The paper is devoted to developing a model capable of describing the process of functioning of large-scale systems with dynamic, adaptive network topology. The mathematical apparatus on which the model is based is dynamic graph theory, due to which the functioning of an ad hoc network is represented as a set of static graphs, each of which corresponds to a certain timestamp. Dynamic graphs allow changes in the network to be tracked and marked as legitimate or illegitimate. The key parameters of the developed model were chosen based on the practical experience of researchers involved in the detection of various attacks in ad hoc networks, which makes the proposed model a priori oriented for subsequent security analysis