Agent-based Modeling And Market Microstructure

In most modern financial markets, traders express their preferences for assets by making orders. These orders are either executed if a counterparty is willing to match them or collected in a priority queue, called a limit order book. Such markets are said to adopt an order-driven trading mechanism. A key question in this domain is to model and analyze the strategic behavior of market participants, in response to different definitions of the trading mechanism (e.g., the priority queue changed from the continuous double auctions to the frequent call market). The objective is to design financial markets where pernicious behavior is minimized.The complex dynamics of market activities are typically studied via agent-based modeling (ABM) methods, enriched by Empirical Game-Theoretic Analysis (EGTA) to compute equilibria amongst market players and highlight the market behavior (also known as market microstructure) at equilibrium. This thesis contributes to this research area by evaluating the robustness of this approach and providing results to compare existing trading mechanisms and propose more advanced designs.In Chapter 4, we investigate the equilibrium strategy profiles, including their induced market performance, and their robustness to different simulation parameters. For two mainstream trading mechanisms, continuous double auctions (CDAs) and frequent call markets (FCMs), we find that EGTA is needed for solving the game as pure strategies are not a good approximation of the equilibrium. Moreover, EGTA gives generally sound and robust solutions regarding different market and model setups, with the notable exception of agents’ risk attitudes. We also consider heterogeneous EGTA, a more realistic generalization of EGTA whereby traders can modify their strategies during the simulation, and show that fixed strategies lead to sufficiently good analyses, especially taking the computation cost into consideration.After verifying the reliability of the ABM and EGTA methods, we follow this research methodology to study the impact of two widely adopted and potentially malicious trading strategies: spoofing and submission of iceberg orders. In Chapter 5, we study the effects of spoofing attacks on CDA and FCM markets. We let one spoofer (agent playing the spoofing strategy) play with other strategic agents and demonstrate that while spoofing may be profitable in both market models, it has less impact on FCMs than on CDAs. We also explore several FCM mechanism designs to help curb this type of market manipulation even further. In Chapter 6, we study the impact of iceberg orders on the price and order flow dynamics in financial markets. We find that the volume of submitted orders significantly affects the strategy choice of the other agents and the market performance. In general, when agents observe a large volume order, they tend to speculate instead of providing liquidity. In terms of market performance, both efficiency and liquidity will be harmed. We show that while playing the iceberg-order strategy can alleviate the problem caused by the high-volume orders, submitting a large enough order and attracting speculators is better than taking the risk of having fewer trades executed with iceberg orders.We conclude from Chapters 5 and 6 that FCMs have some exciting features when compared with CDAs and focus on the design of trading mechanisms in Chapter 7. We verify that CDAs constitute fertile soil for predatory behavior and toxic order flows and that FCMs address the latency arbitrage opportunities built in those markets. This chapter studies the extent to which adaptive rules to define the length of the clearing intervals — that might move in sync with the market fundamentals — affect the performance of frequent call markets. We show that matching orders in accordance with these rules can increase efficiency and selfish traders’ surplus in a variety of market conditions. In so doing, our work paves the way for a deeper understanding of the flexibility granted by adaptive call markets

Improving Energy Efficiency and Security for Pervasive Computing Systems

Pervasive computing systems are comprised of various personal mobile devices connected by the wireless networks. Pervasive computing systems have gained soaring popularity because of the rapid proliferation of the personal mobile devices. The number of personal mobile devices increased steeply over years and will surpass world population by 2016.;However, the fast development of pervasive computing systems is facing two critical issues, energy efficiency and security assurance. Power consumption of personal mobile devices keeps increasing while the battery capacity has been hardly improved over years. at the same time, a lot of private information is stored on and transmitted from personal mobile devices, which are operating in very risky environment. as such, these devices became favorite targets of malicious attacks. Without proper solutions to address these two challenging problems, concerns will keep rising and slow down the advancement of pervasive computing systems.;We select smartphones as the representative devices in our energy study because they are popular in pervasive computing systems and their energy problem concerns users the most in comparison with other devices. We start with the analysis of the power usage pattern of internal system activities, and then identify energy bugs for improving energy efficiency. We also investigate into the external communication methods employed on smartphones, such as cellular networks and wireless LANs, to reduce energy overhead on transmissions.;As to security, we focus on implantable medical devices (IMDs) that are specialized for medical purposes. Malicious attacks on IMDs may lead to serious damages both in the cyber and physical worlds. Unlike smartphones, simply borrowing existing security solutions does not work on IMDs because of their limited resources and high requirement of accessibility. Thus, we introduce an external device to serve as the security proxy for IMDs and ensure that IMDs remain accessible to save patients\u27 lives in certain emergency situations when security credentials are not available

A composable approach to design of newer techniques for large-scale denial-of-service attack attribution

Since its early days, the Internet has witnessed not only a phenomenal growth, but also a large number of security attacks, and in recent years, denial-of-service (DoS) attacks have emerged as one of the top threats. The stateless and destination-oriented Internet routing combined with the ability to harness a large number of compromised machines and the relative ease and low costs of launching such attacks has made this a hard problem to address. Additionally, the myriad requirements of scalability, incremental deployment, adequate user privacy protections, and appropriate economic incentives has further complicated the design of DDoS defense mechanisms. While the many research proposals to date have focussed differently on prevention, mitigation, or traceback of DDoS attacks, the lack of a comprehensive approach satisfying the different design criteria for successful attack attribution is indeed disturbing. Our first contribution here has been the design of a composable data model that has helped us represent the various dimensions of the attack attribution problem, particularly the performance attributes of accuracy, effectiveness, speed and overhead, as orthogonal and mutually independent design considerations. We have then designed custom optimizations along each of these dimensions, and have further integrated them into a single composite model, to provide strong performance guarantees. Thus, the proposed model has given us a single framework that can not only address the individual shortcomings of the various known attack attribution techniques, but also provide a more wholesome counter-measure against DDoS attacks. Our second contribution here has been a concrete implementation based on the proposed composable data model, having adopted a graph-theoretic approach to identify and subsequently stitch together individual edge fragments in the Internet graph to reveal the true routing path of any network data packet. The proposed approach has been analyzed through theoretical and experimental evaluation across multiple metrics, including scalability, incremental deployment, speed and efficiency of the distributed algorithm, and finally the total overhead associated with its deployment. We have thereby shown that it is realistically feasible to provide strong performance and scalability guarantees for Internet-wide attack attribution. Our third contribution here has further advanced the state of the art by directly identifying individual path fragments in the Internet graph, having adopted a distributed divide-and-conquer approach employing simple recurrence relations as individual building blocks. A detailed analysis of the proposed approach on real-life Internet topologies with respect to network storage and traffic overhead, has provided a more realistic characterization. Thus, not only does the proposed approach lend well for simplified operations at scale but can also provide robust network-wide performance and security guarantees for Internet-wide attack attribution. Our final contribution here has introduced the notion of anonymity in the overall attack attribution process to significantly broaden its scope. The highly invasive nature of wide-spread data gathering for network traceback continues to violate one of the key principles of Internet use today - the ability to stay anonymous and operate freely without retribution. In this regard, we have successfully reconciled these mutually divergent requirements to make it not only economically feasible and politically viable but also socially acceptable. This work opens up several directions for future research - analysis of existing attack attribution techniques to identify further scope for improvements, incorporation of newer attributes into the design framework of the composable data model abstraction, and finally design of newer attack attribution techniques that comprehensively integrate the various attack prevention, mitigation and traceback techniques in an efficient manner

GNSS Related Threats to Power Grid Applications

As power grid environments are moving towards the smart grid vision of the future, the traditional schemes for power grid protection and control are making way for new applications. The advancements in this field have made the requirements for power grid’s time synchronization accuracy and precision considerably more demanding. So far, the signals provided by Global Navigation Satellite Systems have generally addressed the need for highly accurate and stable reference time in power grid applications. These signals however are highly susceptible to tampering as they are being transmitted. Since electrical power transmission and distribution are critical functions for any modern society, the risks and impacts affiliated with satellite-based time synchronization in power grids ought to be examined. This thesis aims to address the matter. The objective is to examine how Global Navigation Satellite Systems are utilized in the power grids, how different attacks would potentially be carried out by employing interference and disturbance to GNSS signals and receivers and how the potential threats can be mitigated. A major part of the research is done through literature review, and the core concepts and different implementations of Global Navigation Satellite Systems are firstly introduced. The literature review also involves the introduction of different power grid components and subsystems, that utilize Global Positioning System for time synchronization. Threat modeling techniques traditionally practiced in software development are applied to power grid components and subsystems to gain insight about the possible threats and their impacts. The threats recognized through this process are evaluated and potential techniques for mitigating the most notable threats are presented.Sähköverkot ovat siirtymässä kohti tulevaisuuden älykkäitä sähköverkkoja ja perinteiset sähköverkon suojaus- ja ohjausmenetelmät tekevät tilaa uusille sovelluksille. Alan kehitys on tehnyt aikasynkronoinnin tarkkuusvaatimuksista huomattavasti aikaisempaa vaativampia. Tarkka aikareferenssi sähköverkoissa on tähän saakka saavutettu satelliittinavigointijärjestelmien tarjoamien signaalien avulla. Nämä signaalit ovat kuitenkin erittäin alttiita erilaisille hyökkäyksille. Sähkönjakelujärjestelmät ovat kriittinen osa nykyaikaista yhteiskuntaa ja riskejä sekä seuraamuksia, jotka liittyvät satelliittipohjaisten aikasynkronointimenetelmien hyödyntämiseen sähköverkoissa, tulisi tarkastella. Tämä tutkielma pyrkii vastaamaan tähän tarpeeseen. Päämääränä on selvittää, miten satelliittinavigointijärjestelmiä hyödynnetään sähköverkoissa, kuinka erilaisia hyökkäyksiä voidaan toteuttaa satelliittisignaaleja häiritsemällä ja satelliittisignaalivastaanottimia harhauttamalla ja kuinka näiden muodostamia uhkia voidaan lieventää. Valtaosa tästä tutkimuksesta on toteutettu kirjallisuuskatselmoinnin pohjalta. Työ kattaa satelliittinavigointijärjestelmien perusteet ja esittelee erilaisia tapoja, kuinka satelliittisignaaleja hyödynnetään sähköverkoissa erityisesti aikasynkronoinnin näkökulmasta. Työssä hyödynnettiin perinteisesti ohjelmistokehityksessä käytettyjä uhkamallinnusmenetelmiä mahdollisten uhkien ja seurausten analysointiin. Lopputuloksena esitellään riskiarviot uhkamallinnuksen pohjalta tunnistetuista uhkista, sekä esitellään erilaisia menettelytapoja uhkien lieventämiseksi

The Resilience Of Smart Energy Systems Against Adversarial Attacks, Operational Degradation And Variabilities

The presented research investigates selected topics concerning resilience of critical energy infrastructures against certain types of operational disturbances and/or failures whether natural or man-made. A system is made resilient through the deployment of physical devices enabling real-time monitoring, strong feedback control system, advanced system security and protection strategies or through prompt and accurate man-made actions or both. Our work seeks to develop well-planned strategies that act as a foundation for such resiliency enabling techniques.The research conducted thus far addresses three attributes of a resilient system, namely security, efficiency, and robustness, for three types of systems associated with current or future energy infrastructures. First (chapter 1), we study the security aspect of cyber-physical systems which integrate physical system dynamics with digital cyberinfrastructure. The smart electricity grid is a common example of this system type. In this work, an abstract theoretical framework is proposed to study data injection/modification attacks on Markov modeled dynamical systems from the perspective of an adversary. The adversary is capable of modifying a temporal sequence of data and the physical controller is equipped with prior statistical knowledge about the data arrival process to detect the presence of an adversary. The goal of the adversary is to modify the arrivals to minimize a utility function of the controller while minimizing the detectability of his presence as measured by the K-L divergence between the prior and posterior distribution of the arriving data. The trade-off between these two metrics– controller utility and the detectability cost is studied analytically for different underlying dynamics.Our second study (chapter 2) reviews the state of the art ocean wave generation technologies along with system level modeling while providing an initial study of the impacts of integration on a typical electrical grid network as compared to the closest related technology, wind energy extraction. In particular, wave power is computed from high resolution measured raw wave data to evaluate the effects of integrating wave generation into a small power network model. The system with no renewable energy sources and the system with comparable wind generation have been used as a reference for evaluation. Simulations show that wave power integration has good prospects in reducing the requirements of capacity and ramp reserves, thus bringing the overall cost of generation down.Our third study(chapter 3) addresses the robustness of resilient ocean wave generation systems. As an early-stage but rapidly developing technology, wave power extraction systems must have strong resilience requirements in harsh, corrosive ocean environments while enabling economic operation throughput their lifetime. Such systems are comprised of Wave Energy Converters (WECs) that are deployed offshore and that derive power from rolling ocean waves. The Levelized Cost of Electricity (LCOE) for WECs is high and one important way to reduce this cost is to employ strategies that minimize the cost of maintenance of WECs in a wave farm. In this work, an optimal maintenance strategy is proposed for a group of WECs, resulting in an adaptive scheduling of the time of repair, based on the state of the entire farm. The state-based maintenance strategy seeks to find an optimal trade-off between the moderate revenue generated from a farm with some devices being in a deteriorated or failed state and the high repair cost that typifies ocean wave farm maintenance practices. The formulation uses a Markov Decision Process (MDP) approach to devise an optimal policy which is based on the count of WECs in different operational states.Our fourth study (chapter 4) focuses on enabling resilient electricity grids with Grid Scale Storage (GSS). GSS offers resilient operations to power grids where the generation, transmission, distribution and consumption of electricity has traditionally been ``just in time . GSS offers the ability to buffer generated energy and dispatch it for consumption later, e.g., during generation outage and shortages. Our research addresses how to operate GSS to generate revenue efficiency in frequency regulation markets. Operation of GSS in frequency regulation markets is desirable due to its fast response capabilities and the corresponding revenues. However, GSS health is strongly dependent on its operation and understanding the trade-offs between revenues and degradation factors is essential. This study answers whether or not operating GSS at high efficiency regularly reduces its long-term performance (and thereby its offered resilience to the power grid).Our fifth study (chapter 5) focuses on the resilience of Wide Area Measurement Systems (WAMS) which is an integral part of modern electrical grid infrastructure. The problem of the global positioning system (GPS) spoofing attacks on smart grid endowed with phasor measurement units (PMUs) is addressed, taking into account the dynamical behavior of the states of the system. It is shown how GPS spoofing introduces a timing synchronization error in the phasor readings recorded by the PMU and alters the measurement matrix of the dynamical model. A generalized likelihood ratio-based hypotheses testing procedure is devised to detect changes in the measurement matrix when the system is subjected to a spoofing attack. Monte Carlo simulations are performed on the 9-bus, 3-machine test grid to demonstrate the implication of the spoofing attack on dynamic state estimation and to analyze the performance of the proposed hypotheses test. Asymptotic performance analysis of the proposed test, which can be used for large-scale smart grid networks, is also presented

A Robust Mechanism for Defending Distributed Denial OF Service Attacks on Web Servers

Distributed Denial of Service (DDoS) attacks have emerged as a popular means of causing mass targeted service disruptions, often for extended periods of time. The relative ease and low costs of launching such attacks, supplemented by the current inadequate sate of any viable defense mechanism, have made them one of the top threats to the Internet community today. Since the increasing popularity of web-based applications has led to several critical services being provided over the Internet, it is imperative to monitor the network traffic so as to prevent malicious attackers from depleting the resources of the network and denying services to legitimate users. This paper first presents a brief discussion on some of the important types of DDoS attacks that currently exist and some existing mechanisms to combat these attacks. It then points out the major drawbacks of the currently existing defense mechanisms and proposes a new mechanism for protecting a web-server against a DDoS attack. In the proposed mechanism, incoming traffic to the server is continuously monitored and any abnormal rise in the inbound traffic is immediately detected. The detection algorithm is based on a statistical analysis of the inbound traffic on the server and a robust hypothesis testing framework. Simulations carried out on the proposed mechanism have produced results that demonstrate effectiveness of the proposed defense mechanism against DDoS attacks.Comment: 18 pages, 3 figures, 5 table

Ensuring Application Specific Security, Privacy and Performance Goals in RFID Systems

Radio Frequency IDentification (RFID) is an automatic identification technology that uses radio frequency to identify objects. Securing RFID systems and providing privacy in RFID applications has been the focus of much academic work lately. To ensure universal acceptance of RFID technology, security and privacy issued must be addressed into the design of any RFID application. Due to the constraints on memory, power, storage capacity, and amount of logic on RFID devices, traditional public key based strong security mechanisms are unsuitable for them. Usually, low cost general authentication protocols are used to secure RFID systems. However, the generic authentication protocols provide relatively low performance for different types of RFID applications. We identified that each RFID application has unique research challenges and different performance bottlenecks based on the characteristics of the system. One strategy is to devise security protocols such that application specific goals are met and system specific performance requirements are maximized. This dissertation aims to address the problem of devising application specific security protocols for current and next generation RFID systems so that in each application area maximum performance can be achieved and system specific goals are met. In this dissertation, we propose four different authentication techniques for RFID technologies, providing solutions to the following research issues: 1) detecting counterfeit as well as ensuring low response time in large scale RFID systems, 2) preserving privacy and maintaining scalability in RFID based healthcare systems, 3) ensuring security and survivability of Computational RFID (CRFID) networks, and 4) detecting missing WISP tags efficiently to ensure reliability of CRFID based system\u27s decision. The techniques presented in this dissertation achieve good levels of privacy, provide security, scale to large systems, and can be implemented on resource-constrained RFID devices

Cyber-Human Systems, Space Technologies, and Threats

CYBER-HUMAN SYSTEMS, SPACE TECHNOLOGIES, AND THREATS is our eighth textbook in a series covering the world of UASs / CUAS/ UUVs / SPACE. Other textbooks in our series are Space Systems Emerging Technologies and Operations; Drone Delivery of CBNRECy – DEW Weapons: Emerging Threats of Mini-Weapons of Mass Destruction and Disruption (WMDD); Disruptive Technologies with applications in Airline, Marine, Defense Industries; Unmanned Vehicle Systems & Operations On Air, Sea, Land; Counter Unmanned Aircraft Systems Technologies and Operations; Unmanned Aircraft Systems in the Cyber Domain: Protecting USA’s Advanced Air Assets, 2nd edition; and Unmanned Aircraft Systems (UAS) in the Cyber Domain Protecting USA’s Advanced Air Assets, 1st edition. Our previous seven titles have received considerable global recognition in the field. (Nichols & Carter, 2022) (Nichols, et al., 2021) (Nichols R. K., et al., 2020) (Nichols R. , et al., 2020) (Nichols R. , et al., 2019) (Nichols R. K., 2018) (Nichols R. K., et al., 2022)https://newprairiepress.org/ebooks/1052/thumbnail.jp

GNSS Integrity Monitoring assisted by Signal Processing techniques in Harsh Environments

The Global Navigation Satellite Systems (GNSS) applications are growing and more pervasive in the modern society. The presence of multi-constellation GNSS receivers able to use signals coming from different systems like the american Global Positioning System (GPS), the european Galileo, the Chinese Beidou and the russian GLONASS, permits to have more accuracy in position solution. All the receivers provide always more reliable solution but it is important to monitor the possible presence of problems in the position computation. These problems could be caused by the presence of impairments given by unintentional sources like multipath generated by the environment or intentional sources like spoofing attacks. In this thesis we focus on design algorithms at signal processing level used to assist Integrity operations in terms of Fault Detection and Exclusion (FDE). These are standalone algorithms all implemented in a software receiver without using external information. The first step was the creation of a detector for correlation distortion due to the multipath with his limitations. Once the detection is performed a quality index for the signal is computed and a decision about the exclusion of a specific Satellite Vehicle (SV) is taken. The exclusion could be not feasible so an alternative approach could be the inflation of the variance of the error models used in the position computation. The quality signal can be even used for spoofinng applications and a novel mitigation technique is developed and presented. In addition, the mitigation of the multipath can be reached at pseudoranges level by using new method to compute the position solution. The main contributions of this thesis are: the development of a multipath, or more in general, impairments detector at signal processing level; the creation of an index to measure the quality of a signal based on the detector’s output; the description of a novel signal processing method for detection and mitigation of spoofing effects, based on the use of linear regression algorithms; An alternative method to compute the Position Velocity and Time (PVT) solution by using different well known algorithms in order to mitigate the effects of the multipath on the position domain