ویروس استاکس‌نت و طراحی یک مدل ریاضی برای آن
ترجمه نشده

ویروس استاکس‌نت و طراحی یک مدل ریاضی برای آن

عنوان فارسی مقاله: طراحی یک مدل ریاضی برای ویروس استاکس‌نت در یک زیرساخت کنترل بحرانی شبکه
عنوان انگلیسی مقاله: Design of a mathematical model for the Stuxnet virus in a network of critical control infrastructure
مجله/کنفرانس: کامپیوترها و امنیت - Computers & Security
رشته های تحصیلی مرتبط: کامپیوتر
گرایش های تحصیلی مرتبط: مهندسی نرم افزار، طراحی و تولید نرم افزار، برنامه نویسی کامپیوتر
کلمات کلیدی فارسی: مدل سازی ویروس، ویروس استاکس‌نت، سیستم های صنعتی، شبکه های رایانه ای، محاسبات عددی
کلمات کلیدی انگلیسی: Virus modeling، Stuxnet virus، Industrial systems، Computer networks، Numerical computing
نوع نگارش مقاله: مقاله پژوهشی (Research Article)
نمایه: Scopus - Master Journals List - JCR
شناسه دیجیتال (DOI): https://doi.org/10.1016/j.cose.2019.07.002
دانشگاه: Department of Electrical Engineering, Capital University of Science and Technology, Islamabad, Pakistan
صفحات مقاله انگلیسی: 15
ناشر: الزویر - Elsevier
نوع ارائه مقاله: ژورنال
نوع مقاله: ISI
سال انتشار مقاله: 2019
ایمپکت فاکتور: 4/337 در سال 2018
شاخص H_index: 77 در سال 2019
شاخص SJR: 0/667 در سال 2018
شناسه ISSN: 0167-4048
شاخص Quartile (چارک): Q1 در سال 2018
فرمت مقاله انگلیسی: PDF
وضعیت ترجمه: ترجمه نشده است
قیمت مقاله انگلیسی: رایگان
آیا این مقاله بیس است: بله
آیا این مقاله مدل مفهومی دارد: دارد
آیا این مقاله پرسشنامه دارد: ندارد
آیا این مقاله متغیر دارد: دارد
کد محصول: E13240
رفرنس: دارای رفرنس در داخل متن و انتهای مقاله
فهرست مطالب (انگلیسی)

Abstract

1- Introduction

2- The epidemic model for Stuxnet virus

3- Model analysis

4- Simulation and results

5- Conclusion

References

بخشی از مقاله (انگلیسی)

Abstract

The purpose of this study is to develop an epidemic virus model that portrays the spread of the Stuxnet virus in a critical control infrastructure after bridging the air-gap between a normal local area network and the critical network. Removable storage media plays an important role in the transfer of data and virus to the computers connected to the critical network (consisting of industrial controllers) and this can compromise the whole system. A mathematical model is formulated that incorporates these features and depicts the controlling mechanism. Disease free and endemic equilibria are analyzed in terms of the basic reproduction number R0. Global stability of disease free and endemic equilibrium points are analyzed using Lyapunov functions. Numerical simulations are performed to determine the accuracy of the proposed model for the smart Stuxnet virus which is designed to target critical industrial systems. Model shows very good resemblance with the observed real life data available for this virus. Future work may invoke interesting results and control strategies.

Introduction

In the last few years cyber threats, in the form of virus, malware and trojan, stealing information or hacking accounts are more often happened in a sophisticated and technical ways. Nations and individuals are accumulating cyber resources, developing novel methods to exploit the selected target in an optimal manners (Axelrod and Iliev, 2014; Tounsi and Rais, 2018; Van der Walt et al., 2018). The world economy and security depends upon the secure connectivity of the Internet and Intranet due to automation of the industrial and economic processes. International conflicts poses serious threats to the opponents system security, financial market, critical information and assets of critical natures (Ashibani and Mahmoud, 2017; Hassan et al., 2018; Ullah et al., 2018). In present days network become the target of well-crafted cyber-attacks, especially the incident relating to breaking of internal systems security and espionage of critical information. The airgap between these systems are mostly filled by exploiting the internal weaknesses of the arrangement and zero-day exploits in the software / hardware (Ablon and Bogart, 2017; Kim and Lee, 2018). Zero-day vulnerabilities are the holes of any software / hardware that could be exploited in the real world before disclosure and availability of any patch (Haldar and Mishra, 2017). Due to the natural desire of automating every appliance, enormously increase the use of software which increases the dependability on codes. Poor programming approach and weak software testing methodologies are unable to detect the vulnerability in the codes, that may lead to compromise the whole system and an easy prey for hackers (Ablon et al., 2014). Price estimate of valuable zero-day exploit can go over $100,000 (Finifter et al., 2013). The discovery of a new vulnerabilities in known software are very common. It was found that in a three-year period, 2009–2012, more than 400 problems were found in Firefox browser and approximately over 800 were found in Chrome browser (Kesler, 2011). The rapid growing market of zero-day exploits, demands careful system design and understanding of malicious code spread mechanism.