Model Uncertainty and Liquidity

Extreme market outcomes are often followed by a lack of liquidity and a lack of trade. This market collapse seems particularly acute for markets where traders rely heavily on a specific empirical model such as in derivative markets. Asset pricing and trading, in these cases, are intrinsically model dependent. Moreover, the observed behavior of traders and institutions that places a large emphasis on 'worst-case scenarios'' through the use of 'stress testing'' and 'value-at-risk'' seems different than Savage rationality (expected utility) would suggest. In this paper we capture model-uncertainty explicitly using an Epstein-Wang (1994) uncertainty-averse utility function with an ambiguous underlying asset-returns distribution. To explore the connection of uncertainty with liquidity, we specify a simple market where a monopolist financial intermediary makes a market for a propriety derivative security. The market-maker chooses bid and ask prices for the derivative, then, conditional on trade in this market, chooses an optimal portfolio and consumption. We explore how uncertainty can increase the bid-ask spread and, hence, reduces liquidity. In addition, 'hedge portfolios'' for the market-maker, an important component to understanding spreads, can look very different from those implied by a model without Knightian uncertainty. Our infinite-horizon example produces short, dramatic decreases in liquidity even though the underlying environment is stationary.

Architecture-centric testing for security

This thesis presents a novel architecture-centric approach, which uses Implied Scenarios (IS) to detect design-vulnerabilities in the software architecture. It reviews security testing approaches, and draws on their limitations in addressing unpredictable behaviour in the face of evolution. The thesis introduces the concept of Security ISs as unanticipated (possibly malicious) behaviours that indicate potential insecurities in the architecture. The IS approach uses the architecture as the appropriate level of abstraction to tackle the complexity of testing. It provides potential for scalability to test large scale complex applications. It proposes a three-phased method for security testing: (1) Detecting design-level vulnerabilities in the architecture in an incremental manner by composing functionalities as they evolve. (2) Classifying the impact of detected ISs on the security of the architecture. (3) Using the detected ISs and their impact to guide the refinement of the architecture. The refinement is test-driven and incremental, where refinements are tested before they are committed. The thesis also presents SecArch, an extension to the IS approach to enhance its search-space to detect hidden race conditions. The thesis reports on the applications of the proposed approach and its extension to three case studies for testing the security of distributed and cloud architectures in the presence of uncertainty in the operating environment, unpredictability of interaction and possible security IS

The role of market-implied severity modeling for credit VaR

En este trabajo proponemos el uso de mixturas de distribciones beta para modelizar la severidad impícita en el mercado. En nuestro análisis extraemos las tasas de recuperación de la cotización de los credit default swaps (CDS) en lugar de utilizar bonos que han impagado. La principal ventaja de obtener la estructura temporal implícita de tasas de recuperación de los CDS en lugar de utilizar los bonos impagados es que nos permite identificar tasas de recuperación para empresas con baja probabilidad de impago. Del análisis empírico se obtienen resultados que no permiten aceptar que una única distribución beta sea capaz de representar las tasas de recuperación implícitas mientras que la propuesta basada en mixturas de distribuciones beta si que es aceptada. Además, hay que destacar la importancia de utilizar esta metodología de ajuste por su importancia para una correcta estimación del Valor en Riesgo de crédito.In this paper we propose to use beta-component mixtures to model the market-implied severity. In our analysis we extract and identify recovery rates from credit default swaps instead of using defaulted bonds. The main advantage of extracting implied, endogenous and dynamic functions of recovery rates from credit default swaps versus using defaulted bonds is that it allows to identify recovery rates of low probability of default companies. We carry out an empirical analysis and our results show that a single beta distribution is rejected as a correct specification for implied recovery rates while a beta-component mixture is accepted. Futhermore, we highlight the importance of this modeling approach by focusing on its role for credit VaR

Building an Emulation Environment for Cyber Security Analyses of Complex Networked Systems

Computer networks are undergoing a phenomenal growth, driven by the rapidly increasing number of nodes constituting the networks. At the same time, the number of security threats on Internet and intranet networks is constantly growing, and the testing and experimentation of cyber defense solutions requires the availability of separate, test environments that best emulate the complexity of a real system. Such environments support the deployment and monitoring of complex mission-driven network scenarios, thus enabling the study of cyber defense strategies under real and controllable traffic and attack scenarios. In this paper, we propose a methodology that makes use of a combination of techniques of network and security assessment, and the use of cloud technologies to build an emulation environment with adjustable degree of affinity with respect to actual reference networks or planned systems. As a byproduct, starting from a specific study case, we collected a dataset consisting of complete network traces comprising benign and malicious traffic, which is feature-rich and publicly available

Risky Swaps

In [10] we presented a reduced form of risky bond pricing. At default date, a bond seller fails to continue fulfilling his obligation and the price of the bond sharply drops. For nodefault scenarios, if the face value of the defaulted bond is $1 then the bond price just after the default is its’ recovery rate (RR). Rating agencies and theoretical models are trying to predict RR for companies or sovereign countries. The main theoretical problem with a risky bond or with the general debt problems is presenting the price, knowing the RR. The problem of a credit default swap (CDS) pricing is somewhat an adjacent problem. Recall that the corporate bond price inversely depends on interest rate. In case of a default, the credit risk on a debt investment is related to the loss. There is a possibility for a risky bond buyer to reduce his credit risk. This can be achieved through buying a protection from a protection seller. The bondholder would pay a fixed premium up to maturity or default, which ever one comes first. If default comes before maturity, the protection buyer will receive the difference between the initial face value of the bond and RR. This difference is called ‘loss given default’. This contract represents CDS. The counterparty that pays a fixed premium is called CDS buyer or protection buyer; the opposite party is the CDS seller. Note, that in contrast to corporate bond, CDS contract does not assume that the buyer of the CDS is the holder of underlying bond. Also note that underlying to the swap can be any asset. It is called a reference asset or a reference entity. Thus, CDS is a credit instrument that separates credit risk from corresponding underlying entity. The formal type of the CDS can be described as follows. The buyer of the credit swap pays fixed rate or coupon until maturity or default in case it occurs before the maturity. If default does occur, protection buyer delivers cash or a default asset in exchange with the face value of the defaulted debt. These are known as cash or physical settlements

Formally based semi-automatic implementation of an open security protocol

International audienceThis paper presents an experiment in which an implementation of the client side of the SSH Transport Layer Protocol (SSH-TLP) was semi-automatically derived according to a model-driven development paradigm that leverages formal methods in order to obtain high correctness assurance. The approach used in the experiment starts with the formalization of the protocol at an abstract level. This model is then formally proved to fulfill the desired secrecy and authentication properties by using the ProVerif prover. Finally, a sound Java implementation is semi-automatically derived from the verified model using an enhanced version of the Spi2Java framework. The resulting implementation correctly interoperates with third party servers, and its execution time is comparable with that of other manually developed Java SSH-TLP client implementations. This case study demonstrates that the adopted model-driven approach is viable even for a real security protocol, despite the complexity of the models needed in order to achieve an interoperable implementation

Saving in an ageing society with public pensions: implications from lifecycle analysis

This paper studies saving in an economy where decline in fertility to a permanently lower level and increasing longevity are changing the age structure permanently and where the public pension system helps to smooth consumption over a lifetime of working and retirement. A simple overlapping generations (OLG) model is used for simulations, with the emphasis on the transition path. It is shown that, under plausible assumptions, the effect of population ageing on the capital to income ratio is positive and also that the saving rate increases in the first two to three decades. This first positive effect on the saving rate is highlighted and contrasted with results in previous literature. It is also shown that moving from a pure PAYG pension system to partial funding of mandatory pensions affects saving positively and has implications for intergenerational equity.Saving in an ageing society with public pensions: implications from lifestyle analysis, population ageing, public pensions, private and public saving, Oksanen

CNN-based fast source device identification

Source identification is an important topic in image forensics, since it allows to trace back the origin of an image. This represents a precious information to claim intellectual property but also to reveal the authors of illicit materials. In this paper we address the problem of device identification based on sensor noise and propose a fast and accurate solution using convolutional neural networks (CNNs). Specifically, we propose a 2-channel-based CNN that learns a way of comparing camera fingerprint and image noise at patch level. The proposed solution turns out to be much faster than the conventional approach and to ensure an increased accuracy. This makes the approach particularly suitable in scenarios where large databases of images are analyzed, like over social networks. In this vein, since images uploaded on social media usually undergo at least two compression stages, we include investigations on double JPEG compressed images, always reporting higher accuracy than standard approaches