Prediction Model for Tendencies in Cybersecurity

Haavatavuste avalikustamise aegridasid on varem kasutatud mõnede väärtuste prognoosimiseks tulevikus. Kirjanduse ülevaatest selgus, et teadlased pole varem keskendunud CWE (Common Weakness Enumeration) haavatavustüüpide keskmise CVSS (Common Vulnerability Scoring System) tõsidusskoori prognoosimisele. Tarkvara riskijuhtimise analüütikute jaoks võib see olla probleem, sest haavatavuskategooriate tulevaste tõsidusskooride mitteteadmisega võivad kaasneda vähem täpsed riskitasemehinnangud. Käesoleva magistritöö raames valmib programmeerimiskeeles R loodud pakett, mis lahendab selle probleemi. Loodud rakendust kasutatakse lõpuks 2018. aasta kuukeskmiste CVSS skooride prognoosimiseks. MAE, RMSE, MAPE ja MASE arvutatakse välja 2016. ja 2017. aasta prognooside täpsuse hindamiseks, mis aitab eri mudelite vahel valida. 2018. aasta prognooside genereerimisel 34 CWE-le kaalutakse 13 tüüpi mudeleid. Punktprognooside põhjal on 2018. aastal kümne CWE tõsidusaste "Kõrge".Vulnerability disclosure time series data have been previously used to estimate some values in the future. A literature review revealed that researchers have not focused on forecasting the mean Common Vulnerability Scoring System (CVSS) severity scores of Common Weakness Enumeration (CWE) vulnerability types. This could be a problem for software risk management analysts because not knowing the vulnerability categories' upcoming severity scores could result in less accurate risk level assessments. This thesis project provides an R package that addresses the problem. It is eventually used to forecast mean monthly CVSS scores of the year 2018. MAE, RMSE, MAPE and MASE are used to evaluate the accuracy of the forecasts for the years 2016 and 2017. These measures help to choose between the models. Thirteen different types of models are considered when generating the forecasts of 2018 for a subset of 34 CWEs. According to point forecasts, ten CWEs are expected to have "High" severity in 2018

Quantitative Assessment of Water Security Using a Hydrological Modeling Framework

Water scarcity and drought are major threats to water security. Quantifying and defining boundaries between these threats are necessary to properly assess water security of a region. A comprehensive assessment of water security in terms of water scarcity, water vulnerability and drought can address water policy issues related to hydrological conditions and their interactions with societal and ecosystem functioning. Therefore, study of water security can provide useful information to multiple stakeholders. The overarching goal of this thesis is to improve water security in river basins around the world. To demonstrate our proposed methods, we selected Savannah River Basin (SRB) as a case study. In addition to water security assessment of SRB, we also explored the combined as well as individual roles of climate, anthropogenic (e.g., urbanization, agriculture, water demand) and ecological elements on various aspects of water security. Realizing the importance of water security impacts on society and ecosystem, the following objectives are formulated: 1) To investigate the blue and green water security of Savannah River Basin by applying the water footprint concept. 2) To quantify the influence of climate variability and land use change on streamflow, ecosystem services, and water scarcity. 3) To assess the climate, catchment, and morphological variables control over hydrological drought of a river basin. To summarize, the results obtained from first objective shows that our proposed modeling framework can be applied to investigate spatio-temporal pattern of blue and green water footprints as well as water security at a county scale for SRB, thereby locating the emerging hot spots within the river basin. The results obtained from second objective indicate that the land use change and climate variability have a key influence (either concomitant or independent) in altering the blue (green) water and related water security over the basin. The results based on third objective demonstrate that in addition to climate variables, catchment and morphological properties significantly control short, medium and long-term duration of hydrological droughts in SRB. An integrated modeling framework was developed to achieve these objectives and additional findings are explained in detail through the following chapters

Cybersecurity Risk Analysis of Industrial Automation Systems on the Basis of Cognitive Modeling Technology

The issues of procuring the cybersecurity of modern industrial systems and networks acquire special urgency because of imperfection of their protection tools and presence of vulnerabilities. International standards ISA/IEC 62443 offer the system risk-oriented approach to solve the tasks of providing the security of industrial control systems (ICS) at all stages of life cycle. But in view of high uncertainty and complexity of procedure of formalizing the factors affecting the final indices of system security, the problem of cybersecurity risk assessment remains open and requires applying new approaches based on the technology of data mining and cognitive modeling. Cognitive modeling of risk assessment using fuzzy grey cognitive maps (FGCM) allows us to take into account the uncertainty factor arising in the process of vulnerability probability assessment for each of security nodes. The interval estimates of FGCM connection weights can reflect the scatter of expert group opinions that allows us to take into account more completely the data available for risk analysis. The main stages of ICS security assessment with use of FGCM are analyzed in the chapter on the example of distributed industrial automation network. The recommendations concerning the choice of the necessary countermeasures improving the level of network security in the conditions of possible external and internal threats are considered

Role of brain imaging in disorders of brain-gut interaction: a Rome Working Team Report.

Imaging of the living human brain is a powerful tool to probe the interactions between brain, gut and microbiome in health and in disorders of brain-gut interactions, in particular IBS. While altered signals from the viscera contribute to clinical symptoms, the brain integrates these interoceptive signals with emotional, cognitive and memory related inputs in a non-linear fashion to produce symptoms. Tremendous progress has occurred in the development of new imaging techniques that look at structural, functional and metabolic properties of brain regions and networks. Standardisation in image acquisition and advances in computational approaches has made it possible to study large data sets of imaging studies, identify network properties and integrate them with non-imaging data. These approaches are beginning to generate brain signatures in IBS that share some features with those obtained in other often overlapping chronic pain disorders such as urological pelvic pain syndromes and vulvodynia, suggesting shared mechanisms. Despite this progress, the identification of preclinical vulnerability factors and outcome predictors has been slow. To overcome current obstacles, the creation of consortia and the generation of standardised multisite repositories for brain imaging and metadata from multisite studies are required

Comparative analysis of spring flood risk reduction measures in Alaska, United States and the Sakha Republic, Russia

Thesis (Ph.D.) University of Alaska Fairbanks, 2017River ice thaw and breakup are an annual springtime phenomena in the North. Depending on regional weather patterns and river morphology, breakups can result in catastrophic floods in exposed and vulnerable communities. Breakup flood risk is especially high in rural and remote northern communities, where flood relief and recovery are complicated by unique geographical and climatological features, and limited physical and communication infrastructure. Proactive spring flood management would significantly minimize the adverse impacts of spring floods. Proactive flood management entails flood risk reduction through advances in ice jam and flood prevention, forecasting and mitigation, and community preparedness. With the goal to identify best practices in spring flood risk reduction, I conducted a comparative case study between two flood-prone communities, Galena in Alaska, United States and Edeytsy in the Sakha Republic, Russia. Within a week from each other, Galena and Edeytsy sustained major floods in May 2013. Methods included focus groups with the representatives from flood managing agencies, surveys of families impacted by the 2013 floods, observations on site, and archival review. Comparative parameters of the study included natural and human causes of spring floods, effectiveness of spring flood mitigation and preparedness strategies, and the role of interagency communication and cooperation in flood risk reduction. The analysis revealed that spring flood risk in Galena and Edeytsy results from complex interactions among a series of natural processes and human actions that generate conditions of hazard, exposure, and vulnerability. Therefore, flood risk in Galena and Edeytsy can be reduced by managing conditions of ice-jam floods, and decreasing exposure and vulnerability of the at-risk populations. Implementing the Pressure and Release model to analyze the vulnerability progression of Edeytsy and Galena points to common root causes at the two research sites, including colonial heritage, unequal distribution of resources and power, top-down governance, and limited inclusion of local communities in the decision-making process. To construct an appropriate flood risk reduction framework it is important to establish a dialogue among the diverse stakeholders on potential solutions, arriving at a range of top-down and bottom-up initiatives and in conjunction selecting the appropriate strategies. Both communities have progressed in terms of greater awareness of the hazard, reduction in vulnerabilities, and a shift to more reliance on shelter-in-place. However, in neither community have needed improvements in levee protection been completed. Dialogue between outside authorities and the community begins earlier and is more intensive for Edeytsy, perhaps accounting for Edeytsy's more favorable rating of risk management and response than Galena's

Mobile Identity Protection: The Moderation Role of Self-Efficacy

The rapid growth of mobile applications and the associated increased dependency on digital identity raises the growing risk of identity theft and related fraud. Hence, protecting identity in a mobile environment is a problem. This study develops a model that examines the role of identity protection self-efficacy in increasing users’ motivation intentions to achieve actual mobile identity protection. Our research found that self-efficacy significantly affects the relationship between users’ perceived threat appraisal and their motivational intentions for identity protection. The relation between mobile users’ protection, motivational intentions, and actual mobile identity protection actions was also found to be significant. Additionally, the findings revealed the considerable impact of awareness in fully mediating between self-efficacy and actual identity protection. The model and its hypotheses are empirically tested through a survey of 383 mobile users, and the findings are validated through a panel of experts, thus confirming the impact of self-efficacy on an individual’s identity protection in the mobile context