DOI QR코드

DOI QR Code

Analysis on Operation of Anti-Virus Systems with Real-Time Scan and Batch Scan

실시간스캔과 배치스캔을 갖춘 안티바이러스시스템의 운영 분석

  • Received : 2013.10.02
  • Accepted : 2013.11.04
  • Published : 2013.11.30

Abstract

We consider an information system where viruses arrive according to a Poisson process with rate ${\lambda}$. The information system has two types of anti-virus operation policies including 'real-time scan' and 'batch scan.' In the real-time scan policy, a virus is assumed to be scanned immediately after its arrival. Consequently, the real-time scan policy assumes infinite number of anti-viruses. We assume that the time for scanning and curing a virus follows a general distribution. In the batch scan policy, a system manager operates an anti-virus every deterministic time interval and scan and cure all the viruses remaining in the system simultaneously. In this paper we suggest a probability model for the operation of anti-virus software. We derive a condition under which the operating policy is achieved. Some numerical examples with various cost structure are given to illustrate the results.

본 논문에서는 정보시스템에 바이러스가 ${\lambda}$의 비율을 갖는 포아송 프로세스를 따라 도착한다고 가정한다. 정보시스템에는 바이러스를 검출하고 치료하기 위해 실시간스캔과 배치스캔의 두가지 방식으로 안티바이러스시스템을 운용하고 있다. 실시간스캔 방식에서는 바이러스가 시스템에 도착하자마자 스캔하게 되어 무한 용량의 안티바이러스시스템을 보유한 것과 같은 효과가 있다. 스캔과 치료에 소요되는 시간은 일반분포를 따르는 것으로 가정한다. 배치스캔 방식에서는 시스템 관리자가 일정한 시간 간격마다 정기적으로 시스템을 스캔하여 시스템에 존재하는 바이러스들을 동시에 치료한다. 본 논문에서는 안티바이러스시스템의 동작을 확률적으로 모형화하고 경제적으로 최적운용정책이 달성되는 조건을 유도한다. 비용 요소를 고려하여 실제적인 운용 환경에서의 시사점을 제시할 수 있는 수치예제도 제시한다.

Keywords

References

  1. Computer Security Institute, Computer Crime and Security Survey, Jun. 2011.
  2. L. A. Gordon and M. P. Loeb, "The economics of information security investment," ACM Trans. Inform. Syst. Security, vol. 5, no. 4, pp. 438-457, Nov. 2002. https://doi.org/10.1145/581271.581274
  3. W. S. Yang, T. S. Kim, and H. M. Park, "Probabilistic modeling for evaluation of information security investment portfolios," J. Korean Operations Research Management Sci. Soc., vol. 34, no. 3, pp. 155-163, Sep. 2009.
  4. W. S. Yang, T. S. Kim, and H. M. Park, "Considering system throughput to evaluate information security investment portfolios," J. Korea Inst. Inform. Security Cryptology, vol. 20, no. 2, pp. 109-116, Apr. 2010.
  5. H. Cavusoglu, B. Mishra, and S. Raghunathan, "The value of intrusion detection systems in information technology security architecture," Inform. Syst. Research, vol. 16, no. 1, pp. 28-46, Mar. 2005. https://doi.org/10.1287/isre.1050.0041
  6. H. Cavusoglu, B. Mishra, and S. Raghunathan, "A model for evaluating IT security investments," Commun. ACM, vol. 47, no. 7, pp. 87-92, July 2004.
  7. L. D. Bodin, L. A. Gordon, and M. P. Loeb, "Evaluating information security investments using the analytic hierarchy process," Commun. ACM, vol. 48, no. 2, pp. 79-83, Feb. 2005.
  8. H. K. Kong, T. S. Kim, and J. Kim, "An analysis on effects of information security investments: a BSC perspective," J. Intell. Manufacturing, vol. 23, no. 4, pp. 941-953, Aug. 2012. https://doi.org/10.1007/s10845-010-0402-7
  9. Korea Communication Commission (KCC) and Korea Internet & Security Agency (KISA), Information Security Survey-Businesses, Mar. 2012.
  10. W. S. Yang, J. D. Kim, and K. C. Chae, "Analysis of M/G/1 stochastic clearing systems," Stochastic Anal. Applicat., vol. 20, no. 5, pp. 1083-1100, Oct. 2002. https://doi.org/10.1081/SAP-120014554
  11. G. Jain and K. Sigman, "A Pollaczek-Khintchine formula for M/G/1 queues with disasters," J. Applied Probability, vol. 33, no. 4, pp. 1191-1200, Dec. 1996. https://doi.org/10.2307/3214996
  12. I. Atencia and P. Moreno, "The discrete-time Geo/Geo/1 queue with negative customers and disasters," Comput. Operations Research, vol. 31, no. 9, pp. 1537-1548, Aug. 2004. https://doi.org/10.1016/S0305-0548(03)00107-2
  13. A. Gomez-Corral, "On a finite-buffer bulk-service queue with disasters," Math. Methods Operations Research, vol. 61, no. 1, pp. 57-84, Mar. 2005. https://doi.org/10.1007/s001860400387
  14. F. Jolai, S. M. Asadzadeh, and M. R. Taghizadeh, "Performance estimation of an Email contact center by a finite source discrete time Geo/Geo/1 queue with disasters," Comput. Ind. Eng., vol. 55, no. 3, pp. 543-556, Oct. 2008. https://doi.org/10.1016/j.cie.2008.01.009
  15. X. W. Yi, J. D. Kim, D. W. Choi, and K. C. Chae, "The Geo/G/1 queue with disasters and multiple working vacations," Stochastic Models, vol. 23, no. 4, pp. 21-31, Nov. 2007.
  16. H. M. Park, W. S. Yang, and K .C. Chae, "Analysis of the GI/Geo/1 queue with disasters," Stochastic Anal. Applicat., vol. 28, no. 1, pp. 44-53, Jan. 2010.
  17. D. H. Lee, W. S. Yang, and H. M. Park, "Geo/G/1 queues with disasters and general repair times," Applied Math. Modelling, vol. 35, no. 4, pp. 1561-1570, Apr. 2011. https://doi.org/10.1016/j.apm.2010.09.032
  18. A. Chen and E. Renshaw, "The M/M/1 queue with mass exodus and mass arrivals when empty," J. Applied Probability, vol. 34, no. 1, pp. 192-207, Mar. 1997. https://doi.org/10.2307/3215186
  19. D. Towsley and S. K. Tripathi, "A single server priority queue with server failures and queue flushing," Operations Research Lett., vol. 10, no. 6, pp. 353-362, Aug. 1991. https://doi.org/10.1016/0167-6377(91)90008-D
  20. E. G. Kyriakidis and A. Abakuks, "Optimal pest control through catastrophes," J. Applied Probability, vol. 27, no. 4, pp. 873-879, Dec. 1989.
  21. X. Chao, "A queueing network model with catastrophes and product form solution," Operations Research Lett., vol. 18, no. 2, pp. 75-79, Sep. 1995. https://doi.org/10.1016/0167-6377(95)00029-0
  22. J. R. Artalejo and A. Gomez-Corral, "Analysis of a stochastic clearing system with repeated attempts," Stochastic Models, vol. 14, no. 3, pp. 623-645, Jun. 1998. https://doi.org/10.1080/15326349808807492
  23. D. Gross and G. M. Harris, Fundamentals of Queueing Theory, John Wiley & Sons, 1974.