UDC 004.052.3
STOCHASTIC MODEL OF BLOCKING OF COMPUTER NETWORK WHEN GENERATING AND TRANSMITTING LARGE MALICIOUS TYPE DATA
S. A. Lesko, Ph.D. (Tech.), associate professor, «Systems management and modeling» department, RTU MIREA, Moscow, Russia;
orcid.org/0000-0002-6641-1609, e-mail: This email address is being protected from spambots. You need JavaScript enabled to view it.
D. O. Zhukov, Dr. Sc. (Tech.), full professor of «Information confrontation» department, RTU MIREA, Moscow, Russia;
orcid.org/0000-0002-1211-5214, e-mail: This email address is being protected from spambots. You need JavaScript enabled to view it.
A. S. Aleshkin, Ph.D. (Tech.), associate professor, «Information confrontation» department, RTU MIREA, Moscow, Russia;
orcid.org/0000-0003-2190-700X, e-mail: This email address is being protected from spambots. You need JavaScript enabled to view it.
This article deals with the problem of predicting networks failures during generation and transfer of large amounts of malicious data. The aim is to construct a stochastic model of blocking informationcomputing networks in the formation of big data of malicious types. Rapid development of Internet of Things (IoT) leads to the emergence of tens and hundreds of millions of new devices with their IP – addresses in a short time in the global network that, in case of infection, can form large scale malicious networks (botnets). A model created on the basis of probability diagram of transitions between possible states (share of infected devices) of computer network, describing the logic of processes taking place is described. Based on the approach used, a non-linear differential equation of the second order is developed, allowing us to formulate and solve boundary tasks to determine the dependence on time of probability density functions to observe a certain state of the system. The model created allows you to estimate the time to reach the state in a computer network with a limit on proportion of potentially infected devices or, for example, reaching a threshold of its percolation. A percolation threshold is a minimum proportion of blocked nodes, in which the entire network as a whole loses the properties of information transmission (there is no free path between any randomly selected nodes). Using a percolation theory approach it was possible to link structurally-informative characteristics of networks, such as dependence of their percolation threshold on the average number of links per node (network density) with dynamic characteristics of their blocking (time to reach a percolation threshold). Comparison of theoretical calculations based on the created model with actually observed dynamics of virus epidemics such as Code Red, Nimda, Sapphire/Slammer and Conficker showed that the created model describes recorded epidemics very well.
Key words: generation and transmission of big data of malicious type; network nodes blocking; transition diagram; stochastic dynamics of nodes blocking; percolation threshold of network; network density.