Investigation of a Markov Model for Computer System Security Threats

This work investigates a model of computer system security threats formulated in the language of Markov processes. In this model the operation of a computer system is considered as a sequence of failures and recoveries, which result from information security threats affecting the system. The model is described in detail: explicit analytical formulas for probabilities of computer system states at any time are derived, some extreme cases discussed, and the system’s long-run dynamics is analyzed. The dependence of a secure state probability (i.e. a state with no threats) on the probabilities of threats is investigated separately. In particular, it is shown that this dependence takes on essentially different forms for odd and even times. For example, in case of one threat the secure state probability shows non-monotonic dependence on the probability of threats at even times; this function admits at least one local minimum in its region of definition. The indicated feature is considered important because it allows identifying the most dangerous areas of threats where the secure state probability can be below the permissible level. Finally, an important characteristic of the model is introduced, i.e., the relaxation time, by means of which the permissible value range of the system’s protection parameters, is constructed.