Rapidly-spreading malicious software is an important threat on today’s computer networks. Most solutions that have been proposed to counter this threat are based on our ability to quickly detect the malware-generated traffic or the malware instances themselves, something that in many cases can be beyond our ability. Nonetheless, it seems intuitive that certain defensive postures adopted in configuring networks or machines can have a positive impact on countering malware, regardless of our ability to detect it. It is thus important to quantitatively understand how changes in design and deployment strategies can affect malware performance; only then does it become possible to make optimal decisions. To that purpose, we study in this paper the impact of network interconnection topologies on the propagation of malware. We first use a theoretical model based on Markov processes to try to predict the progression of an infection under varying interconnection scenarios. We then compare t...
Pierre-Marc Bureau, José M. Fernandez