Virus propagation in peer-to-peer networks
Complexity DTC Miniproject Proposal
e-Security Group, Digital Laboratory
Background
The propagation of viruses and worms around the internet has been keenly studied ever since the
proliferation of the Slammer worm bought portions of the Internet to a standstill in 2003 [1]. A number of
modelling approaches have been applied to examine the propagation and proliferation of both worms and
viruses, predominately focused on the Internet, interconnectivity of the network and application delivery
mechanisms such as email. Later 2004 saw the arrival of the viruses for mobile devices propagated through
Short Message Service (SMS), and later through, short range communications such as Bluetooth [2]. The
research community have responded via the consideration of various epidemiological models for virus
propagation in wireless and mobile networks [3]. However, virus protection techniques for mobile wireless
and peer-to-peer communications devices are still immature, possibly due the fact that most people still
suffer infection from standard Internet use on their computers.
When providing protection against viral attack it is necessary to remove the vulnerability that the virus or
worm exploits and/or prevent the attack reaching the point of vulnerability. Both require that the vulnerability
is known which cannot be the case in general. Therefore, assuming that at some point new viruses will enter
a system, the nature of spread becomes important. Since if we understand the spread characteristics it may
be possible to predict which devices are likely to be infected and which are at risk. This could then enable a
protection strategy to be optimised to give fastest / greatest protection.
Research Opportunity
The objective of this mini-project will be to explore and develop simulation or analytical techniques for
understanding virus propagation behaviour in Bluetooth communications networks. There are multiple
factors which could impact virus propagation in wireless peer-to-peer networks which might include: levels of
connectivity and available bandwidth, patterns of use and applications on devices, security controls in place
and user awareness. The mini-project research will produce a model based upon a number of these metrics.
Real network data pertaining to Bluetooth virus propagation across a mobile telephone network will be
provided by a commercial partner of the e-Security Group, part of the International Digital Laboratory, in
order that any models developed can be validated. Additionally, the e-Security Group will seek to practically
validate the models within the Faraday Cage located within the Digital Laboratory (a facility that the student
will have the opportunity to view). Further, research could consider how the results gained for Bluetooth
might be generalised for peer-to-peer wireless communication networks in general.
There is the potential that the research could be continued into a PhD through the consideration of
propagation characteristics across systems of interconnected wireless media (such as 3G, Wi-Fi and
Bluetooth) and wireless, telephony and Internet. Challenges exist in combining prior models based on a
single mode of connectivity (e.g. IP) to one based on greater (and transient) connectivity with the associated
new application or social use (e.g. P2P/Mobile Device information sharing). Determining where the new
communications technologies invalidate previous propagation models, either by reducing the effectiveness of
infection vectors or by adding new ones.
References
[1]
[2]
[3]
Inside the Slammer Worm, IEEE Security and Privacy, July/August 2003. Moore,
Paxson, Savage, Shannon, Staniford, and Weaver.
The influence of Smart Phone’s Mobility on Bluetooth Worm Propagation, Wei,
Zhao-hui, Zeng-qiang, Zhu-zhi, Nankai University, China. 2005.
Wi-Fi networks and malware epidemiology, Hu, Myers, Colizza, and Vespignani,
Proceedings of National Academy of Sciences, 2009.