Abstract
The Internet of Things (IoT) relies heavily on wireless communication devices that are able to discover and interact with other wireless devices in their vicinity. The communication flexibility coupled with software vulnerabilities in devices, due to low cost and short time-to-market, exposes them to a high risk of malware infiltration. Malware may infect a large number of network devices using device-to-device (D2D) communication resulting in the formation of a botnet, i.e., a network of infected devices controlled by a common malware. A botmaster may exploit it to launch a network-wide attack sabotaging infrastructure and facilities, or for malicious purposes such as collecting ransom. In this paper, we propose an analytical model to study the D2D propagation of malware in wireless IoT networks. Leveraging tools from dynamic population processes and point process theory, we capture malware infiltration and coordination process over a network topology. The analysis of mean-field equilibrium in the population is used to construct and solve an optimization problem for the network defender to prevent botnet formation by patching devices while causing minimum overhead to network operation. The developed analytical model serves as a basis for assisting the planning, design, and defense of such networks from a defender's standpoint.
| Original language | English (US) |
|---|---|
| Article number | 8638982 |
| Pages (from-to) | 2412-2426 |
| Number of pages | 15 |
| Journal | IEEE Transactions on Information Forensics and Security |
| Volume | 14 |
| Issue number | 9 |
| DOIs | |
| State | Published - Sep 2019 |
Keywords
- Botnet
- Internet of Things
- device-to-device communication
- distributed denial of service
- population processes
ASJC Scopus subject areas
- Safety, Risk, Reliability and Quality
- Computer Networks and Communications