Maximizing Infection: A Competitive Non-Cooperative Game Between Two Malware Designers
摘要
Malware poses a growing threat to computer security, with potentially devastating consequences for individuals and enterprises. Understanding the strategies employed by these cyber threat programs and their interactions when competing is essential for developing effective countermeasures and safeguarding digital infrastructures. In this article, we investigate a population of digital nodes (such as phones, computers, \(\dots \) ) under attack from two competing malware, each aiming to maximize the number of compromised devices in the network. These malware compromise nodes to harness their computational resources for targeted activities such as cryptocurrency mining, cloud computing, and other resource-intensive tasks. We model the network using a susceptible-infected-resistant (S2IR) epidemiological framework, where entities move between susceptible, infected (active, those whose resources are exploited or passive, those used to propagate the malware), or resistant states. Furthermore, we consider that malware developers set a resource consumption rate from their controlled hosts, affecting the detection and recovery rate of these nodes. Therefore, instead of focusing on optimizing resource usage, the objective of each malware is to maximize the peak of active devices. We formulate this as a non-cooperative game and analyze infection rate strategies at Nash equilibrium using a function approximating the count of active hosts at each instant. Numerical results validate our analysis, allowing us to assess the maximum number of active hosts for each malware. Our work provides insights into the dynamics of competition among malware, solely motivated by the goal of maximizing the share of the active population.