# Killing Nodes as a Countermeasure to Virus Expansion

## Abstract

The *spread of a virus* and the *containment of such spread* have been widely studied in the literature. These two problems can be abstracted as a two-players stochastic game in which one side tries to spread the infection to the entire system, while the other side aims to contain the infection to a finite area. Three parameters play a particularly important role: (1) the probability *p* of successful infection, (2) the topology of the network, and (3) the probability \(\alpha \) that a strategy message has priority over the infection.

This paper studies the effect of *killing strategies*, where a node sacrifices itself and possibly some of its neighbors, to contain the spread of a virus in an infinite grid. Our contribution is threefold: (1) We prove that the simplest killing strategy is equivalent to the problem of site percolation; (2) when killing messages have priority, we prove that there always exists a killing strategy that contains a virus, for any probability \(0\le p<1\); in contrast, (3) when killing message do not have priority, there is not always a successful killing strategy, and we study the virus propagation for various \({0\le \alpha <1}\).

## Notes

### Acknowledgments

This work is partially supported by JSPS KAKENHI Grant (C)(JP15K00183) and (JP15K00189) and Japan Science and Technology Agency, CREST (JPMJCR1404) and Infrastructure Development for Promoting International S&T Cooperation and Project for Establishing a Nationwide Practical Education Network for IT Human Resources Development, Education Network for Practical Information Technologies.

## References

- 1.Anderson, R.M., May, R.M.: Population biology of infectious diseases: part I. Nature
**280**(5721), 361–367 (1979)CrossRefGoogle Scholar - 2.Bollobás, B., Riordan, O.: Percolation. Cambridge University Press, Cambridge (2006)CrossRefMATHGoogle Scholar
- 3.Brumley, D., Newsome, J., Song, D., Wang, H., Jha, S.: Towards automatic generation of vulnerability-based signatures. In: Proceedings of the 27th IEEE Symposium on Security and Privacy, S&P 2006, pp. 2–16, May 2006Google Scholar
- 4.Chakrabarti, D., Wang, Y., Wang, C., Leskovec, J., Faloutsos, C.: Epidemic thresholds in real networks. ACM Trans. Inf. Syst. Secur.
**10**(4), 1 (2008)CrossRefGoogle Scholar - 5.Falliere, N.: Sality: story of a peer-to-peer viral network, July 2011. http://www.symantec.com/connect/sites/default/files/sality_peer_to_peer_viral_network.pdf
- 6.Grassberger, P.: On the critical behavior of the general epidemic process and dynamical percolation. Math. Biosci.
**63**(2), 157–172 (1983)CrossRefMATHGoogle Scholar - 7.Hu, R., Sopena, J., Arantes, L., Sens, P., Demeure, I.: Fair comparison of gossip algorithms over large-scale random topologies. In: Proceedings of the 31st IEEE International Symposium on Reliable Distributed Systems (SRDS 2012), pp. 331–340, October 2012Google Scholar
- 8.Jensen, I.: Low-density series expansions for directed percolation: II. The square lattice with a wall. J. Phy. A: Math. Gen.
**32**(33), 6055 (1999). https://stacks.iop.org/0305-4470/32/i=33/a=304 MathSciNetCrossRefMATHGoogle Scholar - 9.Jensen, I.: Low-density series expansions for directed percolation: III. Some two-dimensional lattices. J. Phy. A: Math. Gen.
**37**(27), 6899 (2004). http://stacks.iop.org/0305-4470/37/i=27/a=003 MathSciNetCrossRefMATHGoogle Scholar - 10.Kephart, J.O., White, S.R.: Directed-graph epidemiological models of computer viruses. In: Proceedings of the 12th IEEE Symposium on Security and Privacy, S&P 1991, pp. 343–361 (1991)Google Scholar
- 11.Kephart, J.O., White, S.R.: Measuring and modeling computer virus prevalence. In: Proceedings of the 14th IEEE Symposium on Security and Privacy, S&P 1993, pp. 2–15 (1993)Google Scholar
- 12.Kermack, W.O., McKendrick, A.G.: A contribution to the mathematical theory of epidemics. In: Proceedings of the Royal Society of London. Series A, Containing Papers of a Mathematical and Physical Character, vol. 115, no. 772, pp. 700–721 (1927)Google Scholar
- 13.Kruegel, C., Kirda, E., Mutz, D., Robertson, W., Vigna, G.: Polymorphic worm detection using structural information of executables. In: Valdes, A., Zamboni, D. (eds.) RAID 2005. LNCS, vol. 3858, pp. 207–226. Springer, Heidelberg (2006). https://doi.org/10.1007/11663812_11 CrossRefGoogle Scholar
- 14.Lee, M.J.: Pseudo-random-number generators and the square site percolation threshold. Phy. Rev. E
**78**(3), 031131 (2008)CrossRefGoogle Scholar - 15.Li, Z., Sanghi, M., Chen, Y., Kao, M.Y., Chavez, B.: Hamsa: fast signature generation for zero-day polymorphic worms with provable attack resilience. In: Proceedings of the 27th IEEE Symposium on Security and Privacy, S&P 2006, pp. 32–47, May 2006Google Scholar
- 16.Malarz, K., Galam, S.: Square-lattice site percolation at increasing ranges of neighbor bonds. Phys. Rev. E
**71**, 016125 (2005). https://doi.org/10.1103/PhysRevE.71.016125 CrossRefGoogle Scholar - 17.May, R.M., Anderson, R.M.: Population biology of infectious diseases: part II. Nature
**280**(5722), 455–461 (1979)CrossRefGoogle Scholar - 18.Moore, D., Shannon, C., Voelker, G., Savage, S.: Internet quarantine: requirements for containing self-propagating code. In: Proceedings of the 22nd Annual Joint Conference of the IEEE Computer and Communications Societies, INFOCOM 2003, vol. 3, pp. 1901–1910, Mar 2003Google Scholar
- 19.Nguyen, T.D., Bonnet, F., Défago, X.: Analyzing the impact of mitigation strategies on the spread of a virus. Research Report IS-RR-2014-002, Japan Advanced Institute of Science and Technology (JAIST), May 2014Google Scholar
- 20.Pastor-Satorras, R., Vespignani, A.: Epidemic dynamics and endemic states in complex networks. Phys. Rev. E
**63**(6), 066117 (2001)CrossRefGoogle Scholar - 21.Pastor-Satorras, R., Vespignani, A.: Epidemic spreading in scale-free networks. Phys. Rev. Lett.
**86**, 3200–3203 (2001)CrossRefGoogle Scholar - 22.Sasson, Y., Cavin, D., Schiper, A.: Probabilistic broadcast for flooding in wireless mobile ad hoc networks. In: Proceedings of the IEEE Wireless Communications and Networking, WCNC 2003, pp. 1124–1130 (2003)Google Scholar
- 23.Staniford, S., Paxson, V., Weaver, N.: How to own the internet in your spare time. In: Proceedings of the 11th USENIX Security Symposium, USENIX-Security 2002, pp. 149–167. USENIX Association, Berkeley, CA, USA (Aug 2002)Google Scholar
- 24.Van Mieghem, P.: The \(N\)-intertwined SIS epidemic network model. Computing
**93**(2–4), 147–169 (2011)MathSciNetCrossRefMATHGoogle Scholar - 25.Van Mieghem, P., Omic, J., Kooij, R.E.: Virus spread in networks. IEEE/ACM Trans. Networking
**17**(1), 1–14 (2009)CrossRefGoogle Scholar - 26.Wang, J., Zhou, Z., Liu, Q., Garoni, T.M., Deng, Y.: High-precision Monte Carlo study of directed percolation in (\(d+1\)) dimensions. Phys. Rev. E
**88**, 042102 (2013). https://doi.org/10.1103/PhysRevE.88.042102 CrossRefGoogle Scholar - 27.Xia, J., Vangala, S., Wu, J., Gao, L., Kwiat, K.: Effective worm detection for various scan techniques. J. Comput. Secur.
**14**(4), 359–387 (2006)CrossRefGoogle Scholar - 28.Xu, W., Zhang, F., Zhu, S.: Toward worm detection in online social networks. In: Proceedings of the 26th Annual Computer Security Applications Conference, ACSAC 2010, pp. 11–20. ACM, New York, December 2010Google Scholar
- 29.Zhou, L., Zhang, L., McSherry, F., Immorlica, N., Costa, M., Chien, S.: A first look at peer-to-peer worms: threats and defenses. In: Castro, M., van Renesse, R. (eds.) IPTPS 2005. LNCS, vol. 3640, pp. 24–35. Springer, Heidelberg (2005). https://doi.org/10.1007/11558989_3 CrossRefGoogle Scholar
- 30.Zou, C.C., Gong, W., Towsley, D.: Code red worm propagation modeling and analysis. In: Proceedings of the 9th ACM Conference on Computer and Communications Security, CCS 2002, pp. 138–147. ACM, New York (2002)Google Scholar
- 31.Zou, C.C., Towsley, D., Gong, W.: Modeling and simulation study of the propagation and defense of internet e-mail worms. IEEE Trans. Dependable Secure Comput.
**4**(2), 105–118 (2007)CrossRefGoogle Scholar