Publication detail

Improvement of the model of computer epidemics based on expanding the set of possible states of the information systems objects

NOVOTNÁ, V. BYCHKOV, O. SHEVCHENKO, V.I. SHEVCHENKO, A.V.

Original Title

Improvement of the model of computer epidemics based on expanding the set of possible states of the information systems objects

Type

journal article in Scopus

Language

English

Original Abstract

Currently computer attacks on information system have acquired a global epidemiological character. For effective attacks counteraction it is necessary to predict their development. Of urgency is the improvement of computer epidemics models and determination of control parameters that hold the epidemic within the safe limits. The purpose of this article is to improve existing models of computer epidemics by identifying unaccounted states of objects of information systems. This work has considered and refined the classification of possible states of attacked objects of information systems. The set of types of states of susceptibility and immunity to infection has been expanded and the influence of preventive measures has been taken into account. The account of appearance and detection of infection signs has been refined. The account of the various stages of an infected condition, treatment in quarantine and without quarantine has been detailed. The new set of states of objects after the epidemic has been introduced — partial functionality of varying degree. Objects in this state are divided into several groups according to the levels of residual functionality. The number of states depends on external conditions, characteristics of the system under study and the characteristics of the problem formulation. The classification of computer epidemic models SI, SI exp, SI SL, SIS, SIR, SIRI, SEIR, SEnImRF, SLBQRS, PSIDR is considered and refined. The similarity of biological and computer epidemics is considered. The general model of the epidemiological process is improved as a structural VNF model. It is shown that most of existing epidemic models are particular cases of VNF model. The structural-logical and the mathematical models of computer epidemics are improved and tested using the Code Red CRv1 worm epidemic as an example. It has been established that qualitative pictures of dynamics of many epidemics, for example, CRv1, CRv2, SQL Slammer are similar but develop in their own time scales. The most typical stage is the growing level of infection which can be well approximated by the logistic curve. The management of the epidemic hazard level via the coefficients of susceptibility to infection and the infection transmission coefficient are proposed

Keywords

computer epidemics, model, management, state of the object

Authors

NOVOTNÁ, V.; BYCHKOV, O.; SHEVCHENKO, V.I.; SHEVCHENKO, A.V.

Released

30. 11. 2019

Publisher

Begell house

ISBN

1064-2315

Periodical

Journal of automation and information sciences

Year of study

51

Number

11

State

United States of America

Pages from

34

Pages to

49

Pages count

16

URL

BibTex

@article{BUT163532,
  author="NOVOTNÁ, V. and BYCHKOV, O. and SHEVCHENKO, V.I. and SHEVCHENKO, A.V.",
  title="Improvement of the model of computer epidemics based on expanding the set of possible states of the information systems objects",
  journal="Journal of automation and information sciences",
  year="2019",
  volume="51",
  number="11",
  pages="34--49",
  doi="10.1615/JAutomatInfScien.v51.i11.40",
  issn="1064-2315",
  url="http://www.dl.begellhouse.com/journals/2b6239406278e43e,5c564c68149f41e1,1a4c25c8141afebe.html"
}