Analysis of malware propagation behavior in Social Internet of Things

Abstract

SummarySocial Internet of Things (SIoT) is an evolution of the Internet of Things, where objects interact socially with each other in the sense that they can independently establish new relationships, offer, or discover services, in order to accomplish their tasks with minimum involvement of the user. This additional convenience comes at the expense of higher risk of speeding up malware propagation through the dynamically created relationships. Because of the undesirable effects of malware (eg, disruption of device operation), it is essential to understand their spreading behavior in order to minimize their negative impacts. In this paper, we analyze malware propagation behavior in SIoT and investigate different parameters that influence spreading of malware. Toward that end, a simulator has been developed to simulate the spreading process of malware in SIoT. Many propagation scenarios were analyzed using the proposed simulator. Simulation results show that adding more relationships in the SIoT or increasing the number of owned objects per user has increased malware spreading rate. For example, the time to infect all objects is faster by 45% when objects communicate through four relationships compared with the case when objects communicate through only two relationships in SIoT. We also investigated ways to restrict the malware spreading. Results show that preventing objects from establishing dynamic social relationship slows down the infection by 40% compared with the next best scenario (ie, blocking co‐location relationships), which means more time for vendors to patch up their products.