Devising appropriate defense strategies against malware propagation in complex networks with minimal budget is a challenging problem in research community. This paper studies and compares various immunization strategies such as random immunization, targeted immunization, acquaintance immunization and high-risk immunization to prevent the outbreak of malware. Also, three measures of node centrality (degree, closeness and betweenness) are taken into targeted immunization to slow down the malware propagation process. The malware propagation is modelled based on the susceptible–exposed–infected–recovered–susceptible with quarantine state (SEIRS-Q) epidemic model. Using numerical simulations, the model is verified with considering defense mechanisms in a synthetic (SFN) and a real (Facebook) network topology. The simulation results can help to better understand the effects of defense strategies against the malware propagation. The results show that the use of immunization and software diversity together are more effective than using each of them singly, in terms of reducing the density of infected node and halting malware propagation.

在研究社区中，以最小的预算设计适当的防御策略以防止复杂网络中的恶意软件传播是一个具有挑战性的问题。本文研究并比较了各种免疫策略，例如随机免疫，针对性免疫，熟人免疫和高风险免疫，以防止恶意软件的爆发。此外，针对目标免疫采取了三种节点中心度（程度，紧密度和中间度）的措施，以减慢恶意软件的传播过程。恶意软件的传播是基于隔离状态（SEIRS-Q）的易感性，暴露，感染，恢复和易感性建模的。使用数值模拟，通过考虑综合（SFN）和实际（Facebook）网络拓扑中的防御机制来验证模型。仿真结果有助于更好地理解防御策略对恶意软件传播的影响。结果表明，在降低感染节点的密度和阻止恶意软件传播方面，结合使用免疫和软件多样性比单独使用它们更有效。