A.Yu. Dobrodeyev, A.V. Gorshkov, U.M. Tulemisov

Analyzed are characteristics of flow of attacks by recent malicious codes including following types: virus, trojan and worms. The attacks analyzed were performed during time period 2007-2009. Characteristics analysis method of ordinary flow of random events is described in the article and is a basis of the study. Method includes preparatory phase: study of distribution of intervals between random events and characteristics study of the flow of random events. And additional phase of more detailed analysis. Following and according to this method attack flow analysis was conducted using program-analytical system of Samarky State Aero-cosmic University (department of Information Systems and Technologies). Approximation of non-normalized sampling theoretical density of distribution (time interval between attacks) was conducted as well. Conclusions are made about gained statistical characteristics of real flow of attacks (recent malicious codes) which can be utilized to improve attack prevention techniques and systems

1. Система сбора данных по атакам IntelliShield Alert Manager. URL: https://intellishield.cisco.com/security/alertmanager/ basicSearch.do (дата обращения 15.10.10).
2. Прохоров С.А., Иващенко А.В., Графкин А.В. Автоматизированная система корреляционно-спектрального анализа случайных процессов Самара: СНЦ РАН, 2002. 286 с. URL: http://www.ssau.ru/resources/sotrudniki/prohorov/7/,http://window.edu.ru/window/library-p_rid=58663(дата обращения 10.11.2010).
3. Автоматизированные системы аппроксимативного анализа случайных процессов / Под редакцией Прохорова С.А. - Самара: СНЦ РАН. URL:http://www.ssau.ru/files/resources/sotrudniki/prohorov/prohorov_auto_systems.pdf(дата обращения 10.11.2010).