Khouzani, M.H.R.
Email Address
ORCID
Disciplines
Search Results
Now showing 1 - 3 of 3
Publication Optimal Control of Mobile Malware Epidemics(2011-12-21) Khouzani, MHR.Malware attacks constitute a serious security risk that threatens our ever-expanding wireless networks. Developing reliable security measures against outbreaks of malware facilitate the proliferation of wireless technologies. The first step towardthis goal is to investigate potential attack strategies and the extent of damage they can incur. Given the flexibility that software-based operation provides, it is reasonable to expect that new malware will not demonstrate a fixed behavior over time. Instead, malware can dynamically change the parameters of their infective hosts in response to the dynamics of the network, in order to maximize their overall damage. We first considerpropagation of malware in a battery-constrained mobile wirelessnetwork by an epidemic model in which the worm can dynamicallycontrol the transmission ranges and/or the media scanning rates of the infective nodes. The malware at each infective node may seek to contact more susceptible nodes by amplifying the transmission range andthe media scanning rate and thereby accelerate its spread. Thismay however lead to (a)~easier detection of the malware and thus moreeffective counter-measure by the network, and (b)~faster depletion of the battery which may in turn thwart further spread of the infection and/or exploitation of that node. We prove, using Pontryagin Maximum Principle from optimal control theory, that the maximum damage in this case can be attained using simple three-phase strategies: in the first phase, infective nodesuse maximum transmission ranges and media access rates to amass infective nodes.In the next phase, infective nodes reduce their access attempts and enter a stealth-mode to preserve their battery and hide from detection. In the last phase, they once again use maximum transmission attempts with largest rates but this time the primary effect is killing the infective nodes by draining their batteries. In an alternative attack scenario, we consider the case in which the malware can control the rate of killing the infective nodes as an independent parameter of control. At each moment of time the worm at each node faces the following decisions: (i)~choosing the transmission ranges and media scanning rates so as to maximize the spread of infection subject to not exhausting its batteries by the end of the operation interval; and (ii)~whether to kill the node to inflict a large cost on the network, however at the expense of losing the chance of infecting more susceptible nodes at later times. We establish structural properties of the optimal strategy of theattacker over time.Specifically, we prove that it is optimal forthe attacker to defer killing of the infective nodes in the propagation phase until reaching a certain time and then start theslaughter with maximum effort. We also show that in the optimalattack policy, the battery resources are used according to a decreasing function of time, i.e., most aggressively during the initial phaseof the outbreak. Upon detection of a malware outbreak, the network manager can counter the propagation of the malware by reducing the communication rates of the nodes and patching. We in turn investigate the optimal defense policies of rate reduction and patching. We introduce quarantining the malware by reducing the reception gain of nodes as a defense mechanism. In applying this counter-measure we confront a trade-off: reducing the communication range suppresses the spread of the malware, however,it also deteriorates the network performance by introducing delay. Using Pontryagin's Maximum Principle, we derive structural characteristics of the optimal communication range as a function of timefor a wide class of cost functions. In both of the defense controls, our numerical computations reveal that the dynamic optimal controls significantly outperforms static choices and is also robust to errors in estimation of the network and attack parameters. The distribution of patches consumes bandwidth which is specially scarce in wireless networks, and must therefore be judiciously controlled in order to attain desired trade-offs between security risks and bandwidth consumption. We consider both non-replicative and replicative dissemination of patches:a pre-determined set of dispatcher nodes distribute the patches in the former, whereas the dispatcher set continually grows in the latter as the nodes that receive the patch become dispatchers themselves. In each case, the desired trade-offs can be attained by activating at any given time only fractions of dispatchers and selecting their packet transmission rates. We formulate the above trade-offs as optimal control problems that seek to minimize the aggregate network costs that depend on security risks and the overall extra energy and bandwidth used in the network for dissemination of the security patches. We prove that the dynamic control strategies have simple structures: when the cost function associated with the energy/bandwidth consumed in patching is concave, the control strategies are bang-bang with at most one jump from the maximum to the minimum value, i.e., maximum patching rates until a certain threshold and then stop. When the cost function is strictly convex, the above transition is strict but continuous. We compare the efficacy of different dispatch models and also those of the optimum dynamic and static controls using numerical computations. Next, we consider the case in which both malware and network can dynamically vary their parameters over time in response to the changes of the state of the system and also to each other's controls.The infinite dimension of freedom introduced by variation over time and antagonistic and strategic optimization of malware and network against each other demand new attempts for modeling and analysis. We develop a zero-sum dynamic game model and investigate the structural properties of the saddle-point strategies. We specifically show that saddle-point strategies are still simple threshold-based policies and hence, a robust dynamic defense is practicable. Finally, we develop a unified mathematical framework for calculating optimal controls of systems governed by epidemic evolution using Pontryagin’s Maximum Principle, and we demonstrate how it can be applied to contexts beyond network security. Specifically, we show how our framework can be specialized for marketing, dissemination of messages in DTN or p2p networks, health-care, etc. This dissertation in part demonstrates how using simple real analysis arguments, one can extract substantial information about the structure of optimal policies for nonlinear systems in the absence a closed-form solution.Publication Economy of Spectrum Access in Timy Varying Multichannel Networks(2010-10-01) Khouzani, M.H.R.; Sarkar, SaswatiWe consider a wireless network consisting of two classes of potentially mobile users: primary users and secondary users. Primary users license frequency channels and transmit in their respective bands as required. Secondary users resort to unlicensed access of channels that are not used by their primary users. Primaries impose access fees on the secondaries which depend on access durations and may be different for different primary channels and different available communication rates in the channels. The available rates to the secondaries change with time depending on the usage status of the primaries and the random access quality of channels. Secondary users seek to minimize their total access cost subject to stabilizing their queues whenever possible. Our first contribution is to present a dynamic link scheduling policy that attains this objective. The computation time of this policy, however, increases exponentially with the size of the network. We next present an approximate scheduling scheme based on graph partitioning that is distributed and attains arbitrary trade-offs between aggregate access cost and computation times of the schedules, irrespective of the size of the network. Our performance guarantees hold for general arrival and primary usage statistics and multihop networks. Each secondary user is, however, primarily interested in minimizing the cost it incurs, rather than in minimizing the aggregate cost. Thus, it will schedule its transmissions so as to minimize the aggregate cost only if it perceives that the aggregate cost is shared among the users as per a fair cost sharing scheme. Using concepts from cooperative game theory, we develop a rational basis for sharing the aggregate cost among secondary sessions and present a cost sharing mechanism that conforms to the above basis.Publication Maximum Damage Malware Attack in Mobile Wireless Networks(2010-03-01) Khouzani, MHR; Sarkar, Saswati; Altman, EitanMalware attacks constitute a serious security risk that threatens to slow down the large scale proliferation of wireless applications. As a first step towards thwarting this security threat, we seek to quantify the maximum damage inflicted on the system owing to such outbreaks and identify the most vicious attacks. We represent the propagation of malware in a battery-constrained mobile wireless network by an epidemic model in which the worm can dynamically control the rate at which it kills the infected node and also the transmission range and/or the media scanning rate. At each moment of time, the worm at each node faces the following trade-offs: (i) using larger transmission range and media scanning rate to accelerate its spread at the cost of exhausting the battery and thereby reducing the overall infection propagation rate in the long run or (ii) killing the node to inflict a large cost on the network, however at the expense of loosing the chance of infecting more susceptible nodes at later times. We mathematically formulate the decision problems and utilize Pontryagin Maximum Principle from optimal control theory to quantify the damage that the malware can inflict on the network by deploying optimum decision rules. Next, we establish structural properties of the optimal strategy of the attacker over time. Specifically, we prove that it is optimal for the attacker to defer killing of the infective nodes in the propagation phase for a certain time and then start the slaughter with maximum effort. We also show that in the optimal attack policy, the battery resources are used according to a decreasing function of time, i.e., mostly during the initial phase of the outbreak. Finally, our numerical investigations reveal a framework for identifying intelligent defense strategies that can limit the damage by appropriately selecting network parameters.