Improvement of the model of computer epidemics based on expanding the set of possible states of the information systems objects

Kód výsledku v IS VaVaI

<a href="https://www.isvavai.cz/riv?ss=detail&h=RIV%2F00216305%3A26510%2F19%3APU136167" target="_blank" >RIV/00216305:26510/19:PU136167 - isvavai.cz</a>

Výsledek na webu

<a href="http://www.dl.begellhouse.com/journals/2b6239406278e43e,5c564c68149f41e1,1a4c25c8141afebe.html" target="_blank" >http://www.dl.begellhouse.com/journals/2b6239406278e43e,5c564c68149f41e1,1a4c25c8141afebe.html</a>

DOI - Digital Object Identifier

<a href="http://dx.doi.org/10.1615/JAutomatInfScien.v51.i11.40" target="_blank" >10.1615/JAutomatInfScien.v51.i11.40</a>

Jazyk výsledku

angličtina

Název v původním jazyce

Improvement of the model of computer epidemics based on expanding the set of possible states of the information systems objects

Popis výsledku v původním jazyce

Currently computer attacks on information system have acquired a global epidemiological character. For effective attacks counteraction it is necessary to predict their development. Of urgency is the improvement of computer epidemics models and determination of control parameters that hold the epidemic within the safe limits. The purpose of this article is to improve existing models of computer epidemics by identifying unaccounted states of objects of information systems. This work has considered and refined the classification of possible states of attacked objects of information systems. The set of types of states of susceptibility and immunity to infection has been expanded and the influence of preventive measures has been taken into account. The account of appearance and detection of infection signs has been refined. The account of the various stages of an infected condition, treatment in quarantine and without quarantine has been detailed. The new set of states of objects after the epidemic has been introduced — partial functionality of varying degree. Objects in this state are divided into several groups according to the levels of residual functionality. The number of states depends on external conditions, characteristics of the system under study and the characteristics of the problem formulation. The classification of computer epidemic models SI, SI exp, SI SL, SIS, SIR, SIRI, SEIR, SEnImRF, SLBQRS, PSIDR is considered and refined. The similarity of biological and computer epidemics is considered. The general model of the epidemiological process is improved as a structural VNF model. It is shown that most of existing epidemic models are particular cases of VNF model. The structural-logical and the mathematical models of computer epidemics are improved and tested using the Code Red CRv1 worm epidemic as an example. It has been established that qualitative pictures of dynamics of many epidemics, for example, CRv1, CRv2, SQL Slammer are similar but develop in the

Název v anglickém jazyce

Improvement of the model of computer epidemics based on expanding the set of possible states of the information systems objects

Popis výsledku anglicky

Currently computer attacks on information system have acquired a global epidemiological character. For effective attacks counteraction it is necessary to predict their development. Of urgency is the improvement of computer epidemics models and determination of control parameters that hold the epidemic within the safe limits. The purpose of this article is to improve existing models of computer epidemics by identifying unaccounted states of objects of information systems. This work has considered and refined the classification of possible states of attacked objects of information systems. The set of types of states of susceptibility and immunity to infection has been expanded and the influence of preventive measures has been taken into account. The account of appearance and detection of infection signs has been refined. The account of the various stages of an infected condition, treatment in quarantine and without quarantine has been detailed. The new set of states of objects after the epidemic has been introduced — partial functionality of varying degree. Objects in this state are divided into several groups according to the levels of residual functionality. The number of states depends on external conditions, characteristics of the system under study and the characteristics of the problem formulation. The classification of computer epidemic models SI, SI exp, SI SL, SIS, SIR, SIRI, SEIR, SEnImRF, SLBQRS, PSIDR is considered and refined. The similarity of biological and computer epidemics is considered. The general model of the epidemiological process is improved as a structural VNF model. It is shown that most of existing epidemic models are particular cases of VNF model. The structural-logical and the mathematical models of computer epidemics are improved and tested using the Code Red CRv1 worm epidemic as an example. It has been established that qualitative pictures of dynamics of many epidemics, for example, CRv1, CRv2, SQL Slammer are similar but develop in the

Druh

J_SC - Článek v periodiku v databázi SCOPUS

CEP obor

—

OECD FORD obor

10201 - Computer sciences, information science, bioinformathics (hardware development to be 2.2, social aspect to be 5.8)

Projekt

—

Návaznosti

S - Specificky vyzkum na vysokych skolach

Rok uplatnění

2019

Kód důvěrnosti údajů

S - Úplné a pravdivé údaje o projektu nepodléhají ochraně podle zvláštních právních předpisů

Název periodika

Journal of automation and information sciences

ISSN

1064-2315

e-ISSN

—

Svazek periodika

51

Číslo periodika v rámci svazku

11

Stát vydavatele periodika

US - Spojené státy americké

Počet stran výsledku

16

Strana od-do

34-49

Kód UT WoS článku

—

EID výsledku v databázi Scopus

2-s2.0-85082823935