The spreading of dangerous malware in inter–dependent networks of electronics devices has raised deep concern, because from the ICT networks infections may propagate to other critical infrastructures producing the well–known domino effect. Researchers are attempting to develop a high level analysis of malware propagation, discarding software details, in order to generalise to the maximum extent the defensive strategies. It has been suggested that the maximum eigenvalue could act as a threshold for the malware spreading. This paper presents a new proof of this statement and an original way to classify the max eigenvalue minimisation problem (NP–hard). A study of the Italian internet autonomous system verifying the theoretical threshold is shown. Finally, it shows how to stop a worm in a real LAN using a new sub–optimal algorithm. Such algorithm suggests which nodes to protect for limiting the worm diffusion according to the spectral paradigm.
Keywords: next generation malware, viruses, worms, epidemic spreading, threshold, topological protection, critical infrastructures, Stuxnet, SCADA defence, Italian AS, minimisation max eigenvalue, fixed point theorem, hereditary graph properties, NP–hard problem, LANs, local area networks, malware propagation