Description: Cyber-Risk Informatics by Mehmet Sahinoglu This book provides a scientific modeling approach for conducting metrics-based quantitative risk assessments of cybersecurity vulnerabilities and threats. This book provides a scientific modeling approach for conducting metrics-based quantitative risk assessments of cybersecurity threats. FORMAT Hardcover LANGUAGE English CONDITION Brand New Publisher Description This book provides a scientific modeling approach for conducting metrics-based quantitative risk assessments of cybersecurity vulnerabilities and threats. This book provides a scientific modeling approach for conducting metrics-based quantitative risk assessments of cybersecurity threats. The author builds from a common understanding based on previous class-tested works to introduce the reader to the current and newly innovative approaches to address the maliciously-by-human-created (rather than by-chance-occurring) vulnerability and threat, and related cost-effective management to mitigate such risk. This book is purely statistical data-oriented (not deterministic) and employs computationally intensive techniques, such as Monte Carlo and Discrete Event Simulation. The enriched JAVA ready-to-go applications and solutions to exercises provided by the author at the books specifically preserved website will enable readers to utilize the course related problems. • Enables the reader to use the books websites applications to implement and see results, and use them making budgetary sense • Utilizes a data analytical approach and provides clear entry points for readers of varying skill sets and backgrounds • Developed out of necessity from real in-class experience while teaching advanced undergraduate and graduate courses by the author Cyber-Risk Informatics is a resource for undergraduate students, graduate students, and practitioners in the field of Risk Assessment and Management regarding Security and Reliability Modeling. Mehmet Sahinoglu, a Professor (1990) Emeritus (2000), is the founder of the Informatics Institute (2009) and its SACS-accredited (2010) and NSA-certified (2013) flagship Cybersystems and Information Security (CSIS) graduate program (the first such full degree in-class program in Southeastern USA) at AUM, Auburn Universitys metropolitan campus in Montgomery, Alabama. He is a fellow member of the SDPS Society, a senior member of the IEEE, and an elected member of ISI. Sahinoglu is the recipient of Microsofts Trustworthy Computing Curriculum (TCC) award and the author of Trustworthy Computing (Wiley, 2007). Back Cover This book provides a scientific modeling approach for conducting metrics-based quantitative risk assessments of cybersecurity vulnerabilities and threats. This book provides a scientific modeling approach for conducting metrics-based quantitative risk assessments of cybersecurity threats. The author builds from a common understanding based on previous class-tested works to introduce the reader to the current and newly innovative approaches to address the maliciously-by-human-created (rather than by-chance-occurring) vulnerability and threat, and related cost-effective management to mitigate such risk. This book is purely statistical data-oriented (not deterministic) and employs computationally intensive techniques, such as Monte Carlo and Discrete Event Simulation. The enriched JAVA ready-to-go applications and solutions to exercises provided by the author at the books specifically preserved website will enable readers to utilize the course related problems. * Enables the reader to use the books websites applications to implement and see results, and use them making budgetary sense * Utilizes a data analytical approach and provides clear entry points for readers of varying skill sets and backgrounds * Developed out of necessity from real in-class experience while teaching advanced undergraduate and graduate courses by the author Cyber-Risk Informatics is a resource for undergraduate students, graduate students, and practitioners in the field of Risk Assessment and Management regarding Security and Reliability Modeling. Mehmet Sahinoglu, a Professor (1990) Emeritus (2000), is the founder of the Informatics Institute (2009) and its SACS-accredited (2010) and NSA-certified (2013) flagship Cybersystems and Information Security (CSIS) graduate program (the first such full degree in-class program in Southeastern USA) at AUM, Auburn Universitys metropolitan campus in Montgomery, Alabama. He is a fellow member of the SDPS Society, a senior member of the IEEE, and an elected member of ISI. Sahinoglu is the recipient of Microsofts Trustworthy Computing Curriculum (TCC) award and the author of Trustworthy Computing (Wiley, 2007). Flap This book provides a scientific modeling approach for conducting metrics-based quantitative risk assessments of cybersecurity vulnerabilities and threats. This book provides a scientific modeling approach for conducting metrics-based quantitative risk assessments of cybersecurity threats. The author builds from a common understanding based on previous class-tested works to introduce the reader to the current and newly innovative approaches to address the maliciously-by-human-created (rather than by-chance-occurring) vulnerability and threat, and related cost-effective management to mitigate such risk. This book is purely statistical data-oriented (not deterministic) and employs computationally intensive techniques, such as Monte Carlo and Discrete Event Simulation. The enriched JAVA ready-to-go applications and solutions to exercises provided by the author at the books specifically preserved website will enable readers to utilize the course related problems. * Enables the reader to use the books websites applications to implement and see results, and use them making budgetary sense * Utilizes a data analytical approach and provides clear entry points for readers of varying skill sets and backgrounds * Developed out of necessity from real in-class experience while teaching advanced undergraduate and graduate courses by the author Cyber-Risk Informatics is a resource for undergraduate students, graduate students, and practitioners in the field of Risk Assessment and Management regarding Security and Reliability Modeling. Mehmet Sahinoglu, a Professor (1990) Emeritus (2000), is the founder of the Informatics Institute (2009) and its SACS-accredited (2010) and NSA-certified (2013) flagship Cybersystems and Information Security (CSIS) graduate program (the first such full degree in-class program in Southeastern USA) at AUM, Auburn Universitys metropolitan campus in Montgomery, Alabama. He is a fellow member of the SDPS Society, a senior member of the IEEE, and an elected member of ISI. Sahinoglu is the recipient of Microsofts Trustworthy Computing Curriculum (TCC) award and the author of Trustworthy Computing (Wiley, 2007). Author Biography Mehmet Sahinoglu, a Professor (1990) Emeritus (2000), is the founder of the Informatics Institute (2009) and its SACS-accredited (2010) and NSA-certified (2013) flagship Cybersystems and Information Security (CSIS) graduate program (the first such full degree in-class program in Southeastern USA) at AUM, Auburn Universitys metropolitan campus in Montgomery, Alabama. He is a fellow member of the SDPS Society, a senior member of the IEEE, and an elected member of ISI. Sahinoglu is the recipient of Microsofts Trustworthy Computing Curriculum (TCC) award and the author of Trustworthy Computing (Wiley, 2007). Table of Contents Prologue xiv Reviews xv Preface xxi Acknowledgments and Dedication xxix About the Author xxxi 1 Metrics, Statistical Quality Control, and Basic Reliability in Cyber-Risk 1 1.1 Deterministic and Stochastic Cyber-Risk Metrics 1 1.2 Statistical Risk Analysis 2 1.2.1 Introduction to Statistical Hypotheses 2 1.2.2 Decision Rules 3 1.2.3 One-Tailed Tests 4 1.2.4 Two-Tailed Tests 4 1.2.5 Decision Errors 6 1.2.6 Applications to One-Tailed Tests Associated with Both Type I and Type II Errors 7 1.2.7 Applications to Two-Tailed Tests (Normal Distribution Assumption) 11 1.3 Acceptance Sampling in Quality Control 16 1.3.1 Introduction 16 1.3.2 Definition of an Acceptance Sampling Plan 16 1.3.3 The OC Curve 16 1.4 Poisson and Normal Approximation to Binomial in Quality Control 19 1.4.1 Approximations to Binomial Distribution 19 1.4.2 Approximation of Binomial to Poisson Distribution 19 1.4.3 Approximation to Normal Distribution 20 1.4.4 Comparisons of Normal and Poisson Approximations to the Binomial 21 1.5 Basic Statistical Reliability Concepts and Mc Simulators 21 1.5.1 Fundamental Equations for Reliability, Hazard, and Statistical Notions 23 1.5.2 Fundamentals for Reliability Block Diagramming and Redundancy 27 1.5.3 Solving Basic Reliability Questions by Using Student-Friendly Pedagogical Examples 30 1.5.4 MC Simulators for Commonly Used Distributions in Reliability 47 1.6 Discussions and Conclusion 52 1.7 Exercises 52 References 60 2 Complex Network Reliability Evaluation and Estimation in Cyber-Risk 61 2.1 Introduction 61 2.2 Overlap Technique to Calculate Complex Network Reliability 62 2.2.1 Network State Enumeration and Example 1 63 2.2.2 Generating Minimal Paths and Example 2 64 2.2.3 Overlap Method Algorithmic Rules and Example 3 68 2.3 The Overlap Method: Monte Carlo and Discrete Event Simulation 70 2.4 Multistate System Reliability Evaluation 71 2.4.1 Simple Series System with Single Derated States 73 2.4.2 Active Parallel System 73 2.4.3 Simple Series–Parallel System 74 2.4.4 A Simple Series–Parallel System with Multistate Components 75 2.4.5 A Combined System: Power Plant Example 76 2.4.6 Large Network Examples Using Multistate Overlap Technique 77 2.5 Weibull Time Distributed Reliability Evaluation 78 2.5.1 Motivation behind Weibull Probability Modeling 78 2.5.2 Weibull Parameter Estimation Methodology 79 2.5.3 Overlap Algorithm Applied to Weibull Distributed Components 80 2.5.4 Estimating Weibull Parameters 80 2.5.5 Fifty-Two-Node Weibull Example for Estimating Weibull Parameters 85 2.5.6 A Weibull Network Example from an Oil Rig System 90 2.6 Discussions and Conclusion 90 Appendix 2.A Overlap Algorithm and Example 93 2.A.1 Algorithm 93 2.A.2 Example 95 2.7 Exercises 101 References 103 3 Stopping Rules for Reliability and Security Tests in Cyber-Risk 105 3.1 Introduction 105 3.2 Methods 107 3.2.1 Lgm by Verhulst 108 3.2.2 Compound Poisson Model 110 3.3 Examples Merging Both Stopping Rules: Lgm and Cpm 114 3.3.1 The DR5 Data Set Example 114 3.3.2 The Dr4 Data Set Example 118 3.3.3 The Supercomputing Cloud Historical Failure Data—Case Study 119 3.3.4 Appendix for Section 3.3 121 3.4 Stopping Rule for Testing in the Time Domain 131 3.4.1 Review of Compound Poisson Process and Stopping Rule 131 3.4.2 Empirical Bayes Analysis for the Poisson^Geometric Stopping Rule 132 3.4.3 Howdens Model for Stopping Rule 135 3.4.4 Computational Example for Stopping-Rule Algorithm in Time Domain 136 3.5 Discussions and Conclusion 139 3.6 Exercises 143 References 144 4 Security Assessment and Management in Cyber-Risk 147 4.1 Introduction 147 4.1.1 What Other Scoring Methods Are Available? 148 4.2 Security Meter (Sm) Model Design 152 4.3 Verification of the Probabilistic Security Meter (Sm) Method by Monte Carlo Simulation and Math-Statistical Triple-Product Rule 154 4.3.1 The Triple-Product Rule of Uniforms 156 4.3.2 Data Analysis on the Total Residual Risk of the Security Meter Design 158 4.3.3 Triple-Product Rule Discussions 169 4.4 Modifying the SM Quantitative Model for Categorical, Hybrid, and Nondisjoint Data 170 4.5 Maintenance Priority Determination for 3 × 3 × 2 Sm 178 4.6 Privacy Meter (PM): How to Quantify Privacy Breach 183 4.6.1 Methodology 184 4.6.2 Privacy Risk-Meter Assessment and Management Examples 185 4.7 Polish Decoding (Decompression) Algorithm 187 4.8 Discussions and Conclusion 189 4.9 Exercises 190 References 199 5 Game-Theoretic Computing in Cyber-Risk 201 5.1 Historical Perspective to Game Theorys Origins 201 5.2 Applications of Game Theory to Cyber-Security Risk 203 5.3 Intuitive Background: Concepts, Definitions, and Nomenclature 204 5.3.1 A Price War Example 205 5.4 Random Selection for Nash Mixed Strategy 208 5.4.1 Random Probabilistic Selection 208 5.4.2 Does Nash Equilibrium (NE) Exist for the Company A/B Problem in Table 5.1? 209 5.4.3 An Example: Matching Pennies 210 5.4.4 Another Game: The Prisoners Dilemma 210 5.4.5 Games with Multiple NE (Terrorist Game: Bold Strategy Result in Domination) 211 5.5 Adversarial Risk Analysis Models by Banks, Rios, and Rios 213 5.6 An Alternative Model: Sahinoglus Security Meter for Neumann and Nash Mixed Strategy 215 5.7 Other Interdisciplinary Applications of Risk Meters 220 5.8 Mixed Strategy for Risk Assessment and Management-University Server and Social Network Examples 221 5.8.1 University Servers Security Risk-Meter Example 221 5.8.2 Social Networks Privacy and Security Risk-Meter (RM) Example 222 5.8.3 Clarification of Risk Assessment and Management Algorithm for Social Networks 224 5.9 Application to Hospital Healthcare Service Risk 226 5.10 Application to Environmetrics and Ecology Risk 229 5.11 Application to Digital Forensics Security Risk 234 5.12 Application to Business Contracting Risk 239 5.13 Application to National Cybersecurity Risk 245 5.14 Application to Airport Service Quality Risk 253 5.15 Application to Offshore Oil-Drilling Spill and Security Risk 257 5.16 Discussions and Conclusion 264 5.17 Exercises 266 References 271 6 Modeling and Simulation in Cyber-Risk 277 6.1 Introduction and a Brief History to Simulation 277 6.2 Generic Theory: Case Studies on Goodness of Fit for Uniform Numbers 278 6.3 Why Crucial to Manufacturing and Cyber Defense 279 6.4 A Cross Section of Modeling and Simulation in Manufacturing Industry 280 6.4.1 Modeling and Simulation of Multistate Production Units and Systems in Manufacturing 281 6.4.2 Two-State SL Probability Model of Units with Closed-Form Solution 283 6.4.3 Extended Three-State SL Probability Model of Up–Down –Derated Units with Mc Simulation 284 6.4.4 Statistical Simulation of Three-State Units to Estimate the Density of Up–Down –Der 289 6.4.5 How to Generate Random Numbers from Sl pdf to Simulate Component and System Behavior 296 6.4.6 Example of Sl Simulation for Modeling Network of 2-in-Simple-Series Two-State (Up–Dn) Units 297 6.4.7 Example of Sl Simulation for Modeling a Network of 7-in-Complex-Topology Two-State (Up–Dn) Units 300 6.5 A Review of Modeling and Simulation in Cyber-Security 301 6.5.1 MC Value-at-Risk Approach by Kim et al. in Cloud Computing 301 6.5.2 MC and DES in Security Meter (Sm) Risk Model 302 6.6 Application of Queuing Theory and Multichannel Simulation to Cyber-Security 306 6.6.1 Example 1: One Recovery-Crew Case for Cyber-Security Queuing Simulation 306 6.6.2 Example 2: Two Recovery-Crew Case for Cyber-Security Queuing Simulation 308 6.7 Discussions and Conclusion 308 Appendix 6.A 311 6.8 Exercises 315 References 335 7 Cloud Computing in Cyber-Risk 339 7.1 Introduction and Motivation 339 7.2 Cloud Computing Risk Assessment 342 7.3 Motivation and Methodology 343 7.3.1 History of Theoretical Developments on CLOUD Modeling 343 7.3.2 Notation 344 7.3.3 Objectives 344 7.3.4 Frequency and Duration Method for the Loss of Load or Service 345 7.3.5 Nbd as a Compound Poisson Model 346 7.3.6 Nbd for the Loss of Load or Loss of Cloud Service Expected 348 7.4 Various Applications to Cyber Systems 349 7.4.1 Small Sample Experimental Systems 349 7.4.2 Large Cyber Systems 353 7.5 Large Cyber Systems Using Statistical Methods 357 7.6 Repair Crew and Product Reserve Planning to Manage Risk Cost Effectively Using Cyberrisksolver Cloud Management Java Tool 359 7.6.1 Cloud Resource Management Planning for Employment of Repair Crews 360 7.6.2 Cloud Resource Management Planning by Production Deployment 365 7.7 Remarks for "Physical Cloud" Employing Physical Products (Servers, Generators, Communication Towers, Etc.) 368 7.8 Applications to "Social (Human Resources) Cloud" 372 7.8.1 Numerical Example for Social Cloud (200 Employees Performing) 376 7.8.2 Input Wizard Example for Social Cloud (200 Employees Performing) 379 7.9 Stochastic Cloud System Simulation 379 7.9.1 Introduction and Methodology 381 7.9.2 Numerical Applications for Ss to Verify Non-Ss 385 7.9.3 Details of Probability Distributions Used in Stochastic Simulation 387 7.9.4 Varying Product Repair and Failure Date with Empirical Bayesian Posterior Gamma Approach 393 7.9.5 Varying Link Repair and Failure Using Gamma Distribution 393 7.9.6 Ss Applied to a Power or Cyber Grid 394 7.9.7 Error Checking or Flagging 396 7.10 Cloud Risk Meter Analysis 397 7.10.1 Risk Assessment and Management Clarifications for Figures 7.72 and 7.73 402 7.11 Discussions and Conclusion 405 7.12 Exercises 407 References 416 8 Software Reliability Modeling and Metrics in Cyber-Risk 421 8.1 Introduction, Motivation, and Methodology 421 8.2 History and Classification of Software Reliability Models 422 8.2.1 Time-between-Failures Models 422 8.2.2 Failure-Counting Models 422 8.2.3 Bayesian Model 423 8.2.4 Static (Nondynamic) Models 423 8.2.5 Others 424 8.3 Software Reliability Models in Time Domain 424 8.4 Software Reliability Growth Models 425 8.4.1 Negative Exponential Class of Failure Times 425 8.4.2 J–M De-eutrophication Model (Binomial Type) 425 8.4.3 Morandas Geometric Model (Poisson Type) 426 8.4.4 Goel–Okumoto Nonhomogeneous Poisson Process (Poisson Type) 427 8.4.5 Musas Basic Execution Time Model (Poisson Type) 428 8.4.6 Musa–Okumoto Logarithmic Poisson Execution Time Model (Poisson Type) 429 8.4.7 L–V Bayesian Model 431 8.4.8 Sahinoglus Compound Poisson^Geometric and Poisson^Logarithmic Series Models 433 8.4.9 Gamma, Weibull, and Other Classes of Failure Times 435 8.4.10 Duane Model (Poisson Type) 439 8.5 Numerical Examples Using Pedagogues 440 8.5.1 Example 1 440 8.5.2 Example 2 441 8.6 Recent Trends in Software Reliability 441 8.7 Discussions and Conclusion 442 8.8 Exercises 444 References 445 9 Metrics for Software Reliability Failure-Count Models in Cyber-Risk 451 9.1 Introduction and Methodology on Failure-Count Estimation in Software Reliability 451 9.1.1 Statistical Estimation Models, Computational Formulas, and Examples 452 9.1.2 Interpretations of Numerical Examples and Discussions 464 9.2 Predictive Accuracy to Compare Failure-Count Models 466 9.2.1 Classical Distribution Approach 468 9.2.2 Prior Distribution Approach 469 9.2.3 Applications to Data Sets and Comparisons 472 9.3 Discussions and Conclusion 473 appendix 9.A 477 9.4 Exercises 478 References 482 10 Practical Hands-On Lab Topics in Cyber-Risk 483 10.1 System Hardening 483 10.1.1 General 483 10.1.2 Windows Servers 484 10.1.3 Wireless 484 10.1.4 Firewalls, Routers, and Switches 485 10.2 Email Security 486 10.2.1 Identifying Fake Emails 486 10.2.2 Emotion Responses 486 10.3 MS-DOS Commands 487 10.3.1 Mapping Intel 488 10.4 Logging 492 10.4.1 Policy 493 10.4.2 Understanding Logs 494 10.5 Firewall 495 10.5.1 Traditional Firewalls 495 10.5.2 Ngfs 496 10.5.3 Host-Based Firewalls 496 10.6 Wireless Networks 496 10.7 Discussions and Conclusion 499 Appendix 10.A 500 10.8 Exercises 501 10.8.1 System Hardening 501 10.8.2 Email 501 10.8.3 Ms-Dos 502 10.8.4 Logging 503 10.8.5 Firewall 503 10.8.6 Wireless 505 10.8.7 Comprehensive Exercises 505 10.8.8 Cryptology Projects 507 References 509 What the Cyber-Risk Informatics Textbook and the Author are About? 511 Index 513 Long Description This book provides a scientific modeling approach for conducting metrics-based quantitative risk assessments of cybersecurity vulnerabilities and threats. This book provides a scientific modeling approach for conducting metrics-based quantitative risk assessments of cybersecurity threats. The author builds from a common understanding based on previous class-tested works to introduce the reader to the current and newly innovative approaches to address the maliciously-by-human-created (rather than by-chance-occurring) vulnerability and threat, and related cost-effective management to mitigate such risk. This book is purely statistical data-oriented (not deterministic) and employs computationally intensive techniques, such as Monte Carlo and Discrete Event Simulation. The enriched JAVA ready-to-go applications and solutions to exercises provided by the author at the book s specifically preserved website will enable readers to utilize the course related problems. Enables the reader to use the books websites applications to implement and see results, and use them making budgetary sense Utilizes a data analytical approach and provides clear entry points for readers of varying skill sets and backgrounds Developed out of necessity from real in-class experience while teaching advanced undergraduate and graduate courses by the author Cyber-Risk Informatics is a resource for undergraduate students, graduate students, and practitioners in the field of Risk Assessment and Management regarding Security and Reliability Modeling. Mehmet Sahinoglu, a Professor (1990) Emeritus (2000), is the founder of the Informatics Institute (2009) and its SACS-accredited (2010) and NSA-certified (2013) flagship Cybersystems and Information Security (CSIS) graduate program (the first such full degree in-class program in Southeastern USA) at AUM, Auburn University s metropolitan campus in Montgomery, Alabama. He is a fellow member of the SDPS Society, a senior member of the IEEE, and an elected member of ISI. Sahinoglu is the recipient of Microsofts Trustworthy Computing Curriculum (TCC) award and the author of Trustworthy Computing (Wiley, 2007). Details ISBN1119087511 Series CourseSmart ISBN-10 1119087511 ISBN-13 9781119087519 Format Hardcover Language English Media Book DEWEY 005.8 Year 2016 Subtitle Engineering Evaluation with Data Science Country of Publication United States Short Title CYBER RISK INFORMATICS Pages 560 Illustrations illustrations Author Mehmet Sahinoglu Birth 1951 UK Release Date 2016-06-17 AU Release Date 2016-05-13 NZ Release Date 2016-05-13 Publisher John Wiley & Sons Inc Publication Date 2016-06-17 Imprint John Wiley & Sons Inc Place of Publication New York Audience Professional & Vocational US Release Date 2016-06-17 We've got this At The Nile, if you're looking for it, we've got it. With fast shipping, low prices, friendly service and well over a million items - you're bound to find what you want, at a price you'll love! TheNile_Item_ID:131655376;
Price: 328.88 AUD
Location: Melbourne
End Time: 2024-11-22T06:04:13.000Z
Shipping Cost: 16.09 AUD
Product Images
Item Specifics
Restocking fee: No
Return shipping will be paid by: Buyer
Returns Accepted: Returns Accepted
Item must be returned within: 30 Days
ISBN-13: 9781119087519
Book Title: Cyber-Risk Informatics
Number of Pages: 560 Pages
Language: English
Publication Name: Cyber-Risk Informatics: Engineering Evaluation with Data Science
Publisher: John Wiley and Sons Ltd
Publication Year: 2016
Subject: Engineering & Technology, Computer Science
Item Height: 235 mm
Item Weight: 868 g
Type: Textbook
Author: Mehmet Sahinoglu
Item Width: 163 mm
Format: Hardcover
