Chris Hankin scite author profile

When investing in cyber security resources, information security managers have to follow effective decisionmaking\ud strategies. We refer to this as the cyber security investment challenge.In this paper, we consider\ud three possible decision support methodologies for security managers to tackle this challenge. We consider\ud methods based on game theory, combinatorial optimisation, and a hybrid of the two. Our modelling starts\ud by building a framework where we can investigate the effectiveness of a cyber security control regarding\ud the protection of different assets seen as targets in presence of commodity threats. As game theory captures\ud the interaction between the endogenous organisation’s and attackers’ decisions, we consider a 2-person\ud control game between the security manager who has to choose among different implementation levels of a\ud cyber security control, and a commodity attacker who chooses among different targets to attack. The pure\ud game theoretical methodology consists of a large game including all controls and all threats. In the hybrid\ud methodology the game solutions of individual control-games along with their direct costs (e.g. financial) are\ud combined with a Knapsack algorithm to derive an optimal investment strategy. The combinatorial optimisation\ud technique consists of a multi-objective multiple choice Knapsack based strategy. To compare these\ud approaches we built a decision support tool and a case study regarding current government guidelines. The\ud endeavour of this work is to highlight the weaknesses and strengths of different investment methodologies\ud for cyber security, the benefit of their interaction, and the impact that indirect costs have on cyber security\ud investment. Going a step further in validating our work, we have shown that our decision support tool provides\ud the same advice with the one advocated by the UK government with regard to the requirements for\ud basic technical protection from cyber attacks in SMEs

show abstract

A framework for security analysis of mobile wireless networks

Nanz

Hankin

2006

Theoretical Computer Science

112

102

View full text Add to dashboard Cite

We present a framework for specification and security analysis of communication protocols for mobile wireless networks. This setting introduces new challenges which are not being addressed by classical protocol analysis techniques. The main complication stems from the fact that the actions of intermediate nodes and their connectivity can no longer be abstracted into a single unstructured adversarial environment as they form an inherent part of the system's security. In order to model this scenario faithfully, we present a broadcast calculus which makes a clear distinction between the protocol processes and the network's connectivity graph, which may change independently from protocol actions. We identify a property characterising an important aspect of security in this setting and express it using behavioural equivalences of the calculus. We complement this approach with a control flow analysis which enables us to automatically check this property on a given network and attacker specification.

show abstract

Cybersecurity and healthcare: how safe are we?

Martin

Hankin

et al. 2017

BMJ

107

View full text Add to dashboard Cite

Strictness analysis for higher-order functions

Burn

Hankin

Abramsky

1986

Science of Computer Programming

143

View full text Add to dashboard Cite

Efficient field-sensitive pointer analysis for C

Pearce

Hankin

2004

View full text Add to dashboard Cite

The subject of this paper is flow-and context-insensitive pointer analysis. We present a novel approach for precisely modelling struct variables and indirect function calls. Our method emphasises efficiency and simplicity and is based on a simple language of set constraints. We obtain an O(v 4 ) bound on the time needed to solve a set of constraints from this language, where v is the number of constraint variables. This gives, for the first time, some insight into the hardness of performing field-sensitive pointer analysis of C. Furthermore, we experimentally evaluate the time versus precision trade-off for our method by comparing against the field-insensitive equivalent. Our benchmark suite consists of 11 common C programs ranging in size from 15,000 to 200,000 lines of code. Our results indicate the field-sensitive analysis is more expensive to compute, but yields significantly better precision. In addition, our technique has been integrated into the latest release (version 4.1) of the GNU Compiler GCC. Finally, we identify several previously unknown issues with an alternative and less precise approach to modelling struct variables, known as field-based analysis.

show abstract

Approximate non-interference

Pierro

Hankin

Wiklicky

2004

JCS

View full text Add to dashboard Cite

We address the problem of characterising the security of a program against unauthorised information flows. Classical approaches are based on non-interference models which depend ultimately on the notion of process equivalence. In these models confidentiality is an absolute property stating the absence of any illegal information flow. We present a model in which the notion of non-interference is approximated in the sense that it allows for some exactly quantified leakage of information. This is characterised via a notion of process similarity which replaces the indistinguishability of processes by a quantitative measure of their behavioural difference. Such a quantity is related to the number of statistical tests needed to distinguish two behaviours. We also present two semantics-based analyses of approximate non-interference and we show that one is a correct abstraction of the other.

show abstract

Real-time processing of social media with SENTINEL: A syndromic surveillance system incorporating deep learning for health classification

Șerban

Thapen

Maginnis

et al. 2019

Information Processing & Management

View full text Add to dashboard Cite

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

hi@scite.ai

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Chris Hankin

Principles of Program Analysis

Decision support approaches for cyber security investment

A framework for security analysis of mobile wireless networks

Cybersecurity and healthcare: how safe are we?

Strictness analysis for higher-order functions

Efficient field-sensitive pointer analysis for C

Approximate non-interference

Real-time processing of social media with SENTINEL: A syndromic surveillance system incorporating deep learning for health classification

Contact Info

Product

Resources

About