# A New Individual-Based Model to Simulate Malware Propagation in Wireless Sensor Networks

^{1}

^{2}

^{*}

## Abstract

**:**

## 1. Introduction

## 2. Related work

## 3. SEIRS-D Agent-Based Model

- Susceptible: the sensor has not been infected by malware, but they have the computational characteristics to be infected.
- Exposed: the sensor reached by malware but, they are not able to transmit malware to neighbour sensor due to the characteristics of those sensors and malware.
- Infected: the sensor that has been infected by malware. This infected sensor may have the ability to make infection attempts to its neighbours.
- Recovered: the sensor that acquires temporal immunity when malware has been successfully removed or security fixes have been installed.
- Dead: the sensor that dies because their power has quickly depleted when they have been infected by malware, physical damage or battery life out

#### 3.1. Agents

- Sensor nodes: are responsible for collecting data directly from the environment, being the principal element within the WSN. As a consequence, we will consider the following seven characteristics of sensors nodes:
- Type of sensor: sensor, sink and cluster-head nodes are the types of sensors that can be part of the network, as well as the technical specifications that allow each node to perform different functions.
- Computational capacity: it has been classified as high and low. A node with high capacity can have a general-purpose processor, static memory, batteries as a power source, a sensor and an internal wireless antenna. A node with low capacity can have a processor with special functions, dynamic memory, solar cells as a power source, multiple sensors and an external wireless antenna.
- Energy consumption: may vary between very high and very low.
- Capacity of transmission and reception of information: is established in high range when the node has external antennas and low range when the node has internal antennas.
- Security level: has been classified as high level when it has advanced security methods; medium-level if it uses cryptographic keys, and low level if it does not have security measures.
- Data collection method: has been classified in periodicals, external stimulus or requests.
- Duty cycle: maybe in the active state when the node takes environmental measurements or transmits data, and in the inactive state while the node wakes up or sleeps.

- Malware: is the malicious code designed with functions to penetrate systems, break security policies or transport harmful files. The next three characteristics of malware are considered in our model:
- 8
- Type of malware: such as viruses, worms, trojans, and others.
- 9
- Spreading mechanism: can use self-replication, exploit or through user interaction.
- 10
- Target: can be malicious code distribution, information exfiltration or Denial of Service (DoS).

- Network topology: it refers to node interconnections within the network. We will consider two characteristics of this agent:
- 11
- Type of topologies: star topology, mesh topology, and hybrid topology (combination of star topology and mesh topology).
- 12
- Routing protocols: most commonly used in WSN are Self-Organizing Protocol (SOP) and Energy Efficient Clustering and Routing (EECR).

- Phenomenon of interest: it is directly related to the network environment, so it differs regarding the type and application of the WSN. In this work, we divided the phenomenon by the risk of malware attack occurs, like the following:
- 13
- Risk of malware attack: high risk, when the phenomenon is military and industrial phenomena. Medium risk, when the phenomenon is health and environmental phenomena. Moreover, low risk, when the phenomenon is daily activities and multimedia phenomena.

- Human action: this is related to the activity level that technicians, administrators, users or attackers may have within the WSN. The only characteristic considered here is:
- 14
- Human action level on the network: we have classified in high-level when is related to daily activities or multimedia phenomena; medium level to medicine or environment phenomena, and low-level to the military or industrial phenomena.

- Devices: it can be divided into external devices and computing devices. For example, an external device can be a USB flash drive, a memory stick, a CD/DVD and a hard drive. Also, computing devices can be computers, mobile devices, servers and the base station, that is connected to the same network or other networks that have direct communication with WSN. The only characteristic considered is the following:
- 15
- Risk of devices infected with malware: we have classified in high risk when the device is infected by malware designed to attack the WSN, medium risk when the devices are infected with malware that cannot attack the WSN, and low risk when the device is not infected with malware.

#### 3.2. Coefficients

#### 3.2.1. Infection Coefficient

- The variable ${X}_{1}\left({\overrightarrow{k}}_{1}\right)$ depends on ${\overrightarrow{k}}_{1}=\left({\alpha}_{1}=2,{\alpha}_{2}=5,{\alpha}_{3}=6,{\alpha}_{4}=7\right)$ such that$${X}_{1}\left({\overrightarrow{k}}_{1}\right)={P}_{2,2}\xb7{P}_{5,1}\xb7{P}_{6,1}\xb7{P}_{7,1}$$
- The variable ${X}_{2}\left({\overrightarrow{k}}_{2}\right)$ depends on ${\overrightarrow{k}}_{2}=\left({\alpha}_{1}=9,{\alpha}_{2}=10\right)$ such that$${X}_{2}\left({\overrightarrow{k}}_{2}\right)={P}_{9,1}\xb7{P}_{10,3}$$
- The variable ${X}_{4}\left({\overrightarrow{k}}_{4}\right)$ depends on ${\overrightarrow{k}}_{4}=\left({\alpha}_{1}=13\right)$ such that$${X}_{4}\left({\overrightarrow{k}}_{4}\right)={P}_{13,3}$$
- The variable ${X}_{5}\left({\overrightarrow{k}}_{5}\right)$ depends on ${\overrightarrow{k}}_{5}=\left({\alpha}_{1}=14\right)$ such that$${X}_{5}\left({\overrightarrow{k}}_{5}\right)={P}_{14,1}$$
- The variable ${X}_{6}\left({\overrightarrow{k}}_{6}\right)$ depends on ${\overrightarrow{k}}_{6}=\left({\alpha}_{1}=15\right)$ such that$${X}_{6}\left({\overrightarrow{k}}_{6}\right)={P}_{15,3}$$

#### 3.2.2. Transmission Coefficient

- The variable ${X}_{1}\left({\overrightarrow{k}}_{1}\right)$ depends on ${\overrightarrow{k}}_{1}=\left({\alpha}_{1}=2,{\alpha}_{2}=3,{\alpha}_{3}=4,{\alpha}_{4}=5,{\alpha}_{5}=7\right)$ such that$${X}_{1}\left({\overrightarrow{k}}_{1}\right)={P}_{2,2}\xb7{P}_{3,5}\xb7{P}_{4,2}\xb7{P}_{5,1}\xb7{P}_{7,1}$$
- The variable ${X}_{2}\left({\overrightarrow{k}}_{2}\right)$ depends on ${\overrightarrow{k}}_{2}=\left({\alpha}_{1}=9,{\alpha}_{2}=10\right)$ such that$${X}_{2}\left({\overrightarrow{k}}_{2}\right)={P}_{9,1}\xb7{P}_{10,3}$$
- The variable ${X}_{3}\left({\overrightarrow{k}}_{3}\right)$ depends on ${\overrightarrow{k}}_{3}=\left({\alpha}_{1}=12\right)$ such that$${X}_{3}\left({\overrightarrow{k}}_{3}\right)={P}_{12,2}$$

#### 3.2.3. Detection Coefficient

- The variable ${X}_{1}\left({\overrightarrow{k}}_{1}\right)$ depends on ${\overrightarrow{k}}_{1}=\left({\alpha}_{1}=2,{\alpha}_{2}=3,{\alpha}_{3}=5\right)$ such that$${X}_{1}\left({\overrightarrow{k}}_{1}\right)={P}_{2,2}\xb7{P}_{3,5}\xb7{P}_{5,3}$$
- The variable ${X}_{4}\left({\overrightarrow{k}}_{4}\right)$ depends on ${\overrightarrow{k}}_{4}=\left({\alpha}_{1}=13\right)$ such that$${X}_{4}\left({\overrightarrow{k}}_{4}\right)={P}_{13,1}$$
- The variable ${X}_{5}\left({\overrightarrow{k}}_{5}\right)$ depends on ${\overrightarrow{k}}_{5}=\left({\alpha}_{1}=14\right)$ such that$${X}_{5}\left({\overrightarrow{k}}_{5}\right)={P}_{14,3}$$

#### 3.2.4. Recovery Coefficient

- The variable ${X}_{1}\left({\overrightarrow{k}}_{1}\right)$ depends on ${\overrightarrow{k}}_{1}=\left({\alpha}_{1}=2\right)$ such that$${X}_{1}\left({\overrightarrow{k}}_{1}\right)={P}_{2,2}$$
- The variable ${X}_{3}\left({\overrightarrow{k}}_{3}\right)$ depends on ${\overrightarrow{k}}_{3}=\left({\alpha}_{1}=11,{\alpha}_{2}=12\right)$ such that$${X}_{3}\left({\overrightarrow{k}}_{3}\right)={P}_{11,3}\xb7{P}_{12,2}$$
- The variable ${X}_{5}\left({\overrightarrow{k}}_{5}\right)$ depends on ${\overrightarrow{k}}_{5}=\left({\alpha}_{1}=14\right)$ such that$${X}_{5}\left({\overrightarrow{k}}_{5}\right)={P}_{14,3}$$

#### 3.2.5. Maintenance Coefficient

- The variable ${X}_{1}\left({\overrightarrow{k}}_{1}\right)$ depends on ${\overrightarrow{k}}_{1}=\left({\alpha}_{1}=3\right)$ such that$${X}_{1}\left({\overrightarrow{k}}_{1}\right)={P}_{3,5}$$
- The variable ${X}_{2}\left({\overrightarrow{k}}_{2}\right)$ depends on ${\overrightarrow{k}}_{2}=\left({\alpha}_{1}=11\right)$ such that$${X}_{2}\left({\overrightarrow{k}}_{2}\right)={P}_{11,3}$$
- The variable ${X}_{3}\left({\overrightarrow{k}}_{3}\right)$ depends on ${\overrightarrow{k}}_{3}=\left({\alpha}_{1}=14\right)$ such that$${X}_{4}\left({\overrightarrow{k}}_{3}\right)={P}_{14,3}$$

#### 3.2.6. Energy Coefficient

- The variable ${X}_{1}\left({\overrightarrow{k}}_{1}\right)$ depends on ${\overrightarrow{k}}_{1}=\left({\alpha}_{1}=3\right)$ such that$${X}_{1}\left({\overrightarrow{k}}_{1}\right)={P}_{3,2}$$

#### 3.2.7. Malware Coefficient

- The variable ${X}_{2}\left({\overrightarrow{k}}_{2}\right)$ depends on ${\overrightarrow{k}}_{2}=\left({\alpha}_{1}=8\right)$ such that$${X}_{2}\left({\overrightarrow{k}}_{2}\right)={P}_{8,1}$$

#### 3.3. Transitions Rules

- Infection variable$$\sigma \left[{x}_{i}\right]=\left\{\begin{array}{cc}0,\hfill & \mathrm{if}\text{}\mathrm{the}\text{}\mathrm{node}\text{}\mathrm{has}\text{}\mathrm{not}\text{}\mathrm{been}\text{}\mathrm{infected}\text{}\mathrm{by}\text{}\mathrm{malware},\text{}\mathrm{with}\text{}\mathrm{probability}\text{}1-a[i,t]\hfill \\ 1,\hfill & \mathrm{if}\text{}\mathrm{the}\text{}\mathrm{node}\text{}\mathrm{has}\text{}\mathrm{been}\text{}\mathrm{infected}\text{}\mathrm{by}\text{}\mathrm{malware},\text{}\mathrm{with}\text{}\mathrm{probability}\text{}a[i,t]\hfill \end{array}\right.$$
- Transmission variable$$\beta \left[{x}_{i}\right]=\left\{\begin{array}{cc}0,\hfill & \mathrm{if}\text{}\mathrm{the}\text{}\mathrm{node}\text{}\mathrm{cannot}\text{}\mathrm{transmit}\text{}\mathrm{the}\text{}\mathrm{malware}\text{}\mathrm{to}\text{}\mathrm{its}\text{}\mathrm{neighbours},\text{}\mathrm{with}\text{}\mathrm{probability}\text{}1-b[i,t]\hfill \\ 1,\hfill & \mathrm{if}\text{}\mathrm{the}\text{}\mathrm{node}\text{}\mathrm{can}\text{}\mathrm{transmit}\text{}\mathrm{the}\text{}\mathrm{malware}\text{}\mathrm{to}\text{}\mathrm{its}\text{}\mathrm{neighbours},\text{}\mathrm{with}\text{}\mathrm{probability}\text{}b[i,t]\hfill \end{array}\right.$$
- Detection variable$$\delta \left[{x}_{i}\right]=\left\{\begin{array}{cc}0,\hfill & \mathrm{if}\text{}\mathrm{the}\text{}\mathrm{infection}\text{}\mathrm{by}\text{}\mathrm{malware}\text{}\mathrm{in}\text{}\mathrm{the}\text{}\mathrm{node}\text{}\mathrm{has}\text{}\mathrm{not}\text{}\mathrm{been}\text{}\mathrm{detected},\text{}\mathrm{with}\text{}\mathrm{probability}\text{}1-d[i,t]\hfill \\ 1,\hfill & \mathrm{if}\text{}\mathrm{the}\text{}\mathrm{infection}\text{}\mathrm{by}\text{}\mathrm{malware}\text{}\mathrm{in}\text{}\mathrm{the}\text{}\mathrm{node}\text{}\mathrm{has}\text{}\mathrm{been}\text{}\mathrm{detected},\text{}\mathrm{with}\text{}\mathrm{probability}\text{}d[i,t]\hfill \end{array}\right.$$
- Recovery variable$$\rho \left[{x}_{i}\right]=\left\{\begin{array}{cc}0,\hfill & \mathrm{if}\text{}\mathrm{the}\text{}\mathrm{node}\text{}\mathrm{has}\text{}\mathrm{not}\text{}\mathrm{been}\text{}\mathrm{recovered}\text{}\mathrm{from}\text{}\mathrm{the}\text{}\mathrm{infection}\text{}\mathrm{by}\text{}\mathrm{malware},\text{}\mathrm{with}\text{}\mathrm{probability}\text{}1-r[i,t]\hfill \\ 1,\hfill & \mathrm{if}\text{}\mathrm{the}\text{}\mathrm{node}\text{}\mathrm{has}\text{}\mathrm{been}\text{}\mathrm{recovered}\text{}\mathrm{from}\text{}\mathrm{the}\text{}\mathrm{infection}\text{}\mathrm{by}\text{}\mathrm{malware},\text{}\mathrm{with}\text{}\mathrm{probability}\text{}r[i,t]\hfill \end{array}\right.$$
- Maintenance variable$$\gamma \left[{x}_{i}\right]=\left\{\begin{array}{cc}0,\hfill & \mathrm{if}\text{}\mathrm{the}\text{}\mathrm{node}\text{}\mathrm{has}\text{}\mathrm{not}\text{}\mathrm{been}\text{}\mathrm{received}\text{}\mathrm{the}\text{}\mathrm{maintenance},\text{}\mathrm{with}\text{}\mathrm{probability}\text{}1-c[i,t]\hfill \\ 1,\hfill & \mathrm{if}\text{}\mathrm{the}\text{}\mathrm{node}\text{}\mathrm{has}\text{}\mathrm{been}\text{}\mathrm{received}\text{}\mathrm{the}\text{}\mathrm{maintenance},\text{}\mathrm{with}\text{}\mathrm{probability}\text{}c[i,t]\hfill \end{array}\right.$$
- Energy variable$$\u03f5\left[{x}_{i}\right]=\left\{\begin{array}{cc}0,\hfill & \mathrm{if}\text{}\mathrm{the}\text{}\mathrm{node}\text{}\mathrm{has}\text{}\mathrm{not}\text{}\mathrm{an}\text{}\mathrm{optimal}\text{}\mathrm{energy}\text{}\mathrm{level},\text{}\mathrm{with}\text{}\mathrm{probability}\text{}1-e[i,t]\hfill \\ 1,\hfill & \mathrm{if}\text{}\mathrm{the}\text{}\mathrm{node}\text{}\mathrm{has}\text{}\mathrm{an}\text{}\mathrm{optimal}\text{}\mathrm{energy}\text{}\mathrm{level},\text{}\mathrm{with}\text{}\mathrm{probability}\text{}e[i,t]\hfill \end{array}\right.$$
- Malware variable$$\mu \left[{x}_{i}\right]=\left\{\begin{array}{cc}0,\hfill & \mathrm{if}\text{}\mathrm{malware}\text{}\mathrm{has}\text{}\mathrm{not}\text{}\mathrm{been}\text{}\mathrm{designed}\text{}\mathrm{to}\text{}\mathrm{attack}\text{}\mathrm{WSN},\text{}\mathrm{with}\text{}\mathrm{probability}\text{}1-m[i,t]\hfill \\ 1,\hfill & \mathrm{if}\text{}\mathrm{malware}\text{}\mathrm{has}\text{}\mathrm{been}\text{}\mathrm{designed}\text{}\mathrm{to}\text{}\mathrm{attack}\text{}\mathrm{WSN},\text{}\mathrm{with}\text{}\mathrm{probability}\text{}m[i,t]\hfill \end{array}\right.$$

#### 3.3.1. Susceptible to Infected

#### 3.3.2. Susceptible to Exposed

#### 3.3.3. Infection to Dead

#### 3.3.4. Infected to Recovered

#### 3.3.5. Exposed to Recovered

#### 3.3.6. Recovered to Susceptible

## 4. Simulation

#### 4.1. Scenario 1

#### 4.2. Scenario 2

**a**) Hybrid topology with 89 sensor nodes, 160 router nodes and one sink node. (

**b**) Mesh topology with 249 router nodes and one sink node. (

**c**) Star topology with 249 sensor nodes and one sink node.

#### 4.3. Scenario 3

#### 4.4. Complex Networks

#### 4.5. Some Ideas about the Complexity of This Model

## 5. Discussion

#### 5.1. Results per Scenario

#### 5.2. Results per Topology

#### 5.3. Results of Complex Networks

## 6. Conclusions and Future Work

## Author Contributions

## Funding

## Acknowledgments

## Conflicts of Interest

## References

- Hou, Y.; Wang, J. Investigation of Wireless Sensor Network of the Internet of Things. In Advances in Intelligent, Interactive Systems and Applications; Xhafa, F., Patnaik, S., Tavana, M., Eds.; Springer: London, UK, 2019; pp. 21–29. [Google Scholar]
- Mostafaei, H.; Shojafar, M. A New Meta-heuristic Algorithm for Maximizing Lifetime of Wireless Sensor Networks. Wirel. Pers. Commun.
**2015**, 82, 723–742. [Google Scholar] [CrossRef] - Fahmy, H.M.A. Wireless Sensor Networks Essentials. In Wireless Sensor Networks: Energy Harvesting and Management for Research and Industry; Springer: Cham, Switzerland, 2020; pp. 3–39. [Google Scholar]
- IBM X-Force Red. The Dangers of Smart City Hacking; Technical Report; IBM: Armonk, NY, USA, 2018. [Google Scholar]
- Yang, K. Wireless sensor networks: Principles, Design and Applications, 1st ed.; Springer: London, UK, 2014. [Google Scholar]
- Taheri, R.; Ghahramani, M.; Javidan, R.; Shofajar, M.; Pooranian, Z. Similarity-based Android malware detection using Hamming distance of static binary features. Futur. Gener. Comput. Syst.
**2020**, 105, 230–247. [Google Scholar] [CrossRef] [Green Version] - Kermack, W.O.; Mckendrick, A.G. A contribution to the mathematical theory of epidemics. Proc. R. Soc. Lond.
**1927**, 115, 700–721. [Google Scholar] - Liu, B.; Zhou, W.; Gao, L.; Zhou, H.; Luan, T.H.; Wen, S. Malware Propagations in Wireless Ad Hoc Networks. IEEE Trans. Dependable Secur. Comput.
**2018**, 15, 1016–1026. [Google Scholar] [CrossRef] - Wu, X.; Cao, Q.; Jin, J.; Li, Y.; Zhang, H. Nodes Availability Analysis of NB-IoT Based Heterogeneous Wireless Sensor Networks under Malware Infection. Wirel. Commun. Mob. Comput.
**2019**, 2019. [Google Scholar] [CrossRef] - Nwokoye, C.; Umeh, I. Analytic-agent cyber dynamical systems analysis and design method for modeling spatio-temporal factors of malware propagation in wireless sensor networks. MethodsX
**2018**, 5, 1373–1398. [Google Scholar] [CrossRef] [PubMed] - Wang, Y.; Li, D.; Dong, N. Cellular automata malware propagation model for WSN based on multi-player evolutionary game. IET Netw.
**2018**, 7, 129–135. [Google Scholar] [CrossRef] - Arifin, S.N.; Madey, G.R.; Collins, F.H. Spatial Agent-based Simulation Modeling in Public Health: Design, Implementation, and Applications for Malaria Epidemiology, 1st ed.; John Wiley & Sons, Ltd.: Hoboken, NJ, USA, 2016. [Google Scholar]
- Helbing, D. Social Self-Organization: Agent-Based Simulations and Experiments to Study Emergent Social Behavior; Springer: Berlin/Heidelberg, Germany, 2012. [Google Scholar]
- Wurzer, G.; Kowarik, K.; Reschreiter, H. Agent-based Modeling and Simulation in Archaeology; Springer: Cham, Switzerland, 2015. [Google Scholar]
- Chu, Z.; Yang, B.; Ha, C.Y.; Ahn, K. Modeling GDP fluctuations with agent-based model. Phys. A
**2018**, 503, 572–581. [Google Scholar] [CrossRef] - Anderson, T.M.; Dragićević, S. Network-agent based model for simulating the dynamic spatial network structure of complex ecological systems. Ecol. Model.
**2018**, 389, 19–32. [Google Scholar] [CrossRef] - Jindal, A.; Rao, S. Agent-based modeling and simulation of mosquito-borne disease transmission. In Proceedings of the 16th Conference on Autonomous Agents and MultiAgent Systems, Sao Paulo, Brazil, 8–12 May 2017; pp. 426–435. [Google Scholar]
- Kaplan, M.; Manore, C.A.; Bagamian, K.H. Agent-based hantavirus transmission model incorporating host behavior and viral shedding heterogeneities derived from field transmission experiments. Lett. Biomath.
**2016**, 3, 209–228. [Google Scholar] [CrossRef] [Green Version] - del Rey, A.M.; Guillén, J.H.; Sánchez, G.R. Modeling Malware Propagation in Wireless Sensor Networks with Individual-Based Models. In Conference of the Spanish Association for Artificial Intelligence; Luaces, O., Gámez, J.A., Barrenechea, E., Troncoso, A., Galar, M., Quintián, H., Corchado, E., Eds.; Springer: Cham, Switzerland, 2016; pp. 194–203. [Google Scholar]
- Queiruga-Dios, A.; Encinas, A.H.; Martín-Vaquero, J.; Encinas, L.H. Malware propagation models in wireless sensor networks: a review. In International Joint Conference SOCO’16-CISIS’16-ICEUTE’16; Graña, M., López-Guede, J.M., Etxaniz, O., Herrero, Á., Quintián, H., Corchado, E., Eds.; Springer: Cham, Switzerland, 2017; Volume 527, pp. 648–657. [Google Scholar]
- Zhu, L.; Zhao, H.; Wang, X. Stability and bifurcation analysis in a delayed reaction-diffusion malware propagation model. Comput. Math. Appl.
**2015**, 69, 852–875. [Google Scholar] [CrossRef] - Feng, L.; Song, L.; Zhao, Q.; Wang, H. Modeling and stability analysis of worm propagation in wireless sensor network. Math. Probl. Eng.
**2015**, 2015, 1–8. [Google Scholar] [CrossRef] [Green Version] - Shen, S.; Ma, H.; Fan, E.; Hu, K.; Yu, S.; Liu, J.; Cao, Q. A non-cooperative non-zero-sum game-based dependability assessment of heterogeneous WSNs with malware diffusion. J. Netw. Comput. Appl.
**2017**, 91, 26–35. [Google Scholar] [CrossRef] - Acarali, D.; Rajarajan, M.; Komninos, N.; Zarpelão, B.B. Modelling the Spread of Botnet Malware in IoT-Based Wireless Sensor Networks. Secur. Commun. Netw.
**2019**, 2019. [Google Scholar] [CrossRef] - Shen, S.; Zhou, H.; Feng, S.; Liu, J.; Cao, Q. SNIRD: Disclosing Rules of Malware Spread in Heterogeneous Wireless Sensor Networks. IEEE Access
**2019**, 7, 92881–92892. [Google Scholar] [CrossRef] - Wang, T.; Wu, Q.; Wen, S.; Cai, Y.; Tian, H.; Chen, Y.; Wang, B. Propagation modeling and defending of a mobile sensor worm in wireless sensor and actuator networks. Sensors
**2017**, 17, 139. [Google Scholar] [CrossRef] [Green Version] - Batista, F.K.; del Rey, Á.M.; Quintero-Bonilla, S.; Queiruga-Dios, A. A SEIR Model for Computer Virus Spreading Based on Cellular Automata. In International Joint Conference SOCO’17-CISIS’17-ICEUTE’17; Pérez García, H., Alfonso-Cendón, J., Sánchez González, L., Quintián, H., Corchado, E., Eds.; Springer: Cham, Switzerland, 2018; Volume 649, pp. 641–650. [Google Scholar]
- Amouroux, E.; Desvaux, S.; Drogoul, A. Towards virtual epidemiology: an agent-based approach to the modeling of H5N1 propagation and persistence in North-Vietnam. In Pacific Rim International Conference on Multi-Agents; Springer: Berlin/Heidelberg, Germany, 2008; pp. 26–33. [Google Scholar]
- Cliff, O.M.; Harding, N.; Piraveenan, M.; Erten, E.Y.; Gambhir, M.; Prokopenko, M. Investigating spatiotemporal dynamics and synchrony of influenza epidemics in Australia: An agent-based modelling approach. Simul. Model. Pract. Theory
**2018**, 87, 412–431. [Google Scholar] [CrossRef] [Green Version] - Gharakhanlou, N.M.; Mesgari, M.S.; Hooshangi, N. Developing an agent-based model for simulating the dynamic spread of Plasmodium vivax malaria: A case study of Sarbaz, Iran. Ecol. Inform.
**2019**, 54, 101006. [Google Scholar] [CrossRef] - Bose, A.; Shin, K.G. Agent-based modeling of malware dynamics in heterogeneous environments. Secur. Commun. Netw.
**2013**, 6, 1576–1589. [Google Scholar] [CrossRef] [Green Version] - Hosseini, S.; Abdollahi Azgomi, M.; Rahmani Torkaman, A. Agent-based simulation of the dynamics of malware propagation in scale-free networks. Simulation
**2016**, 92, 709–722. [Google Scholar] [CrossRef] - Abar, S.; Theodoropoulos, G.K.; Lemarinier, P.; O’Hare, G.M. Agent Based Modelling and Simulation tools: A review of the state-of-art software. Comput. Sci. Rev.
**2017**, 24, 13–33. [Google Scholar] [CrossRef] - Project Mesa Team. Mesa: Agent-Based Modeling in Python 3+; Project Mesa Team: Ann Arbor, MI, USA, 2018. [Google Scholar]

**Figure 3.**Simulation on Military and Industrial phenomena; in (

**a**) hybrid topology, (

**b**) mesh topology and (

**c**) star topology.

**Figure 4.**Simulation on Health and Environmental phenomena; in (

**a**) hybrid topology, (

**b**) mesh topology and (

**c**) star topology.

**Figure 5.**Simulation on Daily activities and Multimedia phenomena; in (

**a**) hybrid topology, (

**b**) mesh topology and (

**c**) star topology.

Type of Agents | Characteristics | Values | Probability | |||
---|---|---|---|---|---|---|

j | Name | k | Name | q | Name | P |

1 | Sensors | 1 | Type | 1 | Sensor nodes | ${P}_{1,1}$ |

2 | Router/cluster-head nodes | ${P}_{1,2}$ | ||||

3 | Sink nodes | ${P}_{1,3}$ | ||||

2 | Computational capacity | 1 | Low | ${P}_{2,1}$ | ||

2 | High | ${P}_{2,2}$ | ||||

3 | Energy consumption | 1 | Very-low | ${P}_{3,1}$ | ||

2 | Low | ${P}_{3,2}$ | ||||

3 | Medium | ${P}_{3,3}$ | ||||

4 | High | ${P}_{3,4}$ | ||||

5 | Very-high | ${P}_{3,5}$ | ||||

4 | The capacity of transmission and reception of information | 1 | Low | ${P}_{4,1}$ | ||

2 | High | ${P}_{4,2}$ | ||||

5 | Security level for nodes | 1 | Low | ${P}_{5,1}$ | ||

2 | Medium | ${P}_{5,2}$ | ||||

3 | High | ${P}_{5,3}$ | ||||

6 | The data collection method | 1 | Periodicals | ${P}_{6,1}$ | ||

2 | External stimulus | ${P}_{6,2}$ | ||||

3 | Request | ${P}_{6,3}$ | ||||

7 | Duty cycle | 1 | Active | ${P}_{7,1}$ | ||

2 | Inactive | ${P}_{7,2}$ | ||||

2 | Malware | 8 | Type | 1 | Malware designed for WSN | ${P}_{8,1}$ |

9 | Spreading mechanisms | 1 | Self-replication | ${P}_{9,1}$ | ||

2 | Exploit | ${P}_{9,2}$ | ||||

3 | User interaction | ${P}_{9,3}$ | ||||

10 | Target | 1 | Malicious code distribution | ${P}_{10,1}$ | ||

2 | Information exfiltration | ${P}_{10,2}$ | ||||

3 | Denial of service | ${P}_{10,3}$ | ||||

3 | Network topology | 11 | Type | 1 | Star | ${P}_{11,1}$ |

2 | Mesh | ${P}_{11,2}$ | ||||

3 | Hybrid | ${P}_{11,3}$ | ||||

12 | Routing protocols | 1 | Self-Organizing Protocol | ${P}_{12,1}$ | ||

2 | Energy Efficient Clustering and Routing | ${P}_{12,2}$ | ||||

4 | Phenomenon of interest | 13 | The risk of malware attack | 1 | Low | ${P}_{13,1}$ |

2 | Medium | ${P}_{13,2}$ | ||||

3 | High | ${P}_{13,3}$ | ||||

5 | Human action | 14 | Level | 1 | Low | ${P}_{14,1}$ |

2 | Medium | ${P}_{14,2}$ | ||||

3 | High | ${P}_{14,3}$ | ||||

6 | Devices | 15 | Risk of devices infected with malware | 1 | Low | ${P}_{15,1}$ |

2 | Medium | ${P}_{15,2}$ | ||||

3 | High | ${P}_{15,3}$ |

© 2020 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (http://creativecommons.org/licenses/by/4.0/).

## Share and Cite

**MDPI and ACS Style**

Batista, F.K.; Martín del Rey, A.; Queiruga-Dios, A.
A New Individual-Based Model to Simulate Malware Propagation in Wireless Sensor Networks. *Mathematics* **2020**, *8*, 410.
https://doi.org/10.3390/math8030410

**AMA Style**

Batista FK, Martín del Rey A, Queiruga-Dios A.
A New Individual-Based Model to Simulate Malware Propagation in Wireless Sensor Networks. *Mathematics*. 2020; 8(3):410.
https://doi.org/10.3390/math8030410

**Chicago/Turabian Style**

Batista, Farrah Kristel, Angel Martín del Rey, and Araceli Queiruga-Dios.
2020. "A New Individual-Based Model to Simulate Malware Propagation in Wireless Sensor Networks" *Mathematics* 8, no. 3: 410.
https://doi.org/10.3390/math8030410