ВДОСКОНАЛЕННЯ МОДЕЛІ КОМП’ЮТЕРНИХ ЕПІДЕМІЙ НА ОСНОВІ РОЗШИРЕННЯ БЕЗЛІЧІ МОЖЛИВИХ СТАНІВ ОБ’ЄКТІВ ІНФОРМАЦІЙНОЇ СИСТЕМИ
Computer attacks on information systems today have acquired a global epidemiological character. For effective counteraction, it is necessary to predict the development of attacks. It is relevant to improve the models of computer epidemics and determine the control parameters that keep the epidemic w...
Збережено в:
| Дата: | 2025 |
|---|---|
| Автори: | , , , |
| Формат: | Стаття |
| Мова: | English |
| Опубліковано: |
V.M. Glushkov Institute of Cybernetics of NAS of Ukraine
2025
|
| Теми: | |
| Онлайн доступ: | https://jais.net.ua/index.php/files/article/view/694 |
| Теги: |
Додати тег
Немає тегів, Будьте першим, хто поставить тег для цього запису!
|
| Назва журналу: | Problems of Control and Informatics |
Репозитарії
Problems of Control and Informatics| Резюме: | Computer attacks on information systems today have acquired a global epidemiological character. For effective counteraction, it is necessary to predict the development of attacks. It is relevant to improve the models of computer epidemics and determine the control parameters that keep the epidemic within safe limits. The purpose of the article: improving existing models of computer epidemics by identifying unaccounted states of objects of information systems. The paper considers and refines the classification of possible states of attacked objects of information systems. The set of types of states of susceptibility and immunity to infection has been expanded, the influence of preventive measures has been taken into account. The account of the appearance and detection of infection signs has been refined. A detailed account of the various stages of an infected condition, treatment in quarantine and treatment without quarantine is detailed. A new set of state of objects after the epidemic has been introduced — partial functionality of varying degrees. Objects in this state are divided into several groups according to the levels of residual functionality. The number of states depends on external conditions, the characteristics of the system under study, and the characteristics of the problem statement. The classification of computer epidemic models SI, SI exp, SI SL, SIS, SIR, SIRI, SEIR, SEnImRF, SLBQRS, PSIDR is considered and refined. The similarity of biological and computer epidemics is considered. The general model of the epidemiological process is improved as a structural VNF model. It is shown that most existing epidemic models are particular cases of the VNF model. The structural-logical and mathematical models of computer epidemics are improved and tested using the Code Red CRv1 worm epidemic as an example. It has been established that qualitative pictures of the dynamics of the development of many epidemics, for example, CRv1, CRv2, SQL Slammer, are similar, but they are developing in their own time scales. The most typical stage is the growth of the level of infection. This stage is well approximated by the logistic curve. The management of the epidemic hazard level through the coefficient of susceptibility to infection and the transmission coefficient of infection is proposed. |
|---|