Librería Portfolio Librería Portfolio

Búsqueda avanzada

TIENE EN SU CESTA DE LA COMPRA

0 productos

en total 0,00 €

CYBER-RISK INFORMATICS: ENGINEERING EVALUATION WITH DATA SCIENCE
Título:
CYBER-RISK INFORMATICS: ENGINEERING EVALUATION WITH DATA SCIENCE
Subtítulo:
Autor:
SAHINOGLU, M
Editorial:
JOHN WILEY
Año de edición:
2016
ISBN:
978-1-119-08751-9
Páginas:
560
123,00 € -10,0% 110,70 €

 

Sinopsis

This book provides a scientific modeling approach for conducting metrics-based quantitative risk assessments of cybersecurity vulnerabilities and threats.

This book provides a scientific modeling approach for conducting metrics-based quantitative risk assessments of cybersecurity threats. The author builds from a common understanding based on previous class-tested works to introduce the reader to the current and newly innovative approaches to address the maliciously-by-human-created (rather than by-chance-occurring) vulnerability and threat, and related cost-effective management to mitigate such risk. This book is purely statistical data-oriented (not deterministic) and employs computationally intensive techniques, such as Monte Carlo and Discrete Event Simulation. The enriched JAVA ready-to-go applications and solutions to exercises provided by the author at the book's specifically preserved website will enable readers to utilize the course related problems.

 Enables the reader to use the book´s website´s applications to implement and see results, and use them making 'budgetary' sense

 Utilizes a data analytical approach and provides clear entry points for readers of varying skill sets and backgrounds

 Developed out of necessity from real in-class experience while teaching advanced undergraduate and graduate courses by the author

Cyber-Risk Informatics is a resource for undergraduate students, graduate students, and practitioners in the field of Risk Assessment and Management regarding Security and Reliability Modeling.

Mehmet Sahinoglu, a Professor (1990) Emeritus (2000), is the founder of the Informatics Institute (2009) and its SACS-accredited (2010) and NSA-certified (2013) flagship Cybersystems and Information Security (CSIS) graduate program (the first such full degree in-class program in Southeastern USA) at AUM, Auburn University's metropolitan campus in Montgomery, Alabama. He is a fellow member of the SDPS Society, a senior member of the IEEE, and an elected member of ISI. Sahinoglu is the recipient of Microsoft´s Trustworthy Computing Curriculum (TCC) award and the author of Trustworthy Computing (Wiley, 2007).



Table of Contents

PROLOGUE, REVIEWS vi

PREFACE 12

ACKNOWLEDGMENTS AND DEDICATION 19

ABOUT THE AUTHOR 20

Chapter 1 Metrics, Statistical Quality Control and Basic Reliability in Cyber-Risk 21

Learning Objectives 21

Abstract 21

1.1. Deterministic and Stochastic Cyber-Risk Metrics 22

1.2. Statistical Risk Analysis 23

1.3. Acceptance Sampling in Quality Control 37

1.4. Poisson and Normal Approximations to Binomial in Quality Control 40

1.5. Basic Statistical Reliability Concepts and Monte Carlo Simulators 43

1.6. Discussions and Conclusion 62

1.7. Exercises 73

1.8. References 81

Chapter 2 Complex Network Reliability Evaluation and Estimation in Cyber-Risk 83

Learning Objectives 83

Abstract 83

2.1. Introduction 84

2.2. Overlap Technique to Calculate Complex Network Reliability 85

2.3. The Overlap Method: Monte Carlo and Discrete-Event Simulation 92

2.4. Multistate System Reliability Evaluation 95

2.5. Weibull Distributed Reliability Evaluation 101

2.6. Discussions and Conclusion 115

2.7. Appendix: Overlap Algorithm and Example 115

2.8. Exercises 126

2.9. References 127

Chapter 3 Stopping Rules for Reliability and Security Tests in Cyber-Risk 131

Learning Objectives 131

Abstract 131

3.1. Introduction 132

3.2. Methods 134

3.3. Examples Merging Both Stopping Rules: LGM and CPM 140

3.4. Stopping Rule for Testing in the Time Domain 157

3.5. Discussions and Conclusion 165

3.6. Appendix (Solutions to T4 Analysis) 167

3.7. Exercises 170

3.8. References 171

Chapter 4 Security Assessment and Management in Cyber-Risk 173

Learning Objectives 173

Abstract 173

4.1. Introduction 174

4.2. Security Meter (SM) Model Design 178

4.3. Verification of the Probabilistic Security Meter Method by

Monte Carlo Simulation and Math-Statistical Triple Product Rule 181

4.4. Modifying the SM Quantitative Model for Categorical, Hybrid, and Nondisjoint Data 197

4.5. Maintenance Priority Determination-Example for 3 X 3 X 2 SM 206

4.6. Privacy Meter (PM): How to Quantify Privacy Breach 210

4.7. Polish Decoding (Decompression) Algorithm 214

4.8. Discussions and Conclusion 216

4.9. Exercises 217

4.10. References 225

Chapter 5 Game-Theoretic Computing in Cyber-Risk 227

Learning Objectives 227

Abstract 227

5.1. Historical Perspective to Game Theory's Origins 228

5.2. Applications of Game Theory to Cybersecurity Risk 229

5.3. Intuitive Background-Concepts, Definitions and Nomenclature 230

5.4. Random Probabilistic Selection for Nash Mixed Strategy 234

5.5. Adversarial Risk Analysis Models by Banks, Rio & Rio 237

5.6. Alternative Model: Sahinoglu´s Security Meter for Neumann and Nash Mixed Strategy 241

5.7. Other Interdisciplinary Applications of Risk-Meters 245

5.8. Mixed-Strategy for Risk Assessment and Management - University Server and Social Network Examples 246

5.9. Application to Health Care Service Risk 249

5.10. Application to Environmetrics and Ecology Risk 254

5.11. Application to Digital Forensics Risk 259

5.12. Application to Business Contracting Risk 265

5.13. Application to National Cybersecurity Risk 269

5.14. Application to Airport Service Quality Risk 277

5.15. Application to Offshore Oil-Drilling Spill and Security Risk 282

5.16. Discussions and Conclusion 289

5.17. Exercises 291

5.18. References 295

Chapter 6 Modeling and Simulation in Cyber-Risk 303

Learning Objectives 303

Abstract 303

6.1. Introduction and a Brief History to Simulation 304

6.2. Generic Theory- Case Studies on Goodness of Fit for Uniform Numbers 305

6.3. Why Crucial to Manufacturing and Cyber Defense 305

6.4. A Cross Section of Modeling and Simulation in Manufacturing 307

6.5. A Review of Modeling and Simulation in Cybersecurity 327

6.6. Application of Queing Theory and Simulation to Cybersecurity 332

6.7. Discussions and Conclusion 334

6.8. Appendix 334

6.9. Exercises 341

6.10. References 361

Chapter 7 Cloud Computing in Cyber-Risk 365

Learning Objectives 365

Abstract 365

7.1. Introduction and Motivation 366

7.2. Cloud Computing Risk Assessment 368

7.3. Motivation and Methodology 369

7.4. Various Applications to Cybersystems 375

7.5. Large Cyber Systems using Statistical Methods 382

7.6. Repair Crew and Product Reserve Planning to Manage Risk Cost Effectively Using Cyber-Risk Solver Cloud Management Java Tool 384

7.7. Remarks for 'Physical Cloud' Employing Physical Products (Servers, Generators, Communication Towers and Others) 397

7.8. Applications to ´Social (Human Resources) Cloud´ 399

7.9. Stochastic Cloud System Simulation 405

7.10. Cloud Risk-Meter Analysis 424

7.11. Discussions and Conclusion 430

7.12. Exercises 432

7.13. References 441

Chapter 8 Software Reliability Modeling and Metrics in Cyber-Risk 445

Learning Objectives 445

Abstract 445

8.1. Introduction, Motivation and Methodology 446

8.2. History and Classification of Software Reliability Models 447

8.3. Software Reliability Models in Time-Domain 448

8.4. Software Reliability Growth Models 449

8.5. Numerical Examples Using Pedagogues 466

8.6. Recent Trends in Software Reliability 467

8.7. Discussions and Conclusion 469

8.8. Exercises 470

8.9. References 472

Chapter 9 Metrics for software reliability failure-count models in cyber-risk 477

Learning Objectives 477

Abstract 477

9.1. Introduction and Methodology for Failure-Count Estimation in Software Reliability 478

9.2. Predictive Accuracy to Compare Failure-Count Models 493

9.3. Discussions and Conclusion 503

9.4. Appendix 505

9.5. Exercises 508

9.6. References 511

Chapter 10 Practical Hands-On Lab Topics in Cyber-Risk 513

Learning Objectives 513

Abstract 513

10.1. System Hardening 514

10.2. Email Security 516

10.3. MS-DOS Commands 518

10.4. Logging 526

10.5. Firewall 527

10.6. Wireless Networks 529

10.7. Discussions and Conclusion 530

10.8. Exercises 531

10.9. Appendix 540

10.10. References 541

Index 542

What the Cyber-Risk Informatics and Author are about? 554