Mathematical model to study propagation of computer worm in a network

Large scale digitization of essential services like governance, banking, public utilities etc has made the internet an attractive target for worm programmers to launch large scale cyber attack with the intention of either stealing information or disruption of services. Large scale attacks continue to happen in spite of the best efforts to secure a network by adopting new protection mechanisms against them. Security comes at a significant operational cost and organizations need to adopt an effective and efficient strategy so that the operational costs do not become more than the combined loss in the event of a wide spread attack. The ability to access damage in the event of a cyber attack and choose an appropriate and cost effective strategy depends on the ability to successfully model the spread of a cyber attack and thus determine the number of machines that would get affected. The existing models fail to take into account the impact of security techniques deployed on worm propagation while accessing the impact of worm on the computer network. Further they consider the network links to be homogenous and lack the granularity to capture the heterogeneity in security risk across the various links in a computer network. In this paper we propose a stochastic model that takes into account the fact that different network paths have different risk levels and also capture the impact of security defenses based on memory randomization on the worm propagation.