Analysis on Operation of Anti-Virus Systems with Real-Time Scan and Batch Scan

Title & Authors
Analysis on Operation of Anti-Virus Systems with Real-Time Scan and Batch Scan
Yang, Won Seok; Kim, Tae-Sung;

Abstract
We consider an information system where viruses arrive according to a Poisson process with rate $\small{{\lambda}}$. The information system has two types of anti-virus operation policies including 'real-time scan' and 'batch scan.' In the real-time scan policy, a virus is assumed to be scanned immediately after its arrival. Consequently, the real-time scan policy assumes infinite number of anti-viruses. We assume that the time for scanning and curing a virus follows a general distribution. In the batch scan policy, a system manager operates an anti-virus every deterministic time interval and scan and cure all the viruses remaining in the system simultaneously. In this paper we suggest a probability model for the operation of anti-virus software. We derive a condition under which the operating policy is achieved. Some numerical examples with various cost structure are given to illustrate the results.
Keywords
anti-virus system;real-time scan;batch scan;economic analysis;probability model;
Language
English
Cited by
References
1.
Computer Security Institute, Computer Crime and Security Survey, Jun. 2011.

2.
L. A. Gordon and M. P. Loeb, "The economics of information security investment," ACM Trans. Inform. Syst. Security, vol. 5, no. 4, pp. 438-457, Nov. 2002.

3.
W. S. Yang, T. S. Kim, and H. M. Park, "Probabilistic modeling for evaluation of information security investment portfolios," J. Korean Operations Research Management Sci. Soc., vol. 34, no. 3, pp. 155-163, Sep. 2009.

4.
W. S. Yang, T. S. Kim, and H. M. Park, "Considering system throughput to evaluate information security investment portfolios," J. Korea Inst. Inform. Security Cryptology, vol. 20, no. 2, pp. 109-116, Apr. 2010.

5.
H. Cavusoglu, B. Mishra, and S. Raghunathan, "The value of intrusion detection systems in information technology security architecture," Inform. Syst. Research, vol. 16, no. 1, pp. 28-46, Mar. 2005.

6.
H. Cavusoglu, B. Mishra, and S. Raghunathan, "A model for evaluating IT security investments," Commun. ACM, vol. 47, no. 7, pp. 87-92, July 2004.

7.
L. D. Bodin, L. A. Gordon, and M. P. Loeb, "Evaluating information security investments using the analytic hierarchy process," Commun. ACM, vol. 48, no. 2, pp. 79-83, Feb. 2005.

8.
H. K. Kong, T. S. Kim, and J. Kim, "An analysis on effects of information security investments: a BSC perspective," J. Intell. Manufacturing, vol. 23, no. 4, pp. 941-953, Aug. 2012.

9.
Korea Communication Commission (KCC) and Korea Internet & Security Agency (KISA), Information Security Survey-Businesses, Mar. 2012.

10.
W. S. Yang, J. D. Kim, and K. C. Chae, "Analysis of M/G/1 stochastic clearing systems," Stochastic Anal. Applicat., vol. 20, no. 5, pp. 1083-1100, Oct. 2002.

11.
G. Jain and K. Sigman, "A Pollaczek-Khintchine formula for M/G/1 queues with disasters," J. Applied Probability, vol. 33, no. 4, pp. 1191-1200, Dec. 1996.

12.
I. Atencia and P. Moreno, "The discrete-time Geo/Geo/1 queue with negative customers and disasters," Comput. Operations Research, vol. 31, no. 9, pp. 1537-1548, Aug. 2004.

13.
A. Gomez-Corral, "On a finite-buffer bulk-service queue with disasters," Math. Methods Operations Research, vol. 61, no. 1, pp. 57-84, Mar. 2005.

14.
F. Jolai, S. M. Asadzadeh, and M. R. Taghizadeh, "Performance estimation of an Email contact center by a finite source discrete time Geo/Geo/1 queue with disasters," Comput. Ind. Eng., vol. 55, no. 3, pp. 543-556, Oct. 2008.

15.
X. W. Yi, J. D. Kim, D. W. Choi, and K. C. Chae, "The Geo/G/1 queue with disasters and multiple working vacations," Stochastic Models, vol. 23, no. 4, pp. 21-31, Nov. 2007.

16.
H. M. Park, W. S. Yang, and K .C. Chae, "Analysis of the GI/Geo/1 queue with disasters," Stochastic Anal. Applicat., vol. 28, no. 1, pp. 44-53, Jan. 2010.

17.
D. H. Lee, W. S. Yang, and H. M. Park, "Geo/G/1 queues with disasters and general repair times," Applied Math. Modelling, vol. 35, no. 4, pp. 1561-1570, Apr. 2011.

18.
A. Chen and E. Renshaw, "The M/M/1 queue with mass exodus and mass arrivals when empty," J. Applied Probability, vol. 34, no. 1, pp. 192-207, Mar. 1997.

19.
D. Towsley and S. K. Tripathi, "A single server priority queue with server failures and queue flushing," Operations Research Lett., vol. 10, no. 6, pp. 353-362, Aug. 1991.

20.
E. G. Kyriakidis and A. Abakuks, "Optimal pest control through catastrophes," J. Applied Probability, vol. 27, no. 4, pp. 873-879, Dec. 1989.

21.
X. Chao, "A queueing network model with catastrophes and product form solution," Operations Research Lett., vol. 18, no. 2, pp. 75-79, Sep. 1995.

22.
J. R. Artalejo and A. Gomez-Corral, "Analysis of a stochastic clearing system with repeated attempts," Stochastic Models, vol. 14, no. 3, pp. 623-645, Jun. 1998.

23.
D. Gross and G. M. Harris, Fundamentals of Queueing Theory, John Wiley & Sons, 1974.