Cyber-Risk Informatics

Opis

This book provides a scientific modeling approach for conducting metrics-based quantitative risk assessments of cybersecurity vulnerabilities and threats.

This book provides a scientific modeling approach for conducting metrics-based quantitative risk assessments of cybersecurity threats. The author builds from a common understanding based on previous class-tested works to introduce the reader to the current and newly innovative approaches to address the maliciously-by-human-created (rather than by-chance-occurring) vulnerability and threat, and related cost-effective management to mitigate such risk. This book is purely statistical data-oriented (not deterministic) and employs computationally intensive techniques, such as Monte Carlo and Discrete Event Simulation. The enriched JAVA ready-to-go applications and solutions to exercises provided by the author at the book’s specifically preserved website will enable readers to utilize the course related problems.

• Enables the reader to use the book's website's applications to implement and see results, and use them making ‘budgetary’ sense

• Utilizes a data analytical approach and provides clear entry points for readers of varying skill sets and backgrounds

• Developed out of necessity from real in-class experience while teaching advanced undergraduate and graduate courses by the author

Cyber-Risk Informatics is a resource for undergraduate students, graduate students, and practitioners in the field of Risk Assessment and Management regarding Security and Reliability Modeling.

Mehmet Sahinoglu, a Professor (1990) Emeritus (2000), is the founder of the Informatics Institute (2009) and its SACS-accredited (2010) and NSA-certified (2013) flagship Cybersystems and Information Security (CSIS) graduate program (the first such full degree in-class program in Southeastern USA) at AUM, Auburn University’s metropolitan campus in Montgomery, Alabama. He is a fellow member of the SDPS Society, a senior member of the IEEE, and an elected member of ISI. Sahinoglu is the recipient of Microsoft's Trustworthy Computing Curriculum (TCC) award and the author of Trustworthy Computing (Wiley, 2007).

Spis treści

Title Page 6
Copyright Page 7
Contents 10
PROLOGUE 17
REVIEWS 18
PREFACE 24
ACKNOWLEDGMENTS AND DEDICATION 32
ABOUT THE AUTHOR 34
CHAPTER 1 METRICS, STATISTICAL QUALITY CONTROL, AND BASIC RELIABILITY IN CYBER-RISK 36
- 1.1 DETERMINISTIC AND STOCHASTIC CYBER-RISK METRICS 36
- 1.2 STATISTICAL RISK ANALYSIS 37
  - 1.2.1 Introduction to Statistical Hypotheses 37
  - 1.2.2 Decision Rules 38
  - 1.2.3 One-Tailed Tests 39
  - 1.2.4 Two-Tailed Tests 39

Title Page 6
Copyright Page 7
Contents 10
PROLOGUE 17
REVIEWS 18
PREFACE 24
ACKNOWLEDGMENTS AND DEDICATION 32
ABOUT THE AUTHOR 34
CHAPTER 1 METRICS, STATISTICAL QUALITY CONTROL, AND BASIC RELIABILITY IN CYBER-RISK 36
- 1.1 DETERMINISTIC AND STOCHASTIC CYBER-RISK METRICS 36
- 1.2 STATISTICAL RISK ANALYSIS 37
  - 1.2.1 Introduction to Statistical Hypotheses 37
  - 1.2.2 Decision Rules 38
  - 1.2.3 One-Tailed Tests 39
  - 1.2.4 Two-Tailed Tests 39
  - 1.2.5 Decision Errors 41
  - 1.2.6 Applications to One-Tailed Tests Associated with Both Type I and Type II Errors 42
  - 1.2.7 Applications to Two-Tailed Tests (Normal Distribution Assumption) 46
- 1.3 ACCEPTANCE SAMPLING IN QUALITY CONTROL 51
  - 1.3.2 Definition of an Acceptance Sampling Plan 51
  - 1.3.3 The OC Curve 51
  - 1.3.1 Introduction 51
- 1.4 POISSON AND NORMAL APPROXIMATION TO BINOMIAL IN QUALITY CONTROL 54
  - 1.4.1 Approximations to Binomial Distribution 54
  - 1.4.2 Approximation of Binomial to Poisson Distribution 54
  - 1.4.3 Approximation to Normal Distribution 55
  - 1.4.4 Comparisons of Normal and Poisson Approximations to the Binomial 56
- 1.5 BASIC STATISTICAL RELIABILITY CONCEPTS AND MC SIMULATORS 56
  - 1.5.1 Fundamental Equations for Reliability, Hazard, and Statistical Notions 58
  - 1.5.2 Fundamentals for Reliability Block Diagramming and Redundancy 62
  - 1.5.3 Solving Basic Reliability Questions by Using Student-Friendly Pedagogical Examples 65
  - 1.5.4 MC Simulators for Commonly Used Distributions in Reliability 82
- 1.7 EXERCISES 87
- 1.6 DISCUSSIONS AND CONCLUSION 87
- References 95
CHAPTER 2 COMPLEX NETWORK RELIABILITY EVALUATION AND ESTIMATION IN CYBER-RISK 96
- 2.1 INTRODUCTION 96
- 2.2 OVERLAP TECHNIQUE TO CALCULATE COMPLEX NETWORK RELIABILITY 97
  - 2.2.1 Network State Enumeration and Example 1 98
  - 2.2.2 Generating Minimal Paths and Example 2 99
  - 2.2.3 Overlap Method Algorithmic Rules and Example 3 103
- 2.3 THE OVERLAP METHOD: MONTE CARLO AND DISCRETE EVENT SIMULATION 105
- 2.4 MULTISTATE SYSTEM RELIABILITY EVALUATION 106
  - 2.4.2 Active Parallel System 108
  - 2.4.1 Simple Series System with Single Derated States 108
  - 2.4.3 Simple Series–Parallel System 109
  - 2.4.4 A Simple Series–Parallel System with Multistate Components 110
  - 2.4.5 A Combined System: Power Plant Example 111
  - 2.4.6 Large Network Examples Using Multistate Overlap Technique 112
- 2.5 WEIBULL TIME DISTRIBUTED RELIABILITY EVALUATION 113
  - 2.5.1 Motivation behind Weibull Probability Modeling 113
  - 2.5.2 Weibull Parameter Estimation Methodology 114
  - 2.5.3 Overlap Algorithm Applied to Weibull Distributed Components 115
  - 2.5.4 Estimating Weibull Parameters 115
  - 2.5.5 Fifty-Two-Node Weibull Example for Estimating Weibull Parameters 120
  - 2.5.6 A Weibull Network Example from an Oil Rig System 125
- 2.6 DISCUSSIONS AND CONCLUSION 125
- Appendix 2.A OVERLAP ALGORITHM AND EXAMPLE 128
  - 2.A.1 Algorithm 128
  - 2.A.2 Example 130
- 2.7 EXERCISES 136
- References 138
CHAPTER 3 STOPPING RULES FOR RELIABILITY AND SECURITY TESTS IN CYBER-RISK 140
- 3.1 INTRODUCTION 140
- 3.2 METHODS 142
  - 3.2.1 LGM by Verhulst 143
  - 3.2.2 Compound Poisson Model 145
- 3.3 EXAMPLES MERGING BOTH STOPPING RULES: LGM AND CPM 149
  - 3.3.1 The DR5 Data Set Example 149
  - 3.3.2 The DR4 Data Set Example 153
  - 3.3.3 The Supercomputing CLOUD Historical Failure Data—Case Study 154
  - 3.3.4 Appendix for Section 3.3 156
- 3.4 STOPPING RULE FOR TESTING IN THE TIME DOMAIN 166
  - 3.4.1 Review of Compound Poisson Process and Stopping Rule 166
  - 3.4.2 Empirical Bayes Analysis for the Poisson^Geometric Stopping Rule 167
  - 3.4.3 Howden’s Model for Stopping Rule 170
  - 3.4.4 Computational Example for Stopping-Rule Algorithm in Time Domain 171
- 3.5 DISCUSSIONS AND CONCLUSION 174
- 3.6 EXERCISES 178
- REFERENCES 179
CHAPTER 4 SECURITY ASSESSMENT AND MANAGEMENT IN CYBER-RISK 182
- 4.1 INTRODUCTION 182
  - 4.1.1 What Other Scoring Methods Are Available? 183
- 4.2 SECURITY METER (SM) MODEL DESIGN 187
- 4.3 VERIFICATION OF THE PROBABILISTIC SECURITY METER (SM) METHOD BY MONTE CARLO SIMULATION AND MATH-STATISTICAL TRIPLE-PRODUCT R 189
  - 4.3.1 The Triple-Product Rule of Uniforms 191
  - 4.3.2 Data Analysis on the Total Residual Risk of the Security Meter Design 193
  - 4.3.3 Triple-Product Rule Discussions 204
- 4.4 MODIFYING THE SM QUANTITATIVE MODEL FOR CATEGORICAL, HYBRID, AND NONDISJOINT DATA 205
- 4.5 MAINTENANCE PRIORITY DETERMINATION FOR 3 × 3 × 2 SM 213
- 4.6 PRIVACY METER (PM): HOW TO QUANTIFY PRIVACY BREACH 218
  - 4.6.1 Methodology 219
  - 4.6.2 Privacy Risk-Meter Assessment and Management Examples 220
- 4.7 POLISH DECODING (DECOMPRESSION) ALGORITHM 222
- 4.8 DISCUSSIONS AND CONCLUSION 224
- 4.9 EXERCISES 225
- References 234
CHAPTER 5 GAME-THEORETIC COMPUTING IN CYBER-RISK 236
- 5.1 HISTORICAL PERSPECTIVE TO GAME THEORY’S ORIGINS 236
- 5.2 APPLICATIONS OF GAME THEORY TO CYBER-SECURITY RISK 238
- 5.3 INTUITIVE BACKGROUND: CONCEPTS, DEFINITIONS, AND NOMENCLATURE 239
  - 5.3.1 A Price War Example 240
- 5.4 RANDOM SELECTION FOR NASH MIXED STRATEGY 243
  - 5.4.1 Random Probabilistic Selection 243
  - 5.4.2 Does Nash Equilibrium (NE) Exist for the Company A/B Problem in Table 5.1? 244
  - 5.4.3 An Example: Matching Pennies 245
  - 5.4.4 Another Game: The Prisoner’s Dilemma 245
  - 5.4.5 Games with Multiple NE (Terrorist Game: Bold Strategy Result in Domination) 246
- 5.5 ADVERSARIAL RISK ANALYSIS MODELS BY BANKS, RIOS, AND RIOS 248
- 5.6 AN ALTERNATIVE MODEL: SAHINOGLU’S SECURITY METER FOR NEUMANN AND NASH MIXED STRATEGY 250
- 5.7 OTHER INTERDISCIPLINARY APPLICATIONS OF RISK METERS 255
- 5.8 MIXED STRATEGY FOR RISK ASSESSMENT AND MANAGEMENT- UNIVERSITY SERVER AND SOCIAL NETWORK EXAMPLES 256
  - 5.8.1 University Server’s Security Risk-Meter Example 256
  - 5.8.2 Social Networks’ Privacy and Security Risk-Meter (RM) Example 257
  - 5.8.3 Clarification of Risk Assessment and Management Algorithm for Social Networks 259
- 5.9 APPLICATION TO HOSPITAL HEALTHCARE SERVICE RISK 261
- 5.10 APPLICATION TO ENVIRONMETRICS AND ECOLOGY RISK 264
- 5.11 APPLICATION TO DIGITAL FORENSICS SECURITY RISK 269
- 5.12 APPLICATION TO BUSINESS CONTRACTING RISK 274
- 5.13 APPLICATION TO NATIONAL CYBERSECURITY RISK 280
- 5.14 APPLICATION TO AIRPORT SERVICE QUALITY RISK 288
- 5.15 APPLICATION TO OFFSHORE OIL-DRILLING SPILL AND SECURITY RISK 292
- 5.16 DISCUSSIONS AND CONCLUSION 299
- 5.17 EXERCISES 301
- REFERENCES 306
CHAPTER 6 MODELING AND SIMULATION IN CYBER-RISK 312
- 6.1 INTRODUCTION AND A BRIEF HISTORY TO SIMULATION 312
- 6.2 GENERIC THEORY: CASE STUDIES ON GOODNESS OF FIT FOR UNIFORM NUMBERS 313
- 6.3 WHY CRUCIAL TO MANUFACTURING AND CYBER DEFENSE 314
- 6.4 A CROSS SECTION OF MODELING AND SIMULATION IN MANUFACTURING INDUSTRY 315
  - 6.4.1 Modeling and Simulation of Multistate Production Units and Systems in Manufacturing 316
  - 6.4.2 Two-State SL Probability Model of Units with Closed-Form Solution 318
  - 6.4.3 Extended Three-State SL Probability Model of UP–DOWN–DERATED Units with MC Simulation 319
  - 6.4.4 Statistical Simulation of Three-State Units to Estimate the Density of UP–DOWN–DER 324
  - 6.4.5 How to Generate Random Numbers from SL pdf to Simulate Component and System Behavior 331
  - 6.4.6 Example of SL Simulation for Modeling Network of 2-in-Simple-Series Two-State (UP-DN) Units 332
  - 6.4.7 Example of SL Simulation for Modeling a Network of 7-in-Complex-Topology Two-State (UP–DN) Units 335
- 6.5 A Review of Modeling and Simulation in Cyber-Security 336
  - 6.5.1 MC Value-at-Risk Approach by Kim et al. in CLOUD Computing 336
  - 6.5.2 MC and DES in Security Meter (SM) Risk Model 337
- 6.6 Application of Queuing Theory and MULTICHANNEL Simulation to Cyber‐Security 341
  - 6.6.1 Example 1: One Recovery-Crew Case for Cyber-Security Queuing Simulation 341
  - 6.6.2 Example 2: Two Recovery-Crew Case for Cyber-Security Queuing Simulation 343
- 6.7 Discussions and Conclusion 343
- Appendix 6.A 346
- 6.8 EXERCISES 350
- References 370
CHAPTER 7 CLOUD COMPUTING IN CYBER-RISK 374
- 7.1 INTRODUCTION AND MOTIVATION 374
- 7.2 CLOUD COMPUTING RISK ASSESSMENT 377
- 7.3 MOTIVATION AND METHODOLOGY 378
  - 7.3.1 History of Theoretical Developments on CLOUD Modeling 378
  - 7.3.3 Objectives 379
  - 7.3.2 Notation 379
  - 7.3.4 Frequency and Duration Method for the Loss of Load or Service 380
  - 7.3.5 NBD as a Compound Poisson Model 381
  - 7.3.6 NBD for the Loss of Load or Loss of CLOUD Service Expected 383
- 7.4 VARIOUS APPLICATIONS TO CYBER SYSTEMS 384
  - 7.4.1 Small Sample Experimental Systems 384
  - 7.4.2 Large Cyber Systems 388
- 7.5 LARGE CYBER SYSTEMS USING STATISTICAL METHODS 392
- 7.6 REPAIR CREW AND PRODUCT RESERVE PLANNING TO MANAGE RISK COST EFFECTIVELY USING CYBERRISKSOLVER CLOUD MANAGEMENT JAVA TOOL 394
  - 7.6.1 CLOUD Resource Management Planning for Employment of Repair Crews 395
  - 7.6.2 CLOUD Resource Management Planning by Production Deployment 400
- 7.7 REMARKS FOR “PHYSICAL CLOUD” EMPLOYING PHYSICAL PRODUCTS (SERVERS, GENERATORS, COMMUNICATION TOWERS, ETC.) 403
- 7.8 APPLICATIONS TO “SOCIAL (HUMAN RESOURCES) CLOUD” 407
  - 7.8.1 Numerical Example for Social CLOUD (200 Employees Performing) 411
  - 7.8.2 Input Wizard Example for Social CLOUD (200 Employees Performing) 414
- 7.9 STOCHASTIC CLOUD SYSTEM SIMULATION 414
  - 7.9.1 Introduction and Methodology 416
  - 7.9.2 Numerical Applications for SS to Verify Non-SS 420
  - 7.9.3 Details of Probability Distributions Used in Stochastic Simulation 422
  - 7.9.4 Varying Product Repair and Failure Date with Empirical Bayesian Posterior Gamma Approach 428
  - 7.9.5 Varying Link Repair and Failure Using Gamma Distribution 428
  - 7.9.6 SS Applied to a Power or Cyber Grid 429
  - 7.9.7 Error Checking or Flagging 431
- 7.10 CLOUD RISK METER ANALYSIS 432
  - 7.10.1 Risk Assessment and Management Clarifications for Figures 7.72 and 7.73 437
- 7.11 DISCUSSIONS AND CONCLUSION 440
- 7.12 EXERCISES 442
- REFERENCES 451
CHAPTER 8 SOFTWARE RELIABILITY MODELING AND METRICS IN CYBER-RISK 456
- 8.1 INTRODUCTION, MOTIVATION, AND METHODOLOGY 456
- 8.2 HISTORY AND CLASSIFICATION OF SOFTWARE RELIABILITY MODELS 457
  - 8.2.2 Failure-Counting Models 457
  - 8.2.1 Time-between-Failures Models 457
  - 8.2.3 Bayesian Model 458
  - 8.2.4 Static (Nondynamic) Models 458
  - 8.2.5 Others 459
- 8.3 SOFTWARE RELIABILITY MODELS IN TIME DOMAIN 459
- 8.4 SOFTWARE RELIABILITY GROWTH MODELS 460
  - 8.4.1 Negative Exponential Class of Failure Times 460
  - 8.4.2 J–M De-eutrophication Model (Binomial Type) 460
  - 8.4.3 Moranda’s Geometric Model (Poisson Type) 461
  - 8.4.4 Goel–Okumoto Nonhomogeneous Poisson Process (Poisson Type) 462
  - 8.4.5 Musa’s Basic Execution Time Model (Poisson Type) 463
  - 8.4.6 Musa–Okumoto Logarithmic Poisson Execution Time Model (Poisson Type) 464
  - 8.4.7 L–V Bayesian Model 466
  - 8.4.8 Sahinoglu’s Compound Poisson^Geometric and Poisson^Logarithmic Series Models 468
  - 8.4.9 Gamma, Weibull, and Other Classes of Failure Times 470
  - 8.4.10 Duane Model (Poisson Type) 474
- 8.5 NUMERICAL EXAMPLES USING PEDAGOGUES 475
  - 8.5.1 Example 1 475
  - 8.5.2 Example 2 476
- 8.6 RECENT TRENDS IN SOFTWARE RELIABILITY 476
- 8.7 DISCUSSIONS AND CONCLUSION 477
- 8.8 EXERCISES 479
- REFERENCES 480
CHAPTER 9 METRICS FOR SOFTWARE RELIABILITY FAILURE-COUNT MODELS IN CYBER-RISK 486
- 9.1 INTRODUCTION AND METHODOLOGY ON FAILURE-COUNT ESTIMATION IN SOFTWARE RELIABILITY 486
  - 9.1.1 Statistical Estimation Models, Computational Formulas, and Examples 487
  - 9.1.2 Interpretations of Numerical Examples and Discussions 499
- 9.2 PREDICTIVE ACCURACY TO COMPARE FAILURE-COUNT MODELS 501
  - 9.2.1 Classical Distribution Approach 503
  - 9.2.2 Prior Distribution Approach 504
  - 9.2.3 Applications to Data Sets and Comparisons 507
- 9.3 DISCUSSIONS AND CONCLUSION 508
- Appendix 9.A 512
- 9.4 EXERCISES 513
- REFERENCES 517
CHAPTER 10 PRACTICAL HANDS-ON LAB TOPICS IN CYBER-RISK 518
- 10.1 SYSTEM HARDENING 518
  - 10.1.1 General 518
  - 10.1.2 Windows Servers 519
  - 10.1.3 Wireless 519
  - 10.1.4 Firewalls, Routers, and Switches 520
- 10.2 EMAIL SECURITY 521
  - 10.2.2 Emotion Responses 521
  - 10.2.1 Identifying Fake Emails 521
- 10.3 MS-DOS COMMANDS 522
  - 10.3.1 Mapping Intel 523
- 10.4 LOGGING 527
  - 10.4.1 Policy 528
  - 10.4.2 Understanding Logs 529
- 10.5 FIREWALL 530
  - 10.5.1 Traditional Firewalls 530
  - 10.5.2 NGFs 531
  - 10.5.3 Host-Based Firewalls 531
- 10.6 WIRELESS NETWORKS 531
- 10.7 DISCUSSIONS AND CONCLUSION 534
- 10.8 EXERCISES 536
  - 10.8.1 System Hardening 536
  - 10.8.2 Email 536
  - 10.8.3 MS-DOS 537
  - 10.8.4 Logging 538
  - 10.8.5 Firewall 538
  - 10.8.7 Comprehensive Exercises 540
  - 10.8.6 Wireless 540
  - 10.8.8 Cryptology Projects 542
- REFERENCES 544
WHAT THE CYBER-RISK INFORMATICS TEXTBOOK AND THE AUTHOR ARE ABOUT? 546
Index 548
EULA 563

Pokaż więcej

Engineering Evaluation with Data Science

Opis

Spis treści

Recenzje (0)