Markov-Based Malware Propagation Modeling and Analysis in Multi-Layer Networks

Abstract

Read online

In this paper, we focus on the dynamics of the spread of malicious software (malware) in multi-layer networks of various types, e.g., cyber-physical systems. Recurring malware has been one of the major challenges in modern networks, and significant research and development has been dedicated to mitigating it. The majority of relevant works has focused on networks characterized by “flat” topologies, namely topologies in which all nodes consist of a single layer, studying the dynamics of propagation of a specific threat or various types of malware over a homogeneous topology. As cyber-physical systems and multi-layer networks in general are gaining in popularity and penetration, more targeted studies are needed. In this work, we focus on the propagation dynamics of recurring malware, namely Susceptible–Infected–Susceptible (SIS type) in multi-layer topologies consisting of combinations of two different types of networks, e.g., a small-world overlaying a random geometric, or other such combinations. We utilize a stochastic modeling framework based on Markov Random Fields for analyzing the propagation dynamics of malware over such networks. Through analysis and simulation, we discover the most vulnerable and the most robust topology among the six considered combinations, as well as a result of rather practical use, namely that the denser the network, the more flexibility it provides for malware mitigation eventually.

Keywords

• complex networks
• multi-layer networks
• malware spread
• Markov Random Fields (MRF)
• network resilience