Přístupnostní navigace
E-application
Search Search Close
Publication detail
NOVOTNÁ, V. BYCHKOV, O. SHEVCHENKO, V.I. SHEVCHENKO, A.V.
Original Title
Improvement of the model of computer epidemics based on expanding the set of possible states of the information systems objects
Type
journal article in Scopus
Language
English
Original Abstract
Currently computer attacks on information system have acquired a global epidemiological character. For effective attacks counteraction it is necessary to predict their development. Of urgency is the improvement of computer epidemics models and determination of control parameters that hold the epidemic within the safe limits. The purpose of this article is to improve existing models of computer epidemics by identifying unaccounted states of objects of information systems. This work has considered and refined the classification of possible states of attacked objects of information systems. The set of types of states of susceptibility and immunity to infection has been expanded and the influence of preventive measures has been taken into account. The account of appearance and detection of infection signs has been refined. The account of the various stages of an infected condition, treatment in quarantine and without quarantine has been detailed. The new set of states of objects after the epidemic has been introduced — partial functionality of varying degree. Objects in this state are divided into several groups according to the levels of residual functionality. The number of states depends on external conditions, characteristics of the system under study and the characteristics of the problem formulation. The classification of computer epidemic models SI, SI exp, SI SL, SIS, SIR, SIRI, SEIR, SEnImRF, SLBQRS, PSIDR is considered and refined. The similarity of biological and computer epidemics is considered. The general model of the epidemiological process is improved as a structural VNF model. It is shown that most of existing epidemic models are particular cases of VNF model. The structural-logical and the mathematical models of computer epidemics are improved and tested using the Code Red CRv1 worm epidemic as an example. It has been established that qualitative pictures of dynamics of many epidemics, for example, CRv1, CRv2, SQL Slammer are similar but develop in their own time scales. The most typical stage is the growing level of infection which can be well approximated by the logistic curve. The management of the epidemic hazard level via the coefficients of susceptibility to infection and the infection transmission coefficient are proposed
Keywords
computer epidemics, model, management, state of the object
Authors
NOVOTNÁ, V.; BYCHKOV, O.; SHEVCHENKO, V.I.; SHEVCHENKO, A.V.
Released
30. 11. 2019
Publisher
Begell house
ISBN
1064-2315
Periodical
Journal of automation and information sciences
Year of study
51
Number
11
State
United States of America
Pages from
34
Pages to
49
Pages count
16
URL
http://www.dl.begellhouse.com/journals/2b6239406278e43e,5c564c68149f41e1,1a4c25c8141afebe.html
BibTex
@article{BUT163532, author="NOVOTNÁ, V. and BYCHKOV, O. and SHEVCHENKO, V.I. and SHEVCHENKO, A.V.", title="Improvement of the model of computer epidemics based on expanding the set of possible states of the information systems objects", journal="Journal of automation and information sciences", year="2019", volume="51", number="11", pages="34--49", doi="10.1615/JAutomatInfScien.v51.i11.40", issn="1064-2315", url="http://www.dl.begellhouse.com/journals/2b6239406278e43e,5c564c68149f41e1,1a4c25c8141afebe.html" }