While previous chapters provide a thorough description on malicious attack propagation and source identification, many interesting and promising issues remain unexplored. The development of online social networks provides great opportunities for research on restraining malicious attacks and identifying attack sources, but also presents a challenge in effective utilization of the large volume of data. There are still other topics that need to be considered in malicious attack propagation and source identification, and we consider a few directions that are worthy of future attention.
13.1 Continuous Time-Varying Networks
In Chap. 10, we introduced an effective method to identify the propagation source of malicious attacks in time-varying networks by utilizing discrete time-integrating windows to express time-varying networks. The size of the time window could be minutes, hours, days or even months. This may lead to new ideas of identifying propagation sources in continuous time windows.
In the real world, many complex networks—human contact network, online social networks, transportation network, computer networks, to just name a few—present continuous time-varying topologies. For example, in online social network websites, users continuous publish posts and commenting on posts, which is an essential part of many social networking websites and forums. In many cases the data are recorded on a continuous time scale. The approach proposed in this book analyses discrete time windows, by dividing the entire time duration into several even intervals. This does greatly simplify time-varying networks but also lose some latent features of continuous time windows. The designing of detecting the propagation sources of malicious attacks in continuous time windows is a new direction for future research.
13.2 Multiple Attacks on One Network
In Chap. 11, we introduced an efficient method to identify multiple attacks in complex networks. We considered multiple sources spreading one malicious attack. In the real world, however, there often exist several different malicious attacks spreading simultaneously in one network. These rumors may enhance the mass spreading of the attacks. Therefore, identifying multiple sources of multiple malicious attacks is of great significance.
Current research on source identification only considers one maliciou attack diffusion. However, real-world events generally are more complicated. For example, some rumor starting from March 2008 saying Obama was born in Kenya before bing flown to Hawaii were spread on social network websites. Some other rumor circulated on social network websites about his religion. These would disqualify Obama from the presidency. The rumors about the same event sometimes support each other, thus enlarge and extract more and more attentions from the general public, and finally mislead people. Therefore, how to identify sources of multiple malicious attacks in complex networks is a good topic for future research.
13.3 Interconnected Networks
The diffusion of malicious attacks is a complex process in the real world. It may involve multiple interconnected networks to spread information. For example, people may hear rumors from online social networks, such as Facebook or Twitter. They can also receive rumors from other multimedia.
Current research on propagation source identification only considers malicious attack spreading in a single network. However, real-world networks are often interconnected or even interdependent. For example, in online social networks, a user could have a Facebook account and also have a Twitter account. After the user received a rumor on Facebook, he/she could also post the rumor on his/her Twitter account. Thus, the rumor will successfully spread from Facebook to Twitter. However, detecting malicious attack sources in interconnected networks is still an open issue. Therefore, identifying malicious attack sources in interconnected networks is much more realistic than methods considered in a single network.
13.4 Conclusion
This book attempted a comprehensive work on malicious attack propagation and source identification. We provided an overview of the huge literature on two major directions: analyzing the propagation of malicious attacks and identifying the source of the propagation. For malicious attack propagation, we have identified different methods for measuring the influence of network hosts and different approaches for restraining the propagation of malicious attacks. For identifying the propagation source of malicious attacks, we discussed about current methods in regards to three different categories of observations on the propagation, and analyzed their pros and cons based on real-world datasets. Furthermore, we discussed about three critical research issues about propagation source identification: identifying propagation source in time-varying networks, identifying multiple propagation sources, and identifying propagation source in large-scale networks. For each research issue, we introduced one representative state-of-the-art method.
Malicious attack propagation and source identification still have lots of unknown potentials, and literature summarized in this book can be a starting point for exploring new challenges in the future. Our goal is to give an overview of existing works on malicious attack propagation and source identification to show their usefulness to the newcomers as well as practitioners in various fields. We also hope the overview can help avoiding some redundant, ad hoc effort, both from researchers and from industries.