Detail publikace

Improvement of the model of computer epidemics based on expanding the set of possible states of the information systems objects

NOVOTNÁ, V. BYCHKOV, O. SHEVCHENKO, V.I. SHEVCHENKO, A.V.

Originální název

Improvement of the model of computer epidemics based on expanding the set of possible states of the information systems objects

Typ

článek v časopise ve Scopus, Jsc

Jazyk

angličtina

Originální abstrakt

Currently computer attacks on information system have acquired a global epidemiological character. For effective attacks counteraction it is necessary to predict their development. Of urgency is the improvement of computer epidemics models and determination of control parameters that hold the epidemic within the safe limits. The purpose of this article is to improve existing models of computer epidemics by identifying unaccounted states of objects of information systems. This work has considered and refined the classification of possible states of attacked objects of information systems. The set of types of states of susceptibility and immunity to infection has been expanded and the influence of preventive measures has been taken into account. The account of appearance and detection of infection signs has been refined. The account of the various stages of an infected condition, treatment in quarantine and without quarantine has been detailed. The new set of states of objects after the epidemic has been introduced — partial functionality of varying degree. Objects in this state are divided into several groups according to the levels of residual functionality. The number of states depends on external conditions, characteristics of the system under study and the characteristics of the problem formulation. The classification of computer epidemic models SI, SI exp, SI SL, SIS, SIR, SIRI, SEIR, SEnImRF, SLBQRS, PSIDR is considered and refined. The similarity of biological and computer epidemics is considered. The general model of the epidemiological process is improved as a structural VNF model. It is shown that most of existing epidemic models are particular cases of VNF model. The structural-logical and the mathematical models of computer epidemics are improved and tested using the Code Red CRv1 worm epidemic as an example. It has been established that qualitative pictures of dynamics of many epidemics, for example, CRv1, CRv2, SQL Slammer are similar but develop in their own time scales. The most typical stage is the growing level of infection which can be well approximated by the logistic curve. The management of the epidemic hazard level via the coefficients of susceptibility to infection and the infection transmission coefficient are proposed

Klíčová slova

computer epidemics, model, management, state of the object

Autoři

NOVOTNÁ, V.; BYCHKOV, O.; SHEVCHENKO, V.I.; SHEVCHENKO, A.V.

Vydáno

30. 11. 2019

Nakladatel

Begell house

ISSN

1064-2315

Periodikum

Journal of automation and information sciences

Ročník

51

Číslo

11

Stát

Spojené státy americké

Strany od

34

Strany do

49

Strany počet

16

URL

http://www.dl.begellhouse.com/journals/2b6239406278e43e,5c564c68149f41e1,1a4c25c8141afebe.html

BibTex

@article{BUT163532,
  author="NOVOTNÁ, V. and BYCHKOV, O. and SHEVCHENKO, V.I. and SHEVCHENKO, A.V.",
  title="Improvement of the model of computer epidemics based on expanding the set of possible states of the information systems objects",
  journal="Journal of automation and information sciences",
  year="2019",
  volume="51",
  number="11",
  pages="34--49",
  doi="10.1615/JAutomatInfScien.v51.i11.40",
  issn="1064-2315",
  url="http://www.dl.begellhouse.com/journals/2b6239406278e43e,5c564c68149f41e1,1a4c25c8141afebe.html"
}