Pricing of Cyber Insurance Contracts in a Network Model

Similar documents
PRICING OF CYBER INSURANCE CONTRACTS IN A NETWORK MODEL

Polynomial approximation of mutivariate aggregate claim amounts distribution

Die-out Probability in SIS Epidemic Processes on Networks

6.207/14.15: Networks Lectures 4, 5 & 6: Linear Dynamics, Markov Chains, Centralities

Learning with Temporal Point Processes

CDA6530: Performance Models of Computers and Networks. Chapter 3: Review of Practical Stochastic Processes

CDA5530: Performance Models of Computers and Networks. Chapter 3: Review of Practical

SIS epidemics on Networks

The decoupling assumption in large stochastic system analysis Talk at ECLT

Modelling of Dependent Credit Rating Transitions

Poisson Processes. Stochastic Processes. Feb UC3M

The AIR Severe Thunderstorm Model for the United States

6.207/14.15: Networks Lecture 12: Generalized Random Graphs

Stochastic Modelling Unit 1: Markov chain models

Stochastic Processes

Ruin, Operational Risk and How Fast Stochastic Processes Mix

RMSC 2001 Introduction to Risk Management

A Dynamic Contagion Process with Applications to Finance & Insurance

Understanding the contribution of space on the spread of Influenza using an Individual-based model approach

GEMF: GENERALIZED EPIDEMIC MODELING FRAMEWORK SOFTWARE IN PYTHON

Agent based modelling of technological diffusion and network influence

Any live cell with less than 2 live neighbours dies. Any live cell with 2 or 3 live neighbours lives on to the next step.

Copyright is owned by the Author of the thesis. Permission is given for a copy to be downloaded by an individual for the purpose of research and

Analytically tractable processes on networks

Statistical Inference for Stochastic Epidemic Models

CAS Exam MAS-1. Howard Mahler. Stochastic Models

Comment on A BINOMIAL MOMENT APPROXIMATION SCHEME FOR EPIDEMIC SPREADING IN NETWORKS in U.P.B. Sci. Bull., Series A, Vol. 76, Iss.

RMSC 2001 Introduction to Risk Management

A BINOMIAL MOMENT APPROXIMATION SCHEME FOR EPIDEMIC SPREADING IN NETWORKS

IEOR 6711: Stochastic Models I, Fall 2003, Professor Whitt. Solutions to Final Exam: Thursday, December 18.

Reading: Karlin and Taylor Ch. 5 Resnick Ch. 3. A renewal process is a generalization of the Poisson point process.

ECS 289 F / MAE 298, Lecture 15 May 20, Diffusion, Cascades and Influence

Liquidity Preference hypothesis (LPH) implies ex ante return on government securities is a monotonically increasing function of time to maturity.

Worst-Case-Optimal Dynamic Reinsurance for Large Claims

Continuous Time Markov Chains

Claims Reserving under Solvency II

The AIR Bushfire Model for Australia

Modelling the risk process

Stochastic Simulation.

1 Complex Networks - A Brief Overview

Markov Chains. Andreas Klappenecker by Andreas Klappenecker. All rights reserved. Texas A&M University

Threshold Parameter for a Random Graph Epidemic Model

Markov Chains. Arnoldo Frigessi Bernd Heidergott November 4, 2015

ABC methods for phase-type distributions with applications in insurance risk problems

CS 781 Lecture 9 March 10, 2011 Topics: Local Search and Optimization Metropolis Algorithm Greedy Optimization Hopfield Networks Max Cut Problem Nash

Continuous-time Markov Chains

Neural, Parallel, and Scientific Computations 18 (2010) A STOCHASTIC APPROACH TO THE BONUS-MALUS SYSTEM 1. INTRODUCTION

Lecture 5: The Principle of Deferred Decisions. Chernoff Bounds

Time Reversibility and Burke s Theorem

Availability. M(t) = 1 - e -mt

Application of Monte Carlo Simulation to Multi-Area Reliability Calculations. The NARP Model

Markov Chains CK eqns Classes Hitting times Rec./trans. Strong Markov Stat. distr. Reversibility * Markov Chains

CS-11 Tornado/Hail: To Model or Not To Model

MATH 56A: STOCHASTIC PROCESSES CHAPTER 6

Moment-based Availability Prediction for Bike-Sharing Systems

The Spreading of Epidemics in Complex Networks

Networks: Lectures 9 & 10 Random graphs

Stochastic modelling of epidemic spread

NCDREC: A Decomposability Inspired Framework for Top-N Recommendation

Markov-modulated interactions in SIR epidemics

Errata for the ASM Study Manual for Exam P, Fourth Edition By Dr. Krzysztof M. Ostaszewski, FSA, CFA, MAAA

A Stochastic Framework for Quantitative Analysis of Attack-Defense Trees

A On the Assessment of Systematic Risk in Networked Systems

Standard Error of Technical Cost Incorporating Parameter Uncertainty

arxiv:cond-mat/ v2 [cond-mat.stat-mech] 7 Jan 2000

Inferring the origin of an epidemic with a dynamic message-passing algorithm

Lecture 20 : Markov Chains

Examination paper for TMA4265 Stochastic Processes

The finite-time Gerber-Shiu penalty function for two classes of risk processes

4: The Pandemic process

Local Interactions in a Market with Heterogeneous Expectations

Alignment processes on the sphere

A Bayesian methodology for systemic risk assessment in financial networks

Gillespie s Algorithm and its Approximations. Des Higham Department of Mathematics and Statistics University of Strathclyde

Multivariate Risk Processes with Interacting Intensities

Course 1 Solutions November 2001 Exams

Modeling with Itô Stochastic Differential Equations

Experience Rating in General Insurance by Credibility Estimation

Exponential families also behave nicely under conditioning. Specifically, suppose we write η = (η 1, η 2 ) R k R p k so that

Individual reserving a survey. R in Insurance, Paris 08-June-2017 Alexandre Boumezoued, joint work with Laurent Devineau

Random Walks on Graphs. One Concrete Example of a random walk Motivation applications

Short-time expansions for close-to-the-money options under a Lévy jump model with stochastic volatility

TELCOM2125: Network Science and Analysis

Development of Multi-Unit Dependency Evaluation Model Using Markov Process and Monte Carlo Method

arxiv: v2 [cs.si] 15 Apr 2016

An Overview of Methods for Applying Semi-Markov Processes in Biostatistics.

Uniformly Uniformly-ergodic Markov chains and BSDEs

6 Markov Chain Monte Carlo (MCMC)

stochnotes Page 1

On Susceptible-Infected-Susceptible Epidemic Spreading: an Overview of Recent Study

Network Infusion to Infer Information Sources in Networks Soheil Feizi, Ken Duffy, Manolis Kellis, and Muriel Medard

Lecture 4 The stochastic ingredient

Continuous-Time Markov Chain

Network Science & Telecommunications

Bayesian Hierarchical Models

EVOLUTIONARY DISTANCES

Epidemics in Complex Networks and Phase Transitions

Random Vibrations & Failure Analysis Sayan Gupta Indian Institute of Technology Madras

8.1 Concentration inequality for Gaussian random matrix (cont d)

Question Points Score Total: 70

Transcription:

Pricing of Cyber Insurance Contracts in a Network Model Stefan Weber Leibniz Universität Hannover www.stochastik.uni-hannover.de (joint work with Matthias Fahrenwaldt & Kerstin Weske) WU Wien December 13, 2017

Pricing of Cyber Insurance Contracts in a Network Model 2/27 Motivation Cyber risks pose a large threat to businesses and governments Estimated global loss per year 400 billion USD 1 Dimensions of cyber risk Causes: Human errors; technical failures; insider/hacker attacks Damage: Lost, stolen or corrupted data; damage to firms or governments operations, property and reputation; severe disruption of critical infrastructure; physical damage, injury to people and fatalities Risk assessment: Analysis of critical scenarios; stochastic cyber model and statistical evaluation Mitigation: Modify system technology; develop emergency plan; insurance solutions 1 Center for Strategic & International Studies (2014)/ Llloyds of London CEO Inga Beale (2015)

Pricing of Cyber Insurance Contracts in a Network Model 2/27 Motivation Cyber risks pose a large threat to businesses and governments Estimated global loss per year 400 billion USD 1 Dimensions of cyber risk Causes: Human errors; technical failures; insider/hacker attacks Damage: Lost, stolen or corrupted data; damage to firms or governments operations, property and reputation; severe disruption of critical infrastructure; physical damage, injury to people and fatalities Risk assessment: Analysis of critical scenarios; stochastic cyber model and statistical evaluation Mitigation: Modify system technology; develop emergency plan; insurance solutions 1 Center for Strategic & International Studies (2014)/ Llloyds of London CEO Inga Beale (2015)

Pricing of Cyber Insurance Contracts in a Network Model 3/27 Motivation (2) Actuarial challenges of cyber risk Data: Data is not available in the required amount or in the desired granularity Non-stationarity: Technology and cyber threats are evolving fast Accumulation risks: The typical insurance independence assumption does not hold, but there is no simple geographical distinction between dependent groups as, for example, in the case of NatCat

Pricing of Cyber Insurance Contracts in a Network Model 4/27 Motivation (3) We consider the special case of infectious cyber threats, e.g., viruses and worms Example: WannaCry infected more than 230.000 computers in 150 countries in May 2017 Our main contribution A mathematical model for infectious cyber threats and cyber insurance Stochastic model based on IPS and marked point processes We suggest higher-order mean-field approximations Insurance application: premiums can be calculated Systemic risk: we analyze the influence of the network structure

Pricing of Cyber Insurance Contracts in a Network Model 4/27 Motivation (3) We consider the special case of infectious cyber threats, e.g., viruses and worms Example: WannaCry infected more than 230.000 computers in 150 countries in May 2017 Our main contribution A mathematical model for infectious cyber threats and cyber insurance Stochastic model based on IPS and marked point processes We suggest higher-order mean-field approximations Insurance application: premiums can be calculated Systemic risk: we analyze the influence of the network structure

Pricing of Cyber Insurance Contracts in a Network Model 5/27 Model Idea Infection spread process: Agents are connected in a network Infections spread from neighbor to neighbor and are cured independently Continuous time Markov process, i.e., SIS/contact process Insurance claims processes: Infected nodes are vulnerable to cyber attacks that occur at random times and generate losses of random size Marked point process A (re-)insurance company covers a function of the nodes losses

Pricing of Cyber Insurance Contracts in a Network Model 6/27 Outline 1 Spread Process 2 Claims Process 3 Mean-Field Approximation 4 Case Studies 5 Conclusion

Pricing of Cyber Insurance Contracts in a Network Model 6/27 Outline 1 Spread Process 2 Claims Process 3 Mean-Field Approximation 4 Case Studies 5 Conclusion

Pricing of Cyber Insurance Contracts in a Network Model 7/27 Network of Agents N interconnected agents, labeled 1, 2,..., N (e.g., corporations, systems of computers, or single devices) Connections: Network without self-loops, represented by a (symmetric) adjacency matrix A {0, 1} N N (a ii = 0) aij = 1: connection between node i and j, aij = 0: i and j are not directly connected Example: 0 1 1 0 1 0 0 1 0 1 0 1 0 0 1 1 0 1 0 1 1 A = 0 0 1 0 1 0 0 1 1 0 1 0 1 1 0 0 1 0 1 0 1 0 0 1 0 1 1 0 1 3 4 2 5 6 7

Pricing of Cyber Insurance Contracts in a Network Model 8/27 Spread Process (1) SIS-model (Susceptible-Infected-Susceptible) At each point in time, node i can be in one of two states X i (t) {0, 1}: X i (t) = 1: node i is infected = vulnerable to cyber attacks, X i (t) = 0: node i is susceptible at time t Each node changes its state at a random time with a rate that may depend on the states of other nodes Key parameters: β > 0 (infection rate), δ > 0 (curing rate) Nodes are infected by their infected neighbors, and infected nodes are cured independently from other nodes: Xi : 0 1; β N j=1 a ijx j (t) (Infection), Xi : 1 0; δ (Curing) 2 β δ 1 β 3

Pricing of Cyber Insurance Contracts in a Network Model 9/27 Spread Process (2) Definition The spread process X is a Feller process on the configuration space E = {0, 1} N defined by the generator G : C(E) R with Gf (x) = β(1 x i ) a ij x j + x i δ (f (x i ) f (x)), x E, f C(E), i=1 j=1 where x i j = x j for i j and x i i = 1 x i

Pricing of Cyber Insurance Contracts in a Network Model 9/27 Outline 1 Spread Process 2 Claims Process 3 Mean-Field Approximation 4 Case Studies 5 Conclusion

Pricing of Cyber Insurance Contracts in a Network Model 10/27 Claims Process Mechanism The spread process X does not directly cause any damage The system as a whole is subject to randomly occurring cyber attacks A node is affected by a cyber attack at time t if and only if it is infected = vulnerable at time t Mathematical Model Number of attacks: counting process M = (M(t)) t 0... with stochastic intensity (λ(t)) t 0... independent of X Loss sizes: nonnegative process L = (L(t)) t 0... independent of X... with L(t) = (L 1(t),..., L N (t)) Losses of an attack at time t are captured by: L(t) X (t) = (L 1(t)X 1(t),..., L N (t)x N (t))

Pricing of Cyber Insurance Contracts in a Network Model 11/27 Expected Aggregate Losses For any time t, the insurance contract is characterized by a function f ( ; ) : R + R N + R + : The insurance company covers f (t; L(t) X (t)), if a loss event occurs at time t The expected aggregate losses of the insurance company over time window [0, T ] are given by: [ ] [ T ] T E f (t; L(t) X (t))dm(t) = E f (t; L(t) X (t))λ(t)dt (1) 0 0 Question: Explicit calculation?

Pricing of Cyber Insurance Contracts in a Network Model 12/27 Example: Proportional Insurance Let f describe a proportional insurance contract, i.e., f (t; L(t) X (t)) = α i L i (t)x i (t) i=1 In this case, eq. (1) becomes [ T ] [ T ] E f (t; L(t) X (t))dm(t) = E f (t; L(t) X (t))λ(t)dt 0 0 T = 0 i=1 α i E[X i (t)] E[L i (t)λ(t)] dt For linear claim functions, only the first moments E[X i (t)] of the spread process are needed in order to calculate the expected aggregate losses

Pricing of Cyber Insurance Contracts in a Network Model 12/27 Example: Proportional Insurance Let f describe a proportional insurance contract, i.e., f (t; L(t) X (t)) = α i L i (t)x i (t) i=1 In this case, eq. (1) becomes [ T ] [ T ] E f (t; L(t) X (t))dm(t) = E f (t; L(t) X (t))λ(t)dt 0 0 T = 0 i=1 α i E[X i (t)] E[L i (t)λ(t)] dt For linear claim functions, only the first moments E[X i (t)] of the spread process are needed in order to calculate the expected aggregate losses

Pricing of Cyber Insurance Contracts in a Network Model 13/27 General Claims Non-linear claim functions f can be uniformly approximated by polynomials of a chosen degree n p in probability Basic idea: By the theorem of Stone-Weierstraß, any continuous f can be uniformly approximated by polynomials on any compact set The compact set is chosen such that the probability of the argument being outside the compact is sufficiently small This leads to expressions of the following form: T0 E (1 [0,u] (Λ(L)) λ(t) Ni=1 [ a 0 + a 1 b i1 L i1 E[X i1 ] + a 2 b i1 b i2 L i1 L i2 E[X i1 X i2 ] i 1 =1 i 1 =1 i 2 =1 +... + a n p b i1 b i2 b in p L i 1 L i2 L in p E[X i 1 X i2 X in p ] dt i 1 =1 i 2 =1 i n p =1 Only moments up to order n p of the spread process (i.e., E[X i1 (t) X ik (t)] for i j {1,..., N} and k n p ) are required for the computation of the expected aggregate losses

Pricing of Cyber Insurance Contracts in a Network Model 13/27 General Claims Non-linear claim functions f can be uniformly approximated by polynomials of a chosen degree n p in probability Basic idea: By the theorem of Stone-Weierstraß, any continuous f can be uniformly approximated by polynomials on any compact set The compact set is chosen such that the probability of the argument being outside the compact is sufficiently small This leads to expressions of the following form: T0 E (1 [0,u] (Λ(L)) λ(t) Ni=1 [ a 0 + a 1 b i1 L i1 E[X i1 ] + a 2 b i1 b i2 L i1 L i2 E[X i1 X i2 ] i 1 =1 i 1 =1 i 2 =1 +... + a n p b i1 b i2 b in p L i 1 L i2 L in p E[X i 1 X i2 X in p ] dt i 1 =1 i 2 =1 i n p =1 Only moments up to order n p of the spread process (i.e., E[X i1 (t) X ik (t)] for i j {1,..., N} and k n p ) are required for the computation of the expected aggregate losses

Pricing of Cyber Insurance Contracts in a Network Model 14/27 General Claims (2) For both linear and non-linear claim functions: Key issue when computing the expected aggregate losses: Calculate moments of X Due to Kolmogorov s equations, these are characterized by ODE systems Challenge: Direct calculation of moments is hardly tractable for realistic network sizes due to very large ODE systems Suggestion Mean-field approximation of the moments of the spread process

Pricing of Cyber Insurance Contracts in a Network Model 14/27 General Claims (2) For both linear and non-linear claim functions: Key issue when computing the expected aggregate losses: Calculate moments of X Due to Kolmogorov s equations, these are characterized by ODE systems Challenge: Direct calculation of moments is hardly tractable for realistic network sizes due to very large ODE systems Suggestion Mean-field approximation of the moments of the spread process

Pricing of Cyber Insurance Contracts in a Network Model 14/27 Outline 1 Spread Process 2 Claims Process 3 Mean-Field Approximation 4 Case Studies 5 Conclusion

Pricing of Cyber Insurance Contracts in a Network Model 15/27 First Order Mean-Field Approximation (1) ODEs of time-derivatives of first moments E[X i (t)]: de[x i (t)] dt = δe[x i (t)] + β a ij E[X j (t)] β a ij E[X i (t)x j (t)], j=1 j=1 i = 1, 2,..., N Problem: Joint second moments keep the system from being closed Ansatz: Incorrectly factorize the second moments E[X i (t)x j (t)] F (E[X i (t)]) F (E[X j (t)]) with a suitably chosen function F : [0, 1] [0, 1], e.g., F (x) = x

Pricing of Cyber Insurance Contracts in a Network Model 15/27 First Order Mean-Field Approximation (1) ODEs of time-derivatives of first moments E[X i (t)]: de[x i (t)] dt = δe[x i (t)] + β a ij E[X j (t)] β a ij E[X i (t)x j (t)], j=1 j=1 i = 1, 2,..., N Problem: Joint second moments keep the system from being closed Ansatz: Incorrectly factorize the second moments E[X i (t)x j (t)] F (E[X i (t)]) F (E[X j (t)]) with a suitably chosen function F : [0, 1] [0, 1], e.g., F (x) = x

Pricing of Cyber Insurance Contracts in a Network Model 16/27 First Order Mean-Field Approximation (2) Definition The first order mean-field approximation z (1) i corresponding to the mean-field function F is defined as the solution to the following system of ODEs: dz (1) i (t) dt for i = 1,..., N = δz (1) i (t) + β j=1 a ij z (1) i (t) β a ij F (z (1) i (t)) F (z (1) j (t)), j=1 The choice of F (x) = x leads to an upper bound, the choice of F (x) = x to a lower bound approximation of the exact moment For certain parameter choices, the approximation error decreases exponentially in time

Pricing of Cyber Insurance Contracts in a Network Model 17/27 First Order Mean-Field Approximation (3) The accuracy of first order mean-field approximations is typically low, if interaction is sufficiently strong Example: We consider a regular network with N = 7 nodes and degree d = 4 0 1 0 0 1 1 1 1 0 1 1 0 0 1 0 1 0 1 1 1 0 A := 0 1 1 0 1 0 1 1 0 1 1 0 1 0 1 0 1 0 1 0 1 1 1 0 1 0 1 0 5 6 3 1 7 2 4 Aggregate infection probability 1 First order independent MFA 0.9 First order Hilbert MFA Exact Markov Chain 0.8 0.7 0.6 0.5 0.4 0.3 0.2 0.1 0 0 1 2 3 4 5 Time t Aggregate infection probability of initially healthy nodes 0.6 First order independent MFA First order Hilbert MFA Exact Markov Chain 0.5 0.4 0.3 0.2 0.1 0 0 1 2 3 4 5 Time t

Pricing of Cyber Insurance Contracts in a Network Model 18/27 n-th Order Mean-Field Approximation (1) In order to achieve higher accuracy, we extend this idea and construct mean-field approximations of order n: (z (n) I ) I {1,2,...,N}, I n This increases the complexity of the approximation Methodology Define the product X I := i I X i for I {1, 2,..., N}. Since the components of X are commutative and idempotent, we may neglect the order of the indices or powers of its components As a consequence of Kolmogorov s forward equations, the dynamics of the moments (E[X I ]) I {1,2,...,N} are described by a coupled system of 2 N 1 ODEs Approximation Focus only on (E[X I ]) I {1,2,...,N}, I n 1 I < n: ODE for d z (n) dt I is exact ODE for d E[X dt I ] 2 I = n: ODE for d z (n) dt I is approximation obtained by (incorrectly) factorizing moments of order n + 1

Pricing of Cyber Insurance Contracts in a Network Model 18/27 n-th Order Mean-Field Approximation (1) In order to achieve higher accuracy, we extend this idea and construct mean-field approximations of order n: (z (n) I ) I {1,2,...,N}, I n This increases the complexity of the approximation Methodology Define the product X I := i I X i for I {1, 2,..., N}. Since the components of X are commutative and idempotent, we may neglect the order of the indices or powers of its components As a consequence of Kolmogorov s forward equations, the dynamics of the moments (E[X I ]) I {1,2,...,N} are described by a coupled system of 2 N 1 ODEs Approximation Focus only on (E[X I ]) I {1,2,...,N}, I n 1 I < n: ODE for d z (n) dt I is exact ODE for d E[X dt I ] 2 I = n: ODE for d z (n) dt I is approximation obtained by (incorrectly) factorizing moments of order n + 1

Pricing of Cyber Insurance Contracts in a Network Model 18/27 n-th Order Mean-Field Approximation (1) In order to achieve higher accuracy, we extend this idea and construct mean-field approximations of order n: (z (n) I ) I {1,2,...,N}, I n This increases the complexity of the approximation Methodology Define the product X I := i I X i for I {1, 2,..., N}. Since the components of X are commutative and idempotent, we may neglect the order of the indices or powers of its components As a consequence of Kolmogorov s forward equations, the dynamics of the moments (E[X I ]) I {1,2,...,N} are described by a coupled system of 2 N 1 ODEs Approximation Focus only on (E[X I ]) I {1,2,...,N}, I n 1 I < n: ODE for d z (n) dt I is exact ODE for d E[X dt I ] 2 I = n: ODE for d z (n) dt I is approximation obtained by (incorrectly) factorizing moments of order n + 1

Pricing of Cyber Insurance Contracts in a Network Model 19/27 n-th Order Mean-Field Approximation (2) I = n Choose the following two objects: 1 a mean-field function F : [0, 1] [0, 1] and 2 a partition scheme (I 1, I 2) such that for j / I we have I {j} = I 1(I, j) I 2(I, j) with non-empty I 1(j) = I 1(I, j), I 2(j) = I 2(I, j) This leads to the following approximation: d dt E[X I ] = nδe[x I ] + β i I a ij E[X I \{i} {j} ] β j=1 i I a ij E[X I {j} ] j=1 nδe[x I ] + β i I a ij E [ ] X I \{i} {j} β a ij E[X I ] j=1 i I j=1,j I β a ij F ( E[X I1 (j)] ) F ( E[X I2 (j)] ). i I j=1,j I

Pricing of Cyber Insurance Contracts in a Network Model 19/27 n-th Order Mean-Field Approximation (2) I = n Choose the following two objects: 1 a mean-field function F : [0, 1] [0, 1] and 2 a partition scheme (I 1, I 2) such that for j / I we have I {j} = I 1(I, j) I 2(I, j) with non-empty I 1(j) = I 1(I, j), I 2(j) = I 2(I, j) This leads to the following approximation: d dt E[X I ] = nδe[x I ] + β i I a ij E[X I \{i} {j} ] β j=1 i I a ij E[X I {j} ] j=1 nδe[x I ] + β i I a ij E [ ] X I \{i} {j} β a ij E[X I ] j=1 i I j=1,j I β a ij F ( E[X I1 (j)] ) F ( E[X I2 (j)] ). i I j=1,j I

Pricing of Cyber Insurance Contracts in a Network Model 20/27 n-th Order Mean-Field Approximation (3) I < n In the approximate ODE system, the ODE for d dt z (n) I is the exact ODE for d dt E[X I ]: d dt E[X I ] = nδe[x I ] + β i I a ij E [ ] X I \{i} {j} β a ij E [ ] X I {j} j=1 i I j=1 n-th order approximation with I = n : ż (n) I I < n : ż (n) I = nδ + β β = nδz (n) I i I j=1,j I i I j=1,j I + β a ij z (n) I + β ( ) ( ) a ij F z (n) F z (n) I 1 (j) I 2 (j) i I j=1 i I j=1 a ij z (n) I \{i } {j} β i I j=1 a ij z (n) I \{i } {j} a ij z (n) I {j}

Pricing of Cyber Insurance Contracts in a Network Model 20/27 n-th Order Mean-Field Approximation (3) I < n In the approximate ODE system, the ODE for d dt z (n) I is the exact ODE for d dt E[X I ]: d dt E[X I ] = nδe[x I ] + β i I a ij E [ ] X I \{i} {j} β a ij E [ ] X I {j} j=1 i I j=1 n-th order approximation with I = n : ż (n) I I < n : ż (n) I = nδ + β β = nδz (n) I i I j=1,j I i I j=1,j I + β a ij z (n) I + β ( ) ( ) a ij F z (n) F z (n) I 1 (j) I 2 (j) i I j=1 i I j=1 a ij z (n) I \{i } {j} β i I j=1 a ij z (n) I \{i } {j} a ij z (n) I {j}

Pricing of Cyber Insurance Contracts in a Network Model 21/27 n-th Order Mean-Field Approximation (4) The n-th order mean-field approximation yields approximations of all moments of X up to order n: n-th moments enable us to compute expected aggregate losses for non-linear claim functions The n-th order approximation also yields improved approximations of the first order moments, i.e., infection probabilities of each node Example: Aggregate infection probability of initially healthy nodes in the n-th order mean-field approximation for n = 1, 2, 3, 4, F (x) = x, β = 0.5 and δ = 1.817 0.6 1 2 3 4 6 7 Initial state of the infection 5 Aggregate infection probability of initially healthy nodes 0.5 0.4 0.3 0.2 0.1 First order MFA Second order MFA Third oder MFA Fourth order MFA Exact Markov Chain 0 0 0.5 1 1.5 2 2.5 3 Time t

Pricing of Cyber Insurance Contracts in a Network Model 21/27 Outline 1 Spread Process 2 Claims Process 3 Mean-Field Approximation 4 Case Studies 5 Conclusion

Pricing of Cyber Insurance Contracts in a Network Model 22/27 Network Scenarios We consider three different stylized network scenarios Homogeneous Clustered Star-shaped The number of nodes and the degree of each node are equal in all scenarios (N = 50, d = 7) We are comparing the impact of the network topology

Pricing of Cyber Insurance Contracts in a Network Model 23/27 Simulation Setup We initially infect 20% of the nodes in the networks: For the spread process, we choose: β = 0.5, δ = 3.51 Cyber attacks occur at the jumps of a homogeneous Poisson process with rate λ = 3 Losses at each vulnerable node are exponentially distributed with mean µ = 2 Approximation of expected aggregate losses of the insurance company in [0, 3] on the basis of mean-field approximations for the moments of the spread process, Monte-Carlo simulations of the claims processes

Pricing of Cyber Insurance Contracts in a Network Model 24/27 Example: Aggregate Losses Total loss coverage, i.e., the treaty function f (t, ) is given by f (t, L(t) X (t)) := L i (t)x i (t) i=1 Estimated expected aggregate losses: Losses: Total coverage Homogeneous Clustered Star First order MFA 96.4671 97.6170 96.5425 Second order MFA 51.4911 39.7776 39.4127 Third order MFA 77.8349 70.6588 68.0767 Fourth order MFA 68.0676 61.3693 59.9005

Pricing of Cyber Insurance Contracts in a Network Model 25/27 Example: Excess of Loss per Risk XL XL, i.e., the treaty function f (t, ) is given by f (t, L(t) X (t)) := min{l i (t), 2} X i (t) i=1 Estimated expected insurance losses: Losses: XL Homogeneous Clustered Star First order MFA 60.9795 61.7036 61.0247 Second order MFA 32.5475 25.1401 24.9105 Third order MFA 49.2010 44.6618 43.0300 Fourth order MFA 43.0265 38.7894 37.8615

Pricing of Cyber Insurance Contracts in a Network Model 25/27 Outline 1 Spread Process 2 Claims Process 3 Mean-Field Approximation 4 Case Studies 5 Conclusion

Pricing of Cyber Insurance Contracts in a Network Model 26/27 Conclusion Model for pricing cyber insurance Cyber losses that are triggered by two underlying risk processes: a cyber infection interacting Markov chain cyber attacks on vulnerable sites marked point process Due to the large dimension of the system, the computation of expected aggregate insurance losses and pricing of cyber contracts is challenging: polynomial approximation of non-linear claim functions n-th order mean-field approximation of moments of the spread process Numerical case studies demonstrate: Significant impact of network topology Higher order mean-field approximations improve accuracy

Pricing of Cyber Insurance Contracts in a Network Model 27/27 Thank you for your attention!

2024 © sciencedocbox.com Privacy Policy | Terms of Service | Feedback