University of Hertfordshire

From the same journal

By the same authors

A Game Theoretical Method for Cost-Benefit Analysis of Malware Dissemination Prevention

Research output: Contribution to journalArticlepeer-review

  • Theodoros Spyridopoulos
  • Konstantinos Maraslis
  • Alexios Mylonas
  • Theo Tryfonas
  • George Oikonomou
View graph of relations
Original languageEnglish
Pages (from-to)164-176
Number of pages13
JournalInformation Security Journal
Volume24
Issue4-6
DOIs
Publication statusPublished - 31 Dec 2015

Abstract

Literature in malware proliferation focuses on modeling and analyzing its spread dynamics. Epidemiology models, which are inspired by the characteristics of biological disease spread in human populations, have been used against this threat to analyze the way malware spreads in a network. This work presents a modified version of the commonly used epidemiology models Susceptible Infected Recovered (SIR) and Susceptible Infected Susceptible (SIS), which incorporates the ability to capture the relationships between nodes within a network, along with their effect on malware dissemination process. Drawing upon a model that illustrates the network’s behavior based on the attacker’s and the defender’s choices, we use game theory to compute optimal strategies for the defender to minimize the effect of malware spread, at the same time minimizing the security cost. We consider three defense mechanisms: patch, removal, and patch and removal, which correspond to the defender’s strategy and use probabilistically with a certain rate. The attacker chooses the type of attack according to its effectiveness and cost. Through the interaction between the two opponents we infer the optimal strategy for both players, known as Nash Equilibrium, evaluating the related payoffs. Hence, our model provides a cost-benefit risk management framework for managing malware spread in computer networks.

ID: 22840377