Detecting network attacks using behavioural models

In this paper we´re dealing with the problem of detecting malware using behaviour model. For better malware description we have divided this model into two parts - malware spreading model and malware statistical behavioural model. Spreading models are typical epidemiological models like SI model, advanced SIR and SEIR models and empiric file spreading model. In statistical behavioural model we´re describing characteristics of malware trojan communication and communication characteristics of a typical user, we´re describing basic detection for both models (behavioural statistic and spreading), we´re proposing some standard and specific countermeasures based on these models as same as possibility of detection of malware communication, attacks like DoS and Network scanning detection and detection of Malware propagation.