Adaptive Mitigation of Multi-Virus Propagation: A Passivity-Based Approach

TL;DR

This paper develops adaptive, passivity-based strategies for mitigating multiple malware epidemics in networks, especially when propagation rates are unknown, ensuring asymptotic virus removal with minimal cost.

Contribution

It introduces a novel passivity-based framework for adaptive malware mitigation, providing bounds on patching rates and strategies for unknown propagation dynamics.

Findings

Passivity-based models ensure virus eradication.

Adaptive strategies outperform fixed-rate approaches.

Numerical results validate the effectiveness of the method.

Abstract

Malware propagation poses a growing threat to networked systems such as computer networks and cyber-physical systems. Current approaches to defending against malware propagation are based on patching or filtering susceptible nodes at a fixed rate. When the propagation dynamics are unknown or uncertain, however, the static rate that is chosen may be either insufficient to remove all viruses or too high, incurring additional performance cost. In this paper, we formulate adaptive strategies for mitigating multiple malware epidemics when the propagation rate is unknown, using patching and filtering-based defense mechanisms. In order to identify conditions for ensuring that all viruses are asymptotically removed, we show that the malware propagation, patching, and filtering processes can be modeled as coupled passive dynamical systems. We prove that the patching rate required to remove all viruses is bounded above by the passivity index of the coupled system, and formulate the problem of selecting the minimum-cost mitigation strategy. Our results are evaluated through numerical study.