IDEAS home Printed from https://ideas.repec.org/a/eee/ejores/v292y2021i2p596-609.html
   My bibliography  Save this article

To clean or not to clean: Malware removal strategies for servers under load

Author

Listed:
  • Doroudi, Sherwin
  • Avgerinos, Thanassis
  • Harchol-Balter, Mor

Abstract

We consider how to best schedule reparative downtime for a customer-facing online service that is vulnerable to cyber attacks such as malware infections. These infections can cause performance degradation (i.e., a slower service rate) and facilitate data theft, both of which have monetary repercussions. Infections may go undetected and can only be removed by time-consuming cleanup procedures, which require temporarily taking the service offline. From a security-oriented perspective, cleanups should be undertaken as frequently as possible. From a performance-oriented perspective, frequent cleanups are desirable because they maintain faster service, but they are simultaneously undesirable because they lead to more frequent downtimes and subsequent loss of revenue. We ask when and how often cleanups should happen.

Suggested Citation

  • Doroudi, Sherwin & Avgerinos, Thanassis & Harchol-Balter, Mor, 2021. "To clean or not to clean: Malware removal strategies for servers under load," European Journal of Operational Research, Elsevier, vol. 292(2), pages 596-609.
    • Handle: RePEc:eee:ejores:v:292:y:2021:i:2:p:596-609
    DOI: 10.1016/j.ejor.2020.10.036
    as

    Download full text from publisher

    File URL: http://www.sciencedirect.com/science/article/pii/S0377221720309127
    Download Restriction: Full text for ScienceDirect subscribers only
    File URL: https://libkey.io/10.1016/j.ejor.2020.10.036?utm_source=ideas
    LibKey link: if access is restricted and if your library uses this service, LibKey will redirect you to where you can use your library subscription to access this item
    ---><---

    As the access to this document is restricted, you may want to search for a different version of it.

    References listed on IDEAS

    as
    1. Hasan Cavusoglu & Huseyin Cavusoglu & Jun Zhang, 2008. "Security Patch Management: Share the Burden or Share the Damage?," Management Science, INFORMS, vol. 54(4), pages 657-670, April.
    2. Haque, Lani & Armstrong, Michael J., 2007. "A survey of the machine interference problem," European Journal of Operational Research, Elsevier, vol. 179(2), pages 469-482, June.
    3. V. Makis & X. Jiang, 2003. "Optimal Replacement Under Partial Observations," Mathematics of Operations Research, INFORMS, vol. 28(2), pages 382-394, May.
    4. Wartenhorst, Pieter, 1995. "N parallel queueing systems with server breakdown and repair," European Journal of Operational Research, Elsevier, vol. 82(2), pages 302-322, April.
    5. Alaswad, Suzan & Xiang, Yisha, 2017. "A review on condition-based maintenance optimization models for stochastically deteriorating system," Reliability Engineering and System Safety, Elsevier, vol. 157(C), pages 54-63.
    6. Benny Van Houdt & Johan S. H. van Leeuwaarden, 2011. "Triangular M/G/1-Type and Tree-Like Quasi-Birth-Death Markov Chains," INFORMS Journal on Computing, INFORMS, vol. 23(1), pages 165-171, February.
    7. Steve Drekic & Winfried Grassmann, 2002. "An Eigenvalue Approach to Analyzing a Finite Source Priority Queueing Model," Annals of Operations Research, Springer, vol. 112(1), pages 139-152, April.
    8. Kevin M. Gatzlaff & Kathleen A. McCullough, 2010. "The Effect of Data Breaches on Shareholder Wealth," Risk Management and Insurance Review, American Risk and Insurance Association, vol. 13(1), pages 61-83, March.
    Full references (including those not matched with items on IDEAS)

    Citations

    Citations are extracted by the CitEc Project, subscribe to its RSS feed for this item.
    as


    Cited by:

    1. Zhao, Xian & He, Zongda & Wu, Yaguang & Qiu, Qingan, 2022. "Joint optimization of condition-based performance control and maintenance policies for mission-critical systems," Reliability Engineering and System Safety, Elsevier, vol. 226(C).
    2. Suyuan Luo & Tsan‐Ming Choi, 2022. "E‐commerce supply chains with considerations of cyber‐security: Should governments play a role?," Production and Operations Management, Production and Operations Management Society, vol. 31(5), pages 2107-2126, May.

    Most related items

    These are the items that most often cite the same works as this one and are cited by the same works as this one.
    1. de Jonge, Bram & Scarf, Philip A., 2020. "A review on maintenance optimization," European Journal of Operational Research, Elsevier, vol. 285(3), pages 805-824.
    2. Haque, Lani & Armstrong, Michael J., 2007. "A survey of the machine interference problem," European Journal of Operational Research, Elsevier, vol. 179(2), pages 469-482, June.
    3. Michiel A. J. uit het Broek & Ruud H. Teunter & Bram de Jonge & Jasper Veldman & Nicky D. Van Foreest, 2020. "Condition-Based Production Planning: Adjusting Production Rates to Balance Output and Failure Risk," Manufacturing & Service Operations Management, INFORMS, vol. 22(4), pages 792-811, July.
    4. Ece Zeliha Demirci & Joachim Arts & Geert-Jan Van Houtum, 2022. "A restless bandit approach for capacitated condition based maintenance scheduling," DEM Discussion Paper Series 22-01, Department of Economics at the University of Luxembourg.
    5. Finkelstein, Maxim & Cha, Ji Hwan & Langston, Amy, 2023. "Improving classical optimal age-replacement policies for degrading items," Reliability Engineering and System Safety, Elsevier, vol. 236(C).
    6. KarabaÄŸ, Oktay & Eruguz, Ayse Sena & Basten, Rob, 2020. "Integrated optimization of maintenance interventions and spare part selection for a partially observable multi-component system," Reliability Engineering and System Safety, Elsevier, vol. 200(C).
    7. Michael McShane & Trung Nguyen, 2020. "Time-varying effects of cyberattacks on firm value," The Geneva Papers on Risk and Insurance - Issues and Practice, Palgrave Macmillan;The Geneva Association, vol. 45(4), pages 580-615, October.
    8. Debabrata Dey & Atanu Lahiri & Guoying Zhang, 2015. "Optimal Policies for Security Patch Management," INFORMS Journal on Computing, INFORMS, vol. 27(3), pages 462-477, August.
    9. Kristin Masuch & Maike Greve & Simon Trang, 2021. "What to do after a data breach? Examining apology and compensation as response strategies for health service providers," Electronic Markets, Springer;IIM University of St. Gallen, vol. 31(4), pages 829-848, December.
    10. Liu, Xinbao & Yang, Tianji & Pei, Jun & Liao, Haitao & Pohl, Edward A., 2019. "Replacement and inventory control for a multi-customer product service system with decreasing replacement costs," European Journal of Operational Research, Elsevier, vol. 273(2), pages 561-574.
    11. Havinga, Maik J.A. & de Jonge, Bram, 2020. "Condition-based maintenance in the cyclic patrolling repairman problem," International Journal of Production Economics, Elsevier, vol. 222(C).
    12. Zhang, Nan & Cai, Kaiquan & Zhang, Jun & Wang, Tian, 2022. "A condition-based maintenance policy considering failure dependence and imperfect inspection for a two-component system," Reliability Engineering and System Safety, Elsevier, vol. 217(C).
    13. Shinichi Kamiya & Jun-Koo Kang & Jungmin Kim & Andreas Milidonis & René M. Stulz, 2018. "What is the Impact of Successful Cyberattacks on Target Firms?," NBER Working Papers 24409, National Bureau of Economic Research, Inc.
    14. L. Georg-Schaffner & E. Prinz, 2022. "Corporate management boards’ information security orientation: an analysis of cybersecurity incidents in DAX 30 companies," Journal of Management & Governance, Springer;Accademia Italiana di Economia Aziendale (AIDEA), vol. 26(4), pages 1375-1408, December.
    15. Winfried K. Grassmann & Steve Drekic, 2008. "Multiple Eigenvalues in Spectral Analysis for Solving QBD Processes," Methodology and Computing in Applied Probability, Springer, vol. 10(1), pages 73-83, March.
    16. Ke, Jau-Chuan & Liu, Tzu-Hsin & Wu, Chia-Huang, 2015. "An optimum approach of profit analysis on the machine repair system with heterogeneous repairmen," Applied Mathematics and Computation, Elsevier, vol. 253(C), pages 40-51.
    17. Zang, Yu & Shangguan, Wei & Cai, Baigen & Wang, Huasheng & Pecht, Michael. G., 2021. "Hybrid remaining useful life prediction method. A case study on railway D-cables," Reliability Engineering and System Safety, Elsevier, vol. 213(C).
    18. de Jonge, Bram & Teunter, Ruud & Tinga, Tiedo, 2017. "The influence of practical factors on the benefits of condition-based maintenance over time-based maintenance," Reliability Engineering and System Safety, Elsevier, vol. 158(C), pages 21-30.
    19. Kampitsis, Dimitris & Panagiotidou, Sofia, 2022. "A Bayesian condition-based maintenance and monitoring policy with variable sampling intervals," Reliability Engineering and System Safety, Elsevier, vol. 218(PA).
    20. Tseremoglou, Iordanis & Santos, Bruno F., 2024. "Condition-Based Maintenance scheduling of an aircraft fleet under partial observability: A Deep Reinforcement Learning approach," Reliability Engineering and System Safety, Elsevier, vol. 241(C).

    Corrections

    All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:eee:ejores:v:292:y:2021:i:2:p:596-609. See general information about how to correct material in RePEc.

    If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.

    If CitEc recognized a bibliographic reference but did not link an item in RePEc to it, you can help with this form .

    If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.

    For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: Catherine Liu (email available below). General contact details of provider: http://www.elsevier.com/locate/eor .

    Please note that corrections may take a couple of weeks to filter through the various RePEc services.

    IDEAS is a RePEc service. RePEc uses bibliographic data supplied by the respective publishers.