Applications Of Extreme Value Theory And Multivariate Dependence Structure In Assessment Of Cyber Security Risks

Cyber attack is the most important issue now.The economic lost up to billions dol-lar which caused by the global cyber attack increase year by year so that how to defense the risk effectively comes into schedule of scholars all over the world.Now measur-ing the risk by mathematical statistical model is becoming a more and more popular research direction.The work in this paper is evaluating the cyber security risk by ex-treme value theory for single target(like internet server)and multivariate dependence structure model for the whole network with targets more than 2.We firstly consider the one dimensional cyber attack model for predicting the risk of single target case.The model we select is extreme value theory model with general-ized Pareto distribution.We set a high value as threshold for the time series data sets.When the magnitude surpass the threshold,we said a extreme event happened and our research is focus on these extreme event draw out from the original time series data set-s which assume the magnitude follow the generalized Pareto distribution and extreme events follow Poisson Process.Based on these assumption we fit the model and pre-dict the future attack events.We built W statistics and transformed time interval ? to evaluate fitting effect and VaR(value at risk)for predicting by three classical test as LRuc,LRind and LRcc.The results fitting and predicting perform well which prove the extreme value theory model is suitable.Then we study the multi-targets model to estimate the whole network risk.The method we use is multivariate dependence structure model to describe the relationship of different targets.The most popular multivariate dependence structure is Copula.Copula is a classical method widely used in many fields.It includes variety of types.In this paper we choose the Regular Vine Copula(R-vine).Because of the the dimension of our data is up to 69,it is too difficult to finish the calculation of fitting and predicting for the structure only by PC so that we have to simplify the model.We select truncated R-vine structure.It need to set a truncated level K first.After that we assumed for a copula all the pair-copulas contained in the tree which satisfied its level equal to or larger than K are independent one.The simplification must result in the decrease of accuracy of forecasting so that when we choose the truncated level K,it need to be careful for the purpose of the balance of calculation and accuracy.The detail will be introduced in this paper later.For the prediction evaluating,we still use VaR by LRuc,LRind and LRcc?Finally all the models pass the hypothesis tests.In this paper we will make a conclusion about one dimensional model and mul-tivariate structure model respectively.We will give the advantages and disadvantages based on the fitting and predicting results discussed before.Not only introducing the contributions and innovations of our idea,but also pointing out the limitation and the problem unsolved to give some suggestion about future developing.Based on this we can propose some probable new method and future research plan.