Improvement of the model of computer epidemics based on expanding the set of possible states of the information systems objects
The result's identifiers
Result code in IS VaVaI
<a href="https://www.isvavai.cz/riv?ss=detail&h=RIV%2F00216305%3A26510%2F19%3APU136167" target="_blank" >RIV/00216305:26510/19:PU136167 - isvavai.cz</a>
Result on the web
<a href="http://www.dl.begellhouse.com/journals/2b6239406278e43e,5c564c68149f41e1,1a4c25c8141afebe.html" target="_blank" >http://www.dl.begellhouse.com/journals/2b6239406278e43e,5c564c68149f41e1,1a4c25c8141afebe.html</a>
DOI - Digital Object Identifier
<a href="http://dx.doi.org/10.1615/JAutomatInfScien.v51.i11.40" target="_blank" >10.1615/JAutomatInfScien.v51.i11.40</a>
Alternative languages
Result language
angličtina
Original language name
Improvement of the model of computer epidemics based on expanding the set of possible states of the information systems objects
Original language description
Currently computer attacks on information system have acquired a global epidemiological character. For effective attacks counteraction it is necessary to predict their development. Of urgency is the improvement of computer epidemics models and determination of control parameters that hold the epidemic within the safe limits. The purpose of this article is to improve existing models of computer epidemics by identifying unaccounted states of objects of information systems. This work has considered and refined the classification of possible states of attacked objects of information systems. The set of types of states of susceptibility and immunity to infection has been expanded and the influence of preventive measures has been taken into account. The account of appearance and detection of infection signs has been refined. The account of the various stages of an infected condition, treatment in quarantine and without quarantine has been detailed. The new set of states of objects after the epidemic has been introduced — partial functionality of varying degree. Objects in this state are divided into several groups according to the levels of residual functionality. The number of states depends on external conditions, characteristics of the system under study and the characteristics of the problem formulation. The classification of computer epidemic models SI, SI exp, SI SL, SIS, SIR, SIRI, SEIR, SEnImRF, SLBQRS, PSIDR is considered and refined. The similarity of biological and computer epidemics is considered. The general model of the epidemiological process is improved as a structural VNF model. It is shown that most of existing epidemic models are particular cases of VNF model. The structural-logical and the mathematical models of computer epidemics are improved and tested using the Code Red CRv1 worm epidemic as an example. It has been established that qualitative pictures of dynamics of many epidemics, for example, CRv1, CRv2, SQL Slammer are similar but develop in the
Czech name
—
Czech description
—
Classification
Type
J<sub>SC</sub> - Article in a specialist periodical, which is included in the SCOPUS database
CEP classification
—
OECD FORD branch
10201 - Computer sciences, information science, bioinformathics (hardware development to be 2.2, social aspect to be 5.8)
Result continuities
Project
—
Continuities
S - Specificky vyzkum na vysokych skolach
Others
Publication year
2019
Confidentiality
S - Úplné a pravdivé údaje o projektu nepodléhají ochraně podle zvláštních právních předpisů
Data specific for result type
Name of the periodical
Journal of automation and information sciences
ISSN
1064-2315
e-ISSN
—
Volume of the periodical
51
Issue of the periodical within the volume
11
Country of publishing house
US - UNITED STATES
Number of pages
16
Pages from-to
34-49
UT code for WoS article
—
EID of the result in the Scopus database
2-s2.0-85082823935