^{1}

^{1}

^{1}

The advanced persistent distributed denial-of-service (APDDoS) attack does a serious harm to cyber security. Establishing a mathematical model to accurately predict APDDoS attack on networks is still an important problem that needs to be solved. Therefore, to help us understand the attack mechanisms of APDDoS on networks, this paper first puts forward a novel dynamical model of APDDoS attack on networks. A systematic analysis of this new model shows that the maximum eigenvalue of the networks is a vital factor that determines the success or failure of the attack. What is more, a new sufficient condition for the global stability of attack-free equilibrium is obtained. The global attractivity of attacked equilibrium has also been proved. Eventually, this paper gives some numerical simulations to show the main results.

Cyber-attack overwhelmingly invades every aspect of our life, which causes huge threats and enormous damage to thousands of industries. According to the report [

To fully understand the APDDoS attack, its steps must be introduced. First, attacker will invade as many infected computers as possible by inserting or injecting computer malware into phishing websites or phishing texts. So, if the visitor opens it, his/her computer would be infected. And then, the infected computers will be composed into a botnet that is controlled by the attacker. When there are enough infected computers, the attacker can launch flood attack to targeted IPs (services of host) which will be blocked or broken down soon after the attack.

The cyber-attack process on the network can be accurately expressed as a continuous-time Markov chain which is proposed by Van Mieghem [

To better understand the impact of network topology on APDDoS attack, in this paper we propose a novel APDDoS attack model on networks with

In Section

According to the ability of computers to defend against malicious software on the network, the paper divides the computers into two groups: Weak-Protected group and Strong-Protected group. Here, we can divide computers into two groups by checking whether the computer has firewall.

The Weak-Protected group (WP), which lacks firewall protection, is vulnerable to malware attacks, such as computer worm, Trojan, and so on. The Weak-Protected group consists of two kinds of computers, which includes susceptible computers (

However, because the existence of the firewall, the Strong-Protected group (SP) can defend against many kinds of attacks, but it also can be attacked by APDDoS attack. The Strong-Protected group also consists of two kinds of computers, tolerant computers (

Schematic diagram of APDDoS attack.

Based on the above facts, some constants can be defined as follows:

_{i}(

_{i}(

_{i}(

_{i}(

Next, some reasonable assumptions are proposed as follows [

(_{i} infected by the neighboring_{i} gets infected per unit time, is

(_{i}(_{i}(

(_{i}(_{i}(_{i}(

(_{i}(

(_{i }(_{i }(_{i }(_{i}(

Let

In order to satisfy these above equations,

Substituting these equations into the above relations and letting

According to Assumption (

Since the first

This section aims to understand the dynamical behavior of system (

Clearly, there is a unique attack-free equilibrium

To achieve that, let

Let_{1}(_{N}(_{1}(_{N}(

Let

Consider system (

the attack-free equilibrium_{0} is locally asymptotically stable if

the attack-free equilibrium_{0} is a saddle point.

The characteristic equation with respect to_{0} is

Equation (

Next, study the global stability of the attack-free equilibrium of system (

Let

Let_{1}(_{N}(

_{i},_{i}.

The attacked-free equilibrium of system (

Look at system (_{1}, …,_{N}) belonging to its eigenvalue_{i }_{i}(

The attacked-free equilibrium of system (

Status transition graph of the basic model (the dashed line on the graph means the attack from

It follows from Theorem _{1} such that, for all

From the last

As the comparison system

has a globally asymptotically stable equilibrium _{2}> 0 such that, for all_{2},

This implies that

The proof is complete.

The following corollary can be obtained easily based on Lemma 4 and Theorem

System (

Second, consider properties of the attacked equilibrium of system (

System (

Note that any solution of system (

The attacked equilibrium

For any solution

Clearly, _{0} and

If

When

When

As

Let

Besides,

Let

Then

Any solution of system (

The attacked equilibrium

In order to control APDDoS attack,

From these computational results, the following conclusions can be got:

Reducing the infection rate

Raising the cure rate

Reducing the rate

Reducing the value of

Based on the above discussions, the corresponding practical suggestions are as follows:

Install antivirus software or firewall and update it regularly.

Improve the defensive level of computer.

Filter IP addresses so as to reduce the number of IP addresses that can access computer on networks.

This section gives some examples about equilibriums of system (

The paper discusses the equilibrium of system on four different kinds of networks: full-connected network, stochastic network, scale-free network which uses Barabasi-Albert method, and realistic network.

First, consider system (

Consider a network with 200 nodes and every node is connected to other nodes, which is full-connected network. With

Global stability of attack-free solution on full-connected network.

Global attractivity of attacked solution on full-connected network.

Consider a network that nodes are fully connected to other with 200 nodes. With

Then consider system (

Consider a network that nodes are connected randomly to other with 200 nodes. With

Global stability of attack-free solution on stochastic network.

Global stability of attack-free solution on stochastic network.

Consider a network whose nodes are connected randomly to other with 200 nodes. With

Now, let us consider system (

Consider a network whose nodes are connected to other with 200 nodes. With

Global stability of attack-free solution on scale-free network.

Global stability of attack-free solution on scale-free network.

Consider a network whose nodes are connected to other with 200 nodes. With

Finally, consider system (

Consider a network whose nodes are connected to other with 300 nodes. With

Global stability of attack-free solution on realistic network.

Consider a network that nodes are connected randomly to other with 300 nodes. With

Global stability of attack-free solution on realistic network.

This paper puts forward a novel dynamical model of APDDoS attack on networks. Then, a systematic analysis of this model is showed. After that, a new sufficient condition for the global stability of attack-free equilibrium is obtained. Next, the sufficient condition for the global attractivity of attacked equilibrium also is studied. Eventually, some numerical simulations are given to show the main results of this paper.

The data used to support the findings of this study are available from the corresponding author upon request.

The authors declare that there are no conflicts of interest regarding the publication of this paper.

This work is supported by the Natural Science Foundation of Guangdong Province, China (no. 2014A030310239).