9 results on '"Maochao Xu"'
Search Results
2. Multivariate dependence among cyber risks based on L-hop propagation
- Author
-
Maochao Xu, Gaofeng Da, and Peng Zhao
- Subjects
Statistics and Probability ,Economics and Econometrics ,Multivariate statistics ,business.industry ,Computer science ,Association (object-oriented programming) ,Covariance ,Measure (mathematics) ,Risk analysis (engineering) ,Component (UML) ,Statistics, Probability and Uncertainty ,Hop (telecommunications) ,business ,Risk management - Abstract
Dependence among cyber risks has been an essential and challenging component of risk management. The current study characterizes cyber dependence from both qualitative and quantitative perspectives based on L-hop propagation model. From the qualitative side, it is shown that cyber risks always possess positive association based on the proposed risk propagation model. From the quantitative side, an explicit formula for computing the fundamental dependence measure of covariance is provided for an arbitrary network. In particular, we study the impacts of factors—especially external and internal compromise probabilities, propagation depth, and network topologies—on dependence among cyber risks. We conclude by presenting some examples and applications.
- Published
- 2021
3. Determination of ransomware payment based on Bayesian game models
- Author
-
Rui Fang, Maochao Xu, and Peng Zhao
- Subjects
General Computer Science ,Law - Published
- 2022
4. On the signature of complex system: A decomposed approach
- Author
-
Ping Shing Chan, Gaofeng Da, and Maochao Xu
- Subjects
Structure (mathematical logic) ,021103 operations research ,Information Systems and Management ,General Computer Science ,Computer science ,Computation ,Distributed computing ,0211 other engineering and technologies ,Complex system ,02 engineering and technology ,Management Science and Operations Research ,01 natural sciences ,Industrial and Manufacturing Engineering ,Signature (logic) ,010104 statistics & probability ,Modeling and Simulation ,0101 mathematics ,Architecture - Abstract
The computation of the signature of a complex system is often challenging, as it may involve a large number of components and a complex architecture. In this study, we propose a novel approach to computing the signature of a system consisting of subsystems with shared components. The proposed approach relies on a new concept called decomposed survival signatures. This new concept can be efficiently used to compute the signature of a modular system with an arbitrary organizing structure and to provide explicit formulas for computation. Applications in cyber systems, transportation systems, and branched oil pipeline systems are highlighted.
- Published
- 2018
5. Defending a cyber system with early warning mechanism
- Author
-
Weidong Shi, Die Chen, and Maochao Xu
- Subjects
021110 strategic, defence & security studies ,Engineering ,021103 operations research ,Warning system ,Network defense ,business.industry ,Mechanism (biology) ,Reliability (computer networking) ,0211 other engineering and technologies ,02 engineering and technology ,Computer security ,computer.software_genre ,Industrial and Manufacturing Engineering ,Component (UML) ,Key (cryptography) ,Resource allocation ,Safety, Risk, Reliability and Quality ,business ,computer - Abstract
Due to the increasing reliance on networks, defending a cyber system is of vital importance. In this paper, we consider an important mechanism of early warning for defending a cyber system that has become a key component of constructing network defense in practice. We study the reliability of a system under attack from single or multiple sources. In particular, we discuss the effect of an early warning mechanism on the system reliability. We then propose the optimal strategy for defending a cyber system with early warning components in the worst attack scenario. The theoretical results are further validated by simulation evidence.
- Published
- 2018
6. Ensuring confidentiality and availability of sensitive data over a network system under cyber threats
- Author
-
Gaofeng Da, Peng Zhao, Xiaoyu Zhang, and Maochao Xu
- Subjects
Flexibility (engineering) ,021110 strategic, defence & security studies ,021103 operations research ,Computer science ,0211 other engineering and technologies ,Pareto principle ,02 engineering and technology ,Data breach ,Computer security ,computer.software_genre ,Network topology ,Partition (database) ,Industrial and Manufacturing Engineering ,Scalability ,Confidentiality ,Safety, Risk, Reliability and Quality ,computer ,Cyber threats - Abstract
The online storage of sensitive data enjoys many benefits such as flexibility, cost-savings, scalability, and convenience but it also poses a big concern on the data confidentiality and availability. To ensure the confidentiality and availability of sensitive data over a network system, the data partition technique is often employed. We study the optimal data partition strategy over an arbitrary network under cyber threats. Both the outside attack and the risk propagation (i.e., inside attack) are considered for the data partition. The data breach probability and retrieve probability are discussed under both limited and unlimited risk propagation for various scenarios. It is discovered that the risk propagation can have much more impact on the optimal partition strategy than that of outside attacks, and the unlimited risk propagation leads to more severer cyber risk. The network topology significantly impacts the partition strategy which hints that the network topology should never be overlooked in practice. The corruption due to compromise can lead to different partition strategies. An optimal partition model is developed for determining the optimal strategy and the pareto non-dominated solutions are recommended for practical use.
- Published
- 2021
7. Cyber attacks on PMU placement in a smart grid: Characterization and optimization
- Author
-
Maochao Xu, Weiyong Ding, Yu Huang, Fengyi Song, and Peng Zhao
- Subjects
021110 strategic, defence & security studies ,021103 operations research ,Computer science ,Reliability (computer networking) ,0211 other engineering and technologies ,Phasor ,02 engineering and technology ,Computer security ,computer.software_genre ,Unobservable ,Industrial and Manufacturing Engineering ,Electric power system ,Units of measurement ,Smart grid ,Observability ,State (computer science) ,Safety, Risk, Reliability and Quality ,computer - Abstract
Phasor measurement units (PMUs) have been integrated into the smart grid for monitoring the operational state of system and improving the reliability. Due to the high cost of PMU installment, the optimal placement strategies have attracted considerable attention in the literature. However, the impacts of cyber threats on the placement have been largely ignored owing to the cyber complexities. This paper initializes the study on the optimal PMU placement in a smart grid under the cyber threats. A probabilistic model is developed for assessing the unobservable risk of the power grid. We characterize the impacts of several cyber factors on the PMU placements including the number of directly attacked PMUs, the dependence among attack outcomes, and risk propagation. We further study the impacts of cyber attacks on the allocation strategies under a bi-level placement model. In particular, a novel ‘greedy’ algorithm for PMU placement is introduced with the presence of cyber risks. Our studies show that the cyber risk can significantly increase the unobservability risk of a power system which in turn requires additional PMU allocations, and the dependence among cyber attacks can lead to more unobservable risk.
- Published
- 2021
8. Multiple cyber attacks against a target with observation errors and dependent outcomes: Characterization and optimization
- Author
-
Shouhuai Xu, Maochao Xu, Xiaoxiao Hu, and Peng Zhao
- Subjects
021110 strategic, defence & security studies ,Engineering ,021103 operations research ,business.industry ,Compromise ,media_common.quotation_subject ,0211 other engineering and technologies ,Novelty ,Monotonic function ,02 engineering and technology ,Computer security ,computer.software_genre ,Industrial and Manufacturing Engineering ,Copula (probability theory) ,Pre-play attack ,Safety, Risk, Reliability and Quality ,business ,computer ,Random variable ,media_common - Abstract
In this paper we investigate a cybersecurity model: An attacker can launch multiple attacks against a target with a termination strategy that says that the attacker will stop after observing a number of successful attacks or when the attacker is out of attack resources. However, the attacker's observation of the attack outcomes (i.e., random variables indicating whether the target is compromised or not) has an observation error that is specified by both a false-negative and a false-positive probability. The novelty of the model we study is the accommodation of the dependence between the attack outcomes, because the dependence was assumed away in the literature. In this model, we characterize the monotonicity and bounds of the compromise probability (i.e., the probability that the target is compromised). In addition to extensively showing the impact of dependence on quantities such as compromise probability and attack cost, we give methods for finding the optimal strategy that leads to maximum compromise probability or minimum attack cost. This study highlights that the dependence between random variables cannot be assumed away, because the results will be misleading.
- Published
- 2017
9. Cyber risks of PMU networks with observation errors: Assessment and mitigation
- Author
-
Maochao Xu, Peng Zhao, Weiyong Ding, and Yu Huang
- Subjects
Risk model ,Smart grid ,business.industry ,Computer science ,Observability ,Power grid ,Safety, Risk, Reliability and Quality ,business ,Risk assessment ,Industrial and Manufacturing Engineering ,Risk management ,Cyber threats ,Reliability engineering - Abstract
The PMU network has been utilized to monitor the system operation of a smart grid in recent decades. This brings a significant cyber risk for the power grid as the attacker can manipulate the PMU network to introduce the false positive and false negative observation errors. A novel risk model is proposed for the PMU networks by considering the observation errors. It is discovered that ignoring the due observation errors can severely underestimate the PMU risks as shown by the theoretical and simulation studies. The risk mitigation strategies for improving the safety levels of PMUs with the observation errors are studied. It is found that the optimal mitigation strategy can be different when the observation errors are present. Numerical examples are presented for illustrations as well.
- Published
- 2020
Catalog
Discovery Service for Jio Institute Digital Library
For full access to our library's resources, please sign in.