Model for the Propagation of Malicious Objects in a Computer Network with Variable Infection Intensity

Abstract

There are a significant number of scientific publications that use epidemic models to propagate malicious objects in a computer network. These models are based on Markovian models with a constant intensity of transitions, which does not correspond to real conditions, since the intensity of transitions changes due to the fact that after some time antivirus systems start to recognize malware. This paper proposes an original approach based on an epidemic model with variable infection intensity of hosts in a computer network. In the beginning, when the threat is not recognized, the malware spreads rapidly. After a certain period of time, the antivirus system recognizes the malicious code, which leads to a decrease in the infection intensity. Simulations have been done for different infection intensity and threat recognition. Demonstrated models account for the infection time of hosts in the computer network, latency phase, malware detection, and clearance from the system.