Comparing Cyber Defense Alternatives Using Rare-Event Simulation Techniques to Compute Network Risk

Vulnerabilities inherent in a cyber network can be exploited by individuals with malicious intent. Thus, machines on the network are at risk. Formally, security specialists seek to mitigate the risk of intrusion events through network reconfiguration and defense. Comparison between configuration alternatives may be difficult if an event is sufficiently rare; risk estimates may of be questionable quality making definitive inferences unattainable. Furthermore, that which constitutes a “rare” event can imply different rates of occurrence, depending on network complexity. To measure rare events efficiently without the risk of doing damage to a cyber network, special rare-event simulation techniques can be employed, such as splitting or importance sampling. In particular, importance sampling has shown promise when modeling an attacker moving through a network with intent to steal data. The importance sampling technique amplifies certain aspects of the network in order to cause a rare event to happen more frequently. Output statistics collected under these amplified conditions must then be scaled back to the context of the original network to produce meaningful results. This thesis successfully tailors the importance sampling methodology to scenarios where an attacker must search a network. Said tailoring takes the attacker’s successes and failures as well as the attacker’s targeting choices into account. The methodology is shown to be more computationally efficient and can produce higher quality estimates of risk when compared to standard simulation

Simple and Multi Risk Assessment Framework for Information Security using Process Flow Diagram

Organizations need a simple risk assessment framework to understand them. In contrast, risk analysis requires some mathematical tools to be able to estimate risk based on understanding and availability. In practice, the assets, for which the risk will be calculated, are dependent on one another, resulting in inevitable complexity. We propose a framework that addresses these three situations with a process flow diagram. Simplicity is obtained from a conceptual model based on data flow diagrams which are widely used in information system design. This conceptual model can be translated into several risk models at once: graph, Boolean algebra, Boole’s algebra, and set theory. The complexity of asset dependencies is overcome when translating the conceptual model to the risk model. Solutions were shown in case studies of information systems for COVID-19 personal protective equipment in Indonesia, which require the construction of a simple information system, support multiple risk models, and take into account asset dependencies. The multi-risk model enables implementation proofing by testing the risk models used in each other

Risk Monitoring and Intrusion Detection for Industrial Control Systems

Cyber-attacks on critical infrastructure such as electricity, gas, and water distribution, or power plants, are more and more considered to be a relevant and realistic threat to the European society. Whereas mature solutions like anti-malware applications, intrusion detection systems (IDS) and even intrusion prevention or self-healing systems have been designed for classic computer systems, these techniques have only been partially adapted to the world of Industrial Control Systems (ICS). As a consequence, organisations and nations fall back upon risk management to understand the risks that they are facing. Today's trend is to combine risk management with real-time monitoring to enable prompt reactions in case of attacks. This thesis aims at providing techniques that assist security managers in migrating from a static risk analysis to a real-time and dynamic risk monitoring platform. Risk monitoring encompasses three steps, each being addressed in detail in this thesis: the collection of risk-related information, the reporting of security events, and finally the inclusion of this real-time information into a risk analysis. The first step consists in designing agents that detect incidents in the system. In this thesis, an intrusion detection system is developed to this end, which focuses on an advanced persistent threat (APT) that particularly targets critical infrastructures. The second step copes with the translation of the obtained technical information in more abstract notions of risk, which can then be used in the context of a risk analysis. In the final step, the information collected from the various sources is correlated so as to obtain the risk faced by the entire system. Since industrial environments are characterised by many interdependencies, a dependency model is elaborated which takes dependencies into account when the risk is estimated

The missing link : fiscal sustainability analysis in South Africa

This study examined whether South African government reacted to its debt positions in a sustainable manner during the period 1999 quarter 1 to 2016 quarter 2. Estimation of the fiscal reaction function was conducted by integrating the exogenous short-run impact of monetary policy stance on both primary balance and public debt positions. The VEC model approach was applied to estimate the fiscal reaction function. Results indicate that fiscal policy in South Africa was sustainable during the respective sample period while monetary policy stance had statistically significant impacts on both primary balance and public debt positions. The significant impacts of monetary policy stance on primary balance and public debt show that monetary policy contributes to ensuring fiscal sustainability in South Africa, hence government needs to harmonize monetary efforts in managing public debt. The estimated impact of the business cycle on primary balance positions indicate that fiscal policy was countercyclical in nature.EconomicsM. Com. (Economics

Dynamic risk assessment of process operations

Process engineering systems have become increasingly complex and more vulnerable to potential accidents. The risks posed by these systems are alarming and worrisome. The operation of these complex process engineering systems requires a high level of understanding both from the operational as well as the safety perspective. This study focuses on dynamic risk assessment and management of complex process engineering systems’ operations. To reduce risk posed by process systems, there is a need to develop process accident models capable of capturing system dynamics in real-time. This thesis presents a set of predictive process accident models developed over four years. It is prepared in manuscript style and consists of nine chapters, five of which are published in peer reviewed journals. A dynamic operational risk management tool for process systems is developed, considering evolving process conditions. The obvious advantage of the developed methodologies is that it dynamically captures the real time changes occurring in the process operations. The real time risk profile provided by the methodologies developed serve as performance indicator for operational decision making. The research has made contributions on the following topics: (a) process accident model considering dependency among contributory factors, (b) dynamic safety analysis of process systems using a nonlinear and non-sequential accident model, (c) dynamic failure analysis of process systems using principal component analysis and a Bayesian network, (d) dynamic failure analysis of process systems using a neural network and (e) an integrated approach for dynamic economic risk assessment of process systems

Nephroblastoma in MRI Data

The main objective of this work is the mathematical analysis of nephroblastoma in MRI sequences. At the beginning we provide two different datasets for segmentation and classification. Based on the first dataset, we analyze the current clinical practice regarding therapy planning on the basis of annotations of a single radiologist. We can show with our benchmark that this approach is not optimal and that there may be significant differences between human annotators and even radiologists. In addition, we demonstrate that the approximation of the tumor shape currently used is too coarse granular and thus prone to errors. We address this problem and develop a method for interactive segmentation that allows an intuitive and accurate annotation of the tumor. While the first part of this thesis is mainly concerned with the segmentation of Wilms’ tumors, the second part deals with the reliability of diagnosis and the planning of the course of therapy. The second data set we compiled allows us to develop a method that dramatically improves the differential diagnosis between nephroblastoma and its precursor lesion nephroblastomatosis. Finally, we can show that even the standard MRI modality for Wilms’ tumors is sufficient to estimate the developmental tendencies of nephroblastoma under chemotherapy

Evolutionary genomics : statistical and computational methods

This open access book addresses the challenge of analyzing and understanding the evolutionary dynamics of complex biological systems at the genomic level, and elaborates on some promising strategies that would bring us closer to uncovering of the vital relationships between genotype and phenotype. After a few educational primers, the book continues with sections on sequence homology and alignment, phylogenetic methods to study genome evolution, methodologies for evaluating selective pressures on genomic sequences as well as genomic evolution in light of protein domain architecture and transposable elements, population genomics and other omics, and discussions of current bottlenecks in handling and analyzing genomic data. Written for the highly successful Methods in Molecular Biology series, chapters include the kind of detail and expert implementation advice that lead to the best results. Authoritative and comprehensive, Evolutionary Genomics: Statistical and Computational Methods, Second Edition aims to serve both novices in biology with strong statistics and computational skills, and molecular biologists with a good grasp of standard mathematical concepts, in moving this important field of study forward

Efficiently computing the likelihoods of cyclically interdependent risk scenarios

Quantitative risk assessment provides a holistic view of risk in an organisation, which is, however, often biased by the fact that risk shared by several assets is encoded multiple times in a risk analysis. An apparent solution to this issue is to take all dependencies between assets into consideration when building a risk model. However, existing approaches rarely support cyclic dependencies, although assets that mutually rely on each other are encountered in many organisations, notably in critical infrastructures. To the best of our knowledge, no author has provided a provably efficient algorithm (in terms of the execution time) for computing the risk in such an organisation, notwithstanding that some heuristics exist. This paper introduces the dependency-aware root cause (DARC) model, which is able to compute the risk resulting from a collection of root causes using a poly-time randomised algorithm, and concludes with a discussion on real-time risk monitoring, which DARC supports by design. © 2016 Elsevier Lt

Evolutionary Genomics

This open access book addresses the challenge of analyzing and understanding the evolutionary dynamics of complex biological systems at the genomic level, and elaborates on some promising strategies that would bring us closer to uncovering of the vital relationships between genotype and phenotype. After a few educational primers, the book continues with sections on sequence homology and alignment, phylogenetic methods to study genome evolution, methodologies for evaluating selective pressures on genomic sequences as well as genomic evolution in light of protein domain architecture and transposable elements, population genomics and other omics, and discussions of current bottlenecks in handling and analyzing genomic data. Written for the highly successful Methods in Molecular Biology series, chapters include the kind of detail and expert implementation advice that lead to the best results. Authoritative and comprehensive, Evolutionary Genomics: Statistical and Computational Methods, Second Edition aims to serve both novices in biology with strong statistics and computational skills, and molecular biologists with a good grasp of standard mathematical concepts, in moving this important field of study forward

Proceedings of the 2nd Conference on Production Systems and Logistics (CPSL 2021)

Proceedings of the CPSL 202