Available:*
Library | Item Barcode | Call Number | Material Type | Item Category 1 | Status |
---|---|---|---|---|---|
Searching... | 30000010343456 | QA76.9.A25 S246 2016 | Open Access Book | Book | Searching... |
Searching... | 33000000002382 | QA76.9.A25 S246 2016 | Open Access Book | Book | Searching... |
On Order
Summary
Summary
This book provides a scientific modeling approach for conducting metrics-based quantitative risk assessments of cybersecurity vulnerabilities and threats.
This book provides a scientific modeling approach for conducting metrics-based quantitative risk assessments of cybersecurity threats. The author builds from a common understanding based on previous class-tested works to introduce the reader to the current and newly innovative approaches to address the maliciously-by-human-created (rather than by-chance-occurring) vulnerability and threat, and related cost-effective management to mitigate such risk. This book is purely statistical data-oriented (not deterministic) and employs computationally intensive techniques, such as Monte Carlo and Discrete Event Simulation. The enriched JAVA ready-to-go applications and solutions to exercises provided by the author at the book's specifically preserved website will enable readers to utilize the course related problems.
* Enables the reader to use the book's website's applications to implement and see results, and use them making 'budgetary' sense
* Utilizes a data analytical approach and provides clear entry points for readers of varying skill sets and backgrounds
* Developed out of necessity from real in-class experience while teaching advanced undergraduate and graduate courses by the author
Cyber-Risk Informatics is a resource for undergraduate students, graduate students, and practitioners in the field of Risk Assessment and Management regarding Security and Reliability Modeling.
Mehmet Sahinoglu, a Professor (1990) Emeritus (2000), is the founder of the Informatics Institute (2009) and its SACS-accredited (2010) and NSA-certified (2013) flagship Cybersystems and Information Security (CSIS) graduate program (the first such full degree in-class program in Southeastern USA) at AUM, Auburn University's metropolitan campus in Montgomery, Alabama. He is a fellow member of the SDPS Society, a senior member of the IEEE, and an elected member of ISI. Sahinoglu is the recipient of Microsoft's Trustworthy Computing Curriculum (TCC) award and the author of Trustworthy Computing (Wiley, 2007).
Author Notes
Mehmet Sahinoglu, a Professor (1990) Emeritus (2000), is the founder of the Informatics Institute (2009) and its SACS-accredited (2010) and NSA-certified (2013) flagship Cybersystems and Information Security (CSIS) graduate program (the first such full degree in-class program in Southeastern USA) at AUM, Auburn University's metropolitan campus in Montgomery, Alabama. He is a fellow member of the SDPS Society, a senior member of the IEEE, and an elected member of ISI. Sahinoglu is the recipient of Microsoft's Trustworthy Computing Curriculum (TCC) award and the author of Trustworthy Computing (Wiley, 2007).
Table of Contents
Prologue | p. xiv |
Reviews | p. xv |
Preface | p. xxi |
Acknowledgments and Dedication | p. xxix |
About the Author | p. xxxi |
1 Metrics, Statistical Quality Control, and Basic Reliability in Cyber-Risk | p. 1 |
1.1 Deterministic and Stochastic Cyber-Risk Metrics | p. 1 |
1.2 Statistical Risk Analysis | p. 2 |
1.2.1 Introduction to Statistical Hypotheses | p. 2 |
1.2.2 Decision Rules | p. 3 |
1.2.3 One-Tailed Tests | p. 4 |
1.2.4 Two-Tailed Tests | p. 4 |
1.2.5 Decision Errors | p. 6 |
1.2.6 Applications to One-Tailed Tests Associated with Both Type I and Type II Errors | p. 7 |
1.2.7 Applications to Two-Tailed Tests (Normal Distribution Assumption) | p. 11 |
1.3 Acceptance Sampling in Quality Control | p. 16 |
1.3.1 Introduction | p. 16 |
1.3.2 Definition of an Acceptance Sampling Plan | p. 16 |
1.3.3 The OC Curve | p. 16 |
1.4 Poisson and Normal Approximation to Binomial in Quality Control | p. 19 |
1.4.1 Approximations to Binomial Distribution | p. 19 |
1.4.2 Approximation of Binomial to Poisson Distribution | p. 19 |
1.4.3 Approximation to Normal Distribution | p. 20 |
1.4.4 Comparisons of Normal and Poisson Approximations to the Binomial | p. 21 |
1.5 Basic Statistical Reliability Concepts and MC Simulators | p. 21 |
1.5.1 Fundamental Equations for Reliability, Hazard, and Statistical Notions | p. 23 |
1.5.2 Fundamentals for Reliability Block Diagramming and Redundancy | p. 27 |
1.5.3 Solving Basic Reliability Questions by Using Student-Friendly Pedagogical Examples | p. 30 |
1.5.4 MC Simulators for Commonly Used Distributions in Reliability | p. 47 |
1.6 Discussions and Conclusion | p. 52 |
1.7 Exercises | p. 52 |
References | p. 60 |
2 Complex Network Reliability Evaluation and Estimation in Cyber-Risk | p. 61 |
2.1 Introduction | p. 61 |
2.2 Overlap Technique to Calculate Complex Network Reliability | p. 62 |
2.2.1 Network State Enumeration and Example 1 | p. 63 |
2.2.2 Generating Minimal Paths and Example 2 | p. 64 |
2.2.3 Overlap Method Algorithmic Rules and Example 3 | p. 68 |
2.3 The Overlap Method: Monte Carlo and Discrete Event Simulation | p. 70 |
2.4 Multistate System Reliability Evaluation | p. 71 |
2.4.1 Simple Series System with Single Derated States | p. 73 |
2.4.2 Active Parallel System | p. 73 |
2.4.3 Simple Series-Parallel System | p. 74 |
2.4.4 A Simple Series-Parallel System with Multistate Components | p. 75 |
2.4.5 A Combined System: Power Plant Example | p. 76 |
2.4.6 Large Network Examples Using Multistate Overlap Technique | p. 77 |
2.5 Weibull Time Distributed Reliability Evaluation | p. 78 |
2.5.1 Motivation behind Weibull Probability Modeling | p. 78 |
2.5.2 Weibull Parameter Estimation Methodology | p. 79 |
2.5.3 Overlap Algorithm Applied to Weibull Distributed Components | p. 80 |
2.5.4 Estimating Weibull Parameters | p. 80 |
2.5.5 Fifty-Two-Node Weibull Example for Estimating Weibull Parameters | p. 85 |
2.5.6 A Weibull Network Example from an Oil Rig System | p. 90 |
2.6 Discussions and Conclusion | p. 90 |
Appendix 2.A Overlap Algorithm and Example | p. 93 |
2.A.1 Algorithm | p. 93 |
2.A.2 Example | p. 95 |
2.7 Exercises | p. 101 |
References | p. 103 |
3 Stopping Rules for Reliability and Security Tests in Cyber-Risk | p. 105 |
3.1 Introduction | p. 105 |
3.2 Methods | p. 107 |
3.2.1 LGM by Verhulst | p. 108 |
3.2.2 Compound Poisson Model | p. 110 |
3.3 Examples Merging Both Stopping Rules: LGM and CPM | p. 114 |
3.3.1 The DR5 Data Set Example | p. 114 |
3.3.2 The DR4 Data Set Example | p. 118 |
3.3.3 The Supercomputing CLOUD Historical Failure Data-Case Study | p. 119 |
3.3.4 Appendix for Section 3.3 | p. 121 |
3.4 Stopping Rule for Testing in the Time Domain | p. 131 |
3.4.1 Review of Compound Poisson Process and Stopping Rule | p. 131 |
3.4.2 Empirical Bayes Analysis for the Poisson Geometric Stopping Rule | p. 132 |
3.4.3 Howden's Model for Stopping Rule | p. 135 |
3.4.4 Computational Example for Stopping-Rule Algorithm in Time Domain | p. 136 |
3.5 Discussions and Conclusion | p. 139 |
3.6 Exercises 143 References | p. 144 |
4 Security Assessment and Management in Cyber-Risk | p. 147 |
4.1 Introduction | p. 147 |
4.1.1 What Other Scoring Methods Are Available? | p. 148 |
4.2 Security Meter (SM) Model Design | p. 152 |
4.3 Verification of the Probabilistic Security Meter (SM) Method by Monte Carlo Simulation and Math-Statistical Triple-Product Rule | p. 154 |
4.3.1 The Triple-Product Rule of Uniforms | p. 156 |
4.3.2 Data Analysis on the Total Residual Risk of the Security Meter Design | p. 158 |
4.3.3 Triple-Product Rule Discussions | p. 169 |
4.4 Modifying the SM Quantitative Model for Categorical, Hybrid, and Nondisjoint Data | p. 170 |
4.5 Maintenance Priority Determination for 3 × 3 × 2 SM | p. 178 |
4.6 Privacy Meter (PM): How to Quantify Privacy Breach | p. 183 |
4.6.1 Methodology | p. 184 |
4.6.2 Privacy Risk-Meter Assessment and Management Examples | p. 185 |
4.7 Polish Decoding (Decompression) Algorithm | p. 187 |
4.8 Discussions and Conclusion | p. 189 |
4.9 Exercises 190 References | p. 199 |
5 Game-Theoretic Computing in Cyber-Risk | p. 201 |
5.1 Historical Perspective to Game Theory's Origins | p. 201 |
5.2 Applications of Game Theory to Cyber-Security Risk | p. 203 |
5.3 Intuitive Background: Concepts, Definitions, and Nomenclature | p. 204 |
5.3.1 A Price War Example | p. 205 |
5.4 Random Selection for Nash Mixed Strategy | p. 208 |
5.4.1 Random Probabilistic Selection | p. 208 |
5.4.2 Does Nash Equilibrium (NE) Exist for the Company A/B Problem in Table 5.1? | p. 209 |
5.4.3 An Example: Matching Pennies | p. 210 |
5.4.4 Another Game: The Prisoner's Dilemma | p. 210 |
5.4.5 Games with Multiple NE (Terrorist Game: Bold Strategy Result in Domination) | p. 211 |
5.5 Adversarial Risk Analysis Models by Banks, Rios, and Rios | p. 213 |
5.6 An Alternative Model: Sahinoglu's Security Meter for Neumann and Nash Mixed Strategy | p. 215 |
5.7 Other Interdisciplinary Applications of Risk Meters | p. 220 |
5.8 Mixed Strategy for Risk Assessment and Management-University Server and Social Network Examples | p. 221 |
5.8.1 University Server's Security Risk-Meter Example | p. 221 |
5.8.2 Social Networks' Privacy and Security Risk-Meter (RM) Example | p. 222 |
5.8.3 Clarification of Risk Assessment and Management Algorithm for Social Networks | p. 224 |
5.9 Application to Hospital Healthcare Service Risk | p. 226 |
5.10 Application to Environmetrics and Ecology Risk | p. 229 |
5.11 Application to Digital Forensics Security Risk | p. 234 |
5.12 Application to Business Contracting Risk | p. 239 |
5.13 Application to National Cyber security Risk | p. 245 |
5.14 Application to Airport Service Quality Risk | p. 253 |
5.15 Application to Offshore Oil-Drilling Spill and Security Risk | p. 257 |
5.16 Discussions and Conclusion | p. 264 |
5.17 Exercises | p. 266 |
References | p. 271 |
6 Modeling and Simulation in Cyber-Risk | p. 277 |
6.1 Introduction and a Brief History to Simulation | p. 277 |
6.2 Generic Theory: Case Studies on Goodness of Fit for Uniform Numbers | p. 278 |
6.3 Why Crucial to Manufacturing and Cyber Defense | p. 279 |
6.4 A Cross Section of Modeling and Simulation in Manufacturing Industry | p. 280 |
6.4.1 Modeling and Simulation of Multistate Production Units and Systems in Manufacturing | p. 281 |
6.4.2 Two-State SL Probability Model of Units with Closed-Form Solution | p. 283 |
6.4.3 Extended Three-State SL Probability Model of UP-DOWN-DERATED Units with MC Simulation | p. 284 |
6.4.4 Statistical Simulation of Three-State Units to Estimate the Density of UP-DOWN-DER | p. 289 |
6.4.5 How to Generate Random Numbers from SL pdf to Simulate Component and System Behavior | p. 296 |
6.4.6 Example of SL Simulation for Modeling Network of 2-in-SimpIe-Series Two-State (UP-DN) Units | p. 297 |
6.4.7 Example of SL Simulation for Modeling a Network of 7-in-CompIex-Topology Two-State (UP-DN) Units | p. 300 |
6.5 A Review of Modeling and Simulation in Cyber-Security | p. 301 |
6.5.1 MC Value-at-Risk Approach by Kim et al. in CLOUD Computing | p. 301 |
6.5.2 MC and DES in Security Meter (SM) Risk Model | p. 302 |
6.6 Application of Queuing Theory and Multichannel Simulation to Cyber-Security | p. 306 |
6.6.1 Example 1: One Recovery-Crew Case for Cyber-Security Queuing Simulation | p. 306 |
6.6.2 Example 2: Two Recovery-Crew Case for Cyber-Security Queuing Simulation | p. 308 |
6.7 Discussions and Conclusion | p. 308 |
Appendix 6.A p. 311 | |
6.8 Exercises | p. 315 |
References | p. 335 |
7 CLOUD Computing in Cyber-Risk | p. 339 |
7.1 Introduction and Motivation | p. 339 |
7.2 CLOUD Computing Risk Assessment | p. 342 |
7.3 Motivation and Methodology | p. 343 |
7.3.1 History of Theoretical Developments on CLOUD Modeling | p. 343 |
7.3.2 Notation | p. 344 |
7.3.3 Objectives | p. 344 |
7.3.4 Frequency and Duration Method for the Loss of Load or Service | p. 345 |
7.3.5 NBD as a Compound Poisson Model | p. 346 |
7.3.6 NBD for the Loss of Load or Loss of CLOUD Service Expected | p. 348 |
7.4 Various Applications to Cyber Systems | p. 349 |
7.4.1 Small Sample Experimental Systems | p. 349 |
7.4.2 Large Cyber Systems | p. 353 |
7.5 Large Cyber Systems Using Statistical Methods | p. 357 |
7.6 Repair Crew and Product Reserve Planning to Manage Risk Cost Effectively Using Cyberrisksolver CLOUD Management Java Tool | p. 359 |
7.6.1 CLOUD Resource Management Planning for Employment of Repair Crews | p. 360 |
7.6.2 CLOUD Resource Management Planning by Production Deployment | p. 365 |
7.7 Remarks for "Physical CLOUD" Employing Physical Products (Servers, Generators, Communication Towers, Etc.) | p. 368 |
7.8 Applications to "Social (Human Resources) CLOUD" | p. 372 |
7.8.1 Numerical Example for Social CLOUD (200 Employees Performing) | p. 376 |
7.8.2 Input Wizard Example for Social CLOUD (200 Employees Performing) | p. 379 |
7.9 Stochastic CLOUD System Simulation | p. 379 |
7.9.1 Introduction and Methodology | p. 381 |
7.9.2 Numerical Applications for SS to Verify Non-SS | p. 385 |
7.9.3 Details of Probability Distributions Used in Stochastic Simulation | p. 387 |
7.9.4 Varying Product Repair and Failure Date with Empirical Bayesian Posterior Gamma Approach | p. 393 |
7.9.5 Varying Link Repair and Failure Using Gamma Distribution | p. 393 |
7.9.6 SS Applied to a Power or Cyber Grid | p. 394 |
7.9.7 Error Checking or Flagging | p. 396 |
7.10 CLOUD Risk Meter Analysis | p. 397 |
7.10.1 Risk Assessment and Management Clarifications for Figures 7.72 and 7.73 | p. 402 |
7.11 Discussions and Conclusion | p. 405 |
7.12 Exercises | p. 407 |
References | p. 416 |
8 Software Reliability Modeling and Metrics In Cyber-Risk | p. 421 |
8.1 Introduction, Motivation, and Methodology | p. 421 |
8.2 History and Classification of Software Reliability Models | p. 422 |
8.2.1 Time-between-Failures Models | p. 422 |
8.2.2 Failure-Counting Models | p. 422 |
8.2.3 Bayesian Model | p. 423 |
8.2.4 Static (Nondynamic) Models | p. 423 |
8.2.5 Others | p. 424 |
8.3 Software Reliability Models in Time Domain | p. 424 |
8.4 Software Reliability Growth Models | p. 425 |
8.4.1 Negative Exponential Class of Failure Times | p. 425 |
8.4.2 J-M De-eutrophication Model (Binomial Type) | p. 425 |
8.4.3 Moranda's Geometric Model (Poisson Type) | p. 426 |
8.4.4 Goel-Okumoto Nonhomogeneous Poisson Process (Poisson Type) | p. 427 |
8.4.5 Musa's Basic Execution Time Model (Poisson Type) | p. 428 |
8.4.6 Musa-Okumoto Logarithmic Poisson Execution Time Model (Poisson Type) | p. 429 |
8.4.7 L-V Bayesian Model | p. 431 |
8.4.8 Sahinoglu's Compound Poisson∧Geometric and Poisson∧Logarithmic Series Models | p. 433 |
8.4.9 Gamma, Weibull, and Other Classes of Failure Times | p. 435 |
8.4.10 Duane Model (Poisson Type) | p. 439 |
8.5 Numerical Examples Using Pedagogues | p. 440 |
8.5.1 Example 1 | p. 440 |
8.5.2 Example 2 | p. 441 |
8.6 Recent Trends in Software Reliability | p. 441 |
8.7 Discussions and Conclusion | p. 442 |
8.8 Exercises | p. 444 |
References | p. 445 |
9 Metrics for Software Reliability Failure-Count Models in Cyber-Risk | p. 451 |
9.1 Introduction and Methodology on Failure-Count Estimation in Software Reliability | p. 451 |
9.1.1 Statistical Estimation Models, Computational Formulas, and Examples | p. 452 |
9.1.2 Interpretations of Numerical Examples and Discussions | p. 464 |
9.2 Predictive Accuracy to Compare Failure-Count Models | p. 466 |
9.2.1 Classical Distribution Approach | p. 468 |
9.2.2 Prior Distribution Approach | p. 469 |
9.2.3 Applications to Data Sets and Comparisons | p. 472 |
9.3 Discussions and Conclusion | p. 473 |
Appendix 9.A p. 477 | |
9.4 Exercises | p. 478 |
References | p. 482 |
10 Practical Hands-On Lab Topics in Cyber-Risk | p. 483 |
10.1 System Hardening | p. 483 |
10.1.1 General | p. 483 |
10.1.2 Windows Servers | p. 484 |
10.1.3 Wireless | p. 484 |
10.1.4 Firewalls, Routers, and Switches | p. 485 |
10.2 Email Security | p. 486 |
10.2.1 Identifying Fake Emails | p. 486 |
10.2.2 Emotion Responses | p. 486 |
10.3 MS-DOS Commands | p. 487 |
10.3.1 Mapping Intel | p. 488 |
10.4 Logging | p. 492 |
10.4.1 Policy | p. 493 |
10.4.2 Understanding Logs | p. 494 |
10.5 Firewall | p. 495 |
10.5.1 Traditional Firewalls | p. 495 |
10.5.2 NGFs | p. 496 |
10.5.3 Host-Based Firewalls | p. 496 |
10.6 Wireless Networks | p. 496 |
10.7 Discussions and Conclusion | p. 499 |
Appendix 10.A p. 500 | |
10.8 Exercises | p. 501 |
10.8.1 System Hardening | p. 501 |
10.8.2 Email | p. 501 |
10.8.3 MS-DOS | p. 502 |
10.8.4 Logging | p. 503 |
10.8.5 Firewall | p. 503 |
10.8.6 Wireless | p. 505 |
10.8.7 Comprehensive Exercises | p. 505 |
10.8.8 Cryptology Projects | p. 507 |
References | p. 509 |
What the Cyber-Risk Informatics Textbook and the Author are About? | p. 511 |
Index | p. 513 |