Distributed Security: We plan to study security properties typical in
the context of distributed computing; for example the way in which worms may
propagate through a network. We have done some initial work on analysing a
network to determine the probability that a node can pass infection to its
neighbours. Probabilistic abstract interpretation can be used to abstract
the structure of the network in order to make the analysis tractable. Over
the past few years, there have been a number of high-profile examples of
computer viruses. Not surprisingly, the security community has been
interested in analysing this phenomenon. An interesting example, taking its
inspiration from epidemiological research, is Zou et al's analysis of the
Code Red Worm propagation [68]. We propose a quite different
approach; rather than a post hoc modelling of the way in which a particular
virus has spread, we propose a framework that can predict the vulnerability
of a system.
Consider the following network (assuming that all nodes in each layer are
fully connected to each other):
Obviously if the three nodes in the middle layer are virus-resistant then
the infection will never spread from the top network to the lower network.
If one node in the middle layer can be infected, then it is a matter of time
until the infection spreads to the lower part. The question is how long will
it take in the average. If there are two un-protected nodes in the middle
layer then it should go faster, etc.