Abstract
With an ever-accelerating trend of cybercrimes due to software vulnerabilities and exposures in Smart City industrial environment, effective and proactive vulnerability risk management becomes imperative. Statistical models learning rich historical vulnerability disclosure data undoubtedly provide critical risk insights. In this article, based on extreme value theory coupled with generalized additive models, we propose a novel framework to model extreme vulnerability disclosure events under both stationary and nonstationary scenarios. By utilizing this rigorous framework, we initiated an important study on quantifying extreme cyber risks. Through extensive empirical studies using real-life datasets, our proposed framework proves to effectively capture the dynamics of extreme events. Furthermore, it enables us to address quantitatively some of the key cyber risk management questions.
Original language | English |
---|---|
Article number | 9187565 |
Pages (from-to) | 4150-4158 |
Number of pages | 9 |
Journal | IEEE Transactions on Industrial Informatics |
Volume | 17 |
Issue number | 6 |
Early online date | 1 Sept 2020 |
DOIs | |
Publication status | Published - Jun 2021 |
Bibliographical note
Funding Information:Manuscript received April 10, 2020; revised August 15, 2020; accepted September 1, 2020. Date of publication September 7, 2020; date of current version March 5, 2021. The work of Jiao Yin was supported by the Science and Technology Research Program of Chongqing Municipal Education Commission of China under Grant KJQN201901306. Paper no. TII-20-1804. (Corresponding author: MingJian Tang.) MingJian Tang is with the Huawei Technologies Company Ltd., Shen-zhen 518129, China (e-mail: [email protected]).
Publisher Copyright:
© 2005-2012 IEEE.
Copyright:
Copyright 2021 Elsevier B.V., All rights reserved.