Modeling, Critical Threshold, and Lowest-Cost Patching Strategy of Malware Propagation in Heterogeneous IoT Networks
Xiaochen Wang, Xuefei Zhang, Shengfeng Wang, Jinghua Xiao, Xiaofeng Tao
Abstract
In heterogeneous Internet of Things (IoT) networks, various communication technologies lead to different transmission ranges of nodes, and they can cooperatively provide seamless communication. Unfortunately, the flexible communication mode offers more chances for malware to invade the IoT devices. To maintain its cyber security, two key issues, i.e. the critical threshold of the onset of malware propagation and the lowest-cost defense strategy after it occurs, need to be addressed. To solve the first challenge, we construct a dynamics model by using the degree-based mean-field theory and point process theory, to study the malware propagation-defense process among heterogeneous IoT devices. We analytically derive the closed-form expression of the critical malware transmission rate which can be used to predict whether the malware can propagate or not. For the latter problem, we investigate the equivalent conditions of degree-related patching strategies in defense effectiveness, which can be used to determine the lowest-cost one more directly. In addition, We compare different transmission ways of malware, and find that the malware infection is hard to avoid under the way of centralized transmission, but the decentralized transmission has a greater risk of large-scale infection. We also explore how the immunization measures and the different communication frequencies affect malware propagation. The results show that it is significant to identify important devices for immunization and infected cluster may form in some cases. Our results offer a theoretical foundation to predict and defense malware propagation in heterogeneous IoT networks.