Your search keyword '"Maochao Xu"' showing total 11 results

1. A multivariate frequency-severity framework for healthcare data breaches

Author

Hong Sun, Maochao Xu, and Peng Zhao

Subjects

Statistics and Probability, Modeling and Simulation, Statistics, Probability and Uncertainty

Published

2023

2. Multivariate dependence among cyber risks based on L-hop propagation

Author

Maochao Xu, Gaofeng Da, and Peng Zhao

Subjects

Statistics and Probability, Economics and Econometrics, Multivariate statistics, business.industry, Computer science, Association (object-oriented programming), Covariance, Measure (mathematics), Risk analysis (engineering), Component (UML), Statistics, Probability and Uncertainty, Hop (telecommunications), business, Risk management

Abstract

Dependence among cyber risks has been an essential and challenging component of risk management. The current study characterizes cyber dependence from both qualitative and quantitative perspectives based on L-hop propagation model. From the qualitative side, it is shown that cyber risks always possess positive association based on the proposed risk propagation model. From the quantitative side, an explicit formula for computing the fundamental dependence measure of covariance is provided for an arbitrary network. In particular, we study the impacts of factors—especially external and internal compromise probabilities, propagation depth, and network topologies—on dependence among cyber risks. We conclude by presenting some examples and applications.

Published

2021

3. Statistical modeling of computer malware propagation dynamics in cyberspace

Author

Peng Zhao, Taizhong Hu, Xing Fang, Shouhuai Xu, Zijian Fang, and Maochao Xu

Subjects

Statistics and Probability, Software_OPERATINGSYSTEMS, 021103 operations research, Computer science, 0211 other engineering and technologies, Statistical model, 02 engineering and technology, Articles, computer.software_genre, Computer security, 01 natural sciences, ComputingMilieux_MANAGEMENTOFCOMPUTINGANDINFORMATIONSYSTEMS, 010104 statistics & probability, Important research, Dynamics (music), Malware, 0101 mathematics, Statistics, Probability and Uncertainty, Cyberspace, computer, Cyber threats, Computer Science::Cryptography and Security

Abstract

Modeling cyber threats, such as the computer malicious software (malware) propagation dynamics in cyberspace, is an important research problem because models can deepen our understanding of dynamical cyber threats. In this paper, we study the statistical modeling of the macro-level evolution of dynamical cyber attacks. Specifically, we propose a Bayesian structural time series approach for modeling the computer malware propagation dynamics in cyberspace. Our model not only possesses the parsimony property (i.e. using few model parameters) but also can provide the predictive distribution of the dynamics by accommodating uncertainty. Our simulation study shows that the proposed model can fit and predict the computer malware propagation dynamics accurately, without requiring to know the information about the underlying attack-defense interaction mechanism and the underlying network topology. We use the model to study the propagation of two particular kinds of computer malware, namely the Conficker and Code Red worms, and show that our model has very satisfactory fitting and prediction accuracies.

Published

2022

4. Data Breach CAT Bonds: Modeling and Pricing

Author

Maochao Xu and Yiying Zhang

Subjects

Statistics and Probability, Economics and Econometrics, Actuarial science, education, ComputingMilieux_LEGALASPECTSOFCOMPUTING, Data breach, behavioral disciplines and activities, humanities, Catastrophe bond, Work (electrical), Business, Statistics, Probability and Uncertainty, Extreme risk, Insurance industry, health care economics and organizations

Abstract

Data breaches cause millions of dollars in financial losses each year. The insurance industry has been exploring the ways to transfer such extreme risk. In this work, we investigate data breach cat...

Published

2021

5. Modeling Malicious Hacking Data Breach Risks

Author

Hong Sun, Maochao Xu, and Peng Zhao

Subjects

Statistics and Probability, ComputingMilieux_MANAGEMENTOFCOMPUTINGANDINFORMATIONSYSTEMS, Economics and Econometrics, Cyber-Insurance, ComputingMilieux_LEGALASPECTSOFCOMPUTING, Business, Data breach, Statistics, Probability and Uncertainty, Computer security, computer.software_genre, computer, Hacker

Abstract

Malicious hacking data breaches cause millions of dollars in financial losses each year, and more companies are seeking cyber insurance coverage. The lack of suitable statistical approaches for sco...

Published

2020

6. Cybersecurity Insurance: Modeling and Pricing

Author

Lei Hua and Maochao Xu

Subjects

Statistics and Probability, 010104 statistics & probability, Economics and Econometrics, 0103 physical sciences, Business, 0101 mathematics, Statistics, Probability and Uncertainty, 010306 general physics, Computer security, computer.software_genre, 01 natural sciences, computer

Abstract

Cybersecurity risk has attracted considerable attention in recent decades. However, the modeling of cybersecurity risk is still in its infancy, mainly because of its unique characteristics. In this...

Published

2019

7. Modeling Multivariate Cyber Risks: Deep Learning Dating Extreme Value Theory

Author

Maochao Xu, Xing Fang, Mingyue Zhang Wu, Jinzhu Luo, and Peng Zhao

Subjects

FOS: Computer and information sciences, Statistics and Probability, Multivariate statistics, Computer science, 0211 other engineering and technologies, Machine Learning (stat.ML), 02 engineering and technology, Machine learning, computer.software_genre, 01 natural sciences, Statistics - Applications, Domain (software engineering), Task (project management), 010104 statistics & probability, Statistics - Machine Learning, Applications (stat.AP), 0101 mathematics, Extreme value theory, ComputingMilieux_MISCELLANEOUS, 021103 operations research, business.industry, Deep learning, Articles, Heavy-tailed distribution, Artificial intelligence, Statistics, Probability and Uncertainty, High dimensionality, business, computer

Abstract

Modeling cyber risks has been an important but challenging task in the domain of cyber security. It is mainly because of the high dimensionality and heavy tails of risk patterns. Those obstacles have hindered the development of statistical modeling of the multivariate cyber risks. In this work, we propose a novel approach for modeling the multivariate cyber risks which relies on the deep learning and extreme value theory. The proposed model not only enjoys the high accurate point predictions via deep learning but also can provide the satisfactory high quantile prediction via extreme value theory. The simulation study shows that the proposed model can model the multivariate cyber risks very well and provide satisfactory prediction performances. The empirical evidence based on real honeypot attack data also shows that the proposed model has very satisfactory prediction performances., 25 pages

Published

2021

8. Modeling multivariate cybersecurity risks

Author

Shouhuai Xu, Chen Peng, Maochao Xu, and Taizhong Hu

Subjects

Statistics and Probability, 021110 strategic, defence & security studies, Multivariate statistics, Computer science, Autoregressive conditional heteroskedasticity, 0211 other engineering and technologies, 02 engineering and technology, Computer security, computer.software_genre, 01 natural sciences, Vine copula, 010104 statistics & probability, 0101 mathematics, Statistics, Probability and Uncertainty, computer, Value at risk

Abstract

Modeling cybersecurity risks is an important, yet challenging, problem. In this paper, we initiate the study of modeling multivariate cybersecurity risks. We develop the first statistical a...

Published

2018

9. Modeling and predicting extreme cyber attack rates via marked point processes

Author

Shouhuai Xu, Chen Peng, Taizhong Hu, and Maochao Xu

Subjects

Statistics and Probability, 021110 strategic, defence & security studies, National security, Computer science, business.industry, Unit of time, Perspective (graphical), 0211 other engineering and technologies, Complex system, 020206 networking & telecommunications, 02 engineering and technology, Computer security, computer.software_genre, Point process, 0202 electrical engineering, electronic engineering, information engineering, Cyber-attack, The Internet, Data mining, Statistics, Probability and Uncertainty, Extreme value theory, business, computer

Abstract

Cyber attacks have become a problem that is threatening the economy, human privacy, and even national security. Before we can adequately address the problem, we need to have a crystal clear understanding about cyber attacks from various perspectives. This is a challenge because the Internet is a large-scale complex system with humans in the loop. In this paper, we investigate a particular perspective of the problem, namely the extreme value phenomenon that is exhibited by cyber attack rates, which are the numbers of attacks against a system of interest per time unit. It is important to explore this perspective because understanding the statistical properties of extreme cyber attack rates will pave the way for cost-effective, if not optimal, allocation of resources in real-life cyber defense operations. Specifically, we propose modeling and predicting extreme cyber attack rates via marked point processes, while using the Value-at-Risk as a natural measure of intense cyber attacks. The point process...

Published

2016

10. ON THE QUASI-STATIONARY DISTRIBUTION OF SIS MODELS

Author

Gaofeng Da, Shouhuai Xu, and Maochao Xu

Subjects

Statistics and Probability, 010104 statistics & probability, Stationary distribution, Computer science, 0202 electrical engineering, electronic engineering, information engineering, 020201 artificial intelligence & image processing, 02 engineering and technology, Statistical physics, 0101 mathematics, Management Science and Operations Research, Statistics, Probability and Uncertainty, 01 natural sciences, Industrial and Manufacturing Engineering

Abstract

In this paper, we propose a novel method for constructing upper bounds of the quasi-stationary distribution of SIS processes. Using this method, we obtain an upper bound that is better than the state-of-the-art upper bound. Moreover, we prove that the fixed point map Φ [7] actually preserves the equilibrium reversed hazard rate order under a certain condition. This allows us to further improve the upper bound. Some numerical results are presented to illustrate the results.

Published

2016

11. Discrete Truncated Power‐Law Distributions

Author

Maochao Xu, Hong Zhu, and Yingchao Xie

Subjects

Statistics and Probability, Mathematical optimization, Monte Carlo method, Order statistic, Sample (statistics), 010103 numerical & computational mathematics, 01 natural sciences, Power law, Upper and lower bounds, 010104 statistics & probability, symbols.namesake, Heavy-tailed distribution, symbols, Pareto distribution, Statistical physics, 0101 mathematics, Statistics, Probability and Uncertainty, Intensity (heat transfer), Mathematics

Abstract

Summary Discrete power-law distributions have significant consequences for understanding many phenomena in practice, and have attracted much attention in recent decades. However, in many practical applications, there exists a natural upper bound for the probability tail. In this paper, we develop maximum likelihood estimates for truncated discrete power-law distributions based on the upper order statistics, and large sample properties are mentioned as well. Monte Carlo simulation is carried out to examine the finite sample performance of the estimates. Applications in real cyber attack data and peak gamma-ray intensity of solar flares are highlighted.

Published

2016