Optimal Security Policy for Protection Against Heterogeneous Malware
Malware is a malicious software which aims to disrupt computer operations, gather sensitive information, and gain access to private computer systems. It can induce various sorts of damage, including economic costs, the leakage of private information, and instability of physical systems, etc. The distribution of antivirus patches in a network enables the control of the proliferation of malicious software and decreases possible losses. Multiple types of malware can coexist in a network. Hence it is important to protect a computer network from several heterogeneous malware, which can propagate in the network at the same time. In this study, we model the propagation of two types of malware using a modified two-virus epidemic model. We formulate an optimal control problem that seeks to minimize the total system cost that includes the economic value of security risks and resources required by countermeasures. We introduce an impulse control problem to provide efficient control of the epidemic model compared with its continuous control counterpart. Numerical experiments are used to corroborate the results.
KeywordsSIR model Information security Epidemic process Optimal control Impulse control
The research of the author “Quanyan Zhu” is partially supported by the CNS-1544782, EFRI-1441140 and SES-1541164 from National Science Foundation.
- 2.Altman, E., Khouzani, M., Sarkar, S.: Optimal control of epidemic evolution. Proceedings of INFOCOM. 1683–1691 (2011)Google Scholar
- 3.Beutel, A., Faloutsos, C., Prakash, B., Rosenfeld, R.: Interacting Viruses in Networks: Can Both Survive? KDD-2012. 426–434 (2012)Google Scholar
- 6.Funke, B., Case, C., Gerard, J., Tortora, G.: Microbiology: An Introduction. San Francisco, CA: Benjamin Cummings (2004)Google Scholar
- 7.Gubar, E., Zhu, Q.: Optimal Control of Influenza Epidemic Model with Virus Mutations. 12th Biannual European Control Conference, IEEE Control Systems Society. 3125–3130 (2012)Google Scholar
- 8.Moore, D., Shannon, C.: Code-Red: a Case Study on the Spread and Victims of an Internet Worm. Proceedings of the 2002 ACM SICGOMM Internet Measurement Workshop. 273–284 (2002)Google Scholar
- 9.Nakul C.: Introduction to Mathematical Epidemiology: The Basic Reproductive Number. Einfuhrung in die Mathematische Epidemiologie (2011)Google Scholar
- 10.Pontryagin, L., Boltyanskii, V., Gamkrelidze, R., Mishchenko, E.: The Mathematical Theory of Optimal Processes. Russia: Interscience (1962)Google Scholar
- 11.Taynitskiy, V.A., Gubar, E.A., Zhitkova, E.M.: Structure of optimal control in the model of propagation of two malicious softwares. International conference “Stability and Control Processes” in memory of V.I. Zubov (SCP). 261–264 (2015)Google Scholar