An Efficient Patch Dissemination Strategy for Mobile Networks

1 Information Security Center, State Key Laboratory of Networking and Switching Technology, Beijing University of Posts and Telecommunications, Beijing 100876, China 2National Engineering Laboratory for Disaster Backup and Recovery, Beijing University of Posts and Telecommunications, Beijing 100876, China 3 College of Mathematics and Information Science, Shandong Institute of Business and Technology, Shandong, Yantai 264005, China


Introduction
The last decade has witnessed a surge of wireless mobile devices such as mobile phones, PocketPCs, netbooks, and tablet PCs.With the appearance and development of intelligent operating system, mobile devices are getting smarter and more functional.For example, they can connect to the Internet, receive and send emails and short messages (SMS)/multimedia messages (MMS), and connect to other devices for exchanging information and activating various applications.Meanwhile, these mobile devices also become the ideal targets of mobile virus because they are popular, designed to be open, programmable, and, general of purpose, and highly dependent on common software platforms such as Android, Symbian, Windows Mobile, and Linux.
Mobile networks, formed by the connection of mobile devices following some relationships among mobile users, provide good platforms for mobile virus spread.For example, an MMS-based worm named "Commwarrior" (http://www.f-secure.com/v-descs/commwarrior.shtml) can spread in MMS network which is formed based on the social relationships among mobile users.And a Bluetoothbased worm named "Cabir" (http://www.f-secure.com/v-descs/cabir.shtml) can spread in Bluetooth network which is formed according to the geographically positions of mobile devices.There have been extensive studies on modeling the virus/epidemic propagation [1][2][3][4][5][6] in complex networks which can be used to estimate the scale of a virus/epidemic outbreak before it actually occurs and evaluate the effect of new or improved countermeasures in restraining virus/epidemic propagation.And based on these studies, many network immunization strategies [7][8][9][10] have been proposed for restraining virus propagation by selectively immunizing some nodes based on the measurements of degree or betweenness.But it would be difficult for these strategies to deal with large-scale, decentralized, and dynamic mobile networks.Intrusion detection technology [11] is another straight and effective means for the containment of mobile virus.However, the detection capabilities of most antivirus software are depend on the existence of an updated virus signature repository.Antivirus users are not protected whenever an attacker spreads a previously never encountered virus.In order to protect the mobile phones from the damage of new virus, service providers or security companies need to quickly identify the new virus, generate a signature, and disseminate patches to smart phones.Currently, most researches have been done on intrusion detection [11][12][13] and patch generation [14][15][16], while this paper aims to study the dissemination [17][18][19][20] of security patch in the wireless mobile network environment.
Due to the limited bandwidth of wireless networks, it is difficult to disseminate the security patches to all phones simultaneously and timely.And since the mobile network is always large-scale, decentralized, dynamically, and of unknown network topology, good patch dissemination strategy is necessary.Some strategies attempt to forward security notifications or patches based on the short-range communication capabilities of intermittently connected phones [17,18].These strategies select some important phones that can divide a Bluetooth-based network into different communities based on the contact time and frequency.Thereafter, they send security signatures to all communities based on the local detection.However, this method cannot ensure that users acquire patches in time.References [20,21] presented a quick and efficient autonomy-oriented computing (AOC) [22,23] based patch dissemination strategy, based on SMS that can be used in multiple forms of mobile network.But, this strategy still has the following deficiencies: (1) the number of patches disseminated is not determined at a time step.Especially, there may be many patches disseminated at the initial stage which can potentially cause network congestion [24,25]; (2) a phone may receive the same patch from different neighbors more than once which may lead to network congestion and the waste of network resource.Therefore, it is still in high demand to develop a new strategy that can efficiently and quickly send security patches to as many phones as possible in the mobile network.
In this paper, we propose a patch dissemination strategy based on semi autonomy-oriented computing (SAOC) to restrain the mobile virus.For the AOC-based strategy, certain entities reside in some phones in the mobile network.They autonomously work with each other and move in the network based on their own autonomous behaviors.But in our SAOCbased strategy, a center is added to the AOC-based strategy to combine and analyze the information received from the entities.At each time step, each entity moves to the next location according to its own autonomous behavior and the information feedbacked from the center.Through many experiments involving both synthetic and real-world networks, we find that the proposed SAOC-based strategy can quickly send security patches to as many phones as possible in the mobile network with limited bandwidth which is also large-scale, decentralized, dynamically, and of unknown network topology.Besides, it can control the number of patches disseminated at each time step and make adjustment according to the network conditions.The selected phones, which receive the patches, are always the most important ones of the phones found by the entities at each time step for the virus propagation, and thus the virus propagation can be effectively restrained.The network congestion and the waste of the network resources can also be avoided because each phone receives the patch only once.

SAOC-Based Patch Dissemination Strategy
SMS/MMS messages and Bluetooth are becoming the two major propagation routes of mobile virus.Since SMS-based viruses are found more dangerous than Bluetooth-based viruses in terms of propagation speed and scope [20], we propose a semi autonomy-oriented computing (SAOC) based patch dissemination strategy to restrain the SMSbased virus propagation in this paper.For the autonomyoriented computing (AOC) approach [20,26], a group of computational entities are dispatched into a mobile network.They reside in some phones, autonomously work with each other, move from one phone to another, and update their local environment based on their own autonomous behaviors.However, in our SAOC-based approach, the entities no longer work full autonomously and a center is added to help the entities finish their tasks.At each time step, the center is responsible for combining and analyzing the information received from the entities, and each entity moves from its present position to a new one according to some rules, the information feedbacked from the center and the cooperation with other entities.We use a graph  to denote the mobile phones network formed according to the address books of mobile phones.Some definitions which are used to formulate the SAOC-based dissemination strategy are as follows.
Definition 1.A graph  = ⟨, ⟩ is a mobile network formed according to the address books of mobile phones, where  = {V 1 , V 2 , . . ., V  } is a set of phones and  = {⟨V  , V  ⟩|1 ≤ ,  ≤ ,  ̸ = } is a set of undirected links (if V  is in the address book of V  , then there is a link between V  and V  , and V  is called a friend of V  ). = || represents the total number of phones in the network.
Each phone V  in  has two states ⟨ℎ,  ⟩, where ℎ denotes the identifier of V  and  is the identifier of the friend of V  .Definition 2. The center, denoted by , contains two states ⟨, ⟩, where  denotes its identifier and  stores a series of its tasks.Definition 3. Let  be an entity in a network .Entity  is represented by a tuple ⟨, ℎ,  , , ⟩, where  denotes the identifier of the entity; ℎ represents the identifier of the phone resided by ;  is the identifier of the friend of the resided phone;  is the maximum time steps for an entity to reside on a phone; and  is a set which stores four local behaviors of an entity, including rational-move, rational-jump, random-jump, and wait.
Step 1 Step 2 Step 3 Phone Entity Patched phone Resided phone

Local environment of entity Highest-remain degree phone in local environment
The indirect interaction between two entities The move behavior of entity Definition 5. Remain degree of a phone denotes the number of friends who have not received the patches of a phone.A phone is regarded as its own friend.
At each time step, each entity sends its prelocal information searched in its local environment to the center.The center combines and analyzes the information received from all entities according to its , and shares the analysis results which are called the postlocal information   () with each entity , where is the set of friends of V  resided by .If two phones resided by two entities are friends or they have at least a same friend, we assume that these two entities can share their postlocal information.Each entity then moves to the next location () according to its .Algorithm 1 shows the detailed process of SAOC-based patch dissemination strategy.
The  of the center includes the following.
(1) Delete the  who have received the patches from each phone's   in all the prelocal information.
(2) Compute each phone's remain degree and send the security patches to the first  phones with the highest-remain degree.(Therefore, the number of patches disseminated at each time step is controllable that can be adjusted according to the network conditions.)And record the  of the phones who just received the patches.
(3) Delete the new patched  from each phone's   and compute each phone's new remain degree.
(4) Send the postlocal information to the entity.
The main behaviors of each entity are as follows.
(1) Rational move: An entity moves to a phone with the highest-remain degree in its postlocal information or the shared postlocal information if it exists.If there exists more than one highest-remain degree phone, the entity will randomly choose one for residing in.
(2) Rational jump: the entity requests from the center a phone for residing in, if such phone exists.
(3) Random jump: an entity moves along the edges with a randomly-determined number of steps in order to avoid getting stuck in local optima.
(4) Wait: If an entity does not find any available phone for residing in, it will stay at its current position.
For example, as shown in Figure 1, two entities  1 and  2 reside in phones V 5 and V 6 at the initial phase of step 1, respectively. 1 and  2 begin to search their local environments and obtain the prelocal information as: When receiving   ( 1 ) and   ( 2 ), the center firstly deletes the phones'  that has been immunized from each phones'  and computes the remain degree of each phone.Since there are no phones have been immunized, the remain degree of each phone will be In this moment, the center sends the security patches to the first 5 unimmunized phones (in this example, we assume that no more than  = 5 phones are immunized at each time step) with highest-remain degree, that is, {V 4 , V 6 , V 7 , V 9 , V 10 }, and deletes these phones'  from each phones'  and computes the new remain degree of each phone.The new remain degree will be sent to entities as their postlocal information, that is, When receiving the postlocal information, each entity will move to the phone which has the highest-remain degree in its postlocal information.Therefore,  1 and  2 move from V 5 to V 4 and from V 6 to V 10 , respectively.In this step, these two entities perform the rational move relying on their own postlocal information.Step 2 will show the case of the movement of the entities relying on the shared postlocal information.In step 2, when  1 and  2 receive   ( 1 ) and   ( 2 ) from the center, they can share their postlocal information with each other since they have the mutual friends V 7 and V 8 .  ( 1 ),   ( 2 ) and the shared postlocal information are as follows: (2)  1 and  2 will choose the first two phones with the highest-remain degree in the shared postlocal information as their target locations.Note that there are three phones can be resided and  1 is residing in one of the highestremain degree phone.In this case, we let  1 continue from moving.Therefore,  1 and  2 move from V 4 to V 5 and V 10 to V 2 , respectively.Table 1 presents the detailed patch dissemination process of Figure 1 based on our SAOC-based patch dissemination strategy.

Static Networks.
A mobile network is constructed based on the address books of smart phones, which reflects the social relationship among mobile users in real world situations.Here, we use some benchmark networks (university email network, autonomous systems network, and collaboration network) to reflect the relationship structures in the real world.Table 2 shows the structure and degree of four networks.University email network [27], autonomous systems network [28], and collaboration network of Arxiv High Energy Physics category [29] are real-world networks.Community-based network is a synthetic network with four communities based on the GLP algorithm [30].
We use the four networks shown in Table 2 to evaluate the efficiency of the proposed SAOC-based patch dissemination strategy in restraining the SMS-based virus.For the SMSbased virus propagation model, we assume the following.(1) If a user receives a message from his friend, he may open or delete this message determined by his security awareness [20,31,32].The security awareness of different users in this paper is consistent with that used by [20] and follows a normal distribution, (0.5, 0.3 2 ).
(2) If a user opens a virus message, he is infected and will automatically send the virus message to all his friends.
(3) An infected phone sends the virus to his friends only once, after which the infected phone will not send out virus any more.
(4) If a phone has received the patch, it will not send out virus even if the user opens an infected message again.
At some point, we deploy a few entities into a mobile network.These entities reside in the phones with the highest degree which are found by the AOC-based immunization strategy [26].Each entity then moves according to Algorithm 1.We compare the efficiency of our SAOC-based dissemination strategy with the AOC-based dissemination strategy [20] by different indexes in the above static benchmark networks.
Figure 2 shows the average numbers of infected phones over time when 5 and 10 entities are deployed into the networks from the time step of 50.At each time step, no more than  patches can be sent in SAOC-based strategy that is, up to  phones can be immunized at each time step in SAOC-based strategy.Obviously, the earlier and the more the patch is disseminated, the shorter the propagation duration will be.Figure 3 shows the average number of immunized phones over time when the entities are deployed into the networks from 50.Since we set a limit on the size of  to avoid the network congestion, the effect of SAOC-based strategy is inferior to the AOC-based one at the initial phase after the deploying of the entities when  is small.But simulation results show that the SAOC-based strategy can recover all the infected phones and immune all the phones faster than the AOC-based one even if  is relatively small.Figure 4 shows the number of the patches disseminated at each time step.We find that the number of the patches disseminated at each time step in AOC-based strategy is much more than that of the SAOC-based one.Figure 4 also shows the main inadequacies of AOC-based strategy; that is, too many patches are sent at certain times which may lead to network congestion and a phone may receive the patch from different neighbors more than once which causes the waste of network resources.However, in our SAOC-based strategy, the number of patches disseminated at each time step is controllable that can be adjusted according to the network conditions, and a phone receives the patch only once.
Figures 5 and 6 show the average number of steps of each entity and the total number of patches disseminated corresponding to the coverage rate, respectively.The coverage rate is defined as  immunized /, where  immunized represents the total number of immunized phones that are patched by the center and  represents the total number of phones in the network.In Figure 5, each entity in SAOC-based strategy needs to move a bit more steps than that in the AOC-based strategy when the coverage rate is small due to the limitation on .But in the case of achieving a significant amount of coverage rate, the number of steps of each entity needed to move is much smaller in SAOC-based strategy than that in AOC-based strategy.In Figure 6, we can see that the total number of patches disseminated is much smaller in SAOCbased strategy than in AOC-based strategy to attain the same coverage rate.
From the simulations performed above, we can see that the SAOC-based dissemination strategy can efficiently send security patches to as many phones as possible with considerable speed and relatively lower cost in the static networks.

Dynamically Evolving Networks.
In this section, we evaluate the efficiency of SAOC-based dissemination strategy in dynamically evolving networks since the structure of a network is changing in the real world.We assume that the initial network contains 1000 phones with ⟨⟩ = 8.Three different patterns of network evolving are considered as follows: (1) the network scale will grow to 4000; (2) 50 or 100 phones are added into the network at each step from the time step of 20; (3) the network degree, ⟨⟩, will remain unchanged or change from 8 to 18, respectively.We use the SIR [33][34][35] model to characterize the SMS-based virus propagation in dynamically evolving networks.SIR is the most basic and well-studied epidemic spreading model.In the SIR model, the elements of a network are divided into three compartments, including susceptibles (S, those who can contract the infection), infectious (I, those who have contracted the infection and are contagious), and recovered (R, those who have recovered from the disease).At each time step, we assume that a susceptible phone becomes infected with a probability  if it is directly connected to an infected phone.Meanwhile, if an infected phone receives the patch, it will become to be recovered from the infected state.
Simulation results shown in Figure 7 indicate that when selecting the appropriate number of patches disseminated at each time step, our SAOC-based strategy can send security patches to as many phones as possible and reduce the damages of mobile virus in the dynamically evolving networks with various complex evolving patterns.

Conclusion
In this paper, we propose an efficient SAOC-based patch dissemination strategy to restrain the SMS-based mobile

Entity Center Entity
Step 1:

Analytical information
Step 2:

Store immune phones
Step In the analytical information V  & V 1 , . . ., V  &  1 &  2 of the center, V  is the identifier of a phone, V 1 , . . ., V  the friends of V  ,  1 the first computed remain degree of V  , and  2 the second computed remain degree of V  .The identifiers in red indicate the phones that have received the patches in the previous steps.The identifiers in blue indicate the phones that will receive the patches in the current step.The no more than 5 red numbers in each step refers to the unimmunized phones with the highest-first computed remain degree.
virus.The advantages of our SAOC-based strategy could be described as follows: (1) it sends security patches to as many phones as possible at a considerable speed and lower cost in the mobile network with limited bandwidth which is also largescale, decentralized, dynamically evolving, and of unknown network topology; (2) it can control the number of patches disseminated at each time step and make adjustment according to the network conditions.Thus the network congestion can be avoided; (3) the selected phones which receive the patches are always the most important ones of the phones found by the entities at each time step for the virus propagation, and thus the virus propagation can be effectively restrained; (4) each phone receives the patch only once, which is beneficial to avoiding the network congestion and the waste of network resource.
In summary, the SAOC-based patch dissemination strategy is a reasonable, effective, and secure method to send security patches in mobile networks and reduce the damages mobile viruses cause.

Figure 1 :Definition 4 .
Figure 1: An example of the SAOC-based patch dissemination strategy.

Figure 2 :
Figure 2: The number of infected phones over time.

(Figure 3 :
Figure 3: The number of immunized phones over time.

(Figure 4 :
Figure 4: The number of patches over time.

(Figure 5 :
Figure 5: The average of each entity steps with respect to coverage rate.

4 (Figure 6 :
Figure 6: The number of patches with respect to coverage rate.

Figure 7 :
Figure 7: The number of infected phones over time in different dynamicin-evolving networks.(a) 50 phones are added into the network at each step, and the average degree ⟨⟩ maintains 8; (b) 50 phones are added into the network at each step, and the average degree ⟨⟩ increases from 8 to 18; (c) 100 phones are added into the network at each step, and the average degree ⟨⟩ maintains 8; (d) 100 phones are added into the network at each step, and the average degree ⟨⟩ increases from 8 to 18.

( 1 )
For each entity  search the local environment   () and obtain pre-local information   (); send   () to the center;

Table 1 :
The detailed process of Figure1based on SAOC-based patch dissemination strategy. 3:

Table 2 :
The structures of networks.