1

Epidemic spreading in complex networks with degree correlations

Authors: M. Boguna, R. Pastor-Satorras, and A. Vespignani.

Publish: Lecture Notes in Physics: Statistical Mechanics of Complex Networks, 2003

Presenter: Cliff C. Zou

2

Background

Limitation of Internet worm models Extended from simple epidemic model

Homogeneous assumption No topology considered

Suitable for scan-based worms Not suitable for modeling topological

malware Email viruses P2P malware

3

Objective

Provide epidemic analytical models for topological networks

Cover both correlated networks and uncorrelated networks We only consider uncorrelated networks

here

4

Model Notations

: infection prob. via an edge per unit time

P(k): fraction of nodes with degree k Only consider SI model

ik(t): fraction of infected in k-degree hosts

hki = k k P(k): average degree

5

Topological Model I

(t): prob. that any given link points to an infected host Think each edge has two “end points” P(k)ik(t)¢ N: # of k-degree infected P(k)k¢ N: # of end points owned by k-degree

nodes

6

Topological Model II

A newly infected at most has k-1 links to infect others It is infected through an edge The edge is useless in infection later

7

Problems of Models

Implicit assumptions: Homogenous mixing Assume infected are uniformly distributed

Fact: epidemic spread via topology Infected are connected (clustered) Many infectious edges are wasted

Results: Models overestimate epidemic spreading

speed

8

Illustration

16 infectious “end points” Only 10 effective infection links

Model I: 16, overestimate 60% Model II: 12, overestimate 20%

A

9

Simulation Results

0 200 400 600 8000

2

4

6

8

10x 10

4

Time: t

E[I(t)]

Model (2)Model (3)Simulation

Random network

0 200 400 600 8000

2

4

6

8

10x 10

4

Time: t

E[I(t)]

Model (2)Model (3)Simulation

Power law network

10

How to Improve Model?

Remove wasted edges in modeling Virtual removal hosts

Hosts with few/no links to vulnerable hosts

How to proceed? I don’t know yet

11

Security Research Major Conferences

Tier-1: IEEE Symposium on Security and Privacy (IEEE S&P) ACM Computer Communication Security (CCS) Usenix Security Symposium Annual International Cryptology Conference (CRYPTO)

Tier-2: NDSS: Network and Distributed System Security ACSAC: Annual Computer Security Applications Conference DSN: dependable system and network ESORICS: European Symposium on Research in Computer

Security RAID: Recent Advances in Intrusion Detection

12

Technical News

ACM techology news: http://www.acm.org/technews/articles/2006-8/0130m.html

Information Security Magazine: http://informationsecurity.techtarget.com/