Maochao Xu’s research while affiliated with Illinois State University and other places

The remarkable growth of digital assets, starting from the inception of Bitcoin in 2009 into a 1 trillion market in 2024, underscores the momentum behind disruptive technologies and the global appetite for digital assets. This paper develops a framework to enhance actuaries' understanding of the cyber risks associated with the developing digital asset ecosystem, as well as their measurement methods in the context of digital asset insurance. By integrating actuarial perspectives, we aim to enhance understanding and modeling of cyber risks at both the micro and systemic levels. The qualitative examination sheds light on blockchain technology and its associated risks, while our quantitative framework offers a rigorous approach to modeling cyber risks in digital asset insurance portfolios. This multifaceted approach serves three primary objectives: i) offer a clear and accessible education on the evolving digital asset ecosystem and the diverse spectrum of cyber risks it entails; ii) develop a scientifically rigorous framework for quantifying cyber risks in the digital asset ecosystem; iii) provide practical applications, including pricing strategies and tail risk management. Particularly, we develop frequency-severity models based on real loss data for pricing cyber risks in digit assets and utilize Monte Carlo simulation to estimate the tail risks, offering practical insights for risk management strategies. As digital assets continue to reshape finance, our work serves as a foundational step towards safeguarding the integrity and stability of this rapidly evolving landscape.

Our homes are increasingly employing various kinds of Internet of Things (IoT) devices, leading to the notion of smart homes. While this trend brings convenience to our daily life, it also introduces cyber risks. To mitigate such risks, the demand for smart home cyber insurance has been growing rapidly. However, there are no studies on analyzing the competency of smart home cyber insurance policies offered by cyber insurance vendors (i.e., insurers), where `competency' means the insurer is profitable and smart home owners are not overly charged with premiums and/or deductibles. In this paper, we propose a novel framework for pricing smart home cyber insurance, which can be adopted by insurers in practice. Our case studies show, among other things, that insurers are over charging smart home owners in terms of premiums and deductibles.

Cyber attacks are a major and routine threat to the modern society. This highlights the importance of forecasting (i.e., predicting) cyber attacks, just like weather forecasting in the real world. In this paper, we present a study on characterizing, modeling and forecasting the number of cyber attacks at an aggregate level by leveraging a high-quality, publicly-available dataset of cyber attacks against enterprise networks; the dataset is of high quality because more than 99% of the attacks were examined and confirmed by human analysts. We find that the attacks exhibit high volatilities and burstiness. These properties guide us to design statistical models to accurately forecast cyber attacksand draw useful insights.

Cybersecurity risk modeling and pricing are becoming a spotlight in actuarial science and operational research. This paper pertains to the analysis of the cybersecurity risks involved in the fog computing technology which has been intensively deployed in assorted Internet of Things (IoT) applications. To this end, a class of structural models are established to study the inherent cyber risk propagation process. Under the smart home applications, we manage to compute the compromise probabilities of individual nodes explicitly. Applications of the proposed structural models in the context of cyber insurance pricing are thoroughly explored. Finally, we propose an interval method for estimating the compromise probabilities of fog network’s elements, which can be used to efficiently identify weak nodes for cybersecurity risk management.

Ransomware has emerged as one of the most concerned cyber risks in recent years, which has caused millions of dollars monetary loss over the world. It typically demands a certain amount of ransom payment within a limited timeframe to decrypt the encrypted victim’s files. This paper explores whether the ransomware should be paid in a novel game-theoretic model from the perspective of Bayesian game. In particular, the new model analyzes the ransom payment strategies within the framework of incomplete information for both hacker and victim. Our results show that there exist pure and randomized Bayesian Nash equilibria under some mild conditions for the hacker and victim. The sufficient conditions that when the ransom should be paid are presented when an organization is compromised by the ransomware attack. We further study how the costs and probabilities of cracking or recovering affect the expected payoffs of the hacker and the victim in the equilibria. In particular, it is found that the backup option for computer files is not always beneficial, which actually depends on the related cost. Moreover, it is discovered that fake ransomware may be more than expected because of the potential high payoffs. Numerical examples are also presented for illustration.

The online storage of sensitive data enjoys many benefits such as flexibility, cost-savings, scalability, and convenience but it also poses a big concern on the data confidentiality and availability. To ensure the confidentiality and availability of sensitive data over a network system, the data partition technique is often employed. We study the optimal data partition strategy over an arbitrary network under cyber threats. Both the outside attack and the risk propagation (i.e., inside attack) are considered for the data partition. The data breach probability and retrieve probability are discussed under both limited and unlimited risk propagation for various scenarios. It is discovered that the risk propagation can have much more impact on the optimal partition strategy than that of outside attacks, and the unlimited risk propagation leads to more severer cyber risk. The network topology significantly impacts the partition strategy which hints that the network topology should never be overlooked in practice. The corruption due to compromise can lead to different partition strategies. An optimal partition model is developed for determining the optimal strategy and the pareto non-dominated solutions are recommended for practical use.

Dependence among cyber risks has been an essential and challenging component of risk management. The current study characterizes cyber dependence from both qualitative and quantitative perspectives based on L-hop propagation model. From the qualitative side, it is shown that cyber risks always possess positive association based on the proposed risk propagation model. From the quantitative side, an explicit formula for computing the fundamental dependence measure of covariance is provided for an arbitrary network. In particular, we study the impacts of factors—especially external and internal compromise probabilities, propagation depth, and network topologies—on dependence among cyber risks. We conclude by presenting some examples and applications.

Modeling cyber risks has been an important but challenging task in the domain of cyber security, which is mainly caused by the high dimensionality and heavy tails of risk patterns. Those obstacles have hindered the development of statistical modeling of the multivariate cyber risks. In this work, we propose a novel approach for modeling the multivariate cyber risks which relies on the deep learning and extreme value theory. The proposed model not only enjoys the high accurate point predictions via deep learning but also can provide the satisfactory high quantile predictions via extreme value theory. Both the simulation and empirical studies show that the proposed approach can model the multivariate cyber risks very well and provide satisfactory prediction performances.