Modeling, Analysis, and Mitigation of Dynamic Botnet Formation in Wireless IoT Networks

Muhammad Junaid Farooq, Quanyan Zhu

Research output: Contribution to journalArticle

Abstract

The Internet of Things (IoT) relies heavily on wireless communication devices that are able to discover and interact with other wireless devices in their vicinity. The communication flexibility coupled with software vulnerabilities in devices, due to low cost and short time-to-market, exposes them to a high risk of malware infiltration. Malware may infect a large number of network devices using device-to-device (D2D) communication resulting in the formation of a botnet, i.e., a network of infected devices controlled by a common malware. A botmaster may exploit it to launch a network-wide attack sabotaging infrastructure and facilities, or for malicious purposes such as collecting ransom. In this paper, we propose an analytical model to study the D2D propagation of malware in wireless IoT networks. Leveraging tools from dynamic population processes and point process theory, we capture malware infiltration and coordination process over a network topology. The analysis of mean-field equilibrium in the population is used to construct and solve an optimization problem for the network defender to prevent botnet formation by patching devices while causing minimum overhead to network operation. The developed analytical model serves as a basis for assisting the planning, design, and defense of such networks from a defender's standpoint.

Original languageEnglish (US)
Article number8638982
Pages (from-to)2412-2426
Number of pages15
JournalIEEE Transactions on Information Forensics and Security
Volume14
Issue number9
DOIs
StatePublished - Sep 1 2019

Fingerprint

Computer networks
Infiltration
Analytical models
Communication
Population dynamics
Topology
Internet of things
Malware
Botnet
Planning
Costs

Keywords

  • Botnet
  • device-to-device communication
  • distributed denial of service
  • Internet of Things
  • population processes

ASJC Scopus subject areas

  • Safety, Risk, Reliability and Quality
  • Computer Networks and Communications

Cite this

Modeling, Analysis, and Mitigation of Dynamic Botnet Formation in Wireless IoT Networks. / Farooq, Muhammad Junaid; Zhu, Quanyan.

In: IEEE Transactions on Information Forensics and Security, Vol. 14, No. 9, 8638982, 01.09.2019, p. 2412-2426.

Research output: Contribution to journalArticle

@article{255387be27284c03aaed2af51bc6bd44,
title = "Modeling, Analysis, and Mitigation of Dynamic Botnet Formation in Wireless IoT Networks",
abstract = "The Internet of Things (IoT) relies heavily on wireless communication devices that are able to discover and interact with other wireless devices in their vicinity. The communication flexibility coupled with software vulnerabilities in devices, due to low cost and short time-to-market, exposes them to a high risk of malware infiltration. Malware may infect a large number of network devices using device-to-device (D2D) communication resulting in the formation of a botnet, i.e., a network of infected devices controlled by a common malware. A botmaster may exploit it to launch a network-wide attack sabotaging infrastructure and facilities, or for malicious purposes such as collecting ransom. In this paper, we propose an analytical model to study the D2D propagation of malware in wireless IoT networks. Leveraging tools from dynamic population processes and point process theory, we capture malware infiltration and coordination process over a network topology. The analysis of mean-field equilibrium in the population is used to construct and solve an optimization problem for the network defender to prevent botnet formation by patching devices while causing minimum overhead to network operation. The developed analytical model serves as a basis for assisting the planning, design, and defense of such networks from a defender's standpoint.",
keywords = "Botnet, device-to-device communication, distributed denial of service, Internet of Things, population processes",
author = "Farooq, {Muhammad Junaid} and Quanyan Zhu",
year = "2019",
month = "9",
day = "1",
doi = "10.1109/TIFS.2019.2898817",
language = "English (US)",
volume = "14",
pages = "2412--2426",
journal = "IEEE Transactions on Information Forensics and Security",
issn = "1556-6013",
publisher = "Institute of Electrical and Electronics Engineers Inc.",
number = "9",

}

TY - JOUR

T1 - Modeling, Analysis, and Mitigation of Dynamic Botnet Formation in Wireless IoT Networks

AU - Farooq, Muhammad Junaid

AU - Zhu, Quanyan

PY - 2019/9/1

Y1 - 2019/9/1

N2 - The Internet of Things (IoT) relies heavily on wireless communication devices that are able to discover and interact with other wireless devices in their vicinity. The communication flexibility coupled with software vulnerabilities in devices, due to low cost and short time-to-market, exposes them to a high risk of malware infiltration. Malware may infect a large number of network devices using device-to-device (D2D) communication resulting in the formation of a botnet, i.e., a network of infected devices controlled by a common malware. A botmaster may exploit it to launch a network-wide attack sabotaging infrastructure and facilities, or for malicious purposes such as collecting ransom. In this paper, we propose an analytical model to study the D2D propagation of malware in wireless IoT networks. Leveraging tools from dynamic population processes and point process theory, we capture malware infiltration and coordination process over a network topology. The analysis of mean-field equilibrium in the population is used to construct and solve an optimization problem for the network defender to prevent botnet formation by patching devices while causing minimum overhead to network operation. The developed analytical model serves as a basis for assisting the planning, design, and defense of such networks from a defender's standpoint.

AB - The Internet of Things (IoT) relies heavily on wireless communication devices that are able to discover and interact with other wireless devices in their vicinity. The communication flexibility coupled with software vulnerabilities in devices, due to low cost and short time-to-market, exposes them to a high risk of malware infiltration. Malware may infect a large number of network devices using device-to-device (D2D) communication resulting in the formation of a botnet, i.e., a network of infected devices controlled by a common malware. A botmaster may exploit it to launch a network-wide attack sabotaging infrastructure and facilities, or for malicious purposes such as collecting ransom. In this paper, we propose an analytical model to study the D2D propagation of malware in wireless IoT networks. Leveraging tools from dynamic population processes and point process theory, we capture malware infiltration and coordination process over a network topology. The analysis of mean-field equilibrium in the population is used to construct and solve an optimization problem for the network defender to prevent botnet formation by patching devices while causing minimum overhead to network operation. The developed analytical model serves as a basis for assisting the planning, design, and defense of such networks from a defender's standpoint.

KW - Botnet

KW - device-to-device communication

KW - distributed denial of service

KW - Internet of Things

KW - population processes

UR - http://www.scopus.com/inward/record.url?scp=85067119672&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85067119672&partnerID=8YFLogxK

U2 - 10.1109/TIFS.2019.2898817

DO - 10.1109/TIFS.2019.2898817

M3 - Article

VL - 14

SP - 2412

EP - 2426

JO - IEEE Transactions on Information Forensics and Security

JF - IEEE Transactions on Information Forensics and Security

SN - 1556-6013

IS - 9

M1 - 8638982

ER -