REVIEW 2 major objections 2 minor 29 references
The GTI-mSEMP framework integrates game theory with an epidemic model to simulate how attacker and defender scaling advantages shift malware infection curves in wireless networks.
Reviewed by Pith at T0; open to challenge. T0 means a machine referee read the full paper against a public rubric. the ladder, T0–T4 →
T0 review · grok-4.3
2026-06-30 09:33 UTC pith:ID2TIGRH
load-bearing objection The paper proposes GTI-mSEMP but shows no equations or validation, leaving its claims about a rigorous foundation uncheckable. the 2 major comments →
GTI-mSEMP Framework : A Proposed Framework to Simulate Malware Propagation with Inclusion of Attacker-Defender Strategy
The pith
A machine-rendered reading of the paper's core claim, the machinery that carries it, and where it could break.
Core claim
The GTI-mSEMP framework integrates game theory with the modified multi-wireless sensor epidemic malware propagation model. It defines three operational regimes—Balanced Matchup, Exploit Surge, and Hardened Defense—along with offensive and defensive scaling vectors. Numerical simulations then capture the transient dynamics of susceptible and recovered node populations, showing how the epidemic curve shifts when either scaling vector holds an efficiency advantage.
What carries the argument
The GTI-mSEMP framework, which adds game-theoretic attacker-defender strategies to a modified epidemic model using three operational regimes and scaling vectors to represent asymmetric interactions.
Load-bearing premise
The game-theoretic integration with the modified epidemic model and the three regimes accurately represents real-world asymmetric attacker-defender interactions.
What would settle it
Comparing the model's predicted shifts in susceptible and recovered node populations against measured data from a controlled wireless sensor network under documented attack and defense actions would settle whether the regime-based trajectories hold.
If this is right
- The epidemic curve shifts when defensive or offensive scaling vectors hold an efficiency advantage.
- Susceptible and recovered node populations follow distinct trajectories in each of the three regimes.
- Numerical simulations capture real-time transient dynamics of network state variables.
- The framework evaluates dynamic malware propagation in highly adversarial network environments.
- It predicts localized node population states under varying attacker-defender conditions.
Where Pith is reading between the lines
- Network operators could test prospective defense strategies by running the model before applying them in live systems.
- The regime structure might extend to model other resource-constrained cyber-physical systems facing adaptive threats.
- Adding real deployment data could refine the scaling vectors and improve prediction accuracy for specific networks.
Editorial analysis
A structured set of objections, weighed in public.
Referee Report
Summary. The manuscript proposes the GTI-mSEMP framework integrating game theory with a modified multi-wireless sensor epidemic malware propagation model. It simulates Susceptible (S) and Recovered (R) node population trajectories under three attacker-defender regimes (Balanced Matchup, Exploit Surge, Hardened Defense) via numerical methods and claims this supplies a rigorous, deployable foundation for predicting localized states in adversarial networks.
Significance. A validated game-theoretic extension of epidemic models could address the static-defense limitation of conventional approaches and supply falsifiable predictions for asymmetric malware dynamics. The current work, however, supplies only internal trajectories without calibration or baseline comparisons, so its significance remains that of an unanchored modeling proposal.
major comments (2)
- [Abstract] Abstract, 'Numerical simulation results' paragraph: the claim that the framework 'provides a rigorous foundation' for real-world prediction is unsupported because the text supplies no explicit GTI-mSEMP differential equations, payoff matrices, or equilibrium conditions for the three regimes, nor any sensitivity analysis on the scaling vectors.
- [Numerical simulation results] Numerical simulation results (throughout): the reported S/R trajectories are generated solely from the internal model; no comparison to standard SIR/SEIR baselines, no calibration against observed malware traces, and no external validation data are presented, rendering the 'predict localized node population states' claim circular with respect to the chosen parameters.
minor comments (2)
- [Title] Title: extraneous space before colon ('Framework :') and in 'Multi- Wireless'; standardize to 'Multi-Wireless'.
- [Abstract] Abstract: tense shift ('this paper analyzed' vs. present-tense verbs elsewhere); use consistent present tense.
Simulated Author's Rebuttal
We thank the referee for the constructive comments on our manuscript proposing the GTI-mSEMP framework. We address each major comment point by point below, indicating the revisions planned.
read point-by-point responses
-
Referee: [Abstract] Abstract, 'Numerical simulation results' paragraph: the claim that the framework 'provides a rigorous foundation' for real-world prediction is unsupported because the text supplies no explicit GTI-mSEMP differential equations, payoff matrices, or equilibrium conditions for the three regimes, nor any sensitivity analysis on the scaling vectors.
Authors: We agree that the abstract claim would be strengthened by explicit presentation of the core model elements. In the revised manuscript we will add the explicit differential equations of the modified multi-wireless sensor epidemic model, the payoff matrices and equilibrium conditions for the three attacker-defender regimes, and a sensitivity analysis on the scaling vectors. We will also moderate the abstract wording to 'provides a mathematical and simulation-based foundation for analyzing malware propagation under strategic interactions'. revision: yes
-
Referee: [Numerical simulation results] Numerical simulation results (throughout): the reported S/R trajectories are generated solely from the internal model; no comparison to standard SIR/SEIR baselines, no calibration against observed malware traces, and no external validation data are presented, rendering the 'predict localized node population states' claim circular with respect to the chosen parameters.
Authors: The presented trajectories are generated from the integrated game-theoretic epidemic model to illustrate regime-specific dynamics. We agree that direct comparisons to standard SIR/SEIR models would clarify the added value of the game-theoretic component and will include such baseline comparisons in the revision. Regarding calibration to observed malware traces and external validation data, the work is a theoretical framework proposal; suitable public datasets for adversarial, multi-vector malware in resource-constrained networks are not readily available. We will add an explicit limitations section discussing these constraints and outlining paths for future empirical calibration. The prediction claim will be qualified to refer to model-derived states under the stated regimes. revision: partial
Circularity Check
No circularity: framework defines its own equations and reports direct numerical outputs
full rationale
The paper introduces the GTI-mSEMP model by construction, defines three regimes via scaling vectors, and reports numerical trajectories of S and R populations generated from those equations. No step claims an external first-principles derivation that reduces back to fitted parameters or self-citations; the simulations are simply the forward integration of the authors' own model. This is standard for a proposed simulation framework and does not meet any of the enumerated circularity patterns.
Axiom & Free-Parameter Ledger
read the original abstract
The rapid proliferation of automated, multi-vector malware threats poses a significant risk to heterogeneous, resource constrained cyber-physical networks. Conventional epidemiological models often treat security defenses as static parameters, failing to capture the strategic, asymmetric maneuvers between an attacker and a defender. To address the gap, this paper proposes a Game-Theory-Integrated Modified Multi- Wireless Sensor Epidemic Malware Propagation (GTI-mSEMP) framework. This paper analyzed and compared the operational trajectories of Susceptible (S) and Recovered (R) node populations across three different operational regimes: Balanced Matchup, Exploit Surge and Hardened Defense. Numerical simulation results capture the real-time transient dynamics of the network state variables, demonstrating how the epidemic curve shifts when either the defensive or offensive scaling vectors hold an efficiency advantage. The proposed mathematical and numerical framework provides a rigorous foundation that can be deployed in highly adversarial network environments to evaluate dynamic malware propagation and predict localized node population states.
Figures
Reference graph
Works this paper leans on
-
[1]
Aboubakar, M., Kellil, M., & Roux, P. (2022). A review of IoT network management: Current status and perspectives. Journal of King Saud University-Computer and Information Sciences, 34(7), 4163-4176
2022
-
[2]
New security architecture for IoT network
Olivier, Flauzac, Gonzalez Carlos, and Nolot Florent. "New security architecture for IoT network." Procedia Computer Science 52 (2015): 1028-1033. GTI-mSEMP Framework 13
2015
-
[3]
& Antemijczuk, O
Czajkowski, A., Remiorz, L., Pawlak, S., Remiorz, E., Szyguła, J., Marek, D., ... & Antemijczuk, O. (2021). Global water crisis: Concept of a new interactive shower panel based on IoT and cloud computing for rational water consumption. Applied Sciences, 11(9), 4081
2021
-
[4]
(2018, October)
Hossain, S., & Abdelgawad, A. (2018, October). Smart refrigerator based on internet of things (iot) an approach to efficient food management. In Proceedings of the 2nd International conference on smart digital environment (pp. 15-18)
2018
-
[5]
Wang, Z., Nie, X., & Liao, M. (2021). Stability Analysis of a Fractional‐Order SEIR‐KS Computer Virus‐ Spreading Model with Two Delays. Journal of Mathematics, 2021(1), 6144953
2021
-
[6]
M., Leal, R
Gouvea, C. M., Leal, R. H., & Piqueira, J. R. (2025). Investigating the impact of nonlinearity on virus spread in computer networks with quarantine compartments. Nonlinear Science, 100097
2025
-
[7]
S., Gul, N., & Ahmed, Z
Zhang, Z., Zhang, W., Nisar, K. S., Gul, N., & Ahmed, Z. (2023). Bifurcation and global exponential stability of a mathematical model for malware dissemination on wireless sensor networks. Fractals, 31(10), 2340165
2023
-
[8]
Basole, S., & Stamp, M. (2020). Cluster analysis of malware family relationships. In Malware analysis using artificial intelligence and deep learning (pp. 361-379). Cham: Springer International Publishing
2020
-
[9]
Yan, S., Ren, J., Wang, W., Sun, L., Zhang, W., & Y u, Q. (2022). A survey of adversarial attack and defense methods for malware classification in cyber security. IEEE Communications Surveys & Tutorials, 25(1), 467-496
2022
-
[10]
(2024, September)
Kharabsheh, M., Al -aiash, I., Mughaid, A., & Almiani, M. (2024, September). The seir model for predicting malware propagation in computer networks. In 2024 International Conference on Intelligent Computing, Communication, Networking and Services (ICCNS) (pp. 108-113). IEEE
2024
-
[11]
Krebs, B. (2016). KrebsOnSecurity hit with record DDoS. KrebsOnSecurity, Sept, 21
2016
-
[12]
& Zhou, Y
Antonakakis, M., April, T., Bailey, M., Bernhard, M., Bursztein, E., Cochran, J., ... & Zhou, Y . (2017). Understanding the mirai botnet. In 26th USENIX security symposium (USENIX Security 17) (pp. 1093-1110)
2017
-
[13]
(2021, December)
Sahota, J., & Vlajic, N. (2021, December). Mozi IoT malware and its botnets: From theory to real -world observations. In 2021 International Conference on Computational Science and Computational Intelligence (CSCI) (pp. 698-703). IEEE
2021
-
[14]
Chen, Q., & Bridges, R. A. (2017, December). Automated behavioral analysis of malware: A case study of wannacry ransomware. In 2017 16th IEEE International Conference on machine learning and applications (ICMLA) (pp. 454-460). IEEE
2017
-
[15]
Y ., & Hsiao, S
Kao, D. Y ., & Hsiao, S. C. (2018, February). The dynamic analysis of WannaCry ransomware. In 2018 20th International conference on advanced communication technology (ICACT) (pp. 159-166). IEEE
2018
-
[16]
S., Ben-Othman, J., & Srinivasagan, K
Kumar, M. S., Ben-Othman, J., & Srinivasagan, K. G. (2018, June). An investigation on wannacry ransomware and its detection. In 2018 IEEE Symposium on Computers and Communications (ISCC) (pp. 1-6). IEEE
2018
-
[17]
C., & Kao, D
Hsiao, S. C., & Kao, D. Y . (2018, February). The static analysis of WannaCry ransomware. In 2018 20th international conference on advanced communication technology (ICACT) (pp. 153-158). IEEE
2018
-
[18]
Wierman, J. C. (2004). A Susceptible -Infected-Susceptible Model with Reintroduction for Computer Virus Epidemics. In Statistical Methods in Computer Security (pp. 181-192). CRC Press
2004
-
[19]
(2024, September)
Kharabsheh, M., Al -aiash, I., Mughaid, A., & Almiani, M. (2024, September). The seir model for predicting malware propagation in computer networks. In 2024 International Conference on Intelligent Computing, Communication, Networking and Services (ICCNS) (pp. 108-113). IEEE. S. Hossain and K. Wilson
2024
-
[20]
Zhang, Y ., & Liu, J. (2019). Optimal Decision‐Making Approach for Cyber Security Defense Using Game Theory and Intelligent Learning. Security and Communication Networks, 2019(1), 3038586
2019
-
[21]
K., Kumar, N., Ojha, R
Awasthi, S., Srivastava, P. K., Kumar, N., Ojha, R. P., Pandey, P. S., Singh, R., ... & Bakare, Y . B. (2023). An epidemic model for the investigation of multi‐malware attack in wireless sensor network. IET Communications, 17(11), 1274-1287
2023
-
[22]
A., & Lozano-Garzon, C
Quiroga-Sánchez, L., Montoya, G. A., & Lozano-Garzon, C. (2025). The SEIRS-NIMFA epidemiological model for malware propagation analysis in IoT networks: L. Quiroga-Sánchez et al. Cybersecurity, 8(1), 2
2025
- [23]
-
[24]
Kocabiyik, M. (2026). Modeling and Dynamical Analysis of Computer Worm Propagation using a New SEIR - Re Model and its Application with the Hausdorff Fractal Derivative. New Mathematics and Natural Computation
2026
-
[25]
A., & Lozano-Garzon, C
Quiroga-Sánchez, L., Montoya, G. A., & Lozano-Garzon, C. (2025). The SEIRS-NIMFA epidemiological model for malware propagation analysis in IoT networks: The SEIRS -NIMFA epidemiological...: L. Quiroga -Sánchez et al. Cybersecurity (2523-3246), 8(1)
2025
-
[26]
Y ., Malik, R
Stiawan, D., Idris, M. Y ., Malik, R. F., Nurmaini, S., Alsharif, N., & Budiarto, R. (2019). Investigating brute force attack patterns in IoT network. Journal of Electrical and Computer Engineering, 2019(1), 4568368
2019
-
[27]
R., & Robshaw, M
Knudsen, L. R., & Robshaw, M. J. (2011). Brute force attacks. In The Block Cipher Companion (pp. 95-108). Berlin, Heidelberg: Springer Berlin Heidelberg
2011
-
[28]
F., Sze, C
Waheed, A., Seegolam, B., Jowaheer, M. F., Sze, C. L. X., Hua, E. T. F., & Sindiramutty, S. R. (2024). Zero-day exploits in cybersecurity: Case studies and countermeasure
2024
-
[29]
Seri, B., & Vishnepolsky, G. (2017). The dangers of Bluetooth implementations: Unveiling zero day vulnerabilities and security flaws in modern Bluetooth stacks. ArmisLabs: Palo Alto, CA, USA, 1-38
2017
discussion (0)
Sign in with ORCID, Apple, or X to comment. Anyone can read and Pith papers without signing in.