%0 Journal Article
%T Toward a Practical Technique to Halt Multiple Virus Outbreaks on Computer Networks
%A Kjell J£¿rgen Hole
%J Journal of Computer Networks and Communications
%D 2012
%I Hindawi Publishing Corporation
%R 10.1155/2012/462747
%X The author analyzes a technique to prevent multiple simultaneous virus epidemics on any vulnerable computer network with inhomogeneous topology. The technique immunizes a small fraction of the computers and utilizes diverse software platforms to halt the virus outbreaks. The halting technique is of practical interest since a network's detailed topology need not be known. 1. Introduction Malicious software, or malware, on the Internet can cause serious problems, not only for services like email and the web, but for electricity, transport, finance, and healthcare services due to their increasing Internet dependence. Infectious malware like viruses and worms are especially troublesome as they often spread too fast for human-assisted detection and early removal. Because classical signature-based approaches to malware defense do not provide adequate protection [1], there is currently a need for alternative defensive approaches. While authors [2¨C8] have long debated the benefits of using added software diversity to halt malware, few results [9] actually show when diversity increases a network¡¯s robustness to malware epidemics. We demonstrate that reasonable software diversity prevents malware from controlling much of the information on a network but only when the network¡¯s topology is homogeneous. If a diverse network is inhomogeneous, then malware on the hubs, that is, the nodes with the most connections, can still control much of the information. We show how node immunization and software diversity together can halt infectious malware on inhomogeneous networks. In this paper, the term ¡°virus¡± denotes any form of infectious malware, and we consider the Internet as a collection of networks infected by many different viruses [10]. The viruses are allowed to reinfect machines because it is important to halt viruses that adapt over time. In the future, adaptive viruses could, with help from their creators, exploit new vulnerabilities and thus reinfect machines even after software patches have been installed. Viruses spread by exploiting vulnerabilities in the operating system and application layers of a network. We build a model simulating multiple simultaneous outbreaks on a single layer. The network of attacked machines is modeled by a graph with different node types representing the software diversity. Since the spreading patterns of viruses vary with the considered layer and the exploited vulnerabilities [11], we model different network topologies to show that the proposed technique can halt viruses with different inhomogeneous spreading patterns. Using the
%U http://www.hindawi.com/journals/jcnc/2012/462747/