Annotation: Computer networks are an important part of modern civilization. They are used literally in all spheres of human activity. Significant losses due to failures of these networks cause high requirements for the stability of their operation. Ensuring the necessary resilience, in particular, relies on the protection of computer networks from virus attacks. In its interests, appropriate protection systems are being created. As an indicator of the effectiveness of such systems, it is proposed to use the number of network computers that a virus manages to infect before it is detected and removed. The empirical basis for assessing the effectiveness of systems for protecting computer networks from virus attacks is the data obtained as a result of field tests and (or) previous operating experience. These data are random in nature, and their volume, as a rule, is significantly limited. An approach to assessing the effectiveness of systems for protecting computer networks from virus attacks, taking into account the indicated features of empirical data, is considered in this article. The approach is based on the presentation of empirical data in the form of a small sample from the general population of values of a random variable of the number of computers on the network that the virus managed to infect before it was detected and removed. The distribution function of this quantity is taken as a test model. The construction of the distribution function is based on the principle of maximum uncertainty. Shannon's entropy is taken as a measure of uncertainty.

Keywords: computer network, virus attack, network protection system, protection efficiency