Network virus-epidemic model with the point-to-group information propagation
Introduction
As information technology (IT) applications are more and more pervasive in engineering, business and social activities, the threat of computer viruses becomes an increasingly important issue of concern. People have observed that there are significant similarities between the spread of computer viruses and biological epidemics [5], [9], [10]. Based on this observation, some biological epidemic models, such as the Susceptible–Infected–Susceptible (SI/SIS) model and Susceptible–Infected–Recovered (SIR) model, have been adapted and considered possible ways for capturing the epidemic behavior of computer viruses in light of the states (e.g., susceptible (S), infected (I), and recovered (R)) and their transitions [8], [10], [18], [28]. However, a limitation of these models is that they do not take comprehensive antivirus countermeasures into consideration. In the SIS model, each individual in the network is either infected or susceptible to infection, and the state transition is immediate. That is, SIS cannot reflect the effect of virus immunizations, which motivates the introduction of the so-called SIR model. In the SIR model, the infected individuals can be recovered and further obtain immunity. Recently, more research attention has been paid to the combination of virus propagation models and antivirus countermeasures to study the prevalence of virus, for example, virus immunization [10], [15], [21], [14], [18] and quarantine [3], [20], [4]. In the real world, people can take actions to combat virus prevalence at each state according to the SIS/SIR state partition. These different actions may result in different virus prevalence processes. However, another problem of these existing models is that they could hardly reflect the fact that some viruses go through a latent period before the host becomes infectious. Both the SIS model and the SIR model assume that there is zero delay between the different state transitions. Other existing models include SIRS [12], [18], SIDR [26], and SAIR [22] appear to have the same problem as that of the SIS/SIR model. In reality, on the other hand, there may be a time lag between the arrival of a virus on a node and further infections dispatched from that node. For example, in the case of email viruses, some users may not check their email as frequently as others, so a virus could lie dormant in a user’s inbox for a period of time before it wreaks havoc. In addition, an active virus may be delayed before propagating due to programme configuration or resource availability. Some viruses may purposely lay dormant for a period of time prior to infecting other nodes for stealth reasons [25]. To cope with this problem, one way is to introduce the “exposed” state into the model which takes the latent period into consideration. This leads to the use of so-called Susceptible–Exposed–Infective–Recovered (SEIR) model with four states (i.e., S – Susceptible, E – Exposed, I – Infective, and R – Recovered) [1], [19]. However, due to its mathematical complexity, the SEIR model has not been widely used for modeling the spread of computer virus.
Moreover, to study the computer virus prevalence in a network environment, an information sharing pattern where one host would like to push messages to the group members simultaneously, namely “point-to-group” (P2G), is deemed to widely exist in the real world, especially in information sharing network, such as the popular email system and instant message software. The typical character of P2G propagation is that the group members can receive the propagated message from the information source almost at the same time. In general, members within a group communicate with each other frequently, and unless the transmitted message is privacy information, each node likes to share information with the nodes in the same group. So we can expect that the virus propagation is smoother within a group than across different groups. This “P2G propagation” pattern of viruses has not been well studied in previous research efforts.
In this paper, we will discuss a virus propagation model, namely e-SEIR, which is an extension of the SEIR model by adding the impact of multi-state immunization and P2G propagation. In this way, e-SEIR provides an opportunity for us to study the behaviors of virus propagation with the presence of antivirus countermeasures, which are deemed important and desirable for understanding of the virus spread patterns, as well as for management and control of the spread. The remainder of this paper is organized as follows. Section 2 describes the P2G propagation mode. Section 3 formulates the extended SEIR model. Section 4 analyzes the stability of the e-SEIR system and Section 5 represents some numerical results. In Section 6, a nonlinear formulation of transition rate is discussed. Finally, Section 7 concludes the paper.
Section snippets
The point-to-group information propagation mode in network
The P2G mode, as shown in Fig. 1, is a mode of information propagation, e.g., sending email to all the group members. In general, the P2G propagation mode widely exists within real-world organizations, and the P2G propagation notion can facilitate the analysis of virus propagation from a managerial perspective. This is noteworthy, since nowadays there exist many small groups in organizations such as enterprises and communities, which may be formed around projects, within functional departments,
The e-SEIR virus propagation model
Our work is based on the traditional SEIR [1] model. The SEIR model is similar to the SIR model, but it accounts for the fact that some viruses go through a latent period before the host becomes infectious. It has four states: S (susceptible), E (exposed), I (infective), and R (recovered). In the case of network virus infection, the difference between S and E is that E-state nodes have non-activated virus codes, and the difference between E and I is that the virus in I-state nodes is activated,
The stability analysis for equilibrium
Now we analyze model (7) by finding its equilibria and studying the stability. Steady states of e-SEIR model satisfy the following equations:Let , we haveFor the case of , we have the virus-free equilibrium
For the case of , we can get the virus-epidemic equilibrium
Numerical analysis
Here we first introduce the numerical experiment environments and then provide with some results based on virus propagation control. As shown in Table 1, e-SEIR has two types of parameters: the system parameters and the state transition parameters.
Generally, the values of the system parameters were fixed in the experiments unless we explicitly specified the changes. Among these parameters, and are the two important ones which are strongly related to the information network, the network
Discussion on nonlinear formulation of
The linear formation of in Eq. (5) is based on the average measure about the virus prevalence with P2G mode, and are regarded reasonable for many real network environments [3], [4], [19], [20], [22], [28], [26]. The theoretical and experimental results in Sections 4 The stability analysis for equilibrium, 5 Numerical analysis reveal that the formation is intuitively appealing and meaningful. In certain more complex situations, such as (i) the invalid assumption of homogenous mixing
Conclusion
The objective of this paper is to model the virus prevalence under two important network environment factors (namely P2G information propagation and multi-state antivirus), and then to find out certain means of virus propagation control to eliminate the endemic.
We have explored the e-SEIR propagation system for investigating long-term virus propagations, based on which a control parameter to represent the multi-state antivirus efforts has been presented. The simulation results of e-SEIR have
Acknowledgments
The work was partly supported by the National Natural Science Foundation of China (70890080/70621061) and Tsinghua University Research Center for Contemporary Management.
References (28)
- et al.
Fixed period of temporary immunity after run of anti-malicious software on computer nodes
Applied Mathematics and Computation
(2007) - et al.
SEIRS epidemic model with delay for transmission of malicious objects in computer network
Applied Mathematics and Computation
(2007) - et al.
Global stability for an special SEIR epidemic model with nonlinear incidence rates
Chaos Solitons and Fractals
(2007) - et al.
Infectious Diseases of Humans: Dynamics and Control
(1992) Essential Mathematical Biology
(2003)- et al.
Worm propagation modeling and analysis under dynamic quarantine defense
- et al.
Effectiveness of quarantine in worm epidemics
- et al.
The effectiveness of vaccinations on the spread of email-borne computer viruses
- et al.
Some epidemiological models with nonlinear incidence
Journal of Mathematical Biology
(1991) - et al.
Networks and epidemic models
Journal of the Royal Society Interface
(2005)