A susceptible accepts a communication request with a probability
uNr(t), where the subscript
r represents
reception, and the superscript
N designates control functions of the
network. At any given time
t, there are
nS(t)nI(t) infective-susceptible pairs. Susceptible nodes are hence transformed to infectives at rate
βˆuNr(t)nS(t)nI(t), where
βˆ is the rate at which a particular pair of nodes “meet,” which is assumed to be the same for all pairs (i.e. homogeneous mixing assumption). Propagation of the worm, therefore, can be contained through appropriate regulation of
uNr(t) subject to
0<uNrmin≤uNr(t)≤uNrnorm at each t. The lower bound
uNrmin arises due to the minimum QoS requirements for data traffic, since the acceptance probability has to be the same irrespective of whether the request arrives from another infective, susceptible, or recovered node. The latter is due to the fact that a recipient node cannot distinguish the type of a transmitter in advance and has no choice but to treat all requests the same — since otherwise all infective nodes can be trivially blacklisted. The upper bound
uNrnorm (which can be normalized to
1) provides the reception rate that nodes use for providing the desired QoS in the absence of security considerations, i.e. during the “
normal” operation of the network.
We now consider the dissemination of security patches in the network. A predetermined set of nodes, referred to as dispatchers (e.g. BS for cellular and exit-points for delay-tolerant networks), are preloaded with the patches. We assume that the dispatchers cannot be infected, and that there are
NR0 dispatchers where
N is as usual the total number of nodes in the network and parameter
R0 is between
0 and
1. Each node communicates with the dispatchers, and thereby fetches security patches, at the overall rate of
β˜NR0uNi(t) at time
t. The parameter
β˜ depends on node density, mobility parameters, allowable transmission rates, etc. The control function
uNi(t), with subscript
i denoting
immunization, can be used to regulate the bandwidth consumed in propagation of patches: the higher the value of
uNi(t), the higher is the recovery rate but so is the rate of resource consumption in patch transmissions. Clearly, if the node that receives the patch is a susceptible node, it installs the patch and its state changes to recovered. If an infective receives the patch, the patch may fail to heal it, or, the worm may prevent its installation. We capture the above possibility, by introducing a coefficient
0≤π≤1:
π=0 occurs when the patch is completely unable to remove the worm from infectives and only immunizes the susceptibles, whereas
π=1 represents the other extreme scenario where a patch can equally
well immunize and heal susceptibles and infective nodes. Now, if the patch heals an infective, its state changes to recovered, else it continues to remain an infective.
The worm at an infective host “kills” it with rate proportional to
uM(t) at a given time
t, where superscript
M designates this is a control function of the
malware; this is accomplished by executing specific codes with a probability of choice. The worm regulates the death process by appropriately choosing
uM(t) at each
t, subject to
0≤uM(t)≤uMmax at each t. The upper bound arises due to processor constraints and the resulting limitations on the maximum rate of execution of such codes. Let
β0:=Nβˆ,
β1:=Nβ˜. Our discussions lead to the following system of differential equations representing the dynamics of the system:
and also satisfy the following constraints at all
t:
Thus,
(S(⋅),I(⋅),D(⋅)) constitute the system state functions,
uN(⋅)=(uNr(⋅),uNi(⋅)) constitutes the network control functions and
uM(⋅) constitutes the malware’s control function. Note that nodes use
identical reception, patching, and killing rate functions irrespective of the states in their neighborhoods since they do not know these states. Nevertheless, since these rates are allowed to vary with time, they can be chosen in accordance with how the
overall network states are expected to evolve.
Henceforth, wherever not ambiguous, we drop the dependence on
t and make it implicit.
Fig. 7.1 illustrates the transitions between different states of nodes and the notations used.