Cyber-Risk Informatics: Engineering Evaluation with Data Science

Cyber-Risk Informatics: Engineering Evaluation with Data Science

Sahinoglu, Mehmet

122,10 €(IVA inc.)

This book provides a scientific modeling approach for conducting metrics–based quantitative risk assessments of cybersecurity vulnerabilities and threats. This book provides a scientific modeling approach for conducting metrics–based quantitative risk assessments of cybersecurity threats. The author builds from a common understanding based on previous class–tested works to introduce the reader to the current and newly innovative approaches to address the maliciously–by–human–created (rather than by–chance–occurring) vulnerability and threat, and related cost–effective management to mitigate such risk. This book is purely statistical data–oriented (not deterministic) and employs computationally intensive techniques, such as Monte Carlo and Discrete Event  Simulation. The enriched JAVA ready–to–go applications and solutions to exercises provided by the author at the book s specifically preserved website will enable readers to utilize the course related problems. Enables the reader to use the book?s website?s applications to implement and see results, and use them making budgetary sense Utilizes a data analytical approach and provides clear entry points for readers of varying skill sets and backgrounds Developed out of necessity from real in–class experience while teaching advanced undergraduate and graduate courses by the author Cyber–Risk Informatics is a resource for undergraduate students, graduate students, and practitioners in the field of Risk Assessment and Management regarding Security and Reliability Modeling. Mehmet Sahinoglu, a Professor (1990) Emeritus (2000), is the founder of the Informatics Institute (2009) and its SACS–accredited (2010) and NSA–certified (2013) flagship Cybersystems and Information Security (CSIS) graduate program (the first such full degree in–class program in Southeastern USA) at AUM, Auburn University s metropolitan campus in Montgomery, Alabama. He is a fellow member of the SDPS Society, a senior member of the IEEE, and an elected member of ISI. Sahinoglu is the recipient of Microsoft?s Trustworthy Computing Curriculum (TCC) award and the author of Trustworthy Computing (Wiley, 2007).   INDICE: PROLOGUE, REVIEWS vi .PREFACE 12 .ACKNOWLEDGMENTS AND DEDICATION 19 .ABOUT THE AUTHOR 20 .Chapter 1 Metrics, Statistical Quality Control and Basic Reliability in Cyber–Risk 21 .Learning Objectives 21 .Abstract 21 .1.1. Deterministic and Stochastic Cyber–Risk Metrics 22 .1.2. Statistical Risk Analysis 23 .1.3. Acceptance Sampling in Quality Control 37 .1.4. Poisson and Normal Approximations to Binomial in Quality Control 40 .1.5. Basic Statistical Reliability Concepts and Monte Carlo Simulators 43 .1.6. Discussions and Conclusion 62 .1.7. Exercises 73 .1.8. References 81 .Chapter 2 Complex Network Reliability Evaluation and Estimation in Cyber–Risk 83 .Learning Objectives 83 .Abstract 83 .2.1. Introduction 84 .2.2. Overlap Technique to Calculate Complex Network Reliability 85 .2.3. The Overlap Method: Monte Carlo and Discrete–Event Simulation 92 .2.4. Multistate System Reliability Evaluation 95 .2.5. Weibull Distributed Reliability Evaluation 101 .2.6. Discussions and Conclusion 115 . 2.7. Appendix: Overlap Algorithm and Example 115 .2.8. Exercises 126 .2.9. References 127 .Chapter 3 Stopping Rules for Reliability and Security Tests in Cyber–Risk 131 .Learning Objectives 131 .Abstract 131 .3.1. Introduction 132 .3.2. Methods 134 .3.3. Examples Merging Both Stopping Rules: LGM and CPM 140 .3.4. Stopping Rule for Testing in the Time Domain 157 .3.5. Discussions and Conclusion 165 .3.6. Appendix (Solutions to T4 Analysis) 167 .3.7. Exercises 170 .3.8. References 171 .Chapter 4 Security Assessment and Management in Cyber–Risk 173 .Learning Objectives 173 .Abstract 173 .4.1. Introduction 174 .4.2. Security Meter (SM) Model Design 178 .4.3. Verification of the Probabilistic Security Meter Method by .Monte Carlo Simulation and Math–Statistical Triple Product Rule 181 .4.4. Modifying the SM Quantitative Model for Categorical, Hybrid, and Nondisjoint Data 197 .4.5. Maintenance Priority Determination–Example for 3 X 3 X 2 SM 206 .4.6. Privacy Meter (PM): How to Quantify Privacy Breach 210 .4.7. Polish Decoding (Decompression) Algorithm 214 .4.8. Discussions and Conclusion 216 .4.9. Exercises 217 .4.10. References 225 .Chapter 5 Game–Theoretic Computing in Cyber–Risk 227 .Learning Objectives 227 .Abstract 227 .5.1. Historical Perspective to Game Theory s Origins 228 .5.2. Applications of Game Theory to Cybersecurity Risk 229 .5.3. Intuitive Background–Concepts, Definitions and Nomenclature 230 .5.4. Random Probabilistic Selection for Nash Mixed Strategy 234 .5.5. Adversarial Risk Analysis Models by Banks, Rio & Rio 237 .5.6. Alternative Model: Sahinoglu?s Security Meter for Neumann and Nash Mixed Strategy 241 .5.7. Other Interdisciplinary Applications of Risk–Meters 245 .5.8. Mixed–Strategy for Risk Assessment and Management – University Server and Social Network Examples 246 .5.9. Application to Health Care Service Risk 249 .5.10. Application to Environmetrics and Ecology Risk 254 .5.11. Application to Digital Forensics Risk 259 .5.12. Application to Business Contracting Risk 265 .5.13. Application to National Cybersecurity Risk 269 .5.14. Application to Airport Service Quality Risk 277 . 5.15. Application to Offshore Oil–Drilling Spill and Security Risk 282 .5.16. Discussions and Conclusion 289 .5.17. Exercises 291 .5.18. References 295 .Chapter 6 Modeling and Simulation in Cyber–Risk 303 .Learning Objectives 303 .Abstract 303 .6.1. Introduction and a Brief History to Simulation 304 .6.2. Generic Theory– Case Studies on Goodness of Fit for Uniform Numbers 305 .6.3. Why Crucial to Manufacturing and Cyber Defense 305 .6.4. A Cross Section of Modeling and Simulation in Manufacturing 307 .6.5. A Review of Modeling and Simulation in Cybersecurity 327 .6.6. Application of Queing Theory and Simulation to Cybersecurity 332 .6.7. Discussions and Conclusion 334 .6.8. Appendix 334 .6.9. Exercises 341 .6.10. References 361 .Chapter 7 Cloud Computing in Cyber–Risk 365 .Learning Objectives 365 .Abstract 365 .7.1. Introduction and Motivation 366 .7.2. Cloud Computing Risk Assessment 368 .7.3. Motivation and Methodology 369 .7.4. Various Applications to Cybersystems 375 .7.5. Large Cyber Systems using Statistical Methods 382 .7.6. Repair Crew and Product Reserve Planning to Manage Risk Cost Effectively Using Cyber–Risk Solver Cloud Management Java Tool 384 .7.7. Remarks for Physical Cloud Employing Physical Products (Servers, Generators, Communication Towers and Others) 397 .7.8. Applications to ?Social (Human Resources) Cloud? 399 .7.9. Stochastic Cloud System Simulation 405 .7.10. Cloud Risk–Meter Analysis 424 .7.11. Discussions and Conclusion 430 .7.12. Exercises 432 .7.13. References 441 .Chapter 8 Software Reliability Modeling and Metrics in Cyber–Risk 445 .Learning Objectives 445 .Abstract 445 .8.1. Introduction, Motivation and Methodology 446 .8.2. History and Classification of Software Reliability Models 447 .8.3. Software Reliability Models in Time–Domain 448 .8.4. Software Reliability Growth Models 449 .8.5. Numerical Examples Using Pedagogues 466 .8.6. Recent Trends in Software Reliability 467 .8.7. Discussions and Conclusion 469 .8.8. Exercises 470 .8.9. References 472 .Chapter 9 Metrics for software reliability failure–count models in cyber–risk 477 .Learning Objectives 477 .Abstract 477 .9.1. Introduction and Methodology for Failure–Count Estimation in Software Reliability 478 .9.2. Predictive Accuracy to Compare Failure–Count Models 493 .9.3. Discussions and Conclusion 503 .9.4. Appendix 505 .9.5. Exercises 508 .9.6. References 511 .Chapter 10 Practical Hands–On Lab Topics in Cyber–Risk 513 .Learning Objectives 513 .Abstract 513 .10.1. System Hardening 514 .10.2. Email Security 516 .10.3. MS–DOS Commands 518 .10.4. Logging 526 .10.5. Firewall 527 .10.6. Wireless Networks 529 .10.7. Discussions and Conclusion 530 .10.8. Exercises 531 .10.9. Appendix 540 .10.10. References 541 .Index 542 .What the Cyber–Risk Informatics and Author are about? 554

  • ISBN: 978-1-119-08751-9
  • Editorial: Wiley–Blackwell
  • Encuadernacion: Cartoné
  • Páginas: 560
  • Fecha Publicación: 17/06/2016
  • Nº Volúmenes: 1
  • Idioma: Inglés