Epidemic spreading in complex networks with degree correlations Authors: M. Boguna, R. Pastor-Satorras, and A. Vespignani. Publish: Lecture Notes in Physics: Statistical Mechanics of Complex Networks, 2003 Presenter: Cliff C. Zou
Background Limitation of Internet worm models Extended from simple epidemic model Homogeneous assumption No topology considered Suitable for scan-based worms Not suitable for modeling topological malware Email viruses P2P malware
Objective Provide epidemic analytical models for topological networks Cover both correlated networks and uncorrelated networks We only consider uncorrelated networks here
Model Notations : infection prob. via an edge per unit time P(k): fraction of nodes with degree k Only consider SI model ik(t): fraction of infected in k-degree hosts hki = k k P(k): average degree
Topological Model I (t): prob. that any given link points to an infected host Think each edge has two “end points” P(k)ik(t)¢ N: # of k-degree infected P(k)k¢ N: # of end points owned by k-degree nodes
Topological Model II A newly infected at most has k-1 links to infect others It is infected through an edge The edge is useless in infection later
Problems of Models Implicit assumptions: Homogenous mixing Assume infected are uniformly distributed Fact: epidemic spread via topology Infected are connected (clustered) Many infectious edges are wasted Results: Models overestimate epidemic spreading speed
Illustration 16 infectious “end points” Model I: 16, overestimate 60% Only 10 effective infection links Model I: 16, overestimate 60% Model II: 12, overestimate 20%
Simulation Results Random network Power law network
How to Improve Model? Remove wasted edges in modeling How to proceed? Virtual removal hosts Hosts with few/no links to vulnerable hosts How to proceed? I don’t know yet
Security Research Major Conferences Tier-1: IEEE Symposium on Security and Privacy (IEEE S&P) ACM Computer Communication Security (CCS) Usenix Security Symposium Annual International Cryptology Conference (CRYPTO) Tier-2: NDSS: Network and Distributed System Security ACSAC: Annual Computer Security Applications Conference DSN: dependable system and network ESORICS: European Symposium on Research in Computer Security RAID: Recent Advances in Intrusion Detection
Technical News ACM techology news: Information Security Magazine: http://www.acm.org/technews/articles/2006-8/0130m.html Information Security Magazine: http://informationsecurity.techtarget.com/