffusion processes. We investigate the problem of optimal monitoring of targeted stealthy diffusion processes. While natural variants of this problem are NP-hard, we show that if stealthy diffusion starts from randomly selected nodes, the defender’s objective is submodular and can be approximately optimized. In addition, we present approximation algorithms for the setting where the choice of the starting point is adversarial. We further extend our results to settings where the diffusion starts at multiple-seed nodes simultaneously, and where there is an inherent delay in detecting the infection. Our experimental results show that the proposed algorithms are highly effective and scalable.

[1]  Radha Poovendran,et al.  Maximizing Influence in Competitive Environments: A Game-Theoretic Approach , 2011, GameSec.

[2]  Paul Erdös,et al.  On random graphs, I , 1959 .

[3]  Alan M. Frieze,et al.  Random graphs , 2006, SODA '06.

[4]  T. D. Parsons,et al.  Pursuit-evasion in a graph , 1978 .

[5]  Elchanan Mossel,et al.  Submodularity of Influence in Social Networks: From Local to Global , 2010, SIAM J. Comput..

[6]  Milind Tambe,et al.  Bayesian Security Games for Controlling Contagion , 2013, 2013 International Conference on Social Computing.

[7]  Ariel D. Procaccia,et al.  Monitoring Stealthy Diffusion , 2015, ICDM.

[8]  Marc Lelarge,et al.  Economics of malware: Epidemic risks model, network externalities and incentives , 2009, 2009 47th Annual Allerton Conference on Communication, Control, and Computing (Allerton).

[9]  P. Van Mieghem,et al.  Virus Spread in Networks , 2009, IEEE/ACM Transactions on Networking.

[10]  David Steurer,et al.  Analytical approach to parallel repetition , 2013, STOC.

[11]  Piet Van Mieghem,et al.  Protecting Against Network Infections: A Game Theoretic Perspective , 2009, IEEE INFOCOM 2009.

[12]  Donald F. Towsley,et al.  Code red worm propagation modeling and analysis , 2002, CCS '02.

[13]  Wei Chen,et al.  Influence Blocking Maximization in Social Networks under the Competitive Linear Threshold Model , 2011, SDM.

[14]  Matthew Richardson,et al.  Mining the network value of customers , 2001, KDD '01.

[15]  Frank M. Bass,et al.  A New Product Growth for Model Consumer Durables , 2004, Manag. Sci..

[16]  Matthew Richardson,et al.  Mining knowledge-sharing sites for viral marketing , 2002, KDD.

[17]  Allan Borodin,et al.  Threshold Models for Competitive Influence in Social Networks , 2010, WINE.

[18]  Éva Tardos,et al.  Influential Nodes in a Diffusion Model for Social Networks , 2005, ICALP.

[19]  Yevgeniy Vorobeychik,et al.  Securing interdependent assets , 2012, Autonomous Agents and Multi-Agent Systems.

[20]  Éva Tardos,et al.  Maximizing the Spread of Influence through a Social Network , 2015, Theory Comput..

[21]  Donald F. Towsley,et al.  The effect of network topology on the spread of epidemics , 2005, Proceedings IEEE 24th Annual Joint Conference of the IEEE Computer and Communications Societies..

[22]  Andreas Krause,et al.  Selecting Observations against Adversarial Objectives , 2007, NIPS.

[23]  Jure Leskovec,et al.  Modeling Information Diffusion in Implicit Networks , 2010, 2010 IEEE International Conference on Data Mining.

[24]  F. Bass A new product growth model for consumer durables , 1976 .

[25]  Sampath Kannan,et al.  Randomized Pursuit-Evasion with Local Visibility , 2006, SIAM J. Discret. Math..

[26]  Shishir Bharathi,et al.  Competitive Influence Maximization in Social Networks , 2007, WINE.

[27]  Milind Tambe,et al.  Security Games for Controlling Contagion , 2012, AAAI.

[28]  M. L. Fisher,et al.  An analysis of approximations for maximizing submodular set functions—I , 1978, Math. Program..

[29]  Micah Adler,et al.  Randomized Pursuit-Evasion in Graphs , 2002, Combinatorics, Probability and Computing.

[30]  Wei Chen,et al.  Scalable influence maximization for prevalent viral marketing in large-scale social networks , 2010, KDD.

[31]  Albert,et al.  Emergence of scaling in random networks , 1999, Science.

[32]  Milind Tambe,et al.  Optimal Allocation of Police Patrol Resources Using a Continuous-Time Crime Model , 2016, GameSec.

[33]  David S. Johnson,et al.  Approximation algorithms for combinatorial problems , 1973, STOC.