Mitigating malware prevalence in networks with arbitrary topologies: a Flip-It cyber game approach integrated with epidemic modeling

IF 6.8 1区计算机科学 0 COMPUTER SCIENCE, INFORMATION SYSTEMS

Information Sciences Pub Date : 2025-10-04 DOI:10.1016/j.ins.2025.122753

Mousa Tayseer Jafar , Lu-Xing Yang , Gang Li , Robin Doss , Kon Mouzakis , Rajesh Vasa , Helge Janicke , Ahmed Ibrahim , Ahmed Mohsin , Iqbal H. Sarker , Kristen Moore , Seyit Camtepe , Diksha Goel

{"title":"Mitigating malware prevalence in networks with arbitrary topologies: a Flip-It cyber game approach integrated with epidemic modeling","authors":"Mousa Tayseer Jafar , Lu-Xing Yang , Gang Li , Robin Doss , Kon Mouzakis , Rajesh Vasa , Helge Janicke , Ahmed Ibrahim , Ahmed Mohsin , Iqbal H. Sarker , Kristen Moore , Seyit Camtepe , Diksha Goel","doi":"10.1016/j.ins.2025.122753","DOIUrl":null,"url":null,"abstract":"<div><div>Cyber threats have evolved in complexity, aiming at a wide range of sectors using advanced methods and tools. This evolving threat landscape challenges existing cybersecurity frameworks, many of which lack the adaptability to counteract the complex tactics of sophisticated adversaries. Developing robust cyber defense strategies requires simulating dynamic interactions between attackers and defenders across high, moderate, and low-impact scenarios. The Flip-It cyber game serves as an intelligent framework for simulating these interactions, enabling the analysis of adaptive strategies in cybersecurity. This paper aims to address the problem of mitigating malware prevalence with full consideration of attack/defense capabilities in arbitrary network topologies. This paper proposes a sophisticated discrete-time epidemic model to characterize security state transitions over time for all three scenarios within the Flip-It game framework. On this basis, the original problem is modeled as a closed-loop control problem to seek the optimal containment strategy. Deep Reinforcement Learning (DRL) is then used to tackle the problem, generating efficient defense strategies that are well-adapted to changing cybersecurity environments.</div><div>Numerical simulations based on small-world networks, scale-free networks, and router networks are then carried out to generate corresponding strategies. Additionally, we have evaluated the performance of the proposed method against the State-Of-The-Art (SOTA) in terms of attack/defense objective function, control actions, number of devices under the control of the attacker and defender, stability, execution time, and scalability. This comprehensive approach integrates epidemiological modeling, game theory, and advanced machine learning to effectively tackle the complexities of contemporary cybersecurity threats.</div></div>","PeriodicalId":51063,"journal":{"name":"Information Sciences","volume":"726 ","pages":"Article 122753"},"PeriodicalIF":6.8000,"publicationDate":"2025-10-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Information Sciences","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S0020025525008898","RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"0","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}

引用次数: 0

Abstract

Cyber threats have evolved in complexity, aiming at a wide range of sectors using advanced methods and tools. This evolving threat landscape challenges existing cybersecurity frameworks, many of which lack the adaptability to counteract the complex tactics of sophisticated adversaries. Developing robust cyber defense strategies requires simulating dynamic interactions between attackers and defenders across high, moderate, and low-impact scenarios. The Flip-It cyber game serves as an intelligent framework for simulating these interactions, enabling the analysis of adaptive strategies in cybersecurity. This paper aims to address the problem of mitigating malware prevalence with full consideration of attack/defense capabilities in arbitrary network topologies. This paper proposes a sophisticated discrete-time epidemic model to characterize security state transitions over time for all three scenarios within the Flip-It game framework. On this basis, the original problem is modeled as a closed-loop control problem to seek the optimal containment strategy. Deep Reinforcement Learning (DRL) is then used to tackle the problem, generating efficient defense strategies that are well-adapted to changing cybersecurity environments.

Numerical simulations based on small-world networks, scale-free networks, and router networks are then carried out to generate corresponding strategies. Additionally, we have evaluated the performance of the proposed method against the State-Of-The-Art (SOTA) in terms of attack/defense objective function, control actions, number of devices under the control of the attacker and defender, stability, execution time, and scalability. This comprehensive approach integrates epidemiological modeling, game theory, and advanced machine learning to effectively tackle the complexities of contemporary cybersecurity threats.

查看原文本刊更多论文

减轻任意拓扑网络中的恶意软件流行：一种与流行病建模集成的翻转网络游戏方法

网络威胁越来越复杂，使用先进的方法和工具针对广泛的部门。这种不断变化的威胁形势挑战了现有的网络安全框架，其中许多框架缺乏应对复杂对手复杂战术的适应性。开发强大的网络防御策略需要模拟攻击者和防御者在高、中、低影响场景下的动态交互。Flip-It网络游戏作为模拟这些交互的智能框架，能够分析网络安全中的自适应策略。本文旨在通过充分考虑任意网络拓扑的攻击/防御能力来解决减轻恶意软件流行的问题。本文提出了一个复杂的离散时间流行病模型，以表征翻转游戏框架内所有三种场景的安全状态随时间的变化。在此基础上，将原问题建模为闭环控制问题，寻求最优遏制策略。然后使用深度强化学习（DRL）来解决问题，生成有效的防御策略，以适应不断变化的网络安全环境。然后对基于小世界网络、无标度网络和路由器网络进行数值模拟，生成相应的策略。此外，我们从攻击/防御目标函数、控制动作、攻击者和防御者控制下的设备数量、稳定性、执行时间和可扩展性等方面评估了所提出的方法在最先进（SOTA）技术下的性能。这种综合方法集成了流行病学建模、博弈论和先进的机器学习，有效地解决了当代网络安全威胁的复杂性。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Information Sciences 工程技术-计算机：信息系统

CiteScore

14.00

自引率

17.30%

发文量

1322

审稿时长

10.4 months

期刊介绍： Informatics and Computer Science Intelligent Systems Applications is an esteemed international journal that focuses on publishing original and creative research findings in the field of information sciences. We also feature a limited number of timely tutorial and surveying contributions. Our journal aims to cater to a diverse audience, including researchers, developers, managers, strategic planners, graduate students, and anyone interested in staying up-to-date with cutting-edge research in information science, knowledge engineering, and intelligent systems. While readers are expected to share a common interest in information science, they come from varying backgrounds such as engineering, mathematics, statistics, physics, computer science, cell biology, molecular biology, management science, cognitive science, neurobiology, behavioral sciences, and biochemistry.