Secure the IoT Networks as Epidemic Containment Game

Abstract

The spread of a computer virus among the Internet of Things (IoT) devices can be modeled as an Epidemic Containment (EC) game, where each owner decides the strategy, e.g., installing anti-virus software, to maximize his utility against the susceptible-infected-susceptible (SIS) model of the epidemics on graphs. The EC game’s canonical solution concepts are the Minimum/Maximum Nash Equilibria (MinNE/MaxNE). However, computing the exact MinNE/MaxNE is NP-hard, and only several heuristic algorithms are proposed to approximate the MinNE/MaxNE. To calculate the exact MinNE/MaxNE, we provide a thorough analysis of some special graphs and propose scalable and exact algorithms for general graphs. Especially, our contributions are four-fold. First, we analytically give the MinNE/MaxNE for EC on special graphs based on spectral radius. Second, we provide an integer linear programming formulation (ILP) to determine MinNE/MaxNE for the general graphs with the small epidemic threshold. Third, we propose a branch-and-bound (BnB) framework to compute the exact MinNE/MaxNE in the general graphs with several heuristic methods to branch the variables. Fourth, we adopt NetShiled (NetS) method to approximate the MinNE to improve the scalability. Extensive experiments demonstrate that our BnB algorithm can outperform the naive enumeration method in scalability, and the NetS can improve the scalability significantly and outperform the previous heuristic method in solution quality.

1. Introduction

Diffusion processes in small networks can model the explosive spread of computer viruses (e.g., WananCry ransomware 2017 [1]) in an IoT network or Cyber–Physical Systems (CPS) network. Efficient investment (secure firewall, etc.) can contain the spread of such adverse events, which involves a specific cost for individuals. Most owners of a device prefer to benefit from their neighbors as their security depends on the strategies of the entire population. These dilemmas with the following properties can be modeled as Interdependent Security (IDS) games: (1) a bad event happens suddenly within a population of devices, whose security depends on the entire population; (2) individuals can reduce these risks by the investment [2].

Researches propose many models in this area [3,4,5,6]. A large part of models involve individual utility functions that are difficult to compute, and some models cannot be extended to heterogeneous networks, which are not close to realistic scenarios. Thus, Saha et al. [7] used the characterization of spectral radius to simplify the utility function, and present a general dynamics SIS model for arbitrary graphs as an Epidemic Containment (EC) game. When an epidemic dies out in an EC game, every individual prefers not to change its strategy under a Nash Equilibrium (NE).

The study of computing equilibria is challenging. Minimum Nash Equilibria (MinNE) and Maximum Nash Equilibria (MaxNE) are essential parts of understanding NE. Several algorithms can be used to find MinNE/MaxNE for the EC game. High Degree (HDG) and Low Degree (LDG) are heuristic algorithms for MinNE and MaxNE, respectively [7]. They generate the strategy in a degree order, which will pick a node that does not belong to any secured node set of MinNE/MaxNE, leading to a big loss with the exact solution. Neighbors Information (NI) [8] is a heuristic MaxNE algorithm which performs better. NI decides with too much information: information of nodes, strategy of their neighborhood, and spectral radius of networks. On the one hand, the algorithms mentioned above perform poorly, as shown in Section 3. On the other hand, big complex networks are hard to estimate NE cost. Thus, company managers are interested in the small networks in which LDG/HDG/NI cannot give the exact MinNE/MaxNE.

To fill this gap, we provide a thorough analysis of some special graphs and propose exact and scalable algorithms for general graphs, and our contributions are four-fold. First, we give the MinNE/MaxNE for EC on special graphs based on spectral radius. For several important classes of network topologies (star-shaped graphs, complete graphs, and path graphs), MinNE and MaxNE are equal in most cases. Second, we provide an integer linear programming formulation (ILP) to compute MinNE/MaxNE for the general graphs with the small epidemic threshold. Third, we propose a Branch-and-Bound (BnB) framework to compute the exact MinNE/MaxNE in the general graphs with several heuristic methods to branch the variables. We speed up the search with information of degree, reduction of spectral radius, and neighborhood of nodes. We also adopt the NetShiled (NetS) method to approximate the MinNE to improve the scalability. Fourth, we test our methods empirically by comparing our algorithms with the enumeration method on a random tree, Erdoős–Rényi (ER) random networks, and Barabási–Albert (BA) scale-free networks, and extensive experiments demonstrate that our algorithm framework can outperform the naive enumeration method in scalability. The NetS algorithm can improve the scalability significantly and outperform previous heuristic method in solution quality.

2. Related Work

Security game is a game-theoretic model that captures essential characteristics of decision making to protect and self-insure resources within a network [9]. Kumar et al. [10] limit the amount of graph information needed in the utility function, and consider decisions restricted to the graph induced by nodes within a distance. Jiang et al. [11] consider a network security game where the utility function determine by a weighted topology which represents the positive externality between players. The utility function in the EC game also involves a global quantity in the form of the spectral radius, which can be a good proxy for estimating this cost from the characterization of Ganesh et al. [6]. Secure problems (infection, computer virus, etc.) with interdependent actions can formulate as Interdependent Security (IDS) games [12,13]. Kunreuther et al. [14] mainly focus on the IDS game limited to the simple case of two agents. Moreover, general IDS model makes decisions on the one-hop strategy limiting the information as a system. Aspnes et al. [5] give an inoculation game model, which is a propagation-based IDS assuming a restricted network topology. In this study, the infected individual will infect all its neighbors. In the EC game, the individual is cured with a fixed rate. It is more closely to the spread of epidemics in real life.

In the domain of immunization algorithm, Briesemeister et al. [15] give the random wiring immunization, which is typically overwhelmed on power-law graphs. Madar et al. [16] present an “acquaintance” immunization policy that picks a random person and immunizes one random neighbor. The analytical result shows that it is better than several immunization policies for scale-free graphs. Chen et al. [17] give an approximate algorithm (NetShiled) to immunize the top k node, using matrix perturbation theory to approximate the drop of the spectral radius. Some similar works also focus on an efficient vaccination algorithm without considering NE structure [18,19]. To find NE in EC game, High Degree (HDG) and Low Degree (LDG) [7] give a rough approximation for MinNE and MaxNE by picking nodes in degree orders and checking in reverse degree orders, respectively. Xu et al. [8] find that LDG performs poorly with small network scope, and gives a heuristic algorithm with neighbors’ degree and strategy. Saha et al. [20] propose GreedyWalk, which reduces the spectral radius by reducing the number of closed walks of length k. It spends too much time to determine the closed walks. However, all the works cannot give exact MinNE/MaxNE even in small networks.

3. Preliminaries

The Epidemic Containment (EC) game [7] is based on an undirected graph $G(V,E)$ with the node set V and the edges set E. We use i as the index of the node, $i=0,\dots ,N-1$, $N=\left|V\right|$. The neighbor set is denoted by $N\left(i\right)$ and $\mathit{A}\left(G\right)$ denotes the the adjacency matrix of G. An example of an Epidemic Containment (EC) game can be shown in Figure 1.

Epidemic Model. We choose a spectral characterized susceptible-infected-susceptible (SIS, developed by Ganesh et al. [6]) model as epidemic model. In the SIS model, nodes are in states susceptible (S) or infected (I). Initially, some source nodes get infected, and all other nodes are susceptible. Each infected node i infects each of its neighbors j currently in state S at a transmission rate $\beta$; if neighbor j gets infected, it switches to state I. Each infected node i switches back to state S at rate $\delta$. An epidemic dies out soon if ${\lambda }_1\left(G\right)<\delta /\beta$, where ${\lambda }_1\left(G\right)$ is the spectral radius of the contact graph G or the largest eigenvalue of the $\mathit{A}\left(G\right)$. We define $T=\delta /\beta$ as the threshold which is smaller than ${\lambda }_1\left(G\right)$, and ${\lambda }_1\left(G\right)⩾T$ implies the epidemic lasts long [7,21].

Game Model. Let $a_i$ denote the discrete strategy selected by the node i independently, whether to become secured (denoted by $a_i=1$) or not (denoted by $a_i=0$). $\mathbf{a}=\{a_0,a_1,\dots ,a_{N-1}\}$ denotes the strategy profile of all the nodes. We use ${\mathbf{a}}_{-i}$ to denote the strategy profile of the players other than node i. $S\left(\mathbf{a}\right)=\{i\in V:a_i=1\}$ denotes secured node set with the strategy profile $\mathbf{a}$, and the graph $G[V-S(\mathbf{a}\left)\right]$ induced by the set $V-S\left(\mathbf{a}\right)$ of unsecured nodes called attack graph. $G_i[V-S\left(\mathbf{a}\right)]$ represents the unique connected component of $G[V-S(\mathbf{a}\left)\right]$ that contains node i. A node will incur a cost $C_1$ (the cost for a vaccination), if node i chooses to be secured, i.e., $a_i=1$. If node i is not secured, i.e., $a_i=0$, it probably gets infected, and its cost depends on whether or not the epidemic dies out quickly in the connected component induced by the unsecured nodes. If ${\lambda }_1\left(G_i[V-S\left(\mathbf{a}\right)]\right)<T$, node i merely bears a cost $C_0$ (the cost of secured by its neighbor); if ${\lambda }_1\left(G_i[V-S\left(\mathbf{a}\right)]\right)⩾T$, node i in the susceptible state will suffer the cost $C_2$ (the cost of recovery, $C_0<C_1<C_2$). Given the strategy profile $\mathbf{a}$, the cost of each node $c_i\left(\mathbf{a}\right)$ is described as below:

$$c_i\left(\mathbf{a}\right)=\left\{\begin{array}{ccc}\hfill C_0& ,\hfill & \hfill a_i=0,{\lambda }_1\left(G_i[V-S\left(\mathbf{a}\right)]\right)<T;\\ \hfill C_1& ,\hfill & \hfill a_i=1;\\ \hfill C_2& ,\hfill & \hfill a_i=0,{\lambda }_1\left(G_i[V-S\left(\mathbf{a}\right)]\right)⩾T.\end{array}\right.$$

(1)

$c\left(\mathbf{a}\right)={\sum }_{i\in V}{c}_i\left(\mathbf{a}\right)$ is the cost of strategy $\mathbf{a}$. Nash Equilibrium is defined as below:

Definition 1. 

For a strategy profile $\mathbf{a}$, $\forall i\in V$, we have ${\mathbf{a}}^{\prime }$ in which $a_i^{\prime }$ is the alternative strategy for node i and $a_j^{\prime }=a_j,\forall i\ne j$. The strategy profile $\mathbf{a}$ is Nash Equilibrium (NE) in EC game if and only if $c_i\left(\mathbf{a}\right)⩽c_i\left({\mathbf{a}}^{\prime }\right)$, $\forall i\in V$.

In an NE, node i cannot benefit by changing its strategy, given that ${\mathbf{a}}_{-i}$ is fixed [7]. If $\mathbf{a}$ is NE, $C_{Min}=minc\left(\mathbf{a}\right)$ is the cost of Minimum Nash Equilibria (MinNE), and $C_{Max}=maxc\left(\mathbf{a}\right)$ is the cost of Maximum Nash Equilibria (MaxNE). There is an example of EC game under $T=2.0$. An instance of EC game can be defined as a tuple $EC(G,T,C_0,C_1,C_2)$. For the rest of the paper, we will focus on instances where $C_0=0$, $C_1=1$ and $C_2=2$. Computing the Minimum Nash Equilibria (MinNE) is NP-complete [7]. We can prove complexity of Maximum Nash Equilibria (MaxNE) is NP-complete in the same way.

Lemma 1. 

Finding the Maximum Nash Equilibria of an EC game is NP-complete.

Proof. 

To prove this statement, we reduce the problem of finding vertex cover to this problem. Let $I_{VC}$ and $I_{EC}$ be two general instances of the two problems defined as follows: (1) $I_{VC}(G^{{}^{\prime }},P^{{}^{\prime }})$: Given a graph $G^{{}^{\prime }}=(V,E)$, is there a vertex cover set of size $P^{{}^{\prime }}$ or less? (2) $I_{EC}(G,T,C_0,C_1,C_2,P)$: Given the EC game $(G,T,C_0,C_1,C_2)$, is there a configuration with social cost P or less? We reduce $I_{VC}$ to $I_{EC}$ as follows: set $G=G^{{}^{\prime }}$, $T=ϵ$, where $ϵ$ is arbitrarily close to 0, set $C_0=0$, $C_2=\infty$, choose $C_1$ such that $0<C_1<\infty$ and set $P=P^{{}^{\prime }}C$. Clearly, the reduction takes polynomial time. Now we show this is a valid reduction. If there is a vertex cover set $V_1\subset V$ of size $|V_1|=P$, then $V_1$ corresponds to a secured node set of $I_{EC}$ yielding social cost $P=P^{{}^{\prime }}{C}_1$. As a result that removing the vertex cover set, by definition, leaves no edge in the graph and so, the spectral radius of the attack graph is 0 which is less than $ϵ$. Therefore, all the unsecured nodes incur zero cost and NE cost is $P=P^{{}^{\prime }}{C}_1$. On the other hand, if there is a secured node set $V_1\subset V$ of cardinality $|V_1|=P$, and NE cost $P^{{}^{\prime }}{C}_1$ in $I_{EC}$, that means removing $V_1$ from G, leaves no edge in the graph. By definition, $V_1$ is a vertex cover to G of size P. Therefore, this is a valid polynomial time reduction and finding the corresponding social cost with P in EC game is NP complete. Set $P=\left|V\right|-1,\dots ,1$ in a decreasing order, the first answer for $I_{VC}$ is the MaxNE for the corresponding $I_{EC}$. □

4. Counterexample for HDG/LDG/NI

ITERATIVESECURE (IS) [7] is a method to generate an NE for the EC game with two nodes permutations $\pi$ and $\rho$. HDG/LDG/NI [7,8] is based on ITERATIVESECURE and designed to obtain approximate MinNE or MaxNE for the EC game. According to nodes permutation $\pi$ in V, ITERATIVESECURE produces a secured node set S, and ends with ${\lambda }_1\left(G_i[V-S]\right)<T$, $i\in V-S$. Then, ITERATIVESECURE checks every node in set S by a nodes permutation $\rho$ in V. If node $\rho \left(i\right)$ changes its strategy ${\lambda }_1\left(G_{\rho \left(i\right)}[V-(S-\rho \left(i\right))]\right)<T$, delete the node from S. Permutation of nodes $\pi$ and $\rho$ in HDG are non-increasing and non-decreasing degree orders. LDG is also based on ITERITERATIVESECURE [7], permutation $\pi$ and $\rho$ are non-decreasing and non-increasing degree orders. In NI, permutation $\pi$ and $\rho$ are non-decreasing and non-increasing score orders. They have similar disadvantages: (1) pick a node too early but fail to delete it from the S (e.g., node 4 in Figure 2a); (2) fail to reach a node in permutation $\pi$ which is necessary for NE (e.g., node 4 in Figure 2c); (3) confuse the nodes with the same property (degree, reduction of spectral radius, etc.). Thus, previous algorithms cannot give the exact MinNE/MaxNE even in small networks, and we propose some algorithms to find exact MinNE/MaxNE.

5. Approach to Find Nash Equilibria for Special Networks

In this section, we explore the NE based on characters of spectral radius for three network typologies: star-shaped graphs, complete graphs, and path graphs. Given the threshold T and a specific graph, we can give a strategy and find that MinNE/MaxNE are equal in some cases.

5.1. Star-Shaped Networks

The spreading on a large amount of power-law graphs is often determined by the spreading on the star-shaped subgraphs [6]. A star-shaped graph $S_N$ is a graph with N nodes where the only edges are $(0,i)$, $i=1,\dots ,N-1$. The spectral radius of a star-shaped graph $S_k$ is ${\lambda }_1\left(S_k\right)=\sqrt{N}$ [6]. Node $i=1,\dots ,N-1$ has the same structure. When $1<T$ and $\sqrt{k}<T⩽\sqrt{k+1}$, $|N-k-1|$ nodes around node 0 getting secured can reach an NE and $C_{Min}=C_{Max}=N-k-1$. However, for $0<T⩽1$, we have $C_{Min}=1$ to immunize node 0 and $C_{Max}=N-1$ to immunize the other nodes, respectively.

5.2. Complete Graph

The complete graph also plays a prominent role in networks. For example, the BGP routers, belonging to the Internet’s top-level autonomous systems, form an utterly connected component [6]. A complete graph $K_N$ is a connected graph with N vertices where all vertices are of degree $N-1$. When the network is a complete graph, we have spectral radius ${\lambda }_1\left(K_N\right)=N-1$ [22]. A complete graph is a homogeneous network, and every node has the same importance to getting secured. No node needs to be secured under $N-1<T$. For $0<T⩽N-1$, we can reach NE by randomly picking $N-\lfloor T\rfloor$ nodes to immunize, $C_{Min}=C_{Max}=N-\lfloor T\rfloor$.

5.3. Path Graphs

Paths graphs are simple and often crucial in their role as subgraphs of other graphs. A path graph $P_N$ is a graph whose vertices can be listed in the order $0,1,\dots ,N-1$ such that the edges are $(i,i+1)$ where $i=0,1,\dots ,N-2$. The spectral radius of a path graph $P_N$ is ${\lambda }_1\left(P_N\right)=2·cos\left(\frac{\pi }{N+1}\right)<2$ [23]. A path graph $P_N$ has 2 pendant nodes and the other $N-2$ nodes of degree 2 which have similar importance. When $2·cos\left(\frac{\pi }{k}\right)<T⩽2·cos\left(\frac{\pi }{k+1}\right)$, MinNE immunize last node every $k+1$ nodes, $C_{Min}=\lfloor \frac{N}{k+1}\rfloor$. Under this threshold, MaxNE immunize two nodes every $k+2$ nodes in a fixed order, $C_{Max}=2·\lfloor \frac{N}{k+2}\rfloor +\lfloor \frac{Nmod(k+2)-1}{k}\rfloor$.

6. Approach to Find Nash Equilibria for Small Threshold

We obtain MinNE/MaxNE structure based on the threshold for specific network topology. We find that it is a minimum vertex cover problem in the case ($T⩽1$) to finding MinNE. We extend integer linear programming formulation to finding MinNE/MaxNE in threshold $0<T⩽1$, and $1<T⩽\sqrt{2}$.

6.1. MinNE/MaxNE for $T⩽1$

When $T⩽1$, it is a minimum vertex cover problem to finding MinNE. We can compute MaxNE by adding a constraint of neighborhood number. Every node is isolated from each other under this threshold, and spectral radius of graph ${\lambda }_1\left(G[V-S\left(\mathbf{a}\right)]\right)$ is 0.

Proposition 1. 

When threshold is small ($T⩽1$), a strategy profile $\mathbf{a}$ is NE that every node is isolated from each other.

Proof. 

Every edge with two unsecured nodes ($a_i=0$) gets ${\lambda }_1=1>T$. Strategy $\mathbf{a}$ is not an NE in which epidemic lasts long. In other words, every edge has at least one node $a_i=1$ immune to decline the ${\lambda }_1=0<T$. □

For a minimum vertex cover problem, MinNE can be formulated as Equation (2) according to Proposition 1. $1⩽a_i+a_j⩽2$ ensures Proposition 1 that every edge can immunize one node or two nodes.

$${\displaystyle \min {\sum }_{i=0}^{N-1}{a}_i,}$$

(2a)

$$1⩽a_i+a_j⩽2,\forall (i,j)\in E,a_i\in \{0,1\}.$$

(2b)

To reach the MaxNE, we maximize ${\sum }_{i=0}^{N-1}{a}_i$. What is different from MinNE is Equation (3c). This constraint ensures at least one node around $i\in N\left(j\right)$ including itself not get secured. Otherwise, it is not an NE that node j can change its strategy to $a_j=0$. The MaxNE with threshold $0<T⩽1$ can be formulated as Equations (3a)–(3c).

$$\max {\sum }_{i=0}^{N-1}{a}_i,$$

(3a)

$$1⩽a_i+a_j⩽2,\forall (i,j)\in E,$$

(3b)

$$a_j+{\sum }_{i\in N\left(j\right)}{a}_i⩽\left|N\left(j\right)\right|,a_i\in \{0,1\}.$$

(3c)

6.2. MinNE/MaxNE for $1<T⩽\sqrt{2}$

For $1<T⩽\sqrt{2}$, we extend the integer linear programming formulation for MinNE/MaxNE from $T<1$. The maximum connected component in the graph is an edge with two nodes, and spectral radius of graph ${\lambda }_1\left(G[V-S\left(\mathbf{a}\right)]\right)$ is 1 in this situation.

Proposition 2. 

When a strategy profile $\mathbf{a}$ is an NE under $1<T⩽\sqrt{2}$, the maximum connected component in $G[V-S(\mathbf{a}\left)\right]$ is a line with two unsecured nodes assuming G has at least one edge.

Proof. 

Edge with two unsecured nodes ($a_i=0$) gets ${\lambda }_1=1.0$. For $1<T⩽1.414$, maximum connected component in $G[V-S(\mathbf{a}\left)\right]$ is three nodes with two edges ${\lambda }_1=1.414$, and epidemic lasts long. Hence, $\mathbf{a}$ has maximum connected component containing no more than three nodes. On the other hand, $G[V-S(\mathbf{a}\left)\right]$ has a edge $(i,j)$ with one secured end node i, $a_i=1$, $a_j=0$, ${\lambda }_1\left(G[V-S\left(\mathbf{a}\right)]\right)=0$. Node i can change its strategy $x_i^{\prime }=0$ that ${\lambda }_1\left(G[V-S\left({\mathbf{a}}^{\prime }\right)]\right)=1.0<T$. Therefore, $\mathbf{a}$ is NE, the maximum connected component in $G[V-S(\mathbf{a}\left)\right]$ is a edge. □

Secured nodes consider to minimize the cost for MinNE. Every susceptible node i has at most one susceptible neighbor node j, $a_j=0$, $j\in N\left(i\right)$. Equation (4b) ensures the maximum connected component in the graph is one edge with two unsecured nodes according to Proposition 2.

$$\min {\sum }_{i=0}^{N-1}{a}_i,$$

(4a)

$$(1-a_i)+(1-a_i)·{\sum }_{j\in N\left(i\right)}(1-a_j)⩽2,a_i\in \{0,1\}.$$

(4b)

We reformulate Equations (4a) and (4b) to find MinNE by maximizing ${\sum }_{i=0}^{N-1}{z}_i$, where $z_i=1-a_i$,$i=0,\dots ,N-1$. To solve the problem as ILP, we introduce $w_{ij}$ to describe the relationship between $a_i$ and $a_j$, $(i,j)\in E$.

$$\max {\sum }_{i=0}^{N-1}{z}_i,$$

(5a)

$$z_i+{\sum }_{j\in N\left(i\right)}{w}_{ij}⩽2,z_i+z_j-w_{ij}⩽1,$$

(5b)

$$w_{ij}⩽z_i,w_{ij}⩽z_j,z_i\in \{0,1\},w_{ij}\in \{0,1\}.$$

(5c)

We can find MaxNE by minimizing ${\sum }_{i=0}^{N-1}{z}_i$ with Equations (6a)–(6c). Equation (6b) makes sure every node, whether secured or not, at least has one unsecured neighbor. Equations (6c) and (6d) satisfy Proposition 2.

$$\min {\sum }_{i=0}^{N-1}{z}_i,$$

(6a)

$$1⩽{\sum }_{j\in N\left(i\right)}{z}_j,\forall 1\le \left|N\left(i\right)\right|,$$

(6b)

$$z_i+{\sum }_{j\in N\left(i\right)}{w}_{ij}⩽2,z_i+z_j-w_{ij}⩽1,$$

(6c)

$$w_{ij}⩽z_i,w_{ij}⩽z_j,z_i\in \{0,1\},w_{ij}\in \{0,1\}.$$

(6d)

7. Approach to Find Nash Equilibria for General Networks

To solve MinNE/MaxNE for the general networks, we first propose an enumeration method to solve the problem. Enumeration becomes time-consuming as node number increasing. We propose a Branch-and-Bound (BnB) algorithm to tackle it with several ways to improve searching speed and scalability. Our BnB speed up the search in degree order, reduction of spectral radius, and neighborhood information. Finally, NetS improves the scalability of our algorithm framework for approximation.

7.1. Enumeration

Enumeration (Enum) is brute force algorithm to find all the MaxNE/MinNE and helps visualizing the structure when the network is small. Let ${\mathbf{a}}^B$ denote strategy with the strategy index B, which satisfies that $B={\sum }_{i=0}^{N-1}{2}^i·a_i^B$, $\left|\mathbf{X}\right|=2^N$.

Here we merely give the Enum (Algorithm 1) to find all MaxNE. In step 1, Enum calculates all the $\mathbf{a}\in \mathbf{X}$, index of $\mathit{B}$, and corresponding spectral radius ${\lambda }_1\left(G[V-S\left({\mathbf{a}}^B\right)]\right)$ and cost $c\left({\mathbf{a}}^B\right)$. In steps 2–4, Enum finds all the MaxNE with specific threshold T according to the definition of NE. Finding MinNE is to change the judging criterion in step 2 and record the cost of MinNE $C_{Min}^{*}$ instead.

Algorithm 1: Enum.

7.2. Branch-and-Bound

We develop an efficient Branch-and-Bound (BnB) algorithm (Algorithm 2) to search the exact MinNE/MaxNE in strategy profile space $\mathbf{X}$ ($\left|\mathbf{X}\right|=2^N$).

Branch. For every node at level i (according to nodes permutation $\pi$) of the search tree, we have a corresponding pair $(a_{{\pi }_i}^{-},a_{{\pi }_i}^{+})$, $a_{{\pi }_i}^{-}=0$, $a_{{\pi }_i}^{+}=1$. At every node ${\pi }_i$, the tree is expanded by performing a branching operation. Two nodes are introduced: a left node where ${\mathbf{a}}^{*}={\mathbf{a}}^{*}+\left\{a_{{\pi }_i}^{-}\right\}$ and a right node where ${\mathbf{a}}^{*}={\mathbf{a}}^{*}+\left\{a_{{\pi }_i}^{+}\right\}$. The check of NE in leaves is irreplaceable, and original BnB uses a random nodes permutation $\pi$. We can choose an order to search the tree (node permutation $\pi$). In this way, it is possible to find a MinNE earlier. We proposed BnB-D/BnB-E/BnB-N from three different perspectives and speed up the pruning.

Algorithm 2: Branch-and-Bound for MinNE.

(i) Degree order: Immunizing large degree nodes helps BnB find MinNE more quickly. For BnB-D, we use a non-increasing degree order permutation $\{{\pi }_0,{\pi }_1,{\pi }_2,\dots ,{\pi }_{N-1}\}$, $d\left({\pi }_0\right)⩾d\left({\pi }_1\right)⩾\dots ⩾d\left({\pi }_{N-1}\right)$.

(ii) Reduction of spectral radius: In our model, we compare spectral radius with threshold to determine epidemic dies out or not. Therefore, reducing spectral radius seems to be efficient to control epidemic. We adopt BnB-E based on drop of spectral radius orders, $\Delta {\lambda }_1\left(i\right)={\lambda }_1\left(G\right)-{\lambda }_1\left(G[V-S_{\mathbf{a}}]\right)$, node i is only node secured in $\mathbf{a}$. We have permutation $\{{\pi }_0,{\pi }_1,{\pi }_2,\dots ,{\pi }_{N-1}\}$, $\Delta {\lambda }_1\left({\pi }_0\right)⩾\Delta {\lambda }_1\left({\pi }_1\right)⩾\dots ⩾\Delta {\lambda }_1\left({\pi }_{N-1}\right)$.

(iii) Neighborhood information: We find that secured node i will bring benefit for its neighborhood, i.e., its neighbor is more likely to not vaccinate. The BnB-N searches in nodes permutation that there are node ${\pi }_i$ and its adjacent node ${\pi }_j$, ${\pi }_j\notin N\left({\pi }_i\right)$. We have permutation $\{{\pi }_0,{\pi }_1,{\pi }_2,\dots ,{\pi }_{N-1}\}$ that edge $({\pi }_i,{\pi }_{i+1})\notin E$,$i=0,\dots ,N-2$.

Bound. BnB keeps track of bounds by two constraints. One is lower bound: the cost $c\left(\underline{\mathbf{a}}\right)$ of current ${\mathbf{a}}^{*}$ should be less than $C_{Min}^{*}$, assuming all the rest nodes choose $a^{-}$, $\underline{\mathbf{a}}={\mathbf{a}}^{*}+\{a_{{\pi }_{i+1}}^{-},\dots ,a_{{\pi }_{N-1}}^{-}\}$. The other is upper bound: epidemic should not spread out even all the rest nodes choose to immunize themselves $a^{+}$, ${\lambda }_1(G[V-S\left(\overline{\mathbf{a}}\right)]>T$, $\overline{\mathbf{a}}={\mathbf{a}}^{*}+\{a_{{\pi }_{i+1}}^{+},\dots ,a_{{\pi }_{N-1}}^{+}\}$. Only if the search reaches the leaves (all nodes have their strategy) can we check the strategy ${\mathbf{a}}^{*}$ is an NE with less cost $c\left({\mathbf{a}}^{*}\right)<C_{Min}^{*}$.

In step 1, BnB (Algorithm 2) uses HDG [7] to get the upper bound of MinNE based on the breadth-first search (BFS). In steps 4–8, as every node has its strategy, BnB checks if ${\mathbf{a}}^{*}$ is a MinNE. In 10–13, BnB checks the upper bound $\overline{\mathbf{a}}$ and lower bound $\underline{\mathbf{a}}$ of node i and decides to bound it or not. In 15–16, BnB changes searching nodes from left nodes to the right nodes and right nodes to its parent node. When the searching process finished, strategy $\mathbf{a}$ is a MinNE.

7.3. NetShiled (NetS)

Finding a MinNE in the EC game can be divided into two steps:(1) finding an optimal set or permutation of nodes whose removal would maximally reduce the spectral radius of the network; (2) checking the set of the immunized nodes to NE for EC game.

For the first step, we can find the key nodes by circulating the drop of eigenvalue $\Delta {\lambda }_1$ when deleting the set of nodes S from the original graph G, $\Delta {\lambda }_1={\lambda }_1\left(G\right)-{\lambda }_1\left(G[V-S]\right)$. As the size of nodes increases, computing the drop of eigenvalue $\Delta {\lambda }_1$ is more difficult.

The NetShield [17] uses Shield-value score $Sv\left(S\right)$ to precisely approximate the drop of eigenvalue $\Delta {\lambda }_1$ by matrix perturbation theory. The original NetShield merely finds k nodes to immunize without taking equilibria into consideration. Therefore, we extend NetShield with ITERATIVESECURE to change strategy generated into equilibrium, called NetS (Algorithm 3). Let bold upper cases represent matrices, e.g., $\mathit{A}$, $\mathit{C}$. Bold lower cases stand for column vectors respectively, e.g., $\mathit{u}$, $\mathit{w}$. Let ${\mathit{u}}_i$ denotes the ith eigenvector for matrix $\mathit{A}$. Let $\mathit{A}(i;:)$ denotes the ith row of matrix $\mathit{A}$, and $\mathit{A}(:;j)$ the jth column of matrix $\mathit{A}$. $\mathit{A}(:;S)$ denotes the matrix of $\mathit{A}$ which contains columns in node set S. Shield-value score $Sv\left(S\right)$ is defined as:

$$Sv\left(S\right)={\sum }_{i\in S}2{\lambda }_1\mathit{u}{\left(i\right)}^2-{\sum }_{i,j\in S}\mathit{A}(i,j)\mathit{u}\left(i\right)\mathit{u}\left(j\right)$$

(7a)

$$\Delta {\lambda }_1=Sv\left(S\right)+O({\sum }_{j\in S}{\left|\right|\mathit{A}(;:j)\left|\right|}^2)$$

(7b)

We also have Equation (7b) justifying the precision of $Sv\left(S\right)$. Algorithm 3 computes the largest eigenvalue ${\lambda }_1$ and the corresponding eigenvector $\mathit{u}$ in steps 1–2. In step 4, the value $\mathit{w}=\{w_0,\dots ,w_{N-1}\}$ measures the Shield-value score of each individual node. Then, in each iteration of steps 6–11, NetS greedily select one more node and add it into set S according to $score\left(i\right)$ (step 10), generating the permutation $\pi$ until ${\lambda }_1\left(G[V-S]\right)<T$. Note that steps 11–12 are to exclude those nodes that are already in the selected set S. Step 11 makes sure that strategy with immunization of S is an NE. The time complexity of Algorithm 3 is $\mathcal{O}(N^3+|E\left|\right)$.

Algorithm 3: NetS.

8. Empirical Results

We evaluate the performance of our approach through extensive experiments. We use CPLEX (version 12.9) to solve all integer linear programs (ILP). All computations are performed on a PC with a 2.60 GHz quad-core CPU and 16.00 GB memory. All values averaged over 40 instances unless otherwise specified. We conduct experiments on three types of graph structures which widely used to model connections between population: (i) Random trees (RT), where every new node is attached to a randomly picked incumbent; (ii) Barabási–Albert scale-free model, which is denoted by BA(m) where m represents the average node degree; (iii) Erdős–Rényi random graphs, which is denoted by ER(p) where p represents the existence probability of an edge between any pair of nodes [24]. We use BA scale-free networks with parameters $m=4,6$, and use ER random graphs with parameters $p=0.1,0.2$.

We compare the scalability and optimality of four versions of algorithms: (i) ILP: integer linear programming for small threshold ($T⩽\sqrt{2}$); (ii) BnB: branch and bound algorithm with random searching permutation; (iii) BnB-D/BnB-E/BnB-N: BnB algorithm which searches with permutation base on the degree of nodes, eigenvalues drop of nodes and neighborhood information of nodes; (iv) NetS: heuristic algorithm which generates NE by a node permutation according to the drop of eigenvalue. We use Enum as a benchmark for exact solution, HDG as benchmark for approximation. The HDG algorithm is a heuristic algorithm that obtained MinNE by running the IS procedure with $\pi$ and $\rho$ permutations of nodes in non-increasing and non-decreasing degree orders.

Runtime. In Figure 3a–e,f–j, we compare the scalability of the proposed algorithms on 5 types of networks under $T=1.0$ and $T=0.5{\lambda }_1$, respectively. For small threshold ($T⩽\sqrt{2}$), ILP performs as fast as the heuristic algorithms. BnB-D/BnB-E/BnB-N are shown to improve the searching speed. BnB-D is better than BnB-E/BnB-N in BA scale-free network, and degree heterogeneity turns out to be extremely useful in searching. NetS extends the scalability of the algorithm as node size is increasing.

Solution Quality. We compare the cost of MinNE with HDG as the benchmark. The results are illustrated in Figure 3k–t, Enum/ILP/BnB give the exact NE. BnB-D works well under the small threshold and sparse network structure like the TR graph. NetS gives a near-optimal performance and outperforms HDG, especially under the larger threshold.

9. Conclusions and Future Research

This paper focuses on exploring the Nash Equilibria in Epidemic Containment game, representing the spread of epidemics among interdependent users. As the most practical EC game application scenarios are IoT networks, we find that the previous algorithms (HDG/LDG/NI) cannot give exact MinNE/MaxNE in small networks.

To study the structure of exact NE, this paper first explores the network typologies’ spectral radius. We can give the strategy directly for star-shaped graphs, complete graphs, and path graphs. By observing a single node’s degree information, we propose linear programming formulations to finding the exact MinNE/MaxNE in threshold $0<T⩽\sqrt{2}$ as quick as heuristic algorithms. Secondly, we develop an efficient Branch-and-Bound (BnB) algorithm branching with the degree information to speed up the research. To extend the algorithm’s scalability, we propose the NetS which approximates the spectral radius’s drop. This algorithm extremely outperforms HDG to find MinNE in larger Barabási–Albert and Erdős–Rényi random graphs. The following inspirations can be obtained from the experiment results: heterogeneity of degree and spectral radius turn out to be extremely useful for extracting information from nodes. However, our research is limited to artificial networks, and we get more information on the real-world networks, e.g., AS (Oregon-1), P2P (Gnutella-6) [19,25], which can help us extend our experiments to more realistic scenarios in the following researches.

In the future work, we would consider Stackelberg strategies to reduce MaxNE, a more realistic scenario. Combining IDS gaming security and data security concepts, we can also extend EC game on the relevant relationship networks with different granularity levels [26,27].