The Benefits of a Notification Process in Addressing the Worsening Computer Virus Problem: Results of a Survey and a Simulation Model

Computer viruses present an increasing risk to the integrity of information systems and the functions of a modern business enterprise. Systematic study of this problem can yield better indicators of the impact of computer viruses as well as a better understanding of strategies to reduce that impact....

Full description

Saved in:
Bibliographic Details
Published in:Computers & security 2002-01, Vol.21 (2), p.142-163
Main Authors: Aron, Joan L, O’Leary, Michael, Gove, Ronald A, Azadegan, Shiva, Schneider, M.Cristina
Format: Article
Language:English
Subjects:
antiviral software
computer virus
Computer viruses
Cybersecurity
notification process
Polls & surveys
Simulation
simulation model
Software
survey
Citations: Items that this one cites
Items that cite this one
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:Computer viruses present an increasing risk to the integrity of information systems and the functions of a modern business enterprise. Systematic study of this problem can yield better indicators of the impact of computer viruses as well as a better understanding of strategies to reduce that impact. We conducted a Computer Virus Epidemiology Survey (CVES) on the World Wide Web to examine indicators of the impact of computer viruses. A major finding from the CVES is that multiple indicators of the impact of computer viruses reveal a problem growing more severe that affects large, as well as small, organizations. Another important finding is that viruses not detected despite regular updating of antiviral software caused only about 15% to 21% of virus problems reported in workgroups using antiviral software. The possible reasons for failure to detect include improper configuration of software and the inability of all known anti-virus detectors to detect. A related implication is that a substantial amount of damage due to viruses could probably have been prevented by regular updating of antiviral software. We also used the CVES in the development of a simulation model for the spread of computer viruses in workgroups in order to analyze the effect of a notification process on control. Our major finding is that the process of notification, whether by human behaviour or by technology, substantially reduces the impact of computer viruses in workgroups. For example, if a workgroup has a period of vulnerability when only 80% of its workstations are effectively using antiviral software, then even a 50% probability of notification of a detected virus substantially reduces the burden. An added benefit of maintaining an environment with high effective antiviral software usage and high levels of notification is that greater rates of communication events that can potentially transmit computer viruses within the workgroup actually reduce the impact of computer viruses in the workgroup. Anecdotal observations also indicate that the process of notification is significant in controlling the spread of ‘new’ viruses not yet detectable by software, although the process of notification from law enforcement authorities to workgroups was not in the simulation model. More formally, the reduced impact of computer viruses in a workgroup due to a greater rate of communication events that can potentially transmit computer viruses corresponds to a situation when a computer virus introduc
ISSN:0167-4048
1872-6208
DOI:10.1016/S0167-4048(02)00210-9