Modeling, Analysis, and Mitigation of Dynamic Botnet Formation in Wireless IoT Networks

Muhammad Junaid Farooq, Quanyan Zhu

Research output: Contribution to journalArticlepeer-review


The Internet of Things (IoT) relies heavily on wireless communication devices that are able to discover and interact with other wireless devices in their vicinity. The communication flexibility coupled with software vulnerabilities in devices, due to low cost and short time-to-market, exposes them to a high risk of malware infiltration. Malware may infect a large number of network devices using device-to-device (D2D) communication resulting in the formation of a botnet, i.e., a network of infected devices controlled by a common malware. A botmaster may exploit it to launch a network-wide attack sabotaging infrastructure and facilities, or for malicious purposes such as collecting ransom. In this paper, we propose an analytical model to study the D2D propagation of malware in wireless IoT networks. Leveraging tools from dynamic population processes and point process theory, we capture malware infiltration and coordination process over a network topology. The analysis of mean-field equilibrium in the population is used to construct and solve an optimization problem for the network defender to prevent botnet formation by patching devices while causing minimum overhead to network operation. The developed analytical model serves as a basis for assisting the planning, design, and defense of such networks from a defender's standpoint.

Original languageEnglish (US)
Article number8638982
Pages (from-to)2412-2426
Number of pages15
JournalIEEE Transactions on Information Forensics and Security
Issue number9
StatePublished - Sep 2019


  • Botnet
  • Internet of Things
  • device-to-device communication
  • distributed denial of service
  • population processes

ASJC Scopus subject areas

  • Safety, Risk, Reliability and Quality
  • Computer Networks and Communications


Dive into the research topics of 'Modeling, Analysis, and Mitigation of Dynamic Botnet Formation in Wireless IoT Networks'. Together they form a unique fingerprint.

Cite this