Title :
Patch Scheduling for Risk Exposure Mitigation under Service Disruption Constraints
Author :
Bommannavar, Praveen ; Bambos, Nicholas
Author_Institution :
Manage. Sci. & Eng., Stanford Univ., Stanford, CA, USA
Abstract :
We consider a discrete-time model for the spread of computer viruses in a network where the number of times the network can be fixed (i.e., the malware is reduced to a baseline level) is limited. The model consists of a set of viruses which may strike (attempt to infect) the system at each time with fixed probability. Once a virus strikes, it may go on to infect a node with some probability which varies according to the number of nodes that have already been infected. This results in the risk of having a virus in the system that could become active and paralyze some or all vital operations of the system. At each time step, if the remaining number of opportunities to fix the network is non-zero, a network administrator may choose to apply a control which brings the number of viruses back to a safer baseline level. This paper first analyzes the optimal policy using dynamic programming, but due to the curse of dimensionality, we also develop a near optimal heuristic based on policy iteration. We then consider extensions that include cost on control and a modulation parameter that affects transmission rates as well as costs, and present an analogous policy. These policies mathematically capture the tradeoff of mitigating risk in a network where we must not cause service disruptions too many times.
Keywords :
computer viruses; dynamic programming; probability; scheduling; baseline level; computer viruses; discrete time model; dynamic programming; fixed probability; malware; network administrator; patch scheduling; risk exposure mitigation; safer baseline level; service disruption constraints; Computational modeling; Cost function; Dynamic programming; Indexes; Malware; Modulation; Viruses (medical); Dynamic Programming; Patching; Policy Iteration; Risk Mitigation; Security;
Conference_Titel :
Emerging Security Information Systems and Technologies (SECURWARE), 2010 Fourth International Conference on
Conference_Location :
Venice
Print_ISBN :
978-1-4244-7517-9
Electronic_ISBN :
978-0-7695-4095-5
DOI :
10.1109/SECURWARE.2010.36