IDEAS home Printed from https://ideas.repec.org/a/eee/ejores/v292y2021i2p596-609.html
   My bibliography  Save this article

To clean or not to clean: Malware removal strategies for servers under load

Author

Listed:
  • Doroudi, Sherwin
  • Avgerinos, Thanassis
  • Harchol-Balter, Mor

Abstract

We consider how to best schedule reparative downtime for a customer-facing online service that is vulnerable to cyber attacks such as malware infections. These infections can cause performance degradation (i.e., a slower service rate) and facilitate data theft, both of which have monetary repercussions. Infections may go undetected and can only be removed by time-consuming cleanup procedures, which require temporarily taking the service offline. From a security-oriented perspective, cleanups should be undertaken as frequently as possible. From a performance-oriented perspective, frequent cleanups are desirable because they maintain faster service, but they are simultaneously undesirable because they lead to more frequent downtimes and subsequent loss of revenue. We ask when and how often cleanups should happen.

Suggested Citation

  • Doroudi, Sherwin & Avgerinos, Thanassis & Harchol-Balter, Mor, 2021. "To clean or not to clean: Malware removal strategies for servers under load," European Journal of Operational Research, Elsevier, vol. 292(2), pages 596-609.
    • Handle: RePEc:eee:ejores:v:292:y:2021:i:2:p:596-609
    DOI: 10.1016/j.ejor.2020.10.036
    as

    Download full text from publisher

    File URL: http://www.sciencedirect.com/science/article/pii/S0377221720309127
    Download Restriction: Full text for ScienceDirect subscribers only
    File URL: https://libkey.io/10.1016/j.ejor.2020.10.036?utm_source=ideas
    LibKey link: if access is restricted and if your library uses this service, LibKey will redirect you to where you can use your library subscription to access this item
    ---><---

    As the access to this document is restricted, you may want to search for a different version of it.

    References listed on IDEAS

    as
    1. Hasan Cavusoglu & Huseyin Cavusoglu & Jun Zhang, 2008. "Security Patch Management: Share the Burden or Share the Damage?," Management Science, INFORMS, vol. 54(4), pages 657-670, April.
    2. Haque, Lani & Armstrong, Michael J., 2007. "A survey of the machine interference problem," European Journal of Operational Research, Elsevier, vol. 179(2), pages 469-482, June.
    3. V. Makis & X. Jiang, 2003. "Optimal Replacement Under Partial Observations," Mathematics of Operations Research, INFORMS, vol. 28(2), pages 382-394, May.
    4. Alaswad, Suzan & Xiang, Yisha, 2017. "A review on condition-based maintenance optimization models for stochastically deteriorating system," Reliability Engineering and System Safety, Elsevier, vol. 157(C), pages 54-63.
    5. Benny Van Houdt & Johan S. H. van Leeuwaarden, 2011. "Triangular M/G/1-Type and Tree-Like Quasi-Birth-Death Markov Chains," INFORMS Journal on Computing, INFORMS, vol. 23(1), pages 165-171, February.
    6. Wartenhorst, Pieter, 1995. "N parallel queueing systems with server breakdown and repair," European Journal of Operational Research, Elsevier, vol. 82(2), pages 302-322, April.
    7. Steve Drekic & Winfried Grassmann, 2002. "An Eigenvalue Approach to Analyzing a Finite Source Priority Queueing Model," Annals of Operations Research, Springer, vol. 112(1), pages 139-152, April.
    8. Kevin M. Gatzlaff & Kathleen A. McCullough, 2010. "The Effect of Data Breaches on Shareholder Wealth," Risk Management and Insurance Review, American Risk and Insurance Association, vol. 13(1), pages 61-83, March.
    Full references (including those not matched with items on IDEAS)

    Citations

    Citations are extracted by the CitEc Project, subscribe to its RSS feed for this item.
    as


    Cited by:

    1. Zhao, Xian & He, Zongda & Wu, Yaguang & Qiu, Qingan, 2022. "Joint optimization of condition-based performance control and maintenance policies for mission-critical systems," Reliability Engineering and System Safety, Elsevier, vol. 226(C).
    2. Suyuan Luo & Tsan‐Ming Choi, 2022. "E‐commerce supply chains with considerations of cyber‐security: Should governments play a role?," Production and Operations Management, Production and Operations Management Society, vol. 31(5), pages 2107-2126, May.

    Most related items

    These are the items that most often cite the same works as this one and are cited by the same works as this one.
    1. de Jonge, Bram & Scarf, Philip A., 2020. "A review on maintenance optimization," European Journal of Operational Research, Elsevier, vol. 285(3), pages 805-824.
    2. Haque, Lani & Armstrong, Michael J., 2007. "A survey of the machine interference problem," European Journal of Operational Research, Elsevier, vol. 179(2), pages 469-482, June.
    3. Michiel A. J. uit het Broek & Ruud H. Teunter & Bram de Jonge & Jasper Veldman & Nicky D. Van Foreest, 2020. "Condition-Based Production Planning: Adjusting Production Rates to Balance Output and Failure Risk," Manufacturing & Service Operations Management, INFORMS, vol. 22(4), pages 792-811, July.
    4. Ece Zeliha Demirci & Joachim Arts & Geert-Jan Van Houtum, 2022. "A restless bandit approach for capacitated condition based maintenance scheduling," DEM Discussion Paper Series 22-01, Department of Economics at the University of Luxembourg.
    5. Hashemi, M. & Asadi, M. & Zarezadeh, S., 2020. "Optimal maintenance policies for coherent systems with multi-type components," Reliability Engineering and System Safety, Elsevier, vol. 195(C).
    6. Azizi, Fariba & Salari, Nooshin, 2023. "A novel condition-based maintenance framework for parallel manufacturing systems based on bivariate birth/birth–death processes," Reliability Engineering and System Safety, Elsevier, vol. 229(C).
    7. Kim, Michael Jong & Jiang, Rui & Makis, Viliam & Lee, Chi-Guhn, 2011. "Optimal Bayesian fault prediction scheme for a partially observable system subject to random failure," European Journal of Operational Research, Elsevier, vol. 214(2), pages 331-339, October.
    8. Li, Meiyan & Wu, Bei, 2024. "Optimal condition-based opportunistic maintenance policy for two-component systems considering common cause failure," Reliability Engineering and System Safety, Elsevier, vol. 250(C).
    9. Finkelstein, Maxim & Cha, Ji Hwan & Langston, Amy, 2023. "Improving classical optimal age-replacement policies for degrading items," Reliability Engineering and System Safety, Elsevier, vol. 236(C).
    10. KarabaÄŸ, Oktay & Eruguz, Ayse Sena & Basten, Rob, 2020. "Integrated optimization of maintenance interventions and spare part selection for a partially observable multi-component system," Reliability Engineering and System Safety, Elsevier, vol. 200(C).
    11. Andrei Sleptchenko & M. Eric Johnson, 2015. "Maintaining Secure and Reliable Distributed Control Systems," INFORMS Journal on Computing, INFORMS, vol. 27(1), pages 103-117, February.
    12. Michael McShane & Trung Nguyen, 2020. "Time-varying effects of cyberattacks on firm value," The Geneva Papers on Risk and Insurance - Issues and Practice, Palgrave Macmillan;The Geneva Association, vol. 45(4), pages 580-615, October.
    13. Debabrata Dey & Atanu Lahiri & Guoying Zhang, 2015. "Optimal Policies for Security Patch Management," INFORMS Journal on Computing, INFORMS, vol. 27(3), pages 462-477, August.
    14. Kristin Masuch & Maike Greve & Simon Trang, 2021. "What to do after a data breach? Examining apology and compensation as response strategies for health service providers," Electronic Markets, Springer;IIM University of St. Gallen, vol. 31(4), pages 829-848, December.
    15. Mosayebi Omshi, E. & Grall, A., 2021. "Replacement and imperfect repair of deteriorating system: Study of a CBM policy and impact of repair efficiency," Reliability Engineering and System Safety, Elsevier, vol. 215(C).
    16. Huseyin Cavusoglu & Srinivasan Raghunathan & Hasan Cavusoglu, 2009. "Configuration of and Interaction Between Information Security Technologies: The Case of Firewalls and Intrusion Detection Systems," Information Systems Research, INFORMS, vol. 20(2), pages 198-217, June.
    17. Sahba, Pedram & BalcIog[small tilde]lu, BarIs, 2011. "The impact of transportation delays on repairshop capacity pooling and spare part inventories," European Journal of Operational Research, Elsevier, vol. 214(3), pages 674-682, November.
    18. Chen, Wenbo, 2018. "Retailer-driven carbon emission abatement with consumer environmental awareness and carbon tax: Revenue-sharing versus Cost-sharingAuthor-Name: Yang, Huixiao," Omega, Elsevier, vol. 78(C), pages 179-191.
    19. Xu, Gaowei & Azhari, Fae, 2022. "Data-driven optimization of repair schemes and inspection intervals for highway bridges," Reliability Engineering and System Safety, Elsevier, vol. 228(C).
    20. Liu, Xinbao & Yang, Tianji & Pei, Jun & Liao, Haitao & Pohl, Edward A., 2019. "Replacement and inventory control for a multi-customer product service system with decreasing replacement costs," European Journal of Operational Research, Elsevier, vol. 273(2), pages 561-574.

    Corrections

    All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:eee:ejores:v:292:y:2021:i:2:p:596-609. See general information about how to correct material in RePEc.

    If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.

    If CitEc recognized a bibliographic reference but did not link an item in RePEc to it, you can help with this form .

    If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.

    For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: Catherine Liu (email available below). General contact details of provider: http://www.elsevier.com/locate/eor .

    Please note that corrections may take a couple of weeks to filter through the various RePEc services.

    IDEAS is a RePEc service. RePEc uses bibliographic data supplied by the respective publishers.