Cyber Systems

Home | Cyber Security & DOE/Learning | Data Analytics & Text/Manufacturing | Public Sector OR & Election Systems | About T. T. Allen | Service

We believe that we have technology that can help almost every organization improve and monitor its security.
A website for the young that explains our best answers to common questions is available through Futurum
Our statistically design "Offline Gaming" methods can help with making standard or requirements informed by Nash or CPT equilibria: Allen, T. T. (2020). Optimal Offline Experimentation for Games. Decision analysis.
Our economic models based on POMDP can say which machines missing in scans should be scanned and put helpful prices on hosts depending on operating systems, roles (relationship to firewalls), and administrator privalege: 

Liu, E., Allen, T. T., & Roychowdhury, S. (2019). Cyber vulnerability maintenance policies that address the incomplete nature of inspection. Applied Stochastic Models in Business and Industry35(6), 1390-1410 and 
Murali, A. K., Liu, E., & Allen, T. T. (2019, December). Discrete Event Simulation of Cyber Maintenance Policies According to Nested Birth and Death Processes. In 2019 Winter Simulation Conference (WSC) (pp. 774-785). IEEE.
Our "Fast Bayesian Reinforcement Learning" to learn tailored maximum profit vulnerability maintenance strategy article is:
Allen, T. T., Roychowdhury, S., & Liu, E. (2018). Reward-based Monte Carlo-Bayesian reinforcement learning for cyber preventive maintenance. Computers & Industrial Engineering, 126, 578-594.
Also, an easy-to-read online (free) companion is published by Science Trends at:

This work seeks to develop data-drive cost optimal policies relating to cyber security. There are NSF and ARCYBER grants supporting this activity.

NSF Data-Driven Cyber Vulnerability Maintenance

White Paper on Cyber Security

Some have reported that 90+% of successful attacks are blamable on a human in-the-loop not installing already made patches for protection. Our work on cyber vulnerability modeling and related maintenance focuses on the service systems role that administrators can play in defense which is arguably critical.


Vulnerability Maintenance and Related Topics

Every month organizations scan their hosts (PCs, servers, printers...) to detect vulnerabilities and they find a lot of them. Many hosts have no known vulnerabilties but a substantial fraction do.

Another complication is that almost one third (from our data) of vulnerabilities are eliminated by automatic patching monthly without any action from local administrators.

Generally, local administrators are under budgeted and lack clear direction about which patches should be applied to which hosts. They also have limited data. Our techniques provide an expert system to suggest specific actions including resource or data recruitment. Compared with other similar techniques also based on "Markov Decision Processes" our are innovative in that they provide a new type of diagnostic information about how trustworthy the recommendations are. 

Cyber Vulnerability Models

Collaborators include: Enhao Liu, Kaveh Akabri, Olivia Hernandez, Sayak Roychowdhury, Rajiv Ramnath, Cathy Xia, Helen Patton, Steven Romig, Solomon Ford, Anthony Afful-Dadzie, and Chen Xie.

Cyber vulnerability related decision-making is a problem almost every organization faces and there is evidence that the vulnerabilities are increasing exponentially worldwide.
Publications include:
Allen, T. T., Sui, Z., Parker, N.E. (in press), "Timely Decision Analysis Enabled by Efficient Social Media Modeling," Decision Analysis.
Afful-Dadzie, A., and Allen, T. T. (2016). "Control charting methods for autocorrelated cyber vulnerability data." Quality Engineering, 28(3), 313-328.
Afful-Dadzie, A. and T. T. Allen (2014), "Data-Driven Cyber Vulnerability Maintenance Policies," Journal of Quality Technology, 26 (3), 1-17. 

click here to download cyber issues dataset

click here to download file cyber transition dataset

click here to download cyber time series dataset

Information Research and Service

Powered by