CN108121916B - Computer virus propagation defense method under multi-level security protection level - Google Patents

Computer virus propagation defense method under multi-level security protection level Download PDF

Info

Publication number
CN108121916B
CN108121916B CN201711352141.XA CN201711352141A CN108121916B CN 108121916 B CN108121916 B CN 108121916B CN 201711352141 A CN201711352141 A CN 201711352141A CN 108121916 B CN108121916 B CN 108121916B
Authority
CN
China
Prior art keywords
computer
level
security level
virus
security
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201711352141.XA
Other languages
Chinese (zh)
Other versions
CN108121916A (en
Inventor
罗文俊
岑琛
祝清意
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Chongqing University of Post and Telecommunications
Original Assignee
Chongqing University of Post and Telecommunications
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Chongqing University of Post and Telecommunications filed Critical Chongqing University of Post and Telecommunications
Priority to CN201711352141.XA priority Critical patent/CN108121916B/en
Publication of CN108121916A publication Critical patent/CN108121916A/en
Application granted granted Critical
Publication of CN108121916B publication Critical patent/CN108121916B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • G06F21/577Assessing vulnerabilities and evaluating computer system security
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/552Detecting local intrusion or implementing counter-measures involving long-term monitoring or reporting
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/03Indexing scheme relating to G06F21/50, monitoring users, programs or devices to maintain the integrity of platforms
    • G06F2221/034Test or assess a computer or a system

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Computing Systems (AREA)
  • Measuring Or Testing Involving Enzymes Or Micro-Organisms (AREA)

Abstract

The invention relates to a computer virus propagation defense method under a multilevel security protection level, and belongs to the technical field of network information security. The invention provides a novel multi-security-level virus propagation model on the premise of a standard computer five-level security level, considering that the existing virus propagation model does not relate to the influence of the computer security defense level on virus propagation. The invention sets the threshold value of the virus quantity in the network system, namely the threshold value of when the computer security level needs to be improved, thereby providing a new virus protection scheme, namely, the appropriate threshold value is determined to ensure that the system overhead is small and the virus propagation can be restrained to the maximum extent.

Description

Computer virus propagation defense method under multi-level security protection level
Technical Field
The invention belongs to the technical field of network information security, and relates to a computer virus propagation defense method under a multi-level security protection level.
Background
With the rapid development of information technology, human beings have entered a new internet era. People's daily life, operational environment have also got a great improvement thereupon, and many aspects in human life have all been kept away from the computer. But at the same time computer viruses are generated. Computer viruses can generate dangerous behaviors such as formatting hard disks, rewriting or deleting data, destroying settings, seizing resources, and stealing key information of users more directly. Therefore, how to control the spread of computer viruses becomes a very important and meaningful topic for many researchers and companies to study.
Currently, the research for controlling the spread of computer viruses is mainly divided into microscopic research and macroscopic research.
The microscopic research refers to detecting and removing viruses by analyzing the program structure characteristics and behavior patterns of computer viruses, and antivirus software and firewalls are commonly used in actual life, which is the most main and effective method for searching and killing computer viruses at present. However, microscopic studies have their own limitations, especially since new versions of antivirus software, new patches, etc. always come into existence after new viruses appear, which indicates that microscopic studies are time-delayed.
To compensate for the deficiencies of microscopic studies, the subject of computer virus transmission dynamics has come into force. A series of bin models are also presented. The warehouse model provides the most important method for researching the virus spreading behavior of the computer, but the influence of the difference of the security defense levels of the computer on the virus spreading is ignored for the computers on the Internet. In a network system, computers in the internet are often set to different levels of security defense because of the different nature and use of the services of the terminal computers. According to different defense levels, computers of susceptible groups are divided into different bins, and the influence of external factors on computer virus propagation can be reflected from a practical perspective.
Disclosure of Invention
In view of this, the present invention provides a computer virus propagation defense method under a multi-level security protection level, which is used for researching the influence of different computer security defense levels on virus propagation. A reasonable virus propagation model is described according to the actual situation, mathematical theory analysis and simulation experiment analysis are carried out on the model, the propagation rule is revealed, and theoretical basis and practical guidance are provided for effectively restraining virus propagation.
In order to achieve the purpose, the invention provides the following technical scheme:
a computer virus propagation defense method under a multilevel security protection level comprises the following steps:
s1: firstly, dividing individuals in an S chamber of a susceptible computer in an SIS model into five levels according to the computer safety level standard; the susceptibility calculation under the five safety levels is respectively S1、S2、S3、S4、S5Represents; there are six states of the computer in the entire model: first level security level computer (S)1) Second level security level computer (S)2) Third level security level computer (S)3) Fourth level security level computer (S)4) Fifth level security level computer (S)5) And infected computers (I);
s2: introducing various reasonable parameters and making relatively reasonable assumptions in combination with the actual situation of a computer network;
s3: and (3) node state detection process: detecting whether each node is infected by the virus and converted into an infected node, and counting the number of the nodes;
s4: the computer automatically promotes the defense level process: if the number of the infected nodes of the computer with lower security level is less than the set threshold value, the defense upgrading measures are not taken; if the number of the infected nodes of the computer with the lower security level is larger than a threshold value, upgrading the nodes in the lower security level (Sl) to nodes in the high security level (Sh) with a certain probability (l ═ h-1);
s5: establishing a reasonable mathematical model and drawing a model schematic diagram;
s6: according to the model schematic diagram, listing a mathematical expression of the model, and solving a corresponding balance point, wherein the balance point is used for representing the specific number of nodes in each chamber when the system is balanced;
s7: determining the balance state of the whole model, and verifying the existence and stability of the state of the model;
s8: analyzing and researching the expression of the balance point of the balance state, and finally obtaining a corresponding conclusion;
s9: and according to the conclusion, new virus protection measures are proposed.
The invention has the beneficial effects that:
(1) the invention aims at the problem that the existing virus propagation model does not consider the influence of the difference of the security defense levels of the computers on the virus propagation, considers the difference of the security defense capacities among the computers, and is very consistent with the actual situation of the propagation of computer viruses in the network.
(2) The invention determines whether the computer with lower security level is upgraded to the higher security level by setting the threshold value of the virus number, provides the protection of the computer virus by the threshold value, and provides a new solution for the protection measures of the computer virus.
Drawings
In order to make the object, technical scheme and beneficial effect of the invention more clear, the invention provides the following drawings for explanation:
FIG. 1 is a diagram of an improved SIS model;
FIG. 2 is a flowchart of an upgrade measure;
FIG. 3 shows the data verification result of experiment (1);
FIG. 4 shows the data verification result of experiment (2);
FIG. 5 shows the data verification result of experiment (3);
FIG. 6 shows the data verification result of experiment (4);
fig. 7 shows the data verification result of experiment (5).
Detailed Description
Preferred embodiments of the present invention will be described in detail below with reference to the accompanying drawings.
FIG. 1 is a diagram of an improved SIS model; FIG. 2 is a flowchart of an upgrade measure; the invention implements the computer virus propagation modeling and protective measures under the security level of a middle-level and multi-level computer, and mainly comprises the following steps:
step one, relevant parameters and assumptions are introduced.
(1) Computers entering the modeled system from the outside are all in an uninfected state, assuming entry to S1、S2、S3、S4、S5The average probability per unit time is assumed to be b1、b2、b3、b4、b5
(2)S1、S2、S3、S4、S5Average hypothesis probability of being infected inside the system to become I per unit time and beta1、β2、β3、β4、β5
(3) The infected computers in I all have the possibility of being cured, and are supposed to be respectively cured into S within unit time1、S2、S3、S4、S5Has an average probability of gamma1、γ2、γ3、γ4、γ5
(4) All individuals within the system may die themselves or leave the system for other reasons, assuming an average probability of this occurring is μ.
Step two, expressing the automatic defense level improving process of the computer by a segmentation function:
S1is upgraded to S2The piecewise function of (d):
Figure GDA0003070860140000031
S2is upgraded to S3The piecewise function of (d):
Figure GDA0003070860140000032
S3is upgraded to S4The piecewise function of (d):
Figure GDA0003070860140000033
S4is upgraded to S5The piecewise function of (d):
Figure GDA0003070860140000034
fn(I) piecewise function of computer upgrade measures representing a security level n, ImaxnIndicates that when the number of I in the system reaches a certain number, the computer chamber S is not infected with virusnThresholds for upgrade measures need to be taken.
Step three, suppose S1(t)、S2(t)、S3(t)、S4(t)、S5(t) and I (t) each represent S1、S2、S3、S4、S5And the number of the models at a certain time t in I, the system of differential equations of the model with respect to the time t can be obtained through the above analysis (wherein S is1(t)、S2(t)、S3(t)、S4(t)、S5(t) are each abbreviated to S1、S2、S3、S4、S5)。
Figure GDA0003070860140000041
Step four, model and equation set characteristics, the above equation set is written into the following general form:
Figure GDA0003070860140000042
wherein S islAnd ShRespectively representing a low security level computer and a high security level computer, NlIs represented by the ratio SlNumber of upgrades from computers of low security level, NhRepresenting the number of upgrades of a high security level to a higher level security level, SN represents the number of upgrades by S in the I-binlAnd ShNumber of other chambers entering or exiting, fl(I) The computer representing the low security level adopts the piecewise function of the upgrading measure, and the expression is as follows:
Figure GDA0003070860140000043
order Sl+ShN represents S in the systeml、ShAnd I, which is a dynamic number, as time t approaches infinity,
Figure GDA0003070860140000044
the above equation set can be further simplified as:
Figure GDA0003070860140000045
step five, the basic regeneration number is calculated according to the simplified equation set
Figure GDA0003070860140000048
And finding the nontoxic balance point
Figure GDA0003070860140000047
Order:
C=μ(γlh+μ)-βl(bl+Nl)-βh(bh-Nh)=μ(γlh+μ)(1-R0) (1)
A1=βlβh
B1=βlβhN*lγhlμ-βhγlhμ (2)
Figure GDA00030708601400000516
A2=βlβh+αβh
B2=(βlβh+αβh)N*lγhlμ-βhγlhμ-α(γhh+μ) (3)
Figure GDA00030708601400000517
the following 4 sets of toxic equilibrium points were found:
Figure GDA0003070860140000051
Figure GDA0003070860140000052
Figure GDA0003070860140000053
the existence conditions of the equilibrium points are analyzed as follows:
Figure GDA0003070860140000054
Figure GDA0003070860140000055
or
Figure GDA0003070860140000056
And
Figure GDA0003070860140000057
or
Figure GDA0003070860140000058
(2) When in use
Figure GDA0003070860140000059
There are only three toxic equilibrium points
Figure GDA00030708601400000510
Figure GDA00030708601400000511
And
Figure GDA00030708601400000512
(3) when in use
Figure GDA00030708601400000513
There is only one toxic equilibrium point
Figure GDA00030708601400000514
Or
Figure GDA00030708601400000515
Through the correlation mathematical analysis and the theorem of equations, the existence and stability of the equilibrium point can be summarized in the following table:
table 1 description of the related art
N Absence of equilibrium point
E Equilibrium point is present only but not stable
EL With equilibrium points and local progressive stabilisation
EG Balance point storage and global gradual stabilization
TABLE 2 Presence of equilibrium points and stability
Figure GDA0003070860140000061
And step six, verifying the result of the previous step through experimental data.
As shown in fig. 3, experiment (1): let parameter betal=0.24,βh=0.08,γl=0.146,γh=0.003,bl=0.001,Nl=0.0002,bh=0.0022,Nh=0.0004,μ=0.003,α=0.005,Imaxl0.38. The trajectory of some initial points over time t is shown in (a), and two of these points are plotted against time t in (b) and (c). This experiment validates the conclusions in line 3 of table 2.
As shown in fig. 4, experiment (2): let parameter betal=0.24,βh=0.08,γl=0.146,γh=0.043,bl=0.001,Nl=0.0002,bh=0.0022,Nh=0.0004,μ=0.003,α=0.005,Imaxl0.21. The trajectory of some initial points over time t is shown in (a), and two of these points are plotted against time t in (b) and (c). This experiment validated the row 2 conclusions in table 2.
As shown in fig. 5, experiment (3): let parameter betal=0.24,βh=0.08,γl=0.146,γh=0.003,bl=0.001,Nl=0.0002,bh=0.0022,Nh=0.0004,μ=0.003,α=0.005,Imaxl0.21. The trajectory of some initial points over time t is shown in (a), and two of these points are plotted against time t in (b) and (c). This experiment validates the conclusions on lines 4-5 of Table 2.
As shown in fig. 6, experiment (4): let parameter betal=0.3,βh=0.09,γl=0.056,γh=0.0043,bl=0.001,Nl=0.0002,bh=0.0022,Nh=0.0004,μ=0.003,α=0.06,Imaxl0.38. The trajectory of some initial points over time t is shown in (a), and two of these points are plotted against time t in (b) and (c). This experiment validated the row 6 conclusions in table 2.
As shown in FIG. 7, experiment (5) was conducted with the parameter βl=0.3,βh=0.09,γl=0.056,γh=0.0043,bl=0.001,Nl=0.0002,bh=0.0022,Nh=0.0004,μ=0.003,α=0.06,Imaxl0.2. The trajectory of some initial points over time t is shown in (a), and two of these points are plotted against time t in (b) and (c). This experiment validates the conclusions of the last 1 row in table 2.
Step seven, aiming at the safety upgrading threshold I provided by the scheme of the inventionmaxlAnalytical studies were performed showing that: when the low security level needs to be safely upgraded according to the threshold, the threshold needs to be set to a proper value, if the threshold is too low, the upgrading cost is too high, the resource waste is caused, if the threshold is too high, the upgrading strength is not enough, and the effect of controlling the virus cannot be achieved, and the method is countedCalculating when the threshold value is close to E3 *In (1)3 *The best virus control effect is obtained.
Step eight, controlling the virus under the security level of the multi-level computer, and obtaining a measure for controlling the virus through the analysis and calculation of the previous step, namely setting the value of the threshold value of the security upgrade of the computer to be as stable as possible to infect the computers under the equilibrium state under the higher security level when the threshold value needs to be set, so that the virus control effect in the whole system can be ensured to be optimal. The effectiveness of the inventive solution was also verified by the previous steps.
Finally, it is noted that the above-mentioned preferred embodiments illustrate rather than limit the invention, and that, although the invention has been described in detail with reference to the above-mentioned preferred embodiments, it will be understood by those skilled in the art that various changes in form and detail may be made therein without departing from the scope of the invention as defined by the appended claims.

Claims (1)

1. A computer virus propagation defense method under a multilevel security protection level is characterized in that: the method comprises the following steps:
step one, introducing relevant parameters and assumptions;
(1) the computers entering the modeling system from the outside are all in an uninfected state, and the computer enters S1、S2、S3、S4、S5The average probability per unit time is assumed to be b1、b2、b3、b4、b5
(2)S1、S2、S3、S4、S5Average hypothesis probability of being infected inside the system to become I per unit time and beta1、β2、β3、β4、β5
(3) The infected computers in I all have the possibility of being cured, and are supposed to be respectively cured into S within unit time1、S2、S3、S4、S5Average summary ofRate of gamma1、γ2、γ3、γ4、γ5
(4) All individuals within the system may die themselves or leave the system for other reasons, assuming that the average probability of this occurring is μ;
step two, expressing the automatic defense level improving process of the computer by a segmentation function:
S1is upgraded to S2The piecewise function of (d):
Figure FDA0003070860130000011
S2is upgraded to S3The piecewise function of (d):
Figure FDA0003070860130000012
S3is upgraded to S4The piecewise function of (d):
Figure FDA0003070860130000013
S4is upgraded to S5The piecewise function of (d):
Figure FDA0003070860130000014
fn(I) piecewise function of computer upgrade measures representing a security level n, ImaxnIndicates that when the number of I in the system reaches a certain number, the computer chamber S is not infected with virusnA threshold at which an upgrade measure needs to be taken;
step three, suppose S1(t)、S2(t)、S3(t)、S4(t)、S5(t) and I (t) each represent S1、S2、S3、S4、S5And the respective number of times t in I, the system of differential equations of the model with respect to time t is obtained as follows, wherein S1(t)、S2(t)、S3(t)、S4(t)、S5(t) are each abbreviated to S1、S2、S3、S4、S5
Figure FDA0003070860130000021
Step four, model and equation set characteristics, the above equation set is written into the following form:
Figure FDA0003070860130000022
wherein S islAnd ShRespectively representing a low security level computer and a high security level computer, NlIs represented by the ratio SlNumber of upgrades from computers of low security level, NhRepresenting the number of upgrades of a high security level to a higher level security level, SN represents the number of upgrades by S in the I-binlAnd ShNumber of other chambers entering or exiting, fl(I) The computer representing the low security level adopts the piecewise function of the upgrading measure, and the expression is as follows:
Figure FDA0003070860130000023
order Sl+ShN represents S in the systeml、ShAnd I, which is a dynamic number, as time t approaches infinity,
Figure FDA0003070860130000024
the method is simplified as follows:
Figure FDA0003070860130000025
step five, the basic regeneration number is calculated according to the simplified equation set
Figure FDA0003070860130000026
And finding the nontoxic balance point
Figure FDA0003070860130000027
Order:
C=μ(γlh+μ)-βl(bl+Nl)-βh(bh-Nh)=μ(γlh+μ)(1-R0) (1)
Figure FDA0003070860130000028
Figure FDA0003070860130000031
the following 4 sets of toxic equilibrium points were found:
Figure FDA0003070860130000032
Figure FDA0003070860130000033
Figure FDA0003070860130000034
the existence conditions of the equilibrium points are analyzed as follows:
(1) when in use
Figure FDA0003070860130000035
Only two toxic equilibrium points exist;
Figure FDA0003070860130000036
or
Figure FDA0003070860130000037
And
Figure FDA0003070860130000038
or
Figure FDA0003070860130000039
(2) When in use
Figure FDA00030708601300000310
There are only three toxic equilibrium points
Figure FDA00030708601300000311
Figure FDA00030708601300000312
And
Figure FDA00030708601300000313
(3) when in use
Figure FDA00030708601300000314
There is only one toxic equilibrium point
Figure FDA00030708601300000315
Or
Figure FDA00030708601300000316
Obtaining existence and stability rules of balance points through relevant mathematical analysis and formula theorem;
step six, verifying the result of the step five through experimental data;
step seven, when the low security level needs to be upgraded according to the threshold value, the threshold value is set to be a proper value, and when the threshold value is close to E3 *In (1)3 *The best virus control effect is achieved;
and step eight, controlling the viruses under the security level of the multistage computer, and setting the value of the virus to the stable number of infected computers under the equilibrium state under the higher security level as much as possible when the threshold value for performing security upgrade on the computer needs to be set, so as to ensure that the virus control effect in the whole system reaches the best.
CN201711352141.XA 2017-12-15 2017-12-15 Computer virus propagation defense method under multi-level security protection level Active CN108121916B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201711352141.XA CN108121916B (en) 2017-12-15 2017-12-15 Computer virus propagation defense method under multi-level security protection level

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201711352141.XA CN108121916B (en) 2017-12-15 2017-12-15 Computer virus propagation defense method under multi-level security protection level

Publications (2)

Publication Number Publication Date
CN108121916A CN108121916A (en) 2018-06-05
CN108121916B true CN108121916B (en) 2021-07-20

Family

ID=62230062

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201711352141.XA Active CN108121916B (en) 2017-12-15 2017-12-15 Computer virus propagation defense method under multi-level security protection level

Country Status (1)

Country Link
CN (1) CN108121916B (en)

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114301700B (en) * 2021-12-31 2023-09-08 上海纽盾科技股份有限公司 Method, device, system and storage medium for adjusting network security defense scheme
CN114448704B (en) * 2022-01-28 2024-03-15 广州大鱼创福科技有限公司 Method for inhibiting cross-platform virus transmission

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106027513A (en) * 2016-05-15 2016-10-12 广东技术师范学院 Method for analyzing propagation characteristics of computer virus in SDN mobile environment
CN107395598A (en) * 2017-07-25 2017-11-24 重庆邮电大学 A kind of adaptive defense method for suppressing viral transmission

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20160182544A1 (en) * 2015-02-28 2016-06-23 Brighterion, Inc. Method of protecting a network computer system from the malicious acts of hackers and its own system administrators

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106027513A (en) * 2016-05-15 2016-10-12 广东技术师范学院 Method for analyzing propagation characteristics of computer virus in SDN mobile environment
CN107395598A (en) * 2017-07-25 2017-11-24 重庆邮电大学 A kind of adaptive defense method for suppressing viral transmission

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
具有分级感染率的4仓室计算机病毒传播模型;杨茂斌;《重庆大学学报》;20121231;第112-119页 *

Also Published As

Publication number Publication date
CN108121916A (en) 2018-06-05

Similar Documents

Publication Publication Date Title
EP3651043B1 (en) Url attack detection method and apparatus, and electronic device
US11188650B2 (en) Detection of malware using feature hashing
JP7405596B2 (en) System and method for object classification of computer systems
Liu et al. Modeling the spread of malware with the influence of heterogeneous immunization
Song et al. Influence of removable devices on computer worms: dynamic analysis and control strategies
Serrano et al. A novel agent-based rumor spreading model in twitter
Gan et al. Propagation of computer virus under human intervention: a dynamical model
Mishra et al. Differential Epidemic Model of Virus and Worms in Computer Network.
CN109698823B (en) Network threat discovery method
CN103746987B (en) Method and system for detecting DoS attack in semantic Web application
Raza et al. Numerical treatment for stochastic computer virus model
CN108121916B (en) Computer virus propagation defense method under multi-level security protection level
Misra et al. Capturing the interplay between malware and anti-malware in a computer network
CN110134876B (en) Network space population event sensing and detecting method based on crowd sensing sensor
US9501742B2 (en) System and method for assessing categorization rule selectivity
CN107395598B (en) Self-adaptive defense method for inhibiting virus propagation
Choi et al. Metamorphic malicious code behavior detection using probabilistic inference methods
CN106599691A (en) Computer virus spreading source tracing method based on complex network
Pan et al. Edge-based modeling of computer virus contagion on a tripartite graph
Muthumanickam et al. Optimization of rootkit revealing system resources–A game theoretic approach
Ren et al. Stability and bifurcation of a computer virus propagation model with delay and incomplete antivirus ability
Ren et al. Dynamics of a Delay‐Varying Computer Virus Propagation Model
Altaher et al. Application of adaptive neuro-fuzzy inference system for information secuirty
Mishra et al. Two quarantine models on the attack of malicious objects in computer network
Liu et al. A Markov detection tree-based centralized scheme to automatically identify malicious webpages on cloud platforms

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant