Network models of malwear proliferation processes

The paper deals with the analysis of possible ways of spreading malware on the basis of weighted graphs, where the graph describes the relationship between different programs, and the weight shows the probability of transition malware from one software system to another. The task is to identify the most likely routes of malicious programs distribution and to find the most likely ways of their penetration into a given software product. The method of dynamic programming is proposed to solve the problem. The procedure of solving the problem has been demonstrated on a particular example. The results of calculations helped to determine the most probable route of penetration and to estimate the probability of successful attack of malicious programs on the required software product. Graph theory methods also allowed to estimate a number of other numerical characteristics related to the process of the malicious programs distribution, which include the minimum number of clock cycles of the system (after the implementation of this characteristic it becomes possible for a malicious program to penetrate the specified software product); the number of clock cycles of the system (when probability of penetration of the malware into a specific file will be greater than the specified value). Besides, the method helps identify cyclical routes of malware distribution, which characterizes repeated attempts of malware to impact on the software product, find the most likely sources of distribution, detect the files, through which penetration into given software product is possible.