Understanding the propagation dynamics of multipartite computer virus
| Pages | 86-106 |
| Date | 28 January 2014 |
| Published date | 28 January 2014 |
| DOI | https://doi.org/10.1108/IMDS-04-2013-0197 |
| Author | Pei-Chen Sung,Cheng-Yuan Ku,Chien-Yuan Su |
| Subject Matter | Information & knowledge management,Information systems,Data management systems |
Understanding the propagation
dynamics of multipartite
computer virus
Pei-Chen Sung, Cheng-Yuan Ku and Chien-Yuan Su
Department of Information Management, National Chung Cheng University,
Min-Hsiung Township, Taiwan
Abstract
Purpose – Understanding the computer-virus propagation is quite essential for the construction and
development of anti-virus policy. While researches about the anti-virus policy have been extensively
investigated, the viewpoint from sociological perspective is relatively ignored. Therefore, this paper
aims to explore the dynamics of computer-virus propagation and evaluate the effectiveness of
anti-virus policies through the sociological perspective.
Design/methodology/approach – This research constructs a virus-propagation model based on
the susceptible-exposed-infective-recovered epidemic concept to simulate and explore the dynamic
behavior of multipartite computer viruses through the tool of system dynamics. The effectiveness of
various anti-virus policies is then evaluated via this model.
Findings – The frequency of media contact has a significant effect on the virus infection rate.
The effectiveness of user self-prevention relies on the usefulness of the virus signatures. The
reporting/alarm process can enhance the capability of anti-virus software company and the detected
intensity of new threat. The quarantine policy can effectively reduce the spread of computer virus.
Practical implications – Individuals should stren gthen the self-awareness of i nformation
security to reduce the negative impact. Managers should construct and implement the information
security norm to regulate the behavior of staff. Anti-virus software companies should strengthen the
capability of their automatic reporting/alarm mechanism to early detect the exceptional conditions and
control new threats in time.
Originality/value – Information security management research is still in the growth phase, but it is
critically important to establish the groundwork for understanding of computer viruses and the
effectiveness of anti-virus policy from assorted perspectives. The major contribution of research is to
explore the propagation of multipartite computer viruses and study how to prevent their destruction
from the sociological and technical perspectives.
Keywords System dynamics,Information security management,Anti-virus policy,
Multipartitecomputer-virus propagation, SEIRmodel
Paper type Research paper
Introduction
With the extensively increasing applications of information and communication
technology (ICT) in everyday life, they have provided us so many convenient and
innovative services. However, more and more computer viruses gradually result in
severe threats to the information security. Many computer viruses spread quickly and
infect IT devices through e-mail, instant messaging (IM), and online social networking
(OSN), etc. According to the survey of Computer Security Institute (CSI) from 1999 to
2010, the attack of computer viruses has become the top threat of information security
(CSI, 2010). This consequence also indicates that the attacks of computer viruses are
The current issue and full text archive of this journal is available at
www.emeraldinsight.com/0263-5577.htm
Received 21 April 2013
Revised 20 June 2013
Accepted 28 June 2013
Industrial Management & Data
Systems
Vol. 114 No. 1, 2014
pp. 86-106
qEmerald Group Publishing Limited
0263-5577
DOI 10.1108/IMDS-04-2013-0197
IMDS
114,1
86
continuously increasing year after year. In addition, the appearance of multipartite
viruses makes the prevention of infection even more difficult since they can spreads in
multiple ways. Therefore, in this paper, we plan to study the defense policy of
multipartite computer viruses and use computer viruses as abbreviation thereafter.
Most of the anti-virus researches in the area of information security focus on the
technical perspective, such as algorithms, methods, and protocols that support the
three basic functions of information security: confidentiality, integrity, and
availability. As well known, many empirical studies about information security
policy are limited by really low response rate because the questionnaires often touch
the sensitive issues of enterprises (Albrechtsen and Hovden, 2009; Vance et al., 2012).
Furthermore, in general, the information about cyber-attacks is not easy to collect due
to the consideration of reputation, privacy, ethic and law. These reasons cause a lack of
research from the managerial and sociological perspective (Kotulic and Clark, 2004;
Smith et al., 2010).
Kephart and White (1991) thought that mathematical models can aid in the
understanding of the anti-virus policy effect on computer-virus propagation. Murray
(1988) concluded the behavior of computer virus is analogous to that of an epidemic
and suggested that understanding the behavior of computer viruses through the
epidemic model is feasible and useful. Therefore, many modeling studies of
computer-virus propagation are based on the biological epidemic models (Kephart et al.,
1998; Wierman and Marchette, 2004; Piqueira and Araujo, 2009). Then some scholars
also further research the dynamic behaviors of computer virus of the above-mentioned
models (Han and Tan, 2010; Mishra and Pandey, 2011; Ren et al., 2012). Unfortunately,
to the best of our knowledge, the investigation on the dynamic of computer-virus
propagation from the sociological viewpoints is rare.
Owing to the above review results, this research plans to investigate the ISM issues
for computer virus via both of the sociological and technical perspectives. We construct
a virus propagation model based on susceptible-exposed-infectious-recovered
(SEIR) epidemic concept, add in the social behaviors and the managerial policies to
explore the impact on the computer-virus propagation, and discuss the effect of
anti-virus policies.
Literature review
Application of epidemiological model on the computer-virus propagation
Cohen (1987) deemed that computer virus is a self-replicating computer program that
can infect other computers and this behavior is similar to that of biological epidemics.
Some researchers considered it another good way to understand the behavior of
computer-viruses propagation by using epidemiological models (Kephart and Chess,
2003; Babaoglu et al., 2006). There are two most frequently-used models, namely the
susceptible-infective-susceptible (SIS) and susceptible-infective-removed (SIR) model,
which formulate the spread of viruses in computer networks (Kephart and White, 1991;
Kephart et al., 1998; Peltoma
¨ki et al., 2011; Piqueira and Araujo, 2009; Ren et al., 2012;
Shao et al., 2005; Wierman and Marchette, 2004).
Besides the susceptible individual (S) and the infected individual (I) discussed in the
SIS model, the SIR model employs the removed individual (R) to represent the
recovered, immune or dead ones, which are never infected again. Nevertheless, the SIR
Understanding
the propagation
dynamics
87
To continue reading
Request your trial