On the asymptotic and approximate distributions of the product of an inverse Wishart matrix and a Gaussian vector

In this paper we study the distribution of the product of an inverse Wishart random matrix and a Gaussian random vector. We derive its asymptotic distribution as well as its approximate density function formula which is based on the Gaussian integral and the third order Taylor expansion. Furthermore, we compare obtained asymptotic and approximate density functions with the exact density which is obtained by Bodnar and Okhrin (2011). A good performance of obtained results is documented in the numerical study

Cyber Hygiene Maturity Assessment Framework for Smart Grid Scenarios

Cyber hygiene is a relatively new paradigm premised on the idea that organizations and stakeholders are able to achieve additional robustness and overall cybersecurity strength by implementing and following sound security practices. It is a preventive approach entailing high organizational culture and education for information cybersecurity to enhance resilience and protect sensitive data. In an attempt to achieve high resilience of Smart Grids against negative impacts caused by different types of common, predictable but also uncommon, unexpected, and uncertain threats and keep entities safe, the Secure and PrivatE smArt gRid (SPEAR) Horizon 2020 project has created an organization-wide cyber hygiene policy and developed a Cyber Hygiene Maturity assessment Framework (CHMF). This article presents the assessment framework for evaluating Cyber Hygiene Level (CHL) in relation to the Smart Grids. Complementary to the SPEAR Cyber Hygiene Maturity Model (CHMM), we propose a self-assessment methodology based on a questionnaire for Smart Grid cyber hygiene practices evaluation. The result of the assessment can be used as a cyber-health check to define countermeasures and to reapprove cyber hygiene rules and security standards and specifications adopted by the Smart Grid operator organization. The proposed methodology is one example of a resilient approach to cybersecurity. It can be applied for the assessment of the CHL of Smart Grids operating organizations with respect to a number of recommended good practices in cyber hygiene.This project has received funding from the European Union Horizon 2020 research and innovation program under grant agreement No. 787011 (SPEAR

Explainable AI-based Intrusion Detection in the Internet of Things

The revolution of Artificial Intelligence (AI) has brought about a significant evolution in the landscape of cyberattacks. In particular, with the increasing power and capabilities of AI, cyberattackers can automate tasks, analyze vast amounts of data, and identify vulnerabilities with greater precision. On the other hand, despite the multiple benefits of the Internet of Things (IoT), it raises severe security issues. Therefore, it is evident that the presence of efficient intrusion detection mechanisms is critical. Although Machine Learning (ML) and Deep Learning (DL)-based IDS have already demonstrated their detection efficiency, they still suffer from false alarms and explainability issues that do not allow security administrators to trust them completely compared to conventional signature/specification-based IDS. In light of the aforementioned remarks, in this paper, we introduce an AI-powered IDS with explainability functions for the IoT. The proposed IDS relies on ML and DL methods, while the SHapley Additive exPlanations (SHAP) method is used to explain decision-making. The evaluation results demonstrate the efficiency of the proposed IDS in terms of detection performance and explainable AI (XAI)

Assessment of insider attack with learning statistics methods

The popularity of mobile devices, wearable devices used in collaborative information systems, has dramatically exploded over the past decade. Thus, we understand that in ordinary office, a single person can use plenty of active interfaces like wireless data transfer interfaces, which can help, among direct usage, strengthen access control and information security subsystem. Despite the fact that enterprises quite rightly develop controls and prevention techniques to combat cyberattacks, threats from users within the corporate network pose a significant risk to information assets. Existing users with accounts, permissions and access required to perform their jobs are increasingly becoming a major risk to information security through account misuse, data loss and fraudulent activities. This article reviews the definition of an insider threat and its impact, and provides an overview of the techniques to control and remediate these threat

Empirical study of new metrics for the internet route hijack risk assessment

Possibility of dynamic routes change between nodes which are not physically connected is a key feature of the Internet routing. With two key concepts - one-hop forwarding in routing process and possibility of address space aggregation for routing purposes, the Internet became global and can grow virtually unlimited. However, one of the most significant problems of the Internet connectivity is caused by the Border Gateway Protocol (BGP) weaknesses - lack of verification of input routing data. It leads to the so-called route leaks and route hijacks. None of proposed and partially implemented upgrades and add-ons which are referred to as MANRS can deliver reliable defense against those types of attacks. Route hijack detection services are mainly provided by third-party services such as BGPMon. They track worldwide routes by tracing and keep track of route announcements in BGP, and notify the network administrator of suspicious events related to their prefixes based on routing information. And the main problem is that monitoring alert is post-mortem reaction when the routing accident has already happened or is happening. That's why it is necessary to learn how to manage risks arising from cyber attacks on global routing. Assessing the risks of route interception requires quantitative measurement of the impact of an attack on the routing distortion, and therefore, the breach of information security. This offers a way of exploring the topology of connections between Internet nodes to further solve the risk management task with topology methods. In previous papers we used the knowledge of the features of the Internet topology to find the relationship between topology and global routing vulnerability. One of the most important steps was to build a formal model of global Internet routing with formal description for objects, relations and processes of the Internet routingsuch as the IP address, address space, network prefix and their encapsulation, route, best path, and routing itself. In this paper we offer new node metrics for representation of both components of information security risk - possible losses and likelihood of losses. The first metric, which we have, called 'significance', is tied it to importance of node in routes distribution, with impact of number and weight of announced prefixes. The second metric, called 'trust', reflects likelihood of hijacking a route on a particular node. Finally, we demonstrate some empirical results of how these metrics can model the effective network topology regarding relaxation risks of route hijack

Simple Stop Loss Procedure to Measure Expected Return of the Portfolio

Abstract A simple stop loss procedure to measure expected return of the portfolio with and without the stop-loss rule is proposed. A strategy for setting stop loss levels based on historical data and using moving average and average true range methods is given. Obtained results were compared by running back test for different values of stop-loss

On the asymptotic and approximate distributions of the product of an inverse wishart matrix and a gaussian vector

In this paper we study the distribution of the product of an inverse Wishart random matrix and a Gaussian random vector. We derive its asymptotic distribution as well as a formula for its approximate density function which is based on the Gaussian integral and the third order Taylor expansion. Furthermore, we compare the asymptotic and approximate density functions with the exact density obtained by Bodnar and Okhrin (2011). The results obtained in the paper are confirmed by the numerical study

Cyber Security and Resilience of Smart Grid Infrastructure in the Arctic

Smart Grids is an emerging technology promising significant changes in the economy and the social sphere all over the world. Arctic region turns on a rapid transformation in its energy sector from being a consumer of electricity to producing, sharing, and storing energy deploying smart grid infrastructure. With that, due to often remote and extreme conditions, cybersecurity is one of many challenges in leveraging energy grids in the Arctic. Considering recent hackers’ attacks on energy grids and taking into account the distributed structure of these systems, the use of traditional means of computer protection and the search for a crime figure becomes more difficult or impossible. This chapter summarizes our previous work and the findings from a working group at a NATO Advanced Research Workshop on Governance for Cyber Security and Resilience in the Arctic as it pertains to critical infrastructure, held in Rovaniemi, Finland on 27–30 January 2019. It aims to introduce some application areas of smart grid security and forensics, discuss the opportunities, and outline the open issues in the topic. The several problems that may arise during the forensics process in smart grids and practical recommendations for their resolving are also discussed. According to recommendations of the UK National Cyber Security Center, we follow a four-step procedure to analyze logging architectures and highlight some issues related to the Chain of Custody (CoC) process. We also discuss challenges for forensic in smart grids in connection with a blockchain and propose a decentralized transaction platform based on blockchain tailored to the energy sector with all the latest technology such as advanced metering infrastructure, distributed generation, etc. Some aspects of developing a cyber-forensic framework for cyber-crime investigation based on the smart grid network data are also discussed