extreme behavior in
play

EXTREME BEHAVIOR IN Consists of many entities that interact in - PowerPoint PPT Presentation

Oct 09, 2022 •247 likes •499 views

OVERVIEW Extreme behavior in information and communications technology ( ICT ) systems Limits of predictive risk analysis Complexity is the enemy From fragile to antifragile systems Design and operational principles ANTIFRAGILE

  1. OVERVIEW ➤ Extreme behavior in information and communications technology ( ICT ) systems ➤ Limits of predictive risk analysis ➤ Complexity is the enemy ➤ From fragile to antifragile systems ➤ Design and operational principles ANTIFRAGILE ICT SYSTEMS ➤ Antifragile microservice systems Kjell Jørgen Hole version 1.0 2 COMPLEX ADAPTIVE SYSTEM ➤ Man-made or natural system EXTREME BEHAVIOR IN ➤ Consists of many entities that interact in involved ways ➤ Entities adapt to each other and the environment ICT SYSTEMS ➤ Adaption allows system to withstand perturbations 3 4

  2. EXAMPLES OF COMPLEX ADAPTIVE SYSTEMS COMPLEX ADAPTIVE ICT SYSTEMS ➤ The world-wide economic system ➤ A complex adaptive ICT system consists of ➤ National political systems ➤ stakeholders ➤ Transportation systems ➤ technologies ➤ Immune systems ➤ threats agents ➤ The Internet ➤ policies ➤ Beehives ➤ The complexity is mostly due to: ➤ Anthills ➤ interactions between stakeholders and the networked computer system ➤ Brains ➤ communication between computers in the network ➤ ICT systems 5 6 EXAMPLES OF COMPLEX ICT SYSTEMS EXAMPLES OF STAKEHOLDERS ➤ Cloud computing infrastructures ➤ Examples of stakeholders with interest in an ICT system are ➤ Telecom infrastructures ➤ Software architects and developers ➤ Online social networks ➤ System owners, operators, and users ➤ Banking systems ➤ Governmental supervisory entities ➤ Power grids 7 8

  3. EXAMPLES OF THREATS AGENTS COMPLEX ICT SYSTEM ➤ Benevolent users and operators making security related mistakes ➤ Insider attacks from malicious system operators Environment ➤ Outsider attacks from hackers exploiting software bugs or design flaws Policies Threats ➤ Hardware failures Observe that the stakeholders are part of the system 9 10 NEVER-ENDING CHANGE FEEDBACK LOOPS ➤ A complex adaptive ICT system’s architecture, functionality, Internal or external action technology, environment, and regulatory context change over time ➤ Complex ICT systems never reach a final form ➤ They continue to adapt to satisfy the changing needs of stakeholders and to protect against changing threats System changes System reacts ➤ A complex ICT system in “equilibrium” is a dead system 11 12

  4. TYPES OF FEEDBACK LOOPS EXAMPLE: MALWARE EPIDEMIC ➤ A feedback loop is a series of interacting processes, which cause a system to adapt its behavior based on previous behavior ➤ It is the feedback loops that make a complex system adaptive ➤ Positive feedback loops propagate local events into global Number of 
 Deaths malware Births behavior instances ➤ Negative feedback loops dampen local events , preventing Negative 
 Positive 
 changes to global behavior feedback 
 feedback 
 loop loop 13 14 EXAMPLE: FEEDBACK IN POWER GRID POWER GRID IN EUROPE ➤ To allow for the transfer of a ship, one power line had to be Critical perturbation temporarily disconnected in Northern Germany in November ➤ Feedback loop 2006 escalates the ➤ The event triggered an overload-related cascading e ff ect and negative e ff ect many power lines went out of operation of local failure ➤ As a consequence, there were blackouts all over Europe (see ➤ Local failure black areas in picture) causes systemic failure Positive feedback loop 15 16

  5. STOCHASTIC BEHAVIOR ➤ The behavior of a complex ICT system is modeled as a sequence of events that a ff ect a group of stakeholders both positively and negatively ➤ We consider the financial impact of all possible events during a particular time period of five to ten years ➤ The high complexity makes it necessary to represent the impact by a stochastic variable that changes with time Blackout 17 18 PROBABILITY DISTRIBUTION OF IMPACTS PROPERTIES OF IMPACT DISTRIBUTION ➤ Most of us are familiar with thin-tailed probability distributions with fixed expectation and well-defined variance ➤ The impact distribution for real-world ICT systems are likely to have ➤ time-varying expectation ➤ thick (fat) left tail ➤ infinite variance negative Impact positive 19 20

  6. THICK LEFT TAIL PROPERTIES OF OUTLIERS ➤ Outliers are often caused by ➤ positive feedback loops that propagate local failures into systemic failures ➤ attackers exploiting software bugs and design flaws ➤ single point of failures that take down whole systems ➤ Observation Since outliers are unlikely to be in a system’s history, the past will not help us foresee outliers or calculate their probabilities Impact 21 22 EXTREME BEHAVIOR—LHR EVENT ➤ A large impact, hard-to-predict, and rare ( LHR ) event is an outlier in the left tail of the probability distribution ➤ While “normal” events occur multiple times during a period of say ten years, LHR events are non-recurrent, that is, they occur at most once during the period 23

  7. LHR INCIDENT IN NORWEGIAN PAYMENT SERVICES LHR EVENT IN A LARGE NORWEGIAN BANK ➤ In August 2001, computer systems providing services to ➤ In March 2007, malware infected 11 000 PCs and 1 000 about one million Norwegian bank customers ceased to servers belonging to a Norwegian bank function ➤ More than two weeks were needed to completely remove the ➤ It took 7 days to get the services back in normal operation malware ➤ Multiple points of failure—causing transaction data on 288 ➤ An error in the anti-virus software and a vulnerability in the disks to become inaccessible OS led to this LHR event 25 26 LHR EVENT: CONFICKER MASSIVE RANSOMEWARE ATTACK FROM NORTH KOREA ➤ It is estimated that the Conficker worm has infected 12 ➤ Self-replicating ransomware infected 200,000 systems in more million PCs world wide than 150 countries on May 12th, 2017 ➤ Conficker severely a ff ected hospitals (Helse Vest) and the ➤ First attack to use a stolen cyberweapon developed by NSA police in Norway ➤ Many targets in Russia, Ukraine, India, and Taiwan ➤ the Norwegian police spent 30–50 million NOK to “clean ➤ 48 hospitals in Britain were a ff ected by the outbreak up” after Conficker attacked operational control centres and ➤ Renault had to stop production in some factories the system for passport control ➤ Telefónica, a Spanish telecommunications firm was a ff ected ➤ FedEx 27 28

  8. SUMMARY OF DISCUSSION ON EXTREME BEHAVIOR Complex ICT systems are vulnerable to LHR events 30 FURTHER READING LIMITS OF RISK T E C HN I C A L I N C E RTO : L E C T U R E S N OT E S O N P R O B A B I L I TY, VO L 1 ANALYSIS SILENT RISK NASSIM NICHOLAS TALEB In which is provided a mathematical parallel version of the author’s Incerto , with derivations, examples, theorems, & heuristics. (This Draft Is For Error Detection) (OR SHIT HAPPENS IN THE FOURTH QUADRANT) 31 32

  9. RISK IN COMPLEX ADAPTIVE ICT SYSTEMS RISK ANALYSIS ➤ We talk about risk when we do not know what will happen ➤ A classical risk analysis predicts incidents during a future time period by ➤ Risk means that more things can happen that will happen 1. describing all possible incidents, 2. estimating the probabilities that they will actually occur, and 3. determining the incidents’ impact on a group of stakeholders 33 34 CLASSICAL RISK MATRIX LIMITS OF CLASSICAL RISK ANALYSIS Is an LHR 
 low ➤ A classical risk matrix is created with the implicit assumption medium high incident a 
 that stochastic events in a system have a probability medium 
 distribution with a thin left tail risk? high ➤ LHR incidents (outliers) are ignored ➤ Observation Classical risk analysis severely underestimate the Impact medium risk associated with complex adaptive ICT systems because LHR incidents dominate the impact on stakeholders low Probability 35 36

  10. TALEB’S FOUR QUADRANTS AVOID THE 4TH QUADRANT ➤ We want to create systems in the first quadrant but may end Impact up in the third quadrant Only local impact Global impact ➤ The important thing is to avoid the fourth quadrant with its Distribution intolerable LHR incidents 1 2 Only limited local Global impact possible Thin left tail impact but tolerable We need to develop and operate complex adaptive ICT systems that limit the impact of unforeseen incidents 3 Intolerable global 4 Large local impact impact is inevitable possible, good risk Thick left tail PREDICTIVE RISK management needed ANALYSIS DOES NOT WORK 37 38 FURTHER READING S u b j e c t i v e v i e w COMPLEXITY IS THE ENEMY 39 40

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

EXTREME BEHAVIOR IN ICT SYSTEMS 3 There is no single formalism that captures all properties of a

EXTREME BEHAVIOR IN ICT SYSTEMS 3 There is no single formalism that captures all properties of a

This talk models ICT systems as complex adaptive systems, discusses extreme behavior in these systems, argues why risk analysis will not reliably predict rare extreme behavior, and explains why we need to develop and operate antifragile systems.

453 views • 33 slides
Altruistic behavior and social signaling: a study of an extreme example DIG Seminar De Caro

Altruistic behavior and social signaling: a study of an extreme example DIG Seminar De Caro

Altruistic behavior and social signaling: a study of an extreme example DIG Seminar De Caro (XVIIth), Sansom Destroying the https://www.shareicon.net House of Philistines ; from wikigallery.org Intern: Julien Panis-Lie Internship director:

611 views • 42 slides
2014: Extreme territories 2 2015: Extreme territories 3 2016: Extreme territories 4 2018:

2014: Extreme territories 2 2015: Extreme territories 3 2016: Extreme territories 4 2018:

Annual research practicum 2013: Extreme territories 1 2014: Extreme territories 2 2015: Extreme territories 3 2016: Extreme territories 4 2018: Energetics of urbanization 2019: Agro-industrial transformations the city Rem

413 views • 37 slides
Extreme Heat Preparedness Objectives What is extreme heat ? How does it impact SF? What are the

Extreme Heat Preparedness Objectives What is extreme heat ? How does it impact SF? What are the

Extreme Heat Preparedness Objectives What is extreme heat ? How does it impact SF? What are the health effects of heat? How do we prepare for extreme heat? Extreme Heat in the City What is extreme heat? A Tale of Two Neighborhoods Chicago

646 views • 40 slides
MATHEMATICS 1 CONTENTS Extreme values in one dimension Extreme values in two dimensions

MATHEMATICS 1 CONTENTS Extreme values in one dimension Extreme values in two dimensions

Extreme values in two dimensions BUSINESS MATHEMATICS 1 CONTENTS Extreme values in one dimension Extreme values in two dimensions Modified second-order conditions Example Old exam question Further study 2 EXTREME VALUES IN TWO

508 views • 25 slides
Extreme value statistics Density of near-extreme events Sanjib Sabhapandit Laboratoire de

Extreme value statistics Density of near-extreme events Sanjib Sabhapandit Laboratoire de

Extreme value statistics Density of near-extreme events Sanjib Sabhapandit Laboratoire de Physique Th eorique et Mod` eles Statistiques CNRS UMR 8626 Universit e Paris-Sud 91405 Orsay cedex, France Collaborator Ref. Phys. Rev. Lett.

1.01k views • 86 slides
Extreme Environmental Extreme Environmental People Skills: An Introduction to Participatory

Extreme Environmental Extreme Environmental People Skills: An Introduction to Participatory

Extreme Environmental Extreme Environmental People Skills: An Introduction to Participatory Approaches to Natural Resource Dispute Resolution 28 th Annual Environmental Permitting Summer School July 23-25, 2014 Instructors Kevin S. Hennessy,

987 views • 26 slides
BEHAVIOR @ HOME Behavior Basics Simple strategies that can make a big difference! Presented by

BEHAVIOR @ HOME Behavior Basics Simple strategies that can make a big difference! Presented by

BEHAVIOR @ HOME Behavior Basics Simple strategies that can make a big difference! Presented by Michelle Heid, MA, BCBA Hosted by Family Focus Resource Center Behavior Basics Behavior as communication ABCs of Behavior Functions of

717 views • 35 slides
Low rank SDP extreme points and Applications Mohit Singh Georgia Tech SDP extreme points

Low rank SDP extreme points and Applications Mohit Singh Georgia Tech SDP extreme points

Low rank SDP extreme points and Applications Mohit Singh Georgia Tech SDP extreme points Pataki, Gbor. "On the rank of extreme matrices in semidefinite programs and the multiplicity of optimal eigenvalues." Math of OR 98 .

896 views • 30 slides
: WHY INTENTION DOES NOT LEAD TO RECYCLING BEHAVIOR FOR MILLENNIALS Master Thesis 29 June 2017

: WHY INTENTION DOES NOT LEAD TO RECYCLING BEHAVIOR FOR MILLENNIALS Master Thesis 29 June 2017

: WHY INTENTION DOES NOT LEAD TO RECYCLING BEHAVIOR FOR MILLENNIALS Master Thesis 29 June 2017 A CHANGING WORLD Climate change Extreme weather events Increasing levels of waste A changing generation A SOLUTION

347 views • 17 slides
Extreme value theory QUAN TITATIVE RIS K MAN AGEMEN T IN P YTH ON Jamsheed Shorish

Extreme value theory QUAN TITATIVE RIS K MAN AGEMEN T IN P YTH ON Jamsheed Shorish

Extreme value theory QUAN TITATIVE RIS K MAN AGEMEN T IN P YTH ON Jamsheed Shorish Computational Economist Extreme values Portfolio losses: extreme values Extreme values: from tail of distribution T ail losses: losses exceeding some value

669 views • 49 slides
Extreme Value Theory in Risk Management See McNeil, Extreme Value Theory for Risk Managers Risk

Extreme Value Theory in Risk Management See McNeil, Extreme Value Theory for Risk Managers Risk

ST 810-006 Statistics and Financial Risk Extreme Value Theory in Risk Management See McNeil, Extreme Value Theory for Risk Managers Risk management is essentially about tail events. Probabilists have developed a theory specific to extreme, or

323 views • 13 slides
The JEM-EUSO Mission to Explore the The JEM-EUSO Mission to Explore the Extreme Universe Extreme

The JEM-EUSO Mission to Explore the The JEM-EUSO Mission to Explore the Extreme Universe Extreme

Extreme U Universe S Space O Observatory E The JEM-EUSO Mission to Explore the The JEM-EUSO Mission to Explore the Extreme Universe Extreme Universe Piergiorgio Picozza INFN e Universit di Roma Tor Vergata Commissione II INFN 31

521 views • 49 slides
Foundational Ideas Everyone needs support for behavior. Behavior is communication.

Foundational Ideas Everyone needs support for behavior. Behavior is communication.

Foundational Ideas Everyone needs support for behavior. Behavior is communication. Punishment doesnt work. Respond to the root of the behavior, not the surface. Positive Behavioral Interventions & Support Intensive Supports

489 views • 33 slides
Extreme DocBook Norman Walsh http://www.sun.com/ XML Standards Architect Extreme Markup

Extreme DocBook Norman Walsh http://www.sun.com/ XML Standards Architect Extreme Markup

Extreme DocBook Norman Walsh http://www.sun.com/ XML Standards Architect Extreme Markup Languages 2004 01-06 August 2004 Version 1.0 Table of Contents This presentation explores some of the design choices made in recasting DocBook from an

880 views • 61 slides
Community Resilience to Extreme Events 15 th April 2019 University of Stirling Extreme Events

Community Resilience to Extreme Events 15 th April 2019 University of Stirling Extreme Events

Community Resilience to Extreme Events 15 th April 2019 University of Stirling Extreme Events Who we are and why we are here April 15, 2019 Extreme Events in Science and Society A transdisciplinary research programme with representatives

1.56k views • 108 slides
Introduction Applied Bioinformatics Michael Schroeder Biotechnology Center TU Dresden DNA

Introduction Applied Bioinformatics Michael Schroeder Biotechnology Center TU Dresden DNA

Introduction Applied Bioinformatics Michael Schroeder Biotechnology Center TU Dresden DNA the molecule of life http://www.ornl.gov/hgmis 2 High-throughput Technology 1950s: 2000s: 2010s: Watson and Crick Sanger Center BGI,

500 views • 30 slides
Highlights from Physics 2017 Dec 08 General notes Productive Physics Week last month .

Highlights from Physics 2017 Dec 08 General notes Productive Physics Week last month .

Highlights from Physics 2017 Dec 08 General notes Productive Physics Week last month . 71 attendees. Workshop / Hack days style meeting WGs continue to be guided by TDR timeline , with some notable milestones of - Jan 2018:

347 views • 6 slides
Feedbacks on 10y of pentesting and DFIR How to increase your detection capabilities Julien

Feedbacks on 10y of pentesting and DFIR How to increase your detection capabilities Julien

Feedbacks on 10y of pentesting and DFIR How to increase your detection capabilities Julien Bachmann @milkmix_ 24 April 2017 OWASP, Geneva INTRO 1 24/04/2017 OWASP, Geneva ABOUT ME 3 Julien Bachmann Current CTO @ Hacknowledge Swiss

677 views • 40 slides
Performance Tuning and Debugging Don Porter CSE/ISE 311:

Performance Tuning and Debugging Don Porter CSE/ISE 311:

CSE/ISE 311: Systems Administra5on Performance Tuning and Debugging Don Porter CSE/ISE 311: Systems Administra5on Why is my applica3on slow? No silver

606 views • 24 slides
Trading perfection for robustness in extraordinary software Benoit Baudry (EPI DiverSE) Journes

Trading perfection for robustness in extraordinary software Benoit Baudry (EPI DiverSE) Journes

Trading perfection for robustness in extraordinary software Benoit Baudry (EPI DiverSE) Journes scientifiques 2015 June, 19 2015. 1 Extraordinary software 2 Unstable environment Users Customization, extensions, add-ons Malicious

532 views • 25 slides
in Tashkent CSEP 545 Transaction Processing Sameh Elnikety Replication for Performance

in Tashkent CSEP 545 Transaction Processing Sameh Elnikety Replication for Performance

Database Replication in Tashkent CSEP 545 Transaction Processing Sameh Elnikety Replication for Performance Expensive Limited scalability 2 DB Replication is Challenging Single database system Large, persistent state Transactions

762 views • 73 slides
Introduction to Database Systems: CS312 An Overview of Databases Oliver Bonham-Carter 2 Sept

Introduction to Database Systems: CS312 An Overview of Databases Oliver Bonham-Carter 2 Sept

Database applications I have connections Common problems Group Work Introduction to Database Systems: CS312 An Overview of Databases Oliver Bonham-Carter 2 Sept 2020 1 / 20 Lets discuss... Database applications I have connections

344 views • 21 slides
Operating Systems Memory Management Lecture 9 Michael OBoyle 1 Memory Management

Operating Systems Memory Management Lecture 9 Michael OBoyle 1 Memory Management

Operating Systems Memory Management Lecture 9 Michael OBoyle 1 Memory Management Background Logical/Virtual Address Space vs Physical Address Space Swapping Contiguous Memory Allocation Segmentation Goals and Tools

535 views • 32 slides

More recommend