TEST SEQUENCE FOR DETECTION AND ISOLATION OF INFECTED NODES OF THE INFOCOMMUNICATION NETWORK
DOI:
https://doi.org/10.28925/2663-4023.2025.31.1070Keywords:
cybersecurity; infocommunication network; viruses; protection; identification features; AI model; protective solutions.Abstract
A modern infocommunication network (ICN) is a distributed system, the basic elements of which are combined into a single information space. ICNs are often subjected to various attacks by malicious software (MSW), which is why the decisive factor affecting the effectiveness of the functioning of the infocommunication network is the degree of protection of ICN nodes from the influence of MSW. Since existing protection tools do not always cope with the detection of signs of infection of network hardware in a timely manner, the issue of developing and implementing new methods, models, algorithms and systems for protecting information from malicious software that is not based on the detection of MSW signatures is relevant. Of particular importance in this list is the task of timely detection and localization of infected nodes of the infocommunication network. The purpose of the article is to form a test sequence for the detection and localization of infected nodes of the infocommunication network. To establish the fact of “infection” of a specific ICN node, it is necessary to remove information traces from it and conduct their detailed analysis, since in this case the correctness of the response to determine the “infected\not infected” state will be more than 50%. Building an information protection system in the form of an automated control system aimed at ensuring support for the target ICN state allows to ensure the required level of information security. The proposed test sequence allows to detect ICN nodes infected with viruses in the control cycle of the protection system and allows to optimize the time for evaluating one node. Simultaneous implementation of optimization solutions for each of the stages will allow to minimize the average time for passing the test sequence, which has a positive effect on minimizing the total time for detecting and localizing infected nodes of the infocommunication network in the control cycle. Minimizing the average time is ensured by: using only the minimum necessary digital traces; using an AI model as one of the components of the decision-making module and pre-configured rules for evaluating digital traces; using pre-configured rules to automatically take control actions to locate an infected node; parallelizing calculations.
Downloads
References
Chernigivskyi, I. A., & Kryuchkova, L. P. (2025). A system approach to solving the problem of protecting information in an infocommunication network from the influence of computer viruses. Cybersecurity: Education, Science, Technique, 572–590. https://doi.org/10.28925/2663-4023.2025.27.781
Department for Science, Innovation and Technology. (2025). Cyber security breaches survey 2025. GOV.UK. https://www.gov.uk/government/statistics/cyber-security-breaches-survey-2025/cyber-security-breaches-survey-2025
CyberArrow. (2025). Malware statistics: You need to know in 2025. https://www.cyberarrow.io/blog/malware-statistics-you-need-to-know/
World Economic Forum. (2025). Global cybersecurity outlook 2025. https://reports.weforum.org/docs/WEF_Global_Cybersecurity_Outlook_2025.pdf
Rando, J., Perez-Cruz, F., & Hitaj, B. (2023). PassGPT: Password modeling and (guided) generation with large language models. arXiv. https://doi.org/10.48550/arXiv.2306.01545
Coppolino, L., et al. (2025). The good, the bad, and the algorithm: The impact of generative AI on cybersecurity. Neurocomputing, 623, Article 129406. https://doi.org/10.1016/j.neucom.2025.129406
Xu, H., et al. (2024). Large language models for cyber security: A systematic literature review. arXiv. https://doi.org/10.48550/arXiv.2405.04760
Davydov, V. V. (2012). Comparative analysis of computer virus distribution models in automated technological process control systems. Information Processing Systems, 3(101), 147–151.
Abu Taam Ghani Mohamad, A. A., Smirnov, A. A., Kovalenko, A. V., & Smirnov, S. A. (2014). Comparative studies of mathematical models of computer virus propagation technology in information and telecommunication networks. Information Processing Systems, (9), 105–110.
Semenov, S., & Davydov, V. (2012). Mathematical model of the spread of computer viruses in heterogeneous computer networks of automated technological process control systems. Bulletin of NTU “KPI”. Series: Informatics and Modeling, 32, 163–171.
Tereykovsky, I. A., Korchenko, O. G., & Pogorelov, V. V. (2022). Methods of recognizing cyberattacks: Recognizing computer viruses (Textbook). Igor Sikorsky Kyiv Polytechnic Institute.
Chernigivskyi, I. A., & Kryuchkova, L. P. (2025). Effective solutions for rapid detection of compromised PCs in infocommunication networks. Telecommunications and Information Technologies, 87(2). https://doi.org/10.31673/2412-4338.2025.029875
MITRE ATT&CK®. (n.d.). Boot or logon autostart execution: Registry run keys / startup folder (Sub-technique T1547.001). https://attack.mitre.org/techniques/T1547/001/
MITRE ATT&CK®. (n.d.). Scheduled task/job: Scheduled task (Sub-technique T1053.005). https://attack.mitre.org/techniques/T1053/005
Daulaguphu, S. (n.d.). Critical malware persistence mechanisms you must know. Tech Zealots. https://tech-zealots.com/malware-analysis/malware-persistence-mechanisms/
Bencherchali, N. (n.d.). Hunting malware with Windows Sysinternals – Autoruns. Medium. https://nasbench.medium.com/hunting-malware-with-windows-sysinternals-autoruns-19cbfe4103c2
Microsoft. (n.d.). Autoruns – Sysinternals. Microsoft Learn. https://learn.microsoft.com/en-us/sysinternals/downloads/autoruns
Chernigivskyi, I. A., & Kryuchkova, L. P. (2025). Testing neural network models to solve the problem of detecting infected PCs based on digital traces. Cybersecurity: Education, Science, Technique, 1(29), 800–817. https://doi.org/10.28925/2663-4023.2025.29.941
Published
How to Cite
Issue
Section
License
Copyright (c) 2025 Іван Чернігівський, Лариса Крючкова
This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.
