Confirmation of the mathematical model adequacy describing the dynamics of implementing a computer attack possibility in time

One of the urgent problems of information security at the moment is the lack of a unified approach for predicting computer attacks that is confirmed by both international and Russian experts as well as by practice. The paper proposes a mathematical model describing the dynamics of the computer attack in time built on the basis of the Diffusion of Innovations Theory. The substantiation of the possibility of using the Diffusion of Innovations Theory is given; the specifics of cybercrimes from other types of crimes are described. The adequacy of the proposed model is confirmed, in particular, by full-scale modeling of cyber-attacks on the organization's resources via the Internet site. The data of practical experiments confirm the mathematical model; in particular, the probability function of the cyber-attack implementation in time, i.e. the change in the number of infected nodes in time can be approximated using an s-shaped Pearl curve or a cascade model. The optimality of this approximation is proved by the method of least squares.

computer attack, Pearl-Reed curves, theory of diffusion of innovations, dynamics of the spread of computer attack, full-scale modeling, computer attack on the resources of the organization via website, approximation

1. Паспорт федерального проекта «Информационная безопасность». Утвержден Правительственной комиссией по цифровому развитию, использованию информационных техноло гий для улучшения качества жизни и условий ведения предпринимательской деятельности, протокол от 28 мая 2019 г. № 6.

2. The Global Risks Report 2018 // MARSH&McLENNAN COMPANIES. 2018. № 13. P. 80. [Электронный ресурс]. URL: https://www.marsh.com/us/insights/research/the-global-risks-report-2018.html (дата обращения: 27.04.2020).

3. Кибербитва на PHDays, или Как за 30 часов взломать городскую инфраструктуру. [Электронный ресурс]. URL: https://www.phdays.com/ru/press/news/kiberbitva-na-phdays-ili-kak-za-3 0-chasov-vzlomat-gorodskuyu-infrastrukturu/(дата обращения: 27.04.2020).

4. PHDays: точно в девятку. [Электронный ресурс]. URL: https://www.phdays.com/ru/press/news/phdays-tochno-v-devyatku/(дата обращения: 27.04.2020).

5. Choi S.-K., Lee T., Kwak J. Study on analysis of malicious code behavior information for predicting security threats in new environments // KSII Transactions on Internet and Information Systems. 2019. № 13 (3). P. 1611-1625. DOI: https://doi.org/10.3837/tiis.2019.03.028.

6. Feng B., Li Q., Ji Y., Guo D., and Meng X. Stopping the cyberattack in the early stage: assessing the security risks of social network users // Hindawi magazine. 2019. DOI: https://doi.org/10.1155/2019/3053418.

7. Nalini М., Chakram A. Digital risk management for data attacks against state evaluation // International Journal of Innovative Technology and Exploring Engineering (IJITEE). 2020. № 88. DOI: https://doi.org/10.35940/ijitee.I1130.0789S419.

8. Deb A., Lerman K., and Ferrara E. Predicting cyber events by leveraging hacker sentiment // Information. 2018. № 9 (11). P. 18. DOI: https://doi.org/10.3390/info9110280.

9. Zenebe A., Shumba M., Carillo A., and Cuenca S. Cyber Threat Discovery from Dark Web // EPiC SeriesinComputing. 2019. № 64. P. 174-183.

10. Rogers E. M., Singhal A., Quinlan M. M. Diffusion of Innovations. New York: Free Press, 2002. DOI: https://doi.org/10.4324/9780203710753-35.

11. Bass F. M. A new product growth model for consumer durables // INFORMS. 1969. № 15 (5). P. 215-227. DOI: https://doi.org/10.1287/mnsc.15.5.215.

12. Mansfield E. Technical Change and the Rate of Imitation // Econometrica. 1961. № 29 (4). DOI: https://doi.org/10.2307/1911817.

13. Hagerstrand Т. Innovation diffusion as a spatial process. Chicago: University of Chicago Press, 1967. DOI: https://doi.org/10.1111/j.1538-4632.1969.tb00626.x.

14. Свидетельство о государственной регистрации программы для ЭВМ 2019613098 Российская Федерация. Программный комплекс обучения методам обнаружения, анализа и устранения последствий компьютерных атак «Ampire» / И. Н. Костюлин, А. В. Наумова, С. А. Овчинников, А. А. Пушкин, Ю. И. Худой; заявитель и правообладатель Закрытое акционерное общество «Перспективный мониторинг» (ЗАО «ПМ»). № 2019612022; заявл. 01.03.2019; опубл. 07.03.2019.

15. Dargahi T., Dehghantanha A., Nikkhah Bahrami P., Conti M., Bianchi G., and Benedetto L. A Cyber-Kill-Chain based taxonomy of crypto-ransomware features // Journal of Computer Virology and Hacking Techniques. 2019. P. 277-305.

16. The Cyber Kill Chain framework [Электронный ресурс]. URL: https://www.lockheedmartin.com/en-us/capabilities/cyber/cyber-kill-chain.html (дата обращения: 29.12.2020).