Cyber resilience recovery model to combat zero-day malware attacks

This paper presents the implementation of an epidemiological model to combat a zero-day outbreak within a closed network. The proposed dynamic Cyber Resilience Recovery Model (CRRM) is used to combat the simulated outbreak and minimize disruptions to business operations. CRRM combines the National Institute of Standards and Technology Special Publication 800-61 incident response life cycle and Susceptible-Infected-Quarantined-Recovered epidemiological model. It provides insights into the strengths and weaknesses of current recovery processes and presents possible solutions for addressing changing cybersecurity threats. Evaluation results demonstrate that CRRM accurately simulates malware outbreaks on a network and has the potential to serve as a valuable tool for supporting decision-making and technological investments that improve cyber resilience.