Abstract:
The paper deals with the analysis of possible ways of spreading malware on the basis
of weighted graphs, where the graph describes the relationship between different programs, and the
weight shows the probability of transition malware from one software system to another. The task
is to identify the most likely routes of malicious programs distribution and to find the most likely
ways of their penetration into a given software product. The method of dynamic programming is
proposed to solve the problem. The procedure of solving the problem has been demonstrated on
a particular example. The results of calculations helped to determine the most probable route
of penetration and to estimate the probability of successful attack of malicious programs on the
required software product. Graph theory methods also allowed to estimate a number of other
numerical characteristics related to the process of the malicious programs distribution, which include
the minimum number of clock cycles of the system (after the implementation of this characteristic
it becomes possible for a malicious program to penetrate the specified software product);
the number of clock cycles of the system (when probability of penetration of the malware into
a specific file will be greater than the specified value). Besides, the method helps identify cyclical
routes of malware distribution, which characterizes repeated attempts of malware to impact on the
software product, find the most likely sources of distribution, detect the files, through which penetration
into given software product is possible.
Fulltext:
PDF file (306 kB)