=Paper=
{{Paper
|id=Vol-3309/paper12
|storemode=property
|title=Mathematical Models and Software for Modelling the Spread of Malware in Energy Facilities
|pdfUrl=https://ceur-ws.org/Vol-3309/paper12.pdf
|volume=Vol-3309
|authors=Leonid Galchynsky,Vladyslav Khaidurov,Tamara Tsiupii,Tetiana Zhovnovach
|dblpUrl=https://dblp.org/rec/conf/ittap/GalchynskyKTZ22
}}
==Mathematical Models and Software for Modelling the Spread of Malware in Energy Facilities==
https://ceur-ws.org/Vol-3309/paper12.pdf
Mathematical Models and Software for Modelling the Spread of
Malware in Energy Facilities
Leonid Galchynskya, Vladyslav Khaidurovb, Tamara Tsiupiic and Tetiana Zhovnovachd
a
National Technical University of Ukraine "Igor Sikorsky Kyiv Polytechnic Institute", 37, Prosp. Peremohy st.,
Kyiv, 03056, Ukraine
b
Institute of General Energy of NAS of Ukraine, 172, Antonovycha st., Kyiv, 03150, Ukraine
c
National University of Life and Environmental Sciences of Ukraine, 15, Heroyiv Oborony st., Kyiv, 03041,
Ukraine
d
Cherkasy Branch of the European University, Smilyanska st., 83, Cherkasy, 18000, Ukraine
Abstract
The result of the work is an optimization mathematical model and a corresponding description
of the implementation of a complex software tool for modeling the spread of malicious
software (malware) in modern energy facilities and systems. The developed optimization
mathematical model is based on the use of methods of optimization of functions and
functionals with constraints in the form of systems of ordinary differential equations (SODEs)
with given corresponding initial conditions. To develop process simulation software modules
based on the PSIDR mathematical model, stochastic population methods, models and
algorithms were used to determine the control parameter at each time step. The use of such
optimization methods and algorithms makes it possible to solve more complex tasks that
require a procedure for predicting the spread of processes of various origins in general. The
developed mathematical model consists in the minimization of costs for the purchase of
antiviruses for the protection of relevant systems in energy facilities and systems.
Keywords 1
Malware, prediction, optimization, stochastic model, deterministic model, cellular automaton,
energy objects.
1. Introduction
In today's conditions, it is impossible to imagine real life without the use of modern computer
technology, smartphones, gadgets and other devices. Every person who lives in today's conditions uses
the global Internet. The use of personal computers and mobile devices in combination with the Internet
has become an integral part of everyday life. The constant use of the Internet has caused many serious
threats to the privacy and security of personal data of one or more users. Every year there is a significant
increase in cyber-attacks with an increase in their complexity. Such attacks affect electronic resources,
governments, businesses, and individual or legal entities, and cause serious financial and social damage
to them. No person is guaranteed 100% protection against damage to their own device by malicious
software (malware). For commercial firms and/or banking systems, it is necessary to understand the
level of losses over time, which are obtained as a result of the operation of malware in a specific area.
In this regard, the issue of predicting the spread of malware in networks and the question of how to
respond in the event of malware entering a serious company or firm is quite acute.
Assessing the level of damage requires taking into account many factors, but first of all, it concerns
the issue of assessing the dynamics of the spread of the epidemic in computer networks. This issue is
quite general, since epidemics in human communities have existed for a long time as a threat factor for
ITTAP’2022: 2nd International Workshop on Information Technologies: Theoretical and Applied Problems, November 22–24, 2022,
Ternopil, Ukraine
EMAIL: hleonid@gmail.com (A. 1); allif0111@gmail.com (A. 2); ts.tamara19@gmail.com (A. 3); z.ta@ukr.net (A. 4)
ORCID: 0000-0002-3805-1474 (A. 1); 0000-0002-4805-8880 (A. 2); 0000-0003-2206-2897 (A. 3); 0000-0003-1037-4383 (A. 4)
©️ 2021 Copyright for this paper by its authors.
Use permitted under Creative Commons License Attribution 4.0 International (CC BY 4.0).
CEUR Workshop Proceedings (CEUR-WS.org)
�people and bring huge losses. Therefore, epidemiology has accumulated a significant baggage of
models of the dynamics of epidemics and estimates of damages from them. There is a lot of literature
on this subject, in particular [1–3]. And therefore, it is worth taking into account this accumulated
experience. At the same time, it is necessary to take into account that epidemics in computer networks
must differ from epidemics in human communities and the economy [3-5]. The application of
epidemiology models for computer networks should be critically reconsidered, in addition, new
approaches should be proposed [6; 7].
2. The main part of the article
The problem of forecasting and the problem of optimization are quite often related to each other. To
carry out effective forecasting in any field, it is necessary to minimize errors on those data, which are
presented in the form of statistics for carrying out the training procedure with or without a teacher [8].
Below, in this section, an analysis of some existing models for predicting the spread of malware is
carried out and a description of various methods and algorithms, mathematical foundations, which are
applied to statistical data processing, as well as based on gradient methods for finding extrema of
multidimensional functions [9] is performed. Effective forecasting, in particular, forecasting the spread
of malware in real objects and systems, requires the use of up-to-date machine learning methods,
including optimization methods.
2.1. Mathematical models and software complex for modeling the spread of
malicious software
Several approaches are used to develop a complex software application for modeling the spread of
malicious software. The first approach is to use a modification of classical deterministic models (DMs)
to investigate the state of propagation of malware epidemics. The second approach is more universal -
modeling the spread of malicious software based on stochastic models (SM), for example, using random
processes, Markov chains, cellular automata, neural networks, etc. [5; 6]. Models based on classical
systems of ordinary differential equations (SODE) and Cauchy problems for them are described below,
as well as general principles of modeling these problems using classical cellular automata using
different neighborhoods – Neumann neighborhood and Moore neighborhood.
2.1.1. Deterministic mathematical models of the problem of spreading
malicious software
SIR malware propagation model. As a basic mathematical model, we will take the classic SIR
model [8]. This model can describe the spread of many different processes, and these processes can be
both physical and technical, and biological or economic.
Let us have some network that connects several computers. It can be a local network, or a network
that has access to global Internet resources. It is clear that the introduction of a malware onto one
personal computer can lead to the spread of this software throughout the network. Of course, the speed
of software distribution through this network is governed by various factors [6; 7]. Such factors include,
for example:
– activity of users in this network in general;
– the target orientation of the software and the speed of its distribution, which is controlled by the
software code from which it is composed;
– a combination of factors;
– other factors.
We will assume that the target nodes of the network can be in one of three given states:
– non-infected nodes of the network, which can be exposed to the entry of malware into them.
Let's denote them as S – susceptible;
� – infected nodes of the network, i.e., those that have already been infected with a malware
infection. Regarding the operation of such nodes, it is necessary to take immediate measures to
preserve (including integrity, if possible) data on such nodes. Let's denote them as I –infective;
– network nodes that are not conducive to infection, i.e., those on which appropriate protection
measures are installed (for example, network screens, anti-virus systems, etc.), and in such nodes,
the corresponding of malware has been removed. We will call such nodes as R – removed.
The process of the spread of malware depends on only a few parameters:
– the total number of system nodes, which is divided into the number of uninfected nodes, the
number of infected nodes and the number of restored (unfavorable) nodes in a specific network;
– the speed of propagation of malware;
– the speed of treatment of network nodes in the event of a specific of malware falling into it (the
speed of response and adoption of appropriate protective measures regarding the treatment of
network nodes).
It is assumed that the number of network nodes is constant during the entire period of research of
this network. This means that nodes are not added to or removed from the network. Let's describe this
model mathematically:
Let N – the total number of computers (nodes) in the network:
𝑆(𝑡) + 𝐼(𝑡) + 𝑅(𝑡) = 𝑁.
Changes in the state of the network can be described in the form of SODE, which has the following
form:
𝑑𝑆(𝑡) −𝛽𝐼(𝑡)
=− 𝑆(𝑡),
𝑑𝑡 𝑁
𝑑𝐼(𝑡) 𝛽𝐼(𝑡)
= 𝑆(𝑡) − 𝜎𝐼(𝑡),
𝑑𝑡 𝑁 (1)
𝑑𝑅(𝑡)
= 𝜎𝐼(𝑡),
𝑑𝑡
𝑑𝑆(𝑡) 𝑑𝐼(𝑡) 𝑑𝑅(𝑡)
{ 𝑑𝑡 + 𝑑𝑡 + 𝑑𝑡 = 0.
In systems of differential equations (1) 𝛽 – the speed of infection of system nodes, а 𝜎 – the speed
of treatment of a system node (the speed of taking measures to ensure the protection of an already
infected system node).
It is clear that the reproduction of the dynamics of the mathematical model (1) requires setting the
initial conditions of the species system:
𝑆(0) = 𝑆0 , 𝐼(0) = 𝐼0 , 𝑅(0) = 𝑅0 . (2)
Now the mathematical model (1) together with the initial conditions (2) to it sets Cauchy problems,
which can be solved by the usual approximate methods, for example, Euler methods or Runge-Kutta
methods.
Malware distribution model SAIR. Unlike the SIR model, in this model all computer network nodes
will be divided into 4 fixed categories:
– the number of uninfected nodes (personal computers) of the network that may be infected is
denoted as S;
– the number of network nodes (personal computers) that have an installed protection system, for
example, an anti-virus system, denoted as A;
– the number of infected network nodes (personal computers) is denoted as I;
– the number of nodes (personal computers) of the network, which have been cured, denoted as R;
The spread of the process of infection of computer network elements can be presented in the form
of SODE as follows:
� 𝑑𝑆(𝑡) −𝛽𝐼(𝑡)
=− 𝑆(𝑡),
𝑑𝑡 𝑁
𝑑𝐼(𝑡) 𝛽𝐼(𝑡)
= 𝑆(𝑡) − 𝜎𝐼(𝑡),
𝑑𝑡 𝑁 (3)
𝑑𝑅(𝑡)
= 𝜎𝐼(𝑡),
𝑑𝑡
𝑑𝑆(𝑡) 𝑑𝐼(𝑡) 𝑑𝑅(𝑡)
{ 𝑑𝑡 + 𝑑𝑡 + 𝑑𝑡 = 0.
In model (3), the initial conditions of type (2) should also be taken into account, but for nodes of all
4 states in order to start the process of predicting the spread of malware in the corresponding network
system.
It should also be noted that in model (3): N – the total number of new nodes added to this network;
μ – the frequency of removal of system nodes that cannot be restored for reasons not related to the
results of malware; 𝛽𝑆𝐼 – frequency of infection of favorable nodes of the network; 𝛽𝐴𝐼 – the frequency
of infection of system nodes on which protection systems such as antivirus systems or network screens
are installed; δ – the frequency with which the nodes exposed to malware fail; 𝜎𝐼𝑆 – frequency of
treatment of network objects (nodes) that were infected; 𝜎𝑅𝑆 – the frequency of treatment of infected
nodes of the system (network) with the participation of the operator; α – the intensity of the appeal of
favorable ones to those who establish a protection system. If we take into account the fact that new
nodes are not added to this network, and already existing nodes of the network fail only due to the
influence of malware, i.e. 𝑁 = 𝜇 = 0, then the mathematical model of the propagation of malware takes
the following form:
𝑑𝑆
= −𝛼𝑆𝐴 − 𝛽𝑆𝐼 𝑆𝐼 + 𝜎𝐼𝑆 𝐼 + 𝜎𝑅𝑆 𝑅,
𝑑𝑡
𝑑𝐼
= 𝛽𝑆𝐼 𝑆𝐼 + 𝛽𝐴𝐼 𝐴𝐼 − 𝜎𝐼𝑆 𝐼 − 𝛿𝐼,
𝑑𝑡 (4)
𝑑𝑅
= 𝛿𝐼 − 𝜎𝑅𝑆 𝑅,
𝑑𝑡
𝑑𝐴
{ = 𝛼𝑆𝐴 − 𝛽𝐴𝐼 𝐴𝐼.
𝑑𝑡
For the system of the form (4), the initial conditions of the form (2) are also set, but for all 4 states
of the nodes in the computer network.
Malware distribution model PSIDR. Any mathematical model that describes some process, system
or set of systems must take into account many factors.
The mathematical model involves two main stages. The first stage consists in the fact that malware
propagates quite quickly and freely, that is, the nodes of the computer network have only two states –
S and I.
The second stage provides for the procedure of responding to the existing malware in the computer
network. During a certain period of time, the malware is identified in the network. Next, the procedure
for treating nodes (personal computers) of the network is performed. That is, xi computers that were
not infected are automatically "vaccinated", that is, an increased protection system is imposed on them.
Nodes of the system, which have already been infected, form the so-called "immunity" and are cured
from malware entered into them. As before, there are two parameters in the mathematical model, which
characterize the speed of propagation of malware – the parameter μ and the treatment rate of the network
nodes is the speed parameter δ.
In the mathematical model PSIDR again: I – the total number of infected elements (nodes) of the
computer network. These elements of the network are the spreaders of malware. S – the total number
of uninfected nodes of the computer network. These network nodes can be exposed to infection during
the entire time of existence in this network. R – the total number of cured computer network elements.
These nodes have a so-called "immunity" to infection. The last type of nodes in the system is this D –
the total number of infected objects found in the computer network system.
� The description given above makes it possible to write down a suitable mathematical model for
predicting the spread of malware in this network. The mathematical model looks like this:
𝑑𝑆(𝑡)
= −𝛽𝑆(𝑡)𝐼(𝑡) − µ𝑆(𝑡),
𝑑𝑡
𝑑𝐼(𝑡)
= 𝛽𝑆(𝑡)𝐼(𝑡) − µ𝐼(𝑡),
𝑑𝑡
𝑑𝑅(𝑡)
= 𝜎𝐷(𝑡) + µ𝑆(𝑡), (5)
𝑑𝑡
𝑑𝐷(𝑡)
= µ𝐼(𝑡) − 𝜎𝐷(𝑡),
𝑑𝑡
𝑑𝑆(𝑡) 𝑑𝐼(𝑡) 𝑑𝑅(𝑡) 𝑑𝐷(𝑡)
{ 𝑑𝑡 + 𝑑𝑡 + 𝑑𝑡 + 𝑑𝑡 = 0.
There are three parameters in the mathematical model (5). All these three parameters characterize
speeds, in particular: β – the speed of infection of network nodes; 𝜎 – the speed of treatment of network
nodes; µ – the speed of identification of network nodes with malware. The peculiarity of this model is
that the antivirus protection must be updated as early as possible, since the delay in updating the
antivirus protection in each network node leads to a greater spread of WPS in this network.
For the mathematical model (5), initial conditions of the form are given:
𝐼(0) = 𝐼0 ; 𝑆(0) = 𝑆0 ; 𝐷(0) = 𝑅(0) = 0. (6)
In this case, we obtain a Cauchy problem of the form (5)–(6), which can also be solved by any
explicit approximate method, for example, the Euler method or the Runge-Kutta method.
To find an approximate solution of the Cauchy problem (5)–(6), the classical Euler method will be
used. In the third section, the stages of designing modules that reproduce the work of a mathematical
model based on the SODE of the form (5)–(6) will be given as a basis.
2.1.2. A stochastic model of the spread of malicious software
Cellular automata. Models of any complex real systems and their complexes, as well as simulation
models are of high value due to the tasks of forecasting physical and technical, economic, ecological,
social and other processes. Forecasting the spread of malware is quite similar to forecasting the spread
of epidemiological processes. Epidemiological events caused by viruses, pollution from stationary
sources of pollutants or new varieties of bioterrorism can cause significant costs to people and their
resources. For this reason, it is important to study and model the spread of pathogens in the population.
A cellular automaton (CA) is an abstract object that consists of a set of cells, each of which has a
certain finite state. The state can change over time, based on specific conditions that describe one or
another process of spreading the phenomenon.
A cell is a separate element of cellular space, or the so-called "smallest unit of space".
Cellular space is a lattice space that consists of cells, and each cell is in one of several predefined
states.
A CA state rule is a rule that governs the transition between cells and their states. The determination
of the most appropriate transition rules for the phenomenon or process under study is of particular
importance.
The definition of a cell state machine is called "local" because it uses only the neighborhood as input.
Neighboring refers to the cells surrounding a particular cell, and they have the ability to influence the
next state of that cell. The choice of neighborhood affects the behavior of the cell space. The choice of
the appropriate neighborhood depends on the relationship between the elements.
The most important types of neighborhoods are von Neumann neighborhoods and Moore
neighborhoods (Figure 1).
�Figure 1: Around a cell in the two-dimensional space of the CA: on the left – the von Neumann
neighborhood; on the right - around Moore
In practice, a larger number of neighborhoods and grids are actually used, but Figure 1 shows the
ones that will be used in the development of the software for modeling the propagation of malware in
a network.
Monte Carlo method. Probabilistic modeling methods are actively used to study the impact of
random variability of various quantities on the properties of machines, on chemical or biological
processes, on the bearing capacity or reliability of a structure, and in many other cases. A very powerful
tool for the study of random processes is the Monte Carlo method.
The Monte Carlo method is a simple computer method that consists of conducting numerous mock
experiments with random numbers. Its use is universal and does not require special knowledge of
probability theory. The only information required is the ratio between the output and input values, in
particular, in this form:
𝑦 = 𝑓(𝑥1 , 𝑥2 ,⋅⋅⋅, 𝑥𝑛 ). (7)
The method repeats trials with computer-generated random numbers processed by appropriate
mathematical operations. In each "trial" the input variable x1, x2, …, xn are assigned random values, but
such that their distributions correspond to the probability distribution of each variable. With these
values, the output value y is calculated according to the equation (7).
The generated values can be used to determine the average value or the probability that y will be
lower or higher than the selected value y*, or to define values that will be exceeded (or not reached)
with a certain probability (eg time to failure).
The effectiveness of this approach is based on pseudorandom numbers, which are implemented in
computing complexes.
Generating random numbers with given distributions. Modern application software often suggests
using distributions such as uniform or normal. Random numbers corresponding to other analytically
determined distributions can be generated using a uniform distribution.
2.2. A mathematical model of minimizing damages from the spread of
malicious software
To build an optimal control model, consider the PSIDR DM, which was described in the first section
of this work. In the model of optimal control, we will assume that the parameter μ is a control parameter
and it is limited. We will have an optimization problem, which is described in the mathematical
formulation below.
Let there be a functional of the form given below:
𝑇
𝐽(𝜇(𝑡)) = ∫ (𝐴 ⋅ 𝐼(𝜇(𝑡)) + 𝐵 ⋅ 𝐷(𝜇(𝑡))) 𝑑𝑡 → min,
0
where
A – the fee for personal computers/laptops that were damaged by malware;
� B – the fee for updating the anti-virus system for the personal computers and / or laptops under
investigation;
T – the final time, during which the study of the behavior of malware in personal computers / laptops
was carried out.
From a practical point of view, it is obvious that the possibilities of installing a new antivirus are
limited, i.e. 0 ≤ 𝜇(𝑡) ≤ 𝑀.
Then the control problem is described by the following mathematical model. Find the global
minimum of the functional:
𝑇
𝐽(𝜇(𝑡)) = ∫ (𝐴 ⋅ 𝐼(𝜇(𝑡)) + 𝐵 ⋅ 𝐷(𝜇(𝑡))) 𝑑𝑡 → min, (8)
0
taking into account the limitation that is described in the form of the PSIDR model itself, that is, in the
form of the Cauchy problem for SODE:
𝑑𝑆(𝑡)
= −𝛽𝑆(𝑡)𝐼(𝑡) − µ(𝑡)𝑆(𝑡),
𝑑𝑡
𝑑𝐼(𝑡)
= 𝛽𝑆(𝑡)𝐼(𝑡) − µ(𝑡)𝐼(𝑡),
𝑑𝑡 (9)
𝑑𝑅(𝑡)
= 𝜎(𝑡)𝐷(𝑡) + µ(𝑡)𝑆(𝑡),
𝑑𝑡
𝑑𝐷(𝑡)
{ 𝑑𝑡 = µ(𝑡)𝐼(𝑡) − 𝜎(𝑡)𝐷(𝑡).
The initial conditions of the problem look like this:
𝐼(0) = 𝐼0 , 𝑆(0) = 𝑆0 , 𝐷(0) = 𝑅(0) = 0. (10)
The restriction on the desired control parameter looks like this:
0 ≤ 𝜇(𝑡) ≤ 𝑀. (11)
The problem described in the form of mathematical model (8)–(10) can be solved by many methods
and algorithms. In most cases, such problems do not have analytical solutions, and if they do, such
solutions are not of interest, since real applied problems today can only be solved numerically. The
Pontryagin maximum principle can be attributed to the analytical methods of finding the control
parameter. The software implementation of the constraint (Cauchy problem) will be based on the use
of Euler's classical method for Cauchy problems for ODE and SODE.
To increase the accuracy of solving the direct problem based on the mathematical model (9)–(10)
with the known control parameter (11), it is possible to use methods of the Runge-Kutta type 2, 3, 4
and higher orders as desired. Minimization of the functional of the form (8) will be carried out using
deterministic methods and population (multi-agent) stochastic methods and algorithms.
2.3. The structure of the developed software and the results of modeling the
spread of malicious software
The developed software complex consists of several modules, each of which has a corresponding
graphical user interface. The general structure of the software complex is presented in Figure 2 below.
� The window of the module for modelling the
spread of malware based on the deterministic
approach and the PSIDR model
The window of
the module for
simulation of the
spread of Information
malware based on Complex software for about
the stochastic modelling the spread developers
approach (CA) of malware
and the PSIDR
model
Вікно модуля для реалізації
моделі керування поширенням
ШПЗ на базі детермінованого
підходу й оптимізаційної моделі
PSIDR
Figure 2: Structure of the software complex for modeling the spread of malicious software
The structure of the developed software complex can be modified by additional modules, since each
model works independently of other modules of the software complex.
Figure 3 shows the interface of one of the modules of the complex software application – the
implementation of the control model, which involves minimizing the total costs of purchasing and
updating antivirus software systems, which is present in modern energy facilities and systems.
Figure 3: Software interface of the control model module based on the PSIDR model
Figure 4 shows the SM software interface for modeling the spread of malicious software.
� The program interface and its logical part are implemented according to the principle of a modular
structure in the MATLAB system of applied mathematics.
Figure 4: Program interface of the module of the stochastic model of forecasting the spread of
malware
The developed software complex can be modified by finalizing the corresponding models of the
spread of malicious software for special cases of malware that may occur when working with
information systems.
3. Analysis of Practical Results
In the course of simulations using different models, it was determined that SMs are more adapted to
modeling the processes of the spread of malware. The effectiveness of SM based on the CA is
manifested in the fact that it is possible to simultaneously obtain statistics, which are present when using
DM based on differential equations and their systems, and a picture of the spread of the process itself
with a time scale. Also, the advantage of the SM based on the CA is the integer number of statistics,
which is absent in the simulation of the propagation of malware using the DM based on differential
equations and their systems. The disadvantage of SM is the relatively long working time compared to
the time allocated for working out DM.
It should also be noted that any implemented models can be modified quite quickly in order to take
into account all the factors that affect the processes of the spread of malware in general.
4. General Conclusions
The current rate of development of computer systems requires the maximum possible protection
against malware. The entry of malware even into a local information system can lead to serious
consequences, which can include the loss of system user data, data extraction from the system, data
substitution in this system, even financial losses of a specific company to which the relevant system
belongs.
In order to maximally reduce the risks of the formation of various unpleasant and / or catastrophic
consequences from the impact of malware on one or another system, various types of modeling are
carried out, for example, simulation, which will make it possible to assess the degree of risk and
�financial losses that may occur in the company. A comparative analysis of modern methods, tools, and
software for modeling the spread of malicious software was conducted. The MALTAB system of
applied mathematics was chosen as the development environment for the corresponding software. The
system is flexible for software development, the program code is short, logically designed, and the
interface is developed quite quickly with the help of a suitable designer. The developed software
complex for simulation of the spread of malware consists of 3 main software modules: the module for
forecasting the spread of malware based on the PSIDR DM, which is presented in the form of a Cauchy
problem for SODE; the module for forecasting the spread of malware on the basis of PSIDR SM, which
is programmed on the basis of CA using Neumann and Moore circles; a control model implementation
module for the PSIDR DM, which in turn uses population (multi-agent) stochastic methods and
algorithms to minimize costs at each time step. All three software modules of the complex have been
tested and verified on different input data (initial conditions for simulating the spread of malware in the
system). A graphical user interface has been developed for each software module with the possibility
of simulating processes for various initial conditions. It should be noted that DMs are less flexible when
modeling similar tasks. Their disadvantage is manifested in the fact that the number of studied objects
is not always a natural number, and in this case rounding is used according to classical mathematical
rules. Also, the DM modification process is complicated compared to the SM modification process.
SMs have another significant advantage, which is the transparency of the process. This gives a clearer
picture of the process itself and makes modeling much more flexible not only for this kind of tasks.
5. References
[1] Alexeev, A., Henshel, D.S., Cains, M., Sun, Q.: On the malware propagation in heterogeneous
networks. In: 2016 IEEE 12th International Conference on Wireless and Mobile Computing,
Networking and Communications (WiMob), pp. 1–5. IEEE (2016)
[2] Brauer, F., Castillo-Chavez, C. (2012). Epidemic Models. In: Mathematical Models in Population
Biology and Epidemiology. Texts in Applied Mathematics, vol 40. Springer, New York, NY.
https://doi.org/10.1007/978-1-4614-1686-9_9.
[3] Hernández Guillén, J.D., Martín del Rey, Á., Hernández Encinas, L. (2018). New Approaches of
Epidemic Models to Simulate Malware Propagation. In: Pérez García, H., Alfonso-Cendón, J.,
Sánchez González, L., Quintián, H., Corchado, E. (eds) International Joint Conference SOCO’17-
CISIS’17-ICEUTE’17 León, Spain, September 6–8, 2017, Proceeding. SOCO ICEUTE CISIS
2017 2017 2017. Advances in Intelligent Systems and Computing, vol 649. Springer, Cham.
https://doi.org/10.1007/978-3-319-67180-2_61.
[4] Kuniya, T. Structure of epidemic models: toward further applications in economics. JER 72, 581–
607 (2021). https://doi.org/10.1007/s42973-021-00094-8
[5] Karyotis, V., Khouzani, M.: Malware Diffusion Models for Modern Complex Networks: Theory
and Applications. Morgan Kaufmann, Amsterdam (2016)
[6] Liu, W., Liu, C., Liu, X., Cui, S., Huang, X.: Modeling the spread of malware with the influence
of heterogeneous immunization. Appl. Math. Model. 40(4), 3141–3152 (2016)
[7] Galchynsky L, Pushko А. Modeling the cost estimation of preventive strategies to combat the
spread of infectious diseases. A Young Scientist, 2018, vol 4(1). Pp. 120–124.
[8] Khaidurov V., Tsiupii T., Zhovnovach T. Modelling of Ultrasonic Testing and Diagnostics of
Materials by Application of Inverse Problems. ITTAP’2021: 1nd International Workshop on
Information Technologies: Theoretical and Applied Problems. ITTAP’2021: November 16–18,
2021. Pp. 1–5. CEUR Workshop, 2021, 3039. http://ceur-ws.org/Vol-3039/short25.pdf. ISSN:
1613-0073.
[9] Khaidurov V., Zaporozhets A., Tsiupii T. Creation of High-Speed Methods for Solving
Mathematical Models of Inverse Problems of Heat Power Engineering. Springer, Systems
Decision and Control in Energy III, vol. 399, 41–74 (2022). https://doi.org/10.1007/978-3-030-
87675-3. ISSN: 2198-4182. ISSN: 2198-4182.
�