Hong Sun,Maochao Xu,Peng Zhao

DOI: https://doi.org/10.1214/22-aoas1625

2023-01-01

The Annals of Applied Statistics

Abstract:Data breaches in healthcare have become a substantial concern in recent years, and cause millions of dollars in financial losses each year. It is fundamental for government regulators, insurance companies, and stakeholders to understand the breach frequency and the number of affected individuals in each state, as these are directly related to the federal Health Insurance Portability and Accountability Act (HIPAA) and state data breach laws. However, an obstacle to studying data breaches in healthcare is the lack of suitable statistical approaches. We develop a novel multivariate frequency-severity framework to analyze breach frequency and the number of affected individuals at the state level. A mixed effects model is developed to model the square root transformed frequency, and the log-gamma distribution is proposed to capture the skewness and heavy tail exhibited by the distribution of numbers of affected individuals. We further discover a positive nonlinear dependence between the transformed frequency and the log-transformed numbers of affected individuals (i.e., severity). In particular, we propose to use a D-vine copula to capture the multivariate dependence among conditional severities given frequencies due to its inherent temporal structure and rich bivariate copula families. The rejection sampling technique is developed to simulate the predictive distributions. Both the in-sample and out-of-sample studies show that the proposed multivariate frequency-severity model that accommodates non-linear dependence has satisfactory fitting and prediction performances.

Maochao Xu,Kristin M. Schweitzer,Raymond M. Bateman,Shouhuai Xu

DOI: https://doi.org/10.1109/tifs.2018.2834227

IF: 7.231

2018-01-01

IEEE Transactions on Information Forensics and Security

Abstract:Analyzing cyber incident data sets is an important method for deepening our understanding of the evolution of the threat situation. This is a relatively new research topic, and many studies remain to be done. In this paper, we report a statistical analysis of a breach incident data set corresponding to 12 years (2005-2017) of cyber hacking activities that include malware attacks. We show that, in contrast to the findings reported in the literature, both hacking breach incident inter-arrival times and breach sizes should be modeled by stochastic processes, rather than by distributions because they exhibit autocorrelations. Then, we propose particular stochastic process models to, respectively, fit the inter-arrival times and the breach sizes. We also show that these models can predict the inter-arrival times and the breach sizes. In order to get deeper insights into the evolution of hacking breach incidents, we conduct both qualitative and quantitative trend analyses on the data set. We draw a set of cybersecurity insights, including that the threat of cyber hacks is indeed getting worse in terms of their frequency, but not in terms of the magnitude of their damage.

Deng Yi,Yin Zhang,Yuqi Wang,Baogang Wei

DOI: https://doi.org/10.1007/978-3-319-08010-9_82

2014-01-01

Abstract:Social trust prediction aims at predicting the missing trust relations between online users. In this paper, we propose a novel and scalable structured sparse linear model for social trust prediction from a global neighborhood-based collaborative filtering perspective. We formulate the prediction problem as a set of independent linear regression problems regularized by pairwise elastic net, to automatically learn correlation coefficients between a user and its most similar neighbors. In order to deal with large-scale sparse social trust data, we utilize efficient hashing techniques and stochastic coordinate descent algorithm to cut down the computational cost of training model. The experimental results on three real-world data sets show that our approach can significantly outperform the other tested methods in terms of prediction quality and efficiency.

Maochao Xu,Quynh Nhu Nguyen

DOI: https://doi.org/10.30707/etd2022.20220705065053152241.999976

2022-01-01

Abstract:It is very challenging to predict the cost of a cyber incident owing to the complexnature of cyber risk. However, it is inevitable for insurance companies to offer cyber insurance policies. The time to identifying an incident and the time to noticing the affected individuals are two important components in determining the cost of a cyber incident. In this work, we initialize the study on those two metrics via statistical modeling approaches. We propose a novel approach to imputing the missing data, and further develop a dependence model to capture the complex pattern exhibited by those two metrics. The empirical study shows that the proposed approach has a satisfactory predictive performance and is superior to other commonly used models.

Hong Sun,Maochao Xu,Peng Zhao

DOI: https://doi.org/10.1080/10920277.2020.1752255

2021-01-01

North American Actuarial Journal

Abstract:Malicious hacking data breaches cause millions of dollars in financial losses each year, and more companies are seeking cyber insurance coverage. The lack of suitable statistical approaches for scoring breach risks is an obstacle in the insurance industry. We propose a novel frequency–severity model to analyze hacking breach risks at the individual company level, which would be valuable for underwriting purposes. We find that breach frequency can be modeled by a hurdle Poisson model, which is different from the negative binomial model used in the literature. The breach severity shows a heavy tail that can be captured by a nonparametric- generalized Pareto distribution model. We further discover a positive nonlinear dependence between frequency and severity, which our model also accommodates. Both the in-sample and out-of-sample studies show that the proposed frequency–severity model that accommodates nonlinear dependence has satisfactory performance and is superior to the other models, including the independence frequency–severity and Tweedie models.

Mingyue Zhang Wu,Jinzhu Luo,Xing Fang,Maochao Xu,Peng Zhao

DOI: https://doi.org/10.1080/02664763.2021.1936468

IF: 1.416

2021-06-04

Journal of Applied Statistics

Abstract:Modeling cyber risks has been an important but challenging task in the domain of cyber security, which is mainly caused by the high dimensionality and heavy tails of risk patterns. Those obstacles have hindered the development of statistical modeling of the multivariate cyber risks. In this work, we propose a novel approach for modeling the multivariate cyber risks which relies on the deep learning and extreme value theory. The proposed model not only enjoys the high accurate point predictions via deep learning but also can provide the satisfactory high quantile predictions via extreme value theory. Both the simulation and empirical studies show that the proposed approach can model the multivariate cyber risks very well and provide satisfactory prediction performances.

statistics & probability

Binbin Zhou,Longbiao Chen,Fangxun Zhou,Shijian Li,Sha Zhao,Sajal K. Das,Gang Pan

DOI: https://doi.org/10.1109/jsyst.2020.3023762

IF: 4.802

2021-01-01

IEEE Systems Journal

Abstract:Crime has been a complex social problem worldwide, impacting numerous individuals in both property and psychology, and affecting public safety as well. To prevent and avoid crime is of great importance for urban authorities and citizens. Crime prediction using various urban sensing data provides a promising paradigm to cope with this challenging problem. However, previous studies on crime prediction mainly focus on coarse-grained prediction at the region level, which fail in fine-grained road-level crime inference due to data sparsity problems. This article proposes a road-level framework for fine-grained crime risk inference leveraging heterogeneous open data. We first extract a set of features from relevant external datasets and historical crime records, i.e., temporal, spatial, and recurrence crime features. We then establish a spatio-temporal crime pattern using spatio-temporal features, and further infer road-level crime risk incorporating with recurrence crime features. The framework not only considers a useful spatio-temporal pattern but also considers a unique crime near-repeat phenomenon, which helps address the data sparsity. We further present an application crime risk-aware route recommendation to demonstrate the effectiveness of our framework. This application cannot be solved well with coarse-grained (e.g., region-level) crime risk results since it is inconvenient for people to travel while avoiding large regions with potential crime risks. Experiments with the real-world datasets from New York City show that our framework accurately infers road-level crime risk and outperforms other baseline methods.

Xing Fang,Maochao Xu,Shouhuai Xu,Peng Zhao

DOI: https://doi.org/10.1186/s13635-019-0090-6

2019-01-01

EURASIP Journal on Information Security

Abstract:Like how useful weather forecasting is, the capability of forecasting or predicting cyber threats can never be overestimated. Previous investigations show that cyber attack data exhibits interesting phenomena, such as long-range dependence and high nonlinearity, which impose a particular challenge on modeling and predicting cyber attack rates. Deviating from the statistical approach that is utilized in the literature, in this paper we develop a deep learning framework by utilizing the bi-directional recurrent neural networks with long short-term memory, dubbed BRNN-LSTM. Empirical study shows that BRNN-LSTM achieves a significantly higher prediction accuracy when compared with the statistical approach.

Zhou Binbin,Chen Longbiao,Zhou Fangxun,Li Shijian,Zhao Sha,Pan Gang

DOI: https://doi.org/10.1007/s11704-021-0136-z

IF: 2.6688

2021-01-01

Frontiers of Computer Science

Abstract:Crime risk prediction is helpful for urban safety and citizens’ life quality. However, existing crime studies focused on coarse-grained prediction, and usually failed to capture the dynamics of urban crimes. The key challenge is data sparsity, since that 1) not all crimes have been recorded, and 2) crimes usually occur with low frequency. In this paper, we propose an effective framework to predict fine-grained and dynamic crime risks in each road using heterogeneous urban data. First, to address the issue of unreported crimes, we propose a cross-aggregation soft-impute (CASI) method to deal with possible unreported crimes. Then, we use a novel crime risk measurement to capture the crime dynamics from the perspective of influence propagation, taking into consideration of both time-varying and location-varying risk propagation. Based on the dynamically calculated crime risks, we design contextual features (i.e., POI distributions, taxi mobility, demographic features) from various urban data sources, and propose a zero-inflated negative binomial regression (ZINBR) model to predict future crime risks in roads. The experiments using the real-world data from New York City show that our framework can accurately predict road crime risks, and outperform other baseline methods.

Yancheng Liang,Jiajie Zhang,Hui Li,Xiaochen Liu,Yi Hu,Yong Wu,Jinyao Zhang,Yongyan Liu,Yi Wu

2023-08-08

Abstract:Despite the tremendous advances achieved over the past years by deep learning techniques, the latest risk prediction models for industrial applications still rely on highly handtuned stage-wised statistical learning tools, such as gradient boosting and random forest methods. Different from images or languages, real-world financial data are high-dimensional, sparse, noisy and extremely imbalanced, which makes deep neural network models particularly challenging to train and fragile in practice. In this work, we propose DeRisk, an effective deep learning risk prediction framework for credit risk prediction on real-world financial data. DeRisk is the first deep risk prediction model that outperforms statistical learning approaches deployed in our company's production system. We also perform extensive ablation studies on our method to present the most critical factors for the empirical success of DeRisk.

Machine Learning,Statistical Finance

Xuefeng Li,Chensu Zhao,Yi Hu,Honglin Xie,Yuhang Wang,Jingyang Zhao

DOI: https://doi.org/10.1016/j.cose.2024.103879

IF: 5.105

2024-04-25

Computers & Security

Abstract:The pursuit of dividends from the burgeoning realm of data traffic has emerged as a prevailing trend. Given this current state of affairs, the safeguarding of personal information has become an urgent task. Current methods for personal privacy protection primarily offer alerts when information breaches occur, but at that stage, irreversible breaches have already transpired. Thus, the study of preemptive privacy breach prediction is a task of significant importance within the realm of privacy protection. However, the endeavor to predict privacy breaches in advance remains exceedingly challenging, owing to several factors: (i) The complexity of social networks gives rise to high-dimensional features. (ii) Concerning the comprehensive and precise capture of pathways leading to information leakage. (iii) How to employ time series data effectively to realize early predictions. This study proposes a novel approach for constructing graph neural networks and forecasting privacy breaches, centered on the context of user-generated content within specific time frames, integrates spatial graph structures with temporal series information. The integration can entirely achieve the advance prediction of users' privacy status, thereby preventing information leakage. Empirical tests on real-world datasets demonstrate that our approach surpasses traditional time series forecasting methods in privacy breach predictions, achieving a notable average improvement of 2% in F1 score, Recall, and Precision metrics.

computer science, information systems

Chen Peng,Maochao Xu,Shouhuai Xu,Taizhong Hu

DOI: https://doi.org/10.1080/02664763.2018.1436701

IF: 1.416

2018-01-01

Journal of Applied Statistics

Abstract:Modeling cybersecurity risks is an important, yet challenging, problem. In this paper, we initiate the study of modeling multivariate cybersecurity risks. We develop the first statistical approach, which is centered at a Copula-GARCH model that uses vine copulas to model the multivariate dependence exhibited by real-world cyber attack data. We find that ignoring the due multivariate dependence causes a severe underestimation of cybersecurity risks. Both simulation and empirical studies show that the proposed approach leads to accurate predictions of multivariate cybersecurity risks.

Long Cheng,Fang Liu,Danfeng Yao,Danfeng Daphne Yao

DOI: https://doi.org/10.1002/widm.1211

2017-06-09

Abstract:A data breach is the intentional or inadvertent exposure of confidential information to unauthorized parties. In the digital era, data has become one of the most critical components of an enterprise. Data leakage poses serious threats to organizations, including significant reputational damage and financial losses. As the volume of data is growing exponentially and data breaches are happening more frequently than ever before, detecting and preventing data loss has become one of the most pressing security concerns for enterprises. Despite a plethora of research efforts on safeguarding sensitive information from being leaked, it remains an active research problem. This review helps interested readers to learn about enterprise data leak threats, recent data leak incidents, various state‐of‐the‐art prevention and detection techniques, new challenges, and promising solutions and exciting opportunities. WIREs Data Mining Knowl Discov 2017, 7:e1211. doi: 10.1002/widm.1211 This article is categorized under: Application Areas > Business and Industry Fundamental Concepts of Data and Knowledge > Key Design Issues in Data Mining Technologies > Prediction There are multiple points and opportunities for an enterprise to deploy effective protections to secure sensitive data against inadvertent or malicious leak threats that may appear during data storage, usage, or movement. The challenge is to understand the threats, and more importantly, the security capabilities and limitations of various prevention and detection solutions, in order for administrators to make informed security choices and decisions in practice. This review paper analyzes major data breach incidents and systematizes the body of knowledge on prevention and detection. It also points out the exciting new research opportunities related to deep learning, cloud service, privacy, and experimental reproducibility.

computer science, artificial intelligence, theory & methods

Haowei Yang,Zhan Cheng,Zhaoyang Zhang,Yuanshuai Luo,Shuaishuai Huang,Ao Xiang

2024-10-25

Abstract:As the complexity and dynamism of financial markets continue to grow, traditional financial risk prediction methods increasingly struggle to handle large datasets and intricate behavior patterns. This paper explores the feasibility and effectiveness of using deep learning and big data algorithms for financial risk behavior prediction. First, the application and advantages of deep learning and big data algorithms in the financial field are analyzed. Then, a deep learning-based big data risk prediction framework is designed and experimentally validated on actual financial datasets. The experimental results show that this method significantly improves the accuracy of financial risk behavior prediction and provides valuable support for risk management in financial institutions. Challenges in the application of deep learning are also discussed, along with potential directions for future research.

Machine Learning,Artificial Intelligence

Lingling Dong

DOI: https://doi.org/10.1109/ECICE52819.2021.9645716

2021-10-29

Abstract:Big data analysis is characterized by a large amount of data, fast speed, multiple types, value, and authenticity. It is often applied to the data warehouse, data security, data analysis, data mining, and others. We built a big data-based risk prediction model by collecting the necessary data from 2012 to 2019, analyzed the application status in risk management. We found that the concept and mechanism of management are not reasonable, and put forward corresponding suggestions.

Engineering,Computer Science

Wangyuan Jing,Lingbo Wei,Hao Jin,Chi Zhang,Wenxiang Dong,Yangyang Li

DOI: https://doi.org/10.1109/hoticn57539.2022.10036231

2022-01-01

Abstract:The dramatic increase in the number of vulnerabilities and threats prompts the development of vulnerability exploitability prediction research. However, the existing vulnerability exploitability prediction research directly aggregates all vulnerability data without considering the security of vulnerability information, which leads to some problems such as data leakage and data island. In this paper, we propose a method for vulnerability exploitability prediction based on federated learning, which aims to achieve vulnerability exploitability prediction while protecting the security of vendor vulnerability data. Specifically, we first construct a vulnerability exploitability prediction model in a federated learning environment and classify the collected vulnerability data by vendors. Second, we evaluate multiple vulnerability exploitability prediction models and improve existing models. Finally, extensive experiments demonstrate that our proposed model achieves good results in the federated learning environment.

Peiheng Zhou,Ming Hu,Xingrun Quan,Yawen Peng,Xiaofei Xie,Yanxin Yang,Chengwei Liu,Yueming Wu,Mingsong Chen

2024-11-25

Abstract:Although Deep Learning (DL) methods becoming increasingly popular in vulnerability detection, their performance is seriously limited by insufficient training data. This is mainly because few existing software organizations can maintain a complete set of high-quality samples for DL-based vulnerability detection. Due to the concerns about privacy leakage, most of them are reluctant to share data, resulting in the data silo problem. Since enables collaboratively model training without data sharing, Federated Learning (FL) has been investigated as a promising means of addressing the data silo problem in DL-based vulnerability detection. However, since existing FL-based vulnerability detection methods focus on specific applications, it is still far unclear i) how well FL adapts to common vulnerability detection tasks and ii) how to design a high-performance FL solution for a specific vulnerability detection task. To answer these two questions, this paper first proposes VulFL, an effective evaluation framework for FL-based vulnerability detection. Then, based on VulFL, this paper conducts a comprehensive study to reveal the underlying capabilities of FL in dealing with different types of CWEs, especially when facing various data heterogeneity scenarios. Our experimental results show that, compared to independent training, FL can significantly improve the detection performance of common AI models on all investigated CWEs, though the performance of FL-based vulnerability detection is limited by heterogeneous data. To highlight the performance differences between different FL solutions for vulnerability detection, we extensively investigate the impacts of different configuration strategies for each framework component of VulFL. Our study sheds light on the potential of FL in vulnerability detection, which can be used to guide the design of FL-based solutions for vulnerability detection.

Software Engineering,Artificial Intelligence,Cryptography and Security

Ge Zheng,Lingxuan Kong,Alexandra Brintrup

DOI: https://doi.org/10.1080/00207543.2022.2164628

IF: 9.018

2023-02-04

International Journal of Production Research

Abstract:The use of Artificial Intelligence (AI) for predicting supply chain risk has gained popularity. However, proposed approaches are based on the premise that organisations act alone, rather than a collective when predicting risk, despite the interconnected nature of supply chains. This yields a problem: organisations that have inadequate datasets cannot predict risk. While data-sharing has been proposed to evaluate risk, in practice this does not happen due to privacy concerns. We propose a federated learning approach for collective risk prediction without the risk of data exposure. We ask: Can organisations who have inadequate datasets tap into collective knowledge ? This raises a second question: Under what circumstances would collective risk prediction be beneficial ? We present an empirical case study where buyers predict order delays from their shared suppliers before and after Covid-19. Results show that federated learning can indeed help supply chain members predict risk effectively, especially for buyers with limited datasets. Training data-imbalance, disruptions, and algorithm choice are significant factors in the efficacy of this approach. Interestingly, data-sharing or collective risk prediction is not always the best choice for buyers with disproportionately larger order-books. We thus call for further research on on local and collective learning paradigms in supply chains.

engineering, manufacturing, industrial,operations research & management science

Jakub Breier,Adrian Baldwin,Helen Balinsky,Yang Liu

DOI: https://doi.org/10.48550/arXiv.2012.04884

2020-12-09

Cryptography and Security

Abstract:Adversarial attacks for machine learning models have become a highly studied topic both in academia and industry. These attacks, along with traditional security threats, can compromise confidentiality, integrity, and availability of organization's assets that are dependent on the usage of machine learning models. While it is not easy to predict the types of new attacks that might be developed over time, it is possible to evaluate the risks connected to using machine learning models and design measures that help in minimizing these risks. In this paper, we outline a novel framework to guide the risk management process for organizations reliant on machine learning models. First, we define sets of evaluation factors (EFs) in the data domain, model domain, and security controls domain. We develop a method that takes the asset and task importance, sets the weights of EFs' contribution to confidentiality, integrity, and availability, and based on implementation scores of EFs, it determines the overall security state in the organization. Based on this information, it is possible to identify weak links in the implemented security measures and find out which measures might be missing completely. We believe our framework can help in addressing the security issues related to usage of machine learning models in organizations and guide them in focusing on the adequate security measures to protect their assets.

Jin Li,Wei Xiao,Chong Zhang

DOI: https://doi.org/10.1057/s41599-023-01757-0

2023-01-01

Humanities and Social Sciences Communications

Abstract:The extremely complex and dynamic digital environments of universities make them highly vulnerable to the risk of data breaches. This study empirically investigated the factors influencing data breach risks in the context of higher education, according to crime opportunity theory and routine activity theory. The data consisted of university samples from China and were collected mainly from the Chinese Education Industry Vulnerability Reporting Platform. After applying Poisson regression for the estimation, increased public disclosure of vulnerabilities was found to escalate the frequency of data breaches, whereas cross-border data flow decreased the number of data breaches. Furthermore, the mechanism by which academic strength affects data breaches was examined through the two mediators of cross-border data flow and vulnerability disclosure. In addition, cloud adoption reduced data breaches, and public clouds were determined to be relatively more secure than private clouds. Cloud adoption also acted as a moderator between the negative impact of vulnerabilities and the positive impact of cross-border data flow on data breaches. The estimation and robustness findings revealed the underlying mechanisms that impacted university data security, clarifying the understanding of data breaches and suggesting practical implications for universities and other institutes to improve information security. The findings of this study provide insights and directions for future research.