Steady-State Availability Evaluation for Heterogeneous Edge Computing-Enabled WSNs with Malware Infections

Zhang, Hong; Yang, Shumin; Wu, Guowen; Shen, Shigen; Cao, Qiying

doi:https://doi.org/10.1155/2022/4743605

Mobile Information Systems

On this page

Abstract Introduction Related Work Conclusions Data Availability Conflicts of Interest Acknowledgments References Copyright Related Articles

Special Issue

Artificial Intelligence and Edge Computing in Mobile Information Systems

View this Special Issue

Research Article | Open Access

Volume 2022 | Article ID 4743605 | https://doi.org/10.1155/2022/4743605

Steady-State Availability Evaluation for Heterogeneous Edge Computing-Enabled WSNs with Malware Infections

Hong Zhang,¹Shumin Yang,¹Guowen Wu,¹Shigen Shen,²and Qiying Cao¹

Academic Editor: Wenqing Wu

Received12 Nov 2021

Revised26 Feb 2022

Accepted22 Mar 2022

Published11 Apr 2022

Abstract

To evaluate the steady-state availability of heterogeneous edge computing-enabled wireless sensor networks (HECWSNs) with malware infections, we first propose a Stackelberg attack-defence game to predict the optimal strategies of malware and intrusion detection systems (IDSs) deployed in heterogeneous sensor nodes (HSNs). Next, we present a new malware infection model—heterogeneous susceptible-threatened-active-recovered-dead (HSTARD) based on epidemic theory. Then, considering the heterogeneity of sink sensor nodes and common sensor nodes and the malware attack correlation, we derive the state transition probability matrix of an HSN based on a semi-Markov process (SMP), as well as the steady-state availability of an HSN. Furthermore, based on a data flow analysis of HSNs, we deduce the steady-state availability of HECWSNs with various topologies, including the star topology, cluster topology, and mesh topology. Finally, numerical analyses illustrate the influence of the IDS parameters on the optimal infection probability of malware and reveal the effect of multiple factors on the steady-state availability of HSNs, including the initial infection rate, the infection change rate, and the malware attack correlation. In addition, we present data analyses of the steady-state availability of HECWSNs with various topologies, including the star topology, cluster topology, and mesh topology, which provide a theoretical basis for the design, deployment, and maintenance of high-availability HECWSNs.

1. Introduction

In recent years, edge computing has emerged to address computation-intensive tasks in the 5G architecture [1], for which it can deploy servers at the edges of the network and provide services for the end users. This architecture is also applicable to heterogeneous wireless sensor networks (HWSNs), which enables heterogeneous sensor nodes (HSNs) to offload computation tasks to the deployment servers through the base stations [2]. In this manner, edge computing systems have begun to provide services for HWSNs to improve the performance of HSNs.

With the popularity of low-budget smart sensors, HWSNs have attracted considerable attention from researchers in many fields, including smart transportation, smart grids, the military, and smart homes [3–9]. These applications make our lives more comfortable. However, HWSNs have the same deficiencies as WSNs: HSNs have limited energy, computational capacity, and storage capacity [10, 11]. The other concern is that HWSNs are vulnerable to malware attacks, and malware can damage HWSNs in many ways, which not only affects the performance of HWSNs but also renders HWSNs unable to provide normal services [12]. The steady-state availability of HECWSNs is one of the factor to evaluate its performance, which indicates the probability that HECWSNs are available or reliable when sensing data, transmitting data, and aggregating data during the long-term operation. To address these issues, we evaluate the steady-state availability of heterogeneous edge computing-enabled wireless sensor networks (HECWSNs) with malware infections.

Malware refers to any malicious program with intentional attacks and serious destructive power [13–17], which causes great damage to networks, computer systems, and data [18]. Due to the limited resource allocation of HSNs [19], HECWSNs are vulnerable to malware attacks [20–22]. Once a piece of malware has attacked an HECWSN successfully through the HSN system’s security vulnerabilities, it will eavesdrop on information, block networks, wastefully spend the HSN’s energy, or compromise it [23], which can seriously corrupt and damage the HECWSN. This paper will study the service availability of HECWSNs, and it aims to judge the steady-state availability of HECWSNs by evaluating the performance of HSNs. In other words, when HECWSNs are infected by malware, we study whether the HECWSNs can reach a steady state and provide data acquisition, data transmission, and data processing services normally or not.

Because malware infection in HECWSNs is similar to that of epidemic in people, the epidemic model is usually adopted for reference when establishing a malware infection model for HECWSNs [24]. The classical epidemic models include SI, SIS, and SIR [14]. For example, the SIR model classifies all nodes’ states into susceptible (S), infectious (I), and recovered (R). When a heterogeneous sensor node (HSN) in HECWSNs is attacked by malware, its state will undergo a series of changes. Based on the classical SIR epidemic model, considering the characteristics of malware hiding and acting, this paper proposes a heterogeneous susceptible-threatened-active-recovered-dead (HSTARD) model to describe the states of HSNs, which includes the states susceptible (S), threatened (T), active (A), recovered (R), and dead (D).

In recent years, an increasing number of researchers have studied the problem of network security with game theory [25–28]. During the process of malware infection in HECWSNs, to defend against malware, HECWSNs use a deployed intrusion detection system (IDS) in the system of HSNs to detect malware with a certain probability [29]. The malware, to prevent detection by the IDS, will attack with a certain probability. Clearly, the attack-defence process between malware and the deployed IDS is a game problem. In this attack-defence game, the attack and defence actions initiated by the malware and IDS have priority, so it is appropriate to solve the attack-defence problem based on a Stackelberg game. Therefore, we propose a Stackelberg attack-defence game (SADG) to predict the optimal infection probability of malware, where malware is the leader and the IDS is the follower.

For an HSN, its current state determines the change in the next state, independently of the previous state, which means that the HSN state transition is random. Thus, it is appropriate to describe the state transition of an HSN using a semi-Markov process (SMP). We derive the state transition probability matrix of an HSN based on an SMP and obtain the steady-state availability of an HSN.

The contributions of this paper are summarized as follows:

First, considering that the deployed IDS and malware are two agents, we establish an SADG to predict the optimal infection probability of malware. The SADG can reflect the influence of the real HECWSNs situation when players choose their strategies.

Second, considering the characteristics of malware hiding and acting, we propose an HSTARD model by adding the states threatened, active, and dead to the classical epidemic model SIR. The HSTARD model can not only reflect the latent characteristics of malware but also consider the influence of the optimal defence strategy of the IDS on malware infection.

Third, considering the heterogeneity of HSNs and malware attack correlations, which will jointly affect the vulnerability of HSNs, we derive the state transition probability matrix of an HSN based on an SMP. We also derive the steady-state availability of an HSN, which not only reflects the characteristics of sensor node heterogeneity but also reflects the influence of the number of malware attacks on the state of HSNs.

Fourth, considering the topological heterogeneity of HECWSNs, we derive the steady-state availability of HECWSNs with various topologies, including the star topology, cluster topology, and mesh topology. The steady-state availability evaluation of HECWSNs can provide a theoretical basis for the design, deployment, and maintenance of high-availability HECWSNs.

The rest of the paper is organized as follows: Section 2 describes related work. Section 3 predicts the optimal infection probability of malware based on an SADG. Section 4 describes the dynamic state transition of an HSN and proposes an HSTARD model. Section 5 derives the steady-state availability of an HSN using an SMP. Section 6 describes the steady-state availability of HECWSNs with various topologies, including the star topology, cluster topology, and mesh topology. Section 7 describes the analysis of the experimental data. Section 8 summarizes this paper.

To facilitate understanding of this paper, all symbols used are listed in Table 1.

Edge computing helps improve computing efficiency and reduce the network transmission delay. Therefore, edge computing is widely used in 5G architecture, Internet of Things, and intelligent vehicle networking. Xiao et al. [30] presented reinforcement learning for edge computing to avoid jamming attacks and interference. Xu [31] used mobile edge computing technology to manage digital communities. Rimal et al. [32] discussed mobile edge computing’s potential service scenarios and designed scenarios for mobile edge computing over Wi-Fi networks. Corcoran and Soumya [33] discussed edge computing that was suitable for real-time operation and low latency requirements, which extended computing capabilities and services to the edge of the network.

At present, researchers have presented many extended epidemic models for WSNs, some of which consider the heterogeneity of WSNs. Examples include the SEIRSV model, containing states S, E (exposed), I, R, and V (vaccination); the susceptible-infected-immunized (SII) model [34]; the worm infection model considering the spatial-temporal perspective [35]; the susceptible-active-dormant-immune (SADI) model considering the hierarchical structure [36]; and the susceptible-exposed-infected-recovered-susceptible with vaccination and quarantine states (SEIRS-QV) model considering user awareness and network delay [37].

To date, many researchers have studied malware infection in HWSNs through game theory. Lalropuia and Gupta [38] developed an availability model to resolve the problem of the unavailability of a 5G WCN attacked by a denial of service (DoS) attack using a Bayesian game. Jiang et al. [39] established an attack-defence game based on a Stackelberg game to study the reliability of WSNs. Shen et al. [40] set up a dependability assessment mechanism for HWSNs using a noncooperative non-zero-sum game. Shen et al. [41] formulated a malware-defence differential game to study the decision-making problem between an IDS and malware. Liu et al. [42] proposed a stochastic evolutionary coalition game (SECG) to study the reliable service of virtual-sensor-service nodes. Shen et al. [43] proposed a malware detection strategy for the Internet of Things based on a signalling game. Liu et al. [44] proposed a Bayesian Q-learning game to study the problem of task offloading in sensor edge clouds. Liu et al. [45] also proposed a Stackelberg game to study the problem of malware infection defence in sensor edge clouds based on a deep neural network.

To date, researchers have presented many models for evaluating network stability or availability, which have provided a reference for evaluating the availability of HWSNs. Famila et al. [46] proposed a cluster head selection technique by semi-Markov prediction to enhance WSNs’ availability. Kanchana and Ganesan [47] proposed an inspired self-aware cooperative scheme using an SMP to prolong WSNs’ lifetimes. Shakya et al. [48] proposed a correlation-based susceptible-infectious-recovered epidemic model to study the stability of WSNs. Tang et al. [49] built an evaluation approach for WSNs’ availability based on Markov chains. Gour et al. [50] studied the availability of service function chains in 5G transport networks by designing a slice. Pereira et al. [51] proposed an availability analysis model to evaluate the availability of edge and fog nodes based on Markov chains.

From these references, it can be seen that there are some problems regarding the availability of HECWSNs with malware infections, which need to be resolved. The first issue is how to determine the optimal infection probability of malware. The second issue is how to accurately describe the state of HSNs in HECWSNs with malware infections. The third issue is how to describe the heterogeneity of HSNs and the correlation of malware attacks on HSNs. The fourth issue is how to obtain the steady-state availability of HECWSNs. To address the first issue, we calculate the optimal infection probability of malware through an SADG. To address the second issue, we describe the state of HSNs by adding the states threatened and active and propose a malware infection HSTARD model. To address the third issue, considering the heterogeneity of security defence policies of HSNs and the malware attack correlation, we deduce the steady-state availability of an HSN based on an SMP. To address the fourth issue, considering the topology heterogeneity of HECWSNs, we deduce the steady-state availability of HECWSNs with various topologies, including the star topology, cluster topology, and mesh topology.

3. HSTARD Model

We assume an HECWSN scenario, which is composed of HWSNs, a base station (BS), and edge computing servers (ECServers), where the HWSNs are based on various topologies, including the star topology, cluster topology, and mesh topology (see Figure 1). To provide services for the HWSNs, edge computing servers are deployed at the BS. According to the computing tasks, the HWSNs determine whether computation services are offloaded to ECServers via wireless links.

To clearly describe the relationship among HSNs in an HECWSNs with malware infection, the HECWSN is described as an undirected network denoted by . Here, represents HSNs and represents the connection between any two HSNs, indicating “connected” by 1 and “not connected” by 0. The total number of HSNs is set as , and the degree of a heterogeneous sensor node represents the number of other heterogeneous sensor nodes connected to it, which is denoted by .

All HSNs can be roughly divided into two types by their functions: sink sensor nodes and common sensor nodes. Sink sensor nodes are responsible for pooling and processing the data collected by common sensor nodes. Compared with common sensor nodes, sink sensor nodes are configured with much stronger computing resources, storage resources, energy, and security defence policies. Considering that these two sensor node types differ in their security defence policies, they have different initial infection probabilities. Sink sensor nodes are configured with stronger security defence policies, so they are not easily infected. The probability of initial infection is related to their degree . The higher the degree is, the easier it is to infect the node, and the higher the initial infection probability is. While common sensor nodes have weaker security defense policies, therefore, they are more likely to be infected. We set the initial infection probability of all common sensor nodes to be the same. Suppose the initial infection probability of an HSN with degree , denoted by , is set as

In HECWSNs with malware infections, when an HSN is infected by malware, its states will undergo a series of changes. We propose an HSTARD model containing five states: S, T, A, R, and D. The state set of HSNs is expressed as . An HSN in state S is vulnerable to malware due to its weak security defence policy. An HSN in state T has been infected by malware, but the resident malware is hidden, and the HSN cannot spread the malware to other HSNs. An HSN in state A has been infected by malware, and the resident malware is active, so the HSN will spread the malware to other HSNs. An HSN in state R is immune to the known malware because the system has been patched or the resident malware has been removed by the IDS. An HSN in state D is unable to provide normal services due to malware attacks or energy consumption.

The dynamic state transitions of an HSN are illustrated in Figure 2, where the state transitions are caused by the actions of the HSNs and malware. For an HSN in state S, when it is infected by malware, its state will transition to T; when it is patched by the IDS, its state will transition to R. For an HSN in state T, when the resident malware is activated, its state will transition to A; when it is patched by the IDS, its state will also transition to R. For an HSN in state A, when the resident malware is detected and removed by the IDS, its state will transition to R. For an HSN in state R, when it is scanned for security vulnerabilities by new malware, its state will transition to S. When an HSN is unable to provide normal services due to malware attacks or energy consumption, its state will transition to D. To ensure that there are enough HSNs in the HECWSNs, the HSNs in state D are updated regularly; at the same time, new HSNs in state R are added.

For HSNs in all states, the death probability due to environmental influence, malware infection, and physical damage is set as . At time , the probability that HSN is in state is denoted by , and the probability that HSN transitions from state to is denoted by . Suppose the initial state of all HSNs is R; thus, for any HSN , we have and .

For an HSN in state S, when its security vulnerabilities are detected by the IDS, it will be patched, and its state will transition to R with probability . Here, is the probability of successful detection by the IDS, where is the detection probability of the IDS and is the probability of the IDS choosing the strategy detection, which is calculated by the proposed SADG. When it communicates with neighbouring nodes, if it is not infected by any neighbouring node, its state will still be S with probability , where is the optimal infection probability of the malware, and it is calculated by the proposed SADG. In addition, it has a death probability ; therefore, when it communicates with its neighbouring nodes in state A, its state transitions to T with probability . Thus, at time , for HSN with degree in state S, its state transition probabilities are expressed as

For an HSN in state T, when its security vulnerabilities are detected by the IDS, it will be patched, and its state will transition to with probability . When it is continuously attacked by malware, in view of the malware attack correlation, the probability that it is successfully activated is related to the number of malware attacks. For an HSN with degree , suppose the number of its neighbouring nodes in state A is and the number of malware attacks is set as . The greater is, the greater the probability that resident malware will be activated is. Once the resident malware is activated, its state will transition to A with probability , where is a random variable that follows a binomial distribution [52]. In addition, it has a death probability . Thus, at time , for HSN with degree in state T, its state transition probabilities are expressed as where is the initial infection rate and is the infection change rate. These variables indicate the variation characteristics of the probability of HSNs being infected by malware. In addition, indicates the sensitivity of the probability of HSN infection by malware to the number of malware attacks. As the number of malware attacks increases, the larger is, the more sensitive the probability of malware infection is to the number of malware attacks; correspondingly, the greater the probability of HSNs being infected by malware is.

For an HSN in state A, when it is detected by the IDS, the resident malware will be removed, and the system will be patched; its state will transition to R with probability . In addition, it has a death probability of , so it remains in state A with a probability of . Thus, at time , for HSN in state A, its state transition probabilities are expressed as

For an HSN in state , its state will transition to S after it is scanned for security vulnerabilities by new malware, and the probability of its state transitioning from R to S is denoted by . In addition, it has a death probability of , so it remains in state R with probability . Thus, at time , for HSN in state R, its state transition probabilities are expressed as

For an HSN in state D, when it is updated regularly, the newly added HSNs are in state R, and the update probability of dead HSNs is denoted by . Thus, at time , for HSN in state D, its state transition probabilities are expressed as

4. A Stackelberg Attack-Defence Game for Predicting the Optimal Infection Probability of Malware

4.1. Defining a Stackelberg Attack-Defence Game

The Stackelberg game is a noncooperative strategic game, and its strategies have priority. We establish an SADG to predict the optimal infection probability of malware in HECWSNs. Note that the aim of the SADG is not to deduce the detection probability of an IDS. In this SADG, the malware makes the attack strategy first, and then, the IDS chooses the defence strategy. In other words, the malware is the leader, and the IDS is the follower.

Definition 1. The Stackelberg attack-defence game (SADG) is expressed by a 3-tuple , where (i) denotes a set of players(ii), where and denote the pure strategies sets that malware and IDS can choose, respectively(iii), for , , and , denotes a payoff matrix, where denotes the payoff that player obtains when player selects the pure strategy and player selects the pure strategy

The parameters used in the SADG are listed in Table 1. () and () denote the detection rate and the false alarm rate of the IDS, respectively. () denotes the infection cost of the malware, () denotes the detection cost of the IDS, () denotes the utility of the malware for successful infection, and denotes the utility of the IDS for successful detection.

Definition 1 shows that the SADG has two players: and . The two pure strategies for to choose are and , and the two pure strategies for to choose are and . Therefore, these two players have four combinations of pure strategies in the SADG, and the corresponding utilities form the payoff matrix (see Table 2).

For the combination of pure strategies , which means that malware selects the pure strategy Infect, and IDS selects the pure strategy Detect, the detection rate and the false alarm rate of the IDS are and , so it gains and loses , while malware loses and gains . In response, the rate of malware infection is , so malware gains and IDS loses . In addition, the infection cost of malware is , so malware loses . The detection cost of IDS is , so it loses . Therefore, the utilities of malware and IDS are, respectively,

For the combination of pure strategies , which means that malware selects the pure strategy Infect and IDS selects the pure strategy Nondetect. Under this case, malware gains and IDS loses . In addition, the infection cost of malware is , so malware loses . Therefore, the utilities of malware and IDS are, respectively,

For the combination of pure strategies , which means that malware selects the pure strategy Noninfect and IDS selects the pure strategy Detect, the false alarm rate of the IDS is , so IDS loses . In addition, the detection cost of the IDS is , so IDS loses . Therefore, the utilities of malware and IDS are, respectively,

For the combination of pure strategies , which means that malware selects the pure strategy Noninfect and IDS selects the pure strategy Nondetect, the utilities of malware and IDS are both equal to 0.

Let denote the probability that the follower IDS selects the pure strategy Detect. Correspondingly, the probability that it selects the pure strategy Nondetect is denoted by . Let denote the probability that the leader malware selects the pure strategy Infect. Correspondingly, the probability that it selects the pure strategy Noninfect is denoted by .

For IDS, the greater the probability is, the greater the energy consumed by detection. That is, the detection cost becomes greater as increases, so we set the detection cost as a linear function of the detection probability . We obtain the expected payoff of IDS as and the detection cost is where expresses the basic cost of detection of IDS.

Then, using (11) to replace in (10), we can obtain as

For malware, the greater the probability is, the greater the attack needs to consume the resources is. That is, the infection cost becomes greater as increases, so we set the infection cost as a linear function of the infection probability . We obtain the expected payoff of malware as and the infection cost is where expresses the basic cost of infection by malware.

Then, using (14) to replace in (13), we can obtain as

4.2. Predicting the Optimal Infection Probability of Malware

In this section, we predict the optimal infection probability of malware by calculating the Stackelberg equilibrium of the SADG.

Theorem 1. In the SADG, the optimal infection probability of malware choosing the pure strategy Infect is

Proof. According to the equilibrium solution of the Stackelberg game, we first calculate the reaction of the follower IDS and obtain the optimal detection probability that maximizes . Then, based on the known optimal detection probability , we can calculate the reaction of the leader malware and obtain the optimal infection probability .
First, we calculate the first-order partial derivative of with respect to as The second-order partial derivative of with respect to is Since the basic cost of detection is greater than 0, is less than 0. Therefore, has the maximum value. Setting (17) equal to zero, we can obtain Then, we calculate the reaction of the leader malware by introducing the parameter , and we obtain the optimal infection probability .
The first-order partial derivative of with respect to is The second-order partial derivative of with respect to is Since the basic cost of infection is greater than 0, is less than 0. Therefore, has the maximum value. Setting (20) equal to zero for maximization, we substitute (19) with the optimal detection probability and obtain the optimal infection probability as It can be seen from the proof and derivation that is the optimal infection probability of malware. The proof is complete.

5. Steady-State Availability of a Heterogeneous Sensor Node

The steady state of an HSN is an important factor determining whether it can work normally. It is random, which means that the current state of an HSN determines the change in the next state independently of the previous state. Thus, it is appropriate to describe the state transition of an HSN using an SMP. Comparing the Markov process (MP) and SMP, the MP has strict requirements for the state residence time, which must follow an exponential distribution, while the SMP does not limit the state residence time, which can follow any distribution form. Therefore, modelling the dynamic state transition process of an HSN based on an SMP appears more objective, and it is more in line with practical conditions.

The transition from one state to another based on an SMP can be considered as two logical steps, which are the residence time of an HSN in state and the transition process from state to .

Definition 3. Suppose the residence time of an HSN in state is expressed as ; then, the distribution is expressed as .

Definition 4. Let represent the probability that an HSN translates to state , and let the distribution be expressed as .

Definition 5. The steady-state probability is the share of the residence time of an HSN in each state in the total residence time of all states. Let represent the steady-state probability vector of an HSN; the distribution is expressed as , where

According to the proposed HSTARD model, the state transition matrix of an HSN is constructed as

Here, , , , , ,, , , , , , , , , , and .

According to the discrete Markov properties, we obtain

Combining and solving (24) and (25), we can obtain

Substituting , , , , and into (25), we can obtain where , , , , and .

Since the steady-state availability of an HSN describes its ability to continue working after being damaged or attacked by malware, an HSN in state A or D cannot work normally. Therefore, the steady-state availability of an HSN of type in HECWSNs with topology , denoted by , is

6. Steady-State Availability of HECWSNs

6.1. Steady-State Availability of HECWSNs with a Star Topology

HECWSNs with a star topology are composed of a single sink sensor node and some common sensor nodes (see Figure 3). The common sensor nodes are responsible for collecting data and forwarding them to the sink sensor node, which is responsible for processing data and transferring them to the base station. Common sensor nodes work in parallel without affecting each other and are classified into a parallel system. Thus, to enable HECWSNs to work normally, two conditions should be met: (1) the sink sensor node is able to work normally, and (2) a certain number of common sensor nodes can work normally.

Assuming that the HECWSNs with a star topology contain common sensor nodes, the steady-state availability of each common sensor node is denoted by . It is required that there be at least common sensor nodes working normally in the HECWSNs. When the HECWSNs can work normally, the number of common working sensor nodes is denoted by . In the HECWSNs, the steady-state availability of the sink sensor node is denoted by , which is expressed as . The steady-state availability of the HECWSNs with a star topology, denoted by , is

6.2. Steady-State Availability of HECWSNs with a Cluster Topology

HECWSNs with a cluster topology are composed of three node types: sink sensor nodes, cluster head nodes [53], and common sensor nodes (see Figure 4). Cluster head nodes are selected from common sensor nodes [54], so the availability of cluster head nodes is equal to that of common sensor nodes. A cluster is composed of a cluster head node and some common sensor nodes. When the HECWSNs work, the common sensor nodes first communicate with the cluster head node, and then, the cluster head node communicates with the sink sensor node. As long as there is one common working sensor node in a cluster, the cluster is available.

In HECWSNs with a cluster topology, suppose that the steady-state availability of a common sensor node in a cluster is denoted by and that the number of common sensor nodes in a cluster is expressed by . The steady-state availability of a cluster in the HECWSNs, denoted by , is

For HECWSNs with a cluster topology, if a cluster is regarded as one unit, it can be regarded as having a star structure. Suppose that there are clusters and that the steady-state availability of the sink sensor nodes is denoted by . Suppose that there are at least clusters required to work normally in the HECWSNs and that the number of working clusters is denoted by . The steady-state availability of the HECWSNs with a cluster topology, denoted by , is

6.3. Steady-State Availability of HECWSNs with a Mesh Topology

HECWSNs with a mesh topology usually contain several sink sensor nodes, and each sink sensor node manages some common sensor nodes (see Figure 5). The common sensor nodes are responsible for translating the collected data to the corresponding sink sensor node, and then, the sink sensor node sends data to the base station [55].

In HECWSNs with a mesh topology, communication between a sink sensor node and its common sensor nodes occurs in a parallel system (see Figure 5), so the HECWSNs can be regarded as a combination of multiple HECWSNs with star topologies. Assume that the total number of common sensor nodes connecting to the sink sensor node is , the minimum number of common sensor nodes required to work normally is , the steady-state availability of a common sensor node is denoted by , and the number of common working sensor nodes connecting to the sink sensor node is denoted by . Then, the steady-state availability of the sink sensor node, denoted by , is

To enable HECWSNs with a mesh topology to work normally, at least a certain number of sink sensor nodes are required to work normally. Assume that the total number of sink sensor nodes is , the minimum number of sink sensor nodes required to work normally is , and the number of working sink sensor nodes is denoted by . Then, the steady-state availability of the HECWSNs with a mesh topology is denoted by , which can be expressed as

7. Experimental Simulations and Data Analysis

In this paper, simulation experiments to verify the steady-state availability of HECWSNs are completed based on MATLAB 2015. The steady-state availability of HECWSNs with malware infections is affected by many factors, including the initial infection probability , the infection change rate , and the infection probability of malware. First, we analyse the influence of the detection rate and false alarm rate of the IDS on the optimal infection probability of malware. Second, we analyse the impact of the initial infection probability and infection change rate on the steady-state availability of HSNs. Third, we evaluate the steady-state availability of HECWSNs with various topologies, including the star topology, cluster topology, and mesh topology.

7.1. Optimal Infection Probability of Malware under the Influence of IDS Parameters

In this section, the experimental data show the influence of the detection rate and false alarm rate of the IDS on the optimal infection probability of malware. In the experiment, the relevant parameters are set as , , , and .

With the increase of the detection rate of the IDS, the optimal infection probability of malware will decrease (see Figure 6), but with the increase of the false alarm rate of the IDS, the optimal infection probability of malware will also increase. For example, when the detection rate of the IDS increases from 0.5 to 0.95, the optimal infection probability of malware decreases from 0.06 to 0.01 when . When the false alarm rate of the IDS increases from 0.04 to 0.12, the optimal infection probability of malware increases from 0.04 to 0.14 when .

According to the analysis of the experimental data, to decrease the optimal infection probability of malware, we should prioritize reducing the false alarm rate to improve the detection rate.

7.2. Effect of the Initial Infection Rate and the Infection Change Rate on the Steady-State Availability of an HSN

The steady-state availability of an HSN is related to the initial infection rate and the infection change rate (see Figure 7). It can be seen from the experimental data curves that with the increase of the initial infection rate and the infection change rate, the steady-state availability of an HSN decreases gradually.

For example, when the initial infection rate increases from 0.1 to 0.6, the steady-state availability of the HSN decreases from 0.8596, 0.8543, and 0.8483 to 0.8021, 0.7953, and 0.7886, corresponding to three values of the infection change rate, , , and , respectively. The data analysis indicates that the higher the initial infection rate is, the greater the probability of HSNs being infected by malware is, and the lower the steady-state availability of the HSNs is. The higher the infection change rate is, the more difficult it is for HSNs to suppress malware infection. Therefore, to improve the steady-state availability of HSNs, we should reduce the initial infection rate and the infection change rate.

The initial infection rate and the infection change rate influence the steady-state availability of a sink sensor node (see Figure 8). It can be seen from the experimental data curves that with the increase of the sink sensor node’s degree , the steady-state availability of the sink sensor node decreases gradually. Three functions of the initial infection rate are considered in the experiment: , , and . Figure 7 shows that when the degree of the sink sensor node increases from 10 to 60, the steady-state availability of the sink sensor node decreases from 0.8673 to 0.7535. When the initial infection rate of the sink sensor node satisfies the power function, the steady-state availability of the sink sensor node is least affected by its degree , followed by the linear function and then the exponential function.

For example, when the degree of the sink sensor node is set as 35, the steady-state availability of the sink sensor node is 0.8565, 0.8214, and 0.7946, corresponding to three functions of the initial infection rate , , and , respectively. Experimental data analysis indicates that the function of the initial infection is the most appropriate for HECWSNs.

7.3. Steady-State Availability of HECWSNs with a Star Topology

Figure 9 shows the evaluation results of the steady-state availability of HECWSNs with a star topology. The -axis shows the number of common working sensor nodes connecting to the sink sensor node, which ranges from 15 to 30. The -axis shows the total number of common sensor nodes connecting to the sink sensor node, which ranges from 20 to 30. The -axis shows the steady-state availability of HECWSNs with a star topology, which ranges from 0 to 1.

With the increase in the total number of common sensor nodes connecting to the sink sensor node, the steady-state availability of the HECWSNs will increase (see Figure 9). However, with the increase in the number of common working sensor nodes connecting to the sink sensor node, the steady-state availability of the HECWSNs will decrease. For example, when the number of common working sensor nodes connecting to the sink sensor node is 20, the steady-state availability of HECWSNs with a star topology will gradually increase from 0 to 0.75 as the total number of common sensor nodes connecting to the sink sensor node increases from 20 to 30. When the total number of common sensor nodes connecting to the sink sensor node is 30, the steady-state availability of HECWSNs with a star topology will gradually decrease from 0.75 to 0 as the number of common working sensor nodes connecting to the sink sensor node increases from 15 to 30. Therefore, when constructing HECWSNs with a star topology, it is necessary to increase the number of redundant common sensor nodes according to the actual situation, which helps to increase the steady-state availability of HECWSNs with a star topology.

7.4. Steady-State Availability of HECWSNs with a Cluster Topology

Figure 10 shows the evaluation results for the steady-state availability of HECWSNs with a cluster topology. The -axis shows the number of working clusters, which ranges from 15 to 30. The -axis shows the total number of clusters, which ranges from 20 to 30. The -axis shows the steady-state availability of HECWSNs with a cluster topology, which ranges from 0 to 1.

With the increase in the total number of clusters, the steady-state availability of HECWSNs with a cluster topology will increase (see Figure 10). However, with the increase in the number of working clusters, the steady-state availability of HECWSNs with a cluster topology will decrease. For example, when the number of working clusters is 25, the steady-state availability of HECWSNs with a cluster topology will gradually increase from 0 to 0.75 as the total number of clusters increases from 24 to 30. When the total number of clusters is 26, the steady-state availability of HECWSNs with a cluster topology will gradually decrease from 0.75 to 0 as the number of working clusters increases from 15 to 27. Therefore, when constructing HECWSNs with a cluster topology, it is necessary to increase the number of redundant clusters according to the actual situation, which helps to increase the steady-state availability of HECWSNs with a cluster topology.

7.5. Steady-State Availability of HECWSNs with a Mesh Topology

Figure 11 shows the evaluation results of the steady-state availability of HECWSNs with a mesh topology. The -axis shows the number of common working sensor nodes in a subnet, which ranges from 2 to 6. The -axis shows the total number of common sensor nodes in a subnet, which ranges from 20 to 30. The -axis shows the steady-state availability of HECWSNs with a mesh topology, which ranges from 0 to 1.

With the increase in the number of common sensor nodes in a subnet, the steady-state availability of HECWSNs with a mesh topology will increase (see Figure 11). However, with the increase in the number of common working sensor nodes in a subnet, the steady-state availability of HECWSNs with a mesh topology will decrease. For example, when the number of common working sensor nodes in a subnet is 2, the steady-state availability of HECWSNs with a mesh topology will increase from 0 to 1 as the total number of common sensor nodes in a subnet increases from 20 to 30. When the total number of common sensor nodes in a subnet is 30, the steady-state availability of HECWSNs with a mesh topology will decrease from 1 to 0.18 as the number of common working sensor nodes in a subnet increases from 2 to 6. Therefore, when constructing HECWSNs with a mesh topology, it is necessary to increase the number of redundant common sensor nodes in a subnet and the number of sink sensor nodes, which helps to increase the steady-state availability of HECWSNs with a mesh topology.

8. Conclusions

To suppress the spread of malware and improve the steady-state availability of HECWSNs, considering the heterogeneity of common sensor nodes and sink sensor nodes in HECWSNs with malware infections, we evaluated the steady-state availability of HECWSNs with malware infections based on an SMP and a Stackelberg game. First, we established the SADG to predict the optimal infection probability of malware. Second, extending the classical epidemic SIR model by adding states T, A, and D, we proposed an HSTARD model to describe the states of HSNs. Third, considering the influence of the malware attack correlation on the steady-state availability of HECWSNs, we obtained the steady-state availability of HECWSNs with various topologies, including the star topology, cluster topology, and mesh topology. The steady-state availability evaluation of HECWSNs provides a theoretical basis for the design, deployment, and maintenance of high-availability HECWSNs.

In future work, an even more interesting direction to consider is the heterogeneity of infection change rate of HSNs. When the influences of neighbour sensor nodes are considered, the infection change rate of HSNs is effect by their degree. In addition, another consideration is to evaluate the steady-state availability of HECWSNs with multiple topologies, in which HSNs are deployed in a variety of topologies, including star topology, cluster topology, and mesh topology.

Data Availability

No data were used to support this study.

Conflicts of Interest

The authors declare no conflicts of interest in this paper.

Acknowledgments

This work was supported in part by the Zhejiang Provincial Natural Science Foundation of China under Grant LZ22F020002.

References

N. Abbas, Y. Zhang, A. Taherkordi, and T. Skeie, “Mobile edge computing: a survey,” IEEE Internet of Things Journal, vol. 5, no. 1, pp. 450–465, 2018.
View at: Google Scholar
S. Feng, C. Wu, Y. Zhang, and G. Oliva, “WSN deployment and localization using a mobile agent,” Wireless Personal Communications, vol. 97, no. 4, pp. 4921–4931, 2017.
View at: Google Scholar
R. Herrero, “Analytical model of IoT CoAP traffic,” Digital Communications and Networks, vol. 5, no. 2, pp. 63–68, 2019.
View at: Google Scholar
P. Park, H. S. Ghadikolaei, and C. Fischione, “Proactive fault-tolerant wireless mesh networks for mission-critical control systems,” Journal of Network and Computer Applications, vol. 186, article 103082, 2021.
View at: Google Scholar
M. S. Haghighi, S. Wen, Y. Xiang, B. Quinn, and W. Zhou, “On the race of worms and patches: modeling the spread of information in wireless sensor networks,” IEEE Transactions on Information Forensics and Security, vol. 11, no. 12, pp. 2854–2865, 2016.
View at: Google Scholar
R. Shahzadi, M. Ali, H. Z. Khan, and M. Naeem, “UAV assisted 5G and beyond wireless networks: a survey,” Journal of Network and Computer Applications, vol. 189, article 103114, 2021.
View at: Google Scholar
M. B. Dowlatshahi, M. Kuchaki Rafsanjani, and B. B. Gupta, “An energy aware grouping memetic algorithm to schedule the sensing activity in WSNs-based IoT for smart cities,” Applied Soft Computing, vol. 108, article 107473, 2021.
View at: Google Scholar
I. Kitouni, D. Benmerzoug, and F. Lezzar, “Smart agricultural enterprise system based on integration of internet of things and agent technology,” Journal of Organizational and End User Computing, vol. 4, no. 30, pp. 64–82, 2018.
View at: Google Scholar
K. G. Srinivasa, B. J. Sowmya, A. Shikhar, R. Utkarsha, and A. Singh, “Data analytics assisted Internet of Things towards building intelligent healthcare monitoring systems,” Journal of Organizational and End User Computing, vol. 3, no. 4, pp. 83–103, 2018.
View at: Google Scholar
Z. W. A. S. Yu, “Binomial distribution based reputation for WSNs: a comprehensive survey,” KSII Transactions on Internet and Information Systems TIIS, vol. 15, no. 10, pp. 3793–3814, 2021.
View at: Google Scholar
L. Fan, E. Fan, C. Yuan, and K. Hu, “Weighted fuzzy track association method based on Dempster–Shafer theory in distributed sensor networks,” International Journal of Distributed Sensor Networks, vol. 12, no. 7, Article ID 812018627, 2016.
View at: Google Scholar
L. Fabisiak, “Web service usability analysis based on user preferences,” Journal of Organizational and End User Computing, vol. 30, no. 4, pp. 1–13, 2018.
View at: Google Scholar
S. Hosseini, M. A. Azgomi, and A. T. Rahmani, “Malware propagation modeling considering software diversity and immunization,” Journal of Computational Science, vol. 13, pp. 49–67, 2016.
View at: Google Scholar
Y. Wang, S. Wen, Y. Xiang, and W. Zhou, “Modeling the propagation of worms in networks: a survey,” IEEE Communications Surveys & Tutorials, vol. 16, no. 2, pp. 942–960, 2014.
View at: Google Scholar
T. Wang, M. Z. A. Bhuiyan, G. Wang, L. Qi, J. Wu, and T. Hayajneh, “Preserving balance between privacy and data integrity in edge-assisted internet of things,” IEEE Internet of Things Journal, vol. 7, no. 4, pp. 2679–2689, 2020.
View at: Google Scholar
B. Asvija, R. Eswari, and M. B. Bijoy, “Security threat modelling with Bayesian networks and sensitivity analysis for IAAS virtualization stack,” Journal of Organizational and End User Computing, vol. 33, no. 4, pp. 44–66, 2021.
View at: Google Scholar
Q. Li, Q. Zhang, H. Huang, W. Zhang, W. Chen, and H. Wang, Secure, Efficient and Weighted Access Control for Cloud-Assisted Industrial IoT, IEEE Internet of Things Journal, Early Access, 2022.
M. T. Amin, F. Khan, and S. Imtiaz, “Dynamic availability assessment of safety critical systems using a dynamic Bayesian network,” Reliability Engineering & System Safety, vol. 178, pp. 108–117, 2018.
View at: Google Scholar
D. K. Kotary, S. J. Nanda, and R. Gupta, “A many-objective whale optimization algorithm to perform robust distributed clustering in wireless sensor network,” Applied Soft Computing, vol. 110, article 107650, 2021.
View at: Google Scholar
V. P. Illiano and E. C. Lupu, “Detecting malicious data injections in wireless sensor networks,” ACM Computing Surveys, vol. 48, no. 2, 2015.
View at: Google Scholar
F. A. Alaba, M. Othman, I. A. T. Hashem, and F. Alotaibi, “Internet of Things security: a survey,” Journal of Network and Computer Applications, vol. 88, pp. 10–28, 2017.
View at: Google Scholar
A. S. Nandan, S. Singh, and L. K. Awasthi, “An efficient cluster head election based on optimized genetic algorithm for movable sinks in IoT enabled HWSNs,” Applied Soft Computing, vol. 107, article 107318, 2021.
View at: Google Scholar
D. Acarali, M. Rajarajan, N. Komninos, and B. B. Zarpelão, “Modelling the spread of botnet malware in IoT-based wireless sensor networks,” Security and Communication Networks, vol. 2019, Article ID 3745619, 2019.
View at: Google Scholar
A. Mahboubi, S. Camtepe, and H. Morarji, “A study on formal methods to generalize heterogeneous mobile malware propagation and their impacts,” IEEE Access, vol. 5, pp. 27740–27756, 2017.
View at: Google Scholar
S. Madadi, B. Mohammadi-Ivatloo, and S. Tohidi, “Probabilistic available transfer capability evaluation considering dynamic line rating based on a sequential game-theoretic approach,” IEEE Systems Journal, vol. 16, 2021.
View at: Google Scholar
M. Dibaei, X. Zheng, K. Jiang et al., “Attacks and defences on intelligent connected vehicles: a survey,” Digital Communications and Networks, vol. 6, no. 4, pp. 399–421, 2020.
View at: Google Scholar
Q. Jia, R. Xie, T. Huang, J. Liu, and Y. Liu, “Caching resource sharing for network slicing in 5G core network: a game theoretic approach,” Journal of Organizational and End User Computing, vol. 31, no. 4, pp. 1–18, 2019.
View at: Google Scholar
T. Li, H. Wang, D. He, and J. Yu, Blockchain-Based Privacy-Preserving and Rewarding Private Data Sharing for IoT, IEEE Internet of Things Journal, Early Access, 2022.
S. Shen, K. Hu, L. Huang, H. Li, R. Han, and Q. Cao, “Quantal response equilibrium-based strategies for intrusion detection in WSNs,” Mobile Information Systems, vol. 2015, Article ID 179839, 2015.
View at: Google Scholar
L. Xiao, X. Lu, T. Xu, X. Wan, W. Ji, and Y. Zhang, “Reinforcement learning-based mobile offloading for edge computing against jamming and interference,” IEEE Transactions on Communications, vol. 68, no. 10, pp. 6114–6126, 2020.
View at: Google Scholar
J. Xu, “Digital community management mobile information system based on edge computing,” Mobile Information Systems, vol. 2021, 11 pages, 2021.
View at: Google Scholar
B. P. Rimal, D. P. Van, and M. Maier, “Mobile-edge computing empowered fiber-wireless access networks in the 5G era,” IEEE Communications Magazine, vol. 11, no. 2, pp. 192–200, 2016.
View at: Google Scholar
P. Corcoran and K. Soumya, “Mobile-edge computing and the Internet of Things for consumers: extending cloud computing and services to the edge of the network,” IEEE Consumer Electronics Magazine, vol. 5, no. 4, pp. 73-74, 2016.
View at: Google Scholar
S. Wen, W. Zhou, J. Zhang et al., “Modeling and analysis on the propagation dynamics of modern email malware,” IEEE Transactions on Dependable and Secure Computing, vol. 11, no. 4, pp. 361–374, 2014.
View at: Google Scholar
B. K. Mishra and N. Keshri, “Mathematical model on the transmission of worms in wireless sensor network,” Applied Mathematical Modelling, vol. 37, no. 6, pp. 4103–4111, 2013.
View at: Google Scholar
M. H. R. Khouzani, S. Sarkar, and E. Altman, “Saddle-point strategies in malware attack,” IEEE Journal on Selected Areas in Communications, vol. 30, no. 1, pp. 31–43, 2012.
View at: Google Scholar
S. Hosseini and M. A. Azgomi, “The dynamics of an SEIRS-QV malware propagation model in heterogeneous networks,” Physica A: Statistical Mechanics and its Applications, vol. 512, pp. 803–817, 2018.
View at: Google Scholar
K. C. Lalropuia and V. Gupta, “A Bayesian game model and network availability model for small cells under denial of service (DoS) attack in 5G wireless communication network,” Wireless Networks, vol. 26, no. 1, pp. 557–572, 2020.
View at: Google Scholar
W. Jiang, Z. Ma, and X. Deng, “An attack-defense game based reliability analysis approach for wireless sensor networks,” International Journal of Distributed Sensor Networks, vol. 15, no. 4, Article ID 812336897, 2019.
View at: Google Scholar
S. Shen, H. Ma, E. Fan et al., “A non-cooperative non-zero-sum game-based dependability assessment of heterogeneous WSNs with malware diffusion,” Journal of Network and Computer Applications, vol. 91, pp. 26–35, 2017.
View at: Google Scholar
S. Shen, H. Li, R. Han, A. V. Vasilakos, Y. Wang, and Q. Cao, “Differential game-based strategies for preventing malware propagation in wireless sensor networks,” IEEE Transactions on Information Forensics and Security, vol. 9, no. 11, pp. 1962–1973, 2014.
View at: Google Scholar
J. Liu, S. Shen, G. Yue, R. Han, and H. Li, “A stochastic evolutionary coalition game model of secure and dependable virtual service in sensor-cloud,” Applied Soft Computing, vol. 30, pp. 123–135, 2015.
View at: Google Scholar
S. Shen, L. Huang, H. Zhou, S. Yu, E. Fan, and Q. Cao, “Multistage signaling game-based optimal detection strategies for suppressing malware diffusion in fog-cloud-based IoT networks,” IEEE Internet of Things Journal, vol. 5, no. 2, pp. 1043–1054, 2018.
View at: Google Scholar
J. Liu, X. Wang, S. Shen, G. Yue, S. Yu, and M. Li, “A Bayesian Q-learning game for dependable task offloading against DDoS attacks in sensor edge cloud,” IEEE Internet of Things Journal, vol. 8, no. 9, pp. 7546–7561, 2020.
View at: Google Scholar
J. Liu, X. Wang, S. Shen et al., “Intelligent jamming defense using DNN Stackelberg game in sensor edge cloud,” IEEE Internet of Things Journal, vol. 9, 2021.
View at: Publisher Site | Google Scholar
S. Famila, A. Jawahar, S. Vimalraj, and J. Lydia, “Integrated energy and trust-based semi-Markov prediction for lifetime maximization in wireless sensor networks,” Wireless Personal Communications, vol. 118, no. 1, pp. 505–522, 2021.
View at: Google Scholar
D. V. Kanchana and R. Ganesan, “Semi Markov process inspired selfish aware co-operative scheme for wireless sensor networks (SMPISCS),” Cybersecurity, vol. 2, no. 1, 2019.
View at: Google Scholar
R. K. Shakya, K. Rana, A. Gaurav, P. Mamoria, and P. K. Srivastava, “Stability analysis of epidemic modeling based on spatial correlation for wireless sensor networks,” Wireless Personal Communications, vol. 108, no. 3, pp. 1363–1377, 2019.
View at: Google Scholar
J. Tang, C. Ma, and P. Tian, “Network availability evaluation based on Markov chain of QoS-aware,” Wireless Personal Communications, vol. 113, no. 4, pp. 1673–1689, 2020.
View at: Google Scholar
R. Gour, G. Ishigaki, J. Kong, and J. P. Jue, “Availability-guaranteed slice composition for service function chains in 5G transport networks,” Journal of Optical Communications and Networking, vol. 13, no. 3, pp. 14–24, 2021.
View at: Google Scholar
P. Pereira, J. Araujo, C. Melo, V. Santos, and P. Maciel, “Analytical models for availability evaluation of edge and fog computing nodes,” Journal of Supercomputing, vol. 77, pp. 9905–9933, 2021.
View at: Google Scholar
A. Jafarabadi and M. A. Azgomi, “A stochastic epidemiological model for the propagation of active worms considering the dynamicity of network topology,” Peer-to-peer Networking and Applications, vol. 8, no. 6, pp. 1008–1022, 2015.
View at: Google Scholar
S. A. Sert and A. Yazici, “Increasing energy efficiency of rule-based fuzzy clustering algorithms using CLONALG-M for wireless sensor networks,” Applied Soft Computing, vol. 109, article 107510, 2021.
View at: Google Scholar
D. N. Kanellopoulos, “Recent progress on QoS scheduling for mobile ad hoc networks,” Journal of Organizational and End User Computing, vol. 31, no. 3, pp. 37–66, 2019.
View at: Google Scholar
B. Baranidharan and B. Santhi, “DUCF: distributed load balancing unequal clustering in wireless sensor networks using fuzzy approach,” Applied Soft Computing, vol. 40, pp. 495–506, 2016.
View at: Google Scholar

Copyright

Copyright © 2022 Hong Zhang et al. This is an open access article distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.

PDF Download Citation

Download other formats

Order printed copies

Mobile Information Systems

Artificial Intelligence and Edge Computing in Mobile Information Systems

Steady-State Availability Evaluation for Heterogeneous Edge Computing-Enabled WSNs with Malware Infections

Abstract

1. Introduction

2. Related Work

3. HSTARD Model

4. A Stackelberg Attack-Defence Game for Predicting the Optimal Infection Probability of Malware

4.1. Defining a Stackelberg Attack-Defence Game

4.2. Predicting the Optimal Infection Probability of Malware

5. Steady-State Availability of a Heterogeneous Sensor Node

6. Steady-State Availability of HECWSNs

6.1. Steady-State Availability of HECWSNs with a Star Topology

6.2. Steady-State Availability of HECWSNs with a Cluster Topology

6.3. Steady-State Availability of HECWSNs with a Mesh Topology

7. Experimental Simulations and Data Analysis

7.1. Optimal Infection Probability of Malware under the Influence of IDS Parameters

7.2. Effect of the Initial Infection Rate and the Infection Change Rate on the Steady-State Availability of an HSN

7.3. Steady-State Availability of HECWSNs with a Star Topology

7.4. Steady-State Availability of HECWSNs with a Cluster Topology

7.5. Steady-State Availability of HECWSNs with a Mesh Topology

8. Conclusions

Data Availability

Conflicts of Interest

Acknowledgments

References

Copyright