Risk Quantum Simulator II - Cyber Threats

Risk Quantum Simulator II - Cyber Threats preview image

1 collaborator

Tags

(This model has yet to be categorized with any tags)
Model group Risk Mathematics | Visible to everyone | Changeable by group members (Risk Mathematics)
Model was written in NetLogo 5.0.2 • Viewed 1135 times • Downloaded 74 times • Run 0 times
Download the 'Risk Quantum Simulator II - Cyber Threats' modelDownload this modelEmbed this model

Do you have questions or comments about this model? Ask them here! (You'll first need to log in.)


WHAT IS IT?

This is a risk quantum simulator that addresses the evolution of geostrategic disruption by cyber threat dynamics applying the concepts laid out in the article:

Gon_alves (2012), Risk Mathematics and Quantum Games on Quantum Risk Structures - A Nuclear War Scenario Game, arXiv:1211.6683 [physics.soc-ph] (http://arxiv.org/abs/1211.6683).

See also the related models:

Gonalves, C.P. 2012. _Risk Simulator I - Nuclear War. CQSSRM - Risk Simulator (http://modelingcommons.org/browse/onemodel/3470#modeltabsbrowsediscuss)

The risk web is based upon the WEF Risks 2012 Report and the article:

Gonalves (2012), Risk Governance - A Framework for Risk Science-Based Decision Support Systems, http://papers.ssrn.com/sol3/papers.cfm?abstractid=2085482

However, a few extra elements and links are added to the web, that are found relevant from the perspective of cyber threat risk evaluation.

The model draws, first, the morphic web of risk situations and then introduces the evolutionary scenario dynamics, based upon the quantum theoretical approach to risk mathematics introduced in arXiv:1211.6683 [physics.soc-ph] as explained in the next section on the conceptual overview of the model.

CONCEPTUAL OVERVIEW

Risk mathematics can be approached foundationally from "morphic web theory", a morphic web is a network of morphisms, where by a morphism it is understood a directional relation that goes from an origin object to a target object, that is, under the morphism, an origin object is linked to a target object by a morphic connection that goes from the origin to the target. While mathematical categories are morphic webs not all morphic webs are mathematical categories (Gon_alves, 2012)

There are ten risk situations addressed in the current model's morphic web:

S0 : geostrategic disruption S1 : hacktivism S2 : leakism S3 : cyber attacks S4 : critical systems failure S5 : massive incident of data fraud or theft S6 : massive digital misinformation S7 : terrorism S8 : failure of diplomatic conflict resolution S9 : cyber war

These ten risk situations will compose the up to object web for constructing up to object scenarios that is, scenarios that may lead to geostrategic disruption events.

Besides these ten risk situations, five more risk situations are added to build the after object scenarios, that is, scenarios that take place after geostrategic disruption events (some of the linkages of the next five additional risk situations will also be a part of the up to object risk web):

S10 : social and political infrastructures disruption S11 : armed forces and internal security disruption S12 : intelligence infrastructure disruption S13 : business structures disruption S14 : financial disruption

The connections are addressed, in terms of the basic influences, in the form of programming notes added to the up to object and after object risk webs' Netlogo programming procedures.

These programming notes may be useful in addressing static scenario analysis based on the current Netlogo model.

For the dynamical scenario analysis, we work with a quantum game, such that, at each round of the game, each systemic situation is characterized by a qubit:

|Sj,t> = psi(j,t,0)|0> + psi(j,t,1)|1>

where |0> encodes the non-occurrence of the risk situation and |1> encodes the occurrence of the risk situation.

We follow here the "weak" many worlds interpretation, addressed in arXiv:1211.6683 [physics.soc-ph], with one world in act and the squared modulus of the quantum amplitudes being interpreted as the proportion of possible world configurations in which a corresponding scenario occurs (a scenario is defined as a configuration |s1,s2,...,sj,...,s9> with sj = 0,1), leading to a fitness measure over possible world configurations and to the assumption that one configuration takes place in act, with probability measurable as numerically coincident with the fitness.

Transition between two quantum game rounds is locally given by the action of the quantum gate:

U(t) = U1(t)U2(t)

with:

U1(t) := psi(j,t,0)(|0><0| - |1><1|) + psi(j,t,1)(|0><1| + |1><0|)

U2(t) := psi(j,t-1,0)(|0><0| - |1><1|) + psi(j,t-1,1)(|0><1| + |1><0|)

where psi(j,t,0) and psi(j,t,1) are real-valued and lie in the unit interval [0,1], obeying the following relations:

psi(j,t,0) = sqrt(1 - |psi(j,t,1)|^2)

psi(j,t,1) = F[psi(j,t-1,1)]

where F(.) is the coupled lattice map:

F[(psi,j,t-1,1)] = (1 - epsilon) M(t) + epsilon * h(t)

M(t) = b * psi(j,t-1,1) * (1 - psi(j,t-1,1))

with h(t) representing the mean quantum amplitude of the risk situations that are at the origin of the j-th risk situation.

Due to the structure of U(t), the resulting quantum game dynamics leads to the coupled logistic dynamics being implemented by the quantum computation at the level of the sequence of quantum amplitudes.

The user can control coupled map parameters through the corresponding sliders "b" and "epsilon". An additional updating frequency slider allows the user to slow down each model_s steps so that one can better visualize the evolution of the unfolding scenarios.

As each threat increases in probability of occurrence (see the explanation above as well as the next section's references for a proper interpretation of probabilities), the circle corresponding to the event starts to grow, whenever the threat takes place the circle turns from blue color to red.

CREDITS AND REFERENCES

The main reference for the current work is the article that provides the quantum theoretical background for the approach followed here:

Gonalves, C.P. (2012). _Risk Mathematics and Quantum Games on Quantum Risk Structures - A Nuclear War Scenario Game arXiv:1211.6683 physics.soc-ph.

The current model is also an integrating part of the research and teaching umbrella project under development by the author at Instituto Superior de Cincias Sociais e Polticas (ISCSP), Technical University of Lisbon:

COMPLEX QUANTUM SYSTEMS SCIENCE AND RISK MATHEMATICS (CQSSRM) URL: https://sites.google.com/site/quantumcomplexity/

For academic reference the model should be quoted as:

Gonalves, C.P. 2012. _Risk Simulator II - Cyber Threats. CQSSRM - Risk Simulator.

For the scenario analysis process, the user may also consult the two references:

Risk Governance - A Framework for Risk Science-Based Decision Support Systems, 2012, Gonalves, C.P., http://papers.ssrn.com/sol3/papers.cfm?abstractid=2085482

"Anlise de Cenrios e Risco", 2012, Gon_alves, C.P. (Scenario analysis and Risk, text in Portuguese) https://sites.google.com/site/quantumcomplexity/analise-de-cenarios-e-risco

Comments and Questions

Please start the discussion about this model! (You'll first need to log in.)

Click to Run Model

turtles-own [ risk-situation in-degree out-degree M psi_0 psi_1 fitness_0 fitness_1 occurrence]
globals [ path-one-chain path-two-chain path-three-chain total-links clock number-of-occurrences]

to setup
  ca
  set-default-shape turtles "circle"
  draw-network
  setup-quantum-game
end 

to draw-network
  create-nodes
  create-links
  calculate-statistics
end 

to setup-quantum-game
  ask turtles [ set psi_1 random-float 0.01 ] ; low initial quantum amplitude for occurrence of risk situation
  ask turtles [ set psi_0 sqrt(1 - abs(psi_1) ^ 2) ] ; psi(0) = (1 - |psi(1)| ^ 2) ^ 0.5
end 

to play-quantum-game
   set clock clock + 1
   if clock mod updating-frequency = 0 
   [
    ask turtles [ set color blue ]
    update-qubit
    possible-world-configurations 
    actualization
    ask turtles [set size 1 + fitness_1 * 3]
    set number-of-occurrences sum [occurrence] of turtles
    do-plot ]
end 

to update-qubit
  ask turtles [ set M b * psi_1 - b * abs(psi_1) ^ 2 ] ; logistic map: b * psi(1) - b * |psi(1)| ^ 2
  ask turtles 
  [ 
    ifelse (any? in-link-neighbors) 
    [ set psi_1 (1 - epsilon) * M + epsilon * mean [M] of in-link-neighbors ]
    [ set psi_1 M ]
  ]
  
  ask turtles [ set psi_0 sqrt( 1 - abs(psi_1) ^ 2) ]
end 

to possible-world-configurations
  ask turtles 
  [  set fitness_0 abs(psi_0) ^ 2 ; proportion of possible world configurations in which the risk situation does not occur
     set fitness_1 abs(psi_1) ^ 2 ] ; proportion of possible world configurations in which the risk situation occurs
end 

to actualization
  ask turtles [ ifelse random-float 1.000 <= fitness_1 [ set occurrence 1 ] [ set occurrence 0 ] ]
  ask turtles [ ifelse (occurrence = 1) [ set color red ] [ set color blue ] ]
end 

to do-plot
  set-current-plot "Number of Occurrences"
  plot number-of-occurrences
end 


;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
; Morphic Web Drawing Procedures ;
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;


; UTOW (Up-to-Object Web) | UTOS (Up-to-Object Scenarios)

; Turtle 0 : geostrategic disruption
; Turtle 1 : hacktivism
; Turtle 2 : leakism
; turtle 3 : cyber attacks
; Turtle 4 : critical systems failure
; Turtle 5 : massive incident of data fraud or theft
; Turtle 6 : massive digital misinformation
; Turtle 7 : terrorism
; Turtle 8 : failure of diplomatic conflict resolution
; Turtle 9 : cyber war

; AOW (After-Object Web) | AOS (After-Object-Scenarios)


; Turtle 10 : social and political infrastructures disruption
; Turtle 11 : armed forces and internal security disruption
; Turtle 12 : intelligence infrastructure disruption
; Turtle 13 : business structures disruption
; Turtle 14 : financial disruption

to create-nodes
  create-ordered-turtles 15 [fd 15 rt 180]
  ask turtle 0 [ set risk-situation "geostrategic disruption" ]
  ask turtle 1 [ set risk-situation "hacktivism" ]
  ask turtle 2 [ set risk-situation "leakism" ]
  ask turtle 3 [ set risk-situation "cyber attacks" ]
  ask turtle 4 [ set risk-situation "critical systems failure" ]
  ask turtle 5 [ set risk-situation "massive incident of data fraud or theft" ]
  ask turtle 6 [ set risk-situation "massive digital misinformation" ]
  ask turtle 7 [ set risk-situation "terrorism" ]
  ask turtle 8 [ set risk-situation "failure of diplomatic conflict resolution" ]
  ask turtle 9 [ set risk-situation "cyber war" ]
  ask turtle 10 [ set risk-situation "social and political infrastructures disruption" ]
  ask turtle 11 [ set risk-situation "armed forces and internal security disruption" ]
  ask turtle 12 [ set risk-situation "intelligence infrastructure disruption" ]
  ask turtle 13 [ set risk-situation "business structures disruption" ]
  ask turtle 14 [ set risk-situation "financial disruption" ]
  ask turtles [ set label risk-situation ]
end 

to create-links
  create-UTOW
  create-AOW
end 

to create-UTOW
  ask turtle 1 ; hacktivism
  [ 
    create-link-to turtle 0 ; geostrategic disruption - related to targeting and immitation effects
    create-link-to turtle 2 ; leakism - by stimulating "leakism" movements
    create-link-to turtle 3 ; cyber attacks - by stimulating cyberattacks
    create-link-to turtle 7 ; terrorism - appearance of new hacktivist movements radicalized around massive 
                            ; disruption of critical infrastructures and supporting cyber terrorism
    create-link-to turtle 8 ; failure of diplomatic conflict resolution - by being a factor of failure of diplomatic conflict resolution
     ]
  
  ask turtle 2 ; leakism
  [ create-link-to turtle 0 ; geostrategic disruption - related to damaging critical armed forces, geopolitical 
                            ; and economic infrastructures leaks
    create-link-to turtle 1 ; hacktivism - by stimulating "hacktivism" movements
    create-link-to turtle 3 ; cyber attacks - by stimulating cyber attacks
    create-link-to turtle 7 ; terrorism - leaks of sensitive information influencing terrorist attacks including conventional terrorism and cyber terrorism
                            ; in particular regarding disclosure of critical information on exploitable vulnerabilities
    create-link-to turtle 8 ; failure of diplomatic conflict resolution - by being a factor of failure of diplomatic conflict resolution
  ]
  
  
  ask turtle 3 ; cyber attacks
  [ create-link-to turtle 0 ; geostrategic disruption - related to attacks aimed at specific geostrategic disruption
    create-link-to turtle 1 ; hacktivism - by stimulating hacktivist-related cyber attacks
    create-link-to turtle 2 ; leakism - by allowing access to information that can be disclosed
    create-link-to turtle 4 ; critical systems failure - by targeting key systems and their vulnerabilities
    create-link-to turtle 5 ; massive incident of data fraud or theft - by targeting data for criminal purposes
    create-link-to turtle 6 ; massive digital misinformation - as a measure of propaganda, prior to conventional state-related attack or prior to a cyber terrorist strike
    create-link-to turtle 7 ; terrorism - influencing both cyberterrorism and conventional attacks
    create-link-to turtle 8 ; failure of diplomatic conflict resolution - leading to failure of diplomatic conflict resolution as a form of attack to a state or region
  ]
  
  ask turtle 4 ; critical systems failure
  [ create-link-to turtle 0 ; geostrategic disruption - resulting from critical infrastructures failure linked to critical cyber systems failure
    create-link-to turtle 7 ; influencing windows of opportunity for terrorism, both in the form of unrelated opportunistic attacks, and planned synchronized attacks 
                            ; with cyber attack-induced critical systems failure
  ]
  
  ask turtle 5 ; massive incident of data fraud or theft 
  [
    create-link-to turtle 0 ; geostrategic disruption - theft of strategic-valued information and massive fraud that is damaging from an economic perspective
    create-link-to turtle 2 ; leakism - theft of sensitive data for disclosure purposes
    create-link-to turtle 7 ; terrorism - backing up of terrorist movements by theft of critical strategic-valued data
  ]
  
  
  ask turtle 6 ; massive digital misinformation
  [  
    create-link-to turtle 0 ; geostrategic disruption - if the misinformation targets key strategic dynamics including social and political dynamics in contexts of social, economic 
                            ; and political crises
    ]
    
  ask turtle 7 ; terrorism
  [
    create-link-to turtle 0 ; geostrategic disruption - related to conventional and cyber terrorist attacks 
    create-link-to turtle 3 ; cyber attacks - cyber terrorist-related attacks and sophisticated combination of cyber terrorism and conventional terrorism
    create-link-to turtle 8 ; failure of diplomatic conflict resolution - due to terrorist operations that disrupt negotiation
    create-link-to turtle 9 ; cyber war - cyber war between states triggered by a previous dynamics of terrorist attacks
  ]
  
  ask turtle 8 ; failure of diplomatic conflict resolution
  [
    create-link-to turtle 0 ; geostrategic disruption - due to conflict resolution failure
    create-link-to turtle 1 ; hacktivism - influencing hacktivism
    create-link-to turtle 3 ; cyber attacks - influencing cyber attacks
    create-link-to turtle 7 ; terrorism - due to conflict resolution failure
    create-link-to turtle 9 ; cyber war - failure o diplomatic conflict resolution influencing cyber war
  ]
  
  ask turtle 9 ; cyber war
  
  [
    create-link-to turtle 0 ; geostrategic disruption - due to cyber war-related strategies and resulting actions

    ; Following are links related to possible cyber war actions undertaken by conflicting factions:

    create-link-to turtle 1 ; hacktivism - possible state-sponsored hacktivism
    create-link-to turtle 2 ; leakism - possible state-sponsored leakism to provoke social and political disruption
    create-link-to turtle 3 ; cyber attacks - main actions of cyber warfare
    create-link-to turtle 4 ; critical systems failure - due to targeting within the context of cyber warfare manouvers
    create-link-to turtle 5 ; massive incident of data fraud or theft - as an integrating part of cyber war operations
    create-link-to turtle 6 ; massive digital misinformation - as an integrating part of cyber war operations
  ]
end 

to create-AOW
  
  ask turtle 10 ; social and political infrastructures disruption
  [ create-link-from turtle 0 ; geostrategic disruption - as a post-event disruption
    create-link-from turtle 1 ; hacktivism - targeting social and political infrastructures' disruption
    create-link-from turtle 2 ; leakism - disclosure of sensitive information that leads to social and political infrastructures disruption
    create-link-from turtle 3 ; cyber attacks - attacks that disrupt social and political infrastructures
    create-link-from turtle 4 ; critical systems failure - social and political disruption caused by failure of critical systems
    create-link-from turtle 7 ; terrorism - by targeting social and political infrastructures
    create-link-from turtle 9 ; cyber war - by targeting social and plolitical infrastructures

    create-link-to turtle 0 ; can be a source of geostrategic disruption: UTOW link
  ]
  
   
  ask turtle 11 ; armed forces and internal security disruption
  [ create-link-from turtle 0 ; geostrategic disruption - as a post-event disruption
    create-link-from turtle 1 ; hacktivism - targeting armed forces and internal security
    create-link-from turtle 2 ; leakism - disclosure of sensitive armed forces information that places at risk internal security and/or armed forces' infrastructures
    create-link-from turtle 3 ; cyber attacks - attacks that target armed forces and internal security
    create-link-from turtle 4 ; critical systems failure - social and political disruption caused by failure of critical systems
    create-link-from turtle 5 ; massive incident of data fraud or theft - theft of critical internal security and armed forces information
    create-link-from turtle 7 ; terrorism - by targeting social and political infrastructures
    create-link-from turtle 9 ; cyber war - by targeting social and plolitical infrastructures

    create-link-to turtle 0 ; can be a source of geostrategic disruption: UTOW link
     ]
  
  
  ask turtle 12 ; intelligence infrastructure disruption
  
  [ create-link-from turtle 0 ; geostrategic disruption - as a post-event disruption
    create-link-from turtle 1 ; hacktivism - targeting intelligence-related infrastructures
    create-link-from turtle 2 ; leakism - disclosure of sensitive intelligence information that places at risk intelligence infrastructure
    create-link-from turtle 3 ; cyber attacks - attacks to sensitive areas and strategic intelligence targets, paid for attacks (cyber-espionage)
    create-link-from turtle 5 ; massive incident of data fraud or theft - theft of critical intelligence information
    create-link-from turtle 7 ; terrorism - by targeting intelligence-related infrastructures
    create-link-from turtle 9 ; cyber war - by attacking the intelligence infrastructure as a strategic target
  ]
  
  
  
  
  ask turtle 13 ; business structures disruption
  [ create-link-from turtle 0 ; geostrategic disruption - as a post-event disruption
    create-link-from turtle 1 ; hacktivism - targeting business structures disruption
    create-link-from turtle 2 ; leakism - disclosure of leaks damaging to the business structures
    create-link-from turtle 3 ; cyber attacks - attacks targeting business targets and damaging to the business structure
    create-link-from turtle 4 ; critical systems failure - leading to disruption of business-related infrastructures
    create-link-from turtle 5 ; massive incident of data fraud or theft - leading to business-related disruption
    create-link-from turtle 7 ; terrorism - targeting business-related targets
    create-link-from turtle 8 ; failure of diplomatic conflict resolution - affecting business relations between countries
    create-link-from turtle 9 ; cyber war - by attacking business as a strategy for business disruption
    
    
    create-link-to turtle 0 ; can be a source of geostrategic disruption: UTOW link
    
     ]
  
  
  ask turtle 14  ; financial disruption
  [ 
    create-link-from turtle 0 ; geostrategic disruption - as a post-event disruption
    create-link-from turtle 1 ; hacktivism - targeting financial structures disruption
    create-link-from turtle 2 ; leakism - massive disclosure leading to financial scandals producing a financial disruption
    create-link-from turtle 3 ; cyber attacks - attacks to financial centers towards disruption of the global financial web
    create-link-from turtle 4 ; critical systems failure - leading to disruption of finance-related infrastructures
    create-link-from turtle 5 ; massive incident of data fraud or theft - leading to finance-related disruption
    create-link-from turtle 7 ; terrorism - targeting finance-related targets
    create-link-from turtle 9 ; cyber war - by attacking the financial system as a strategy for financial disruption
    
    create-link-to turtle 0 ; can be a source of geostrategic disruption: UTOW link
    
     ]
end 

to calculate-statistics
  
  ask turtles 
  [ set in-degree count my-in-links
    set out-degree count my-out-links ]
  
  set-current-plot "In Degree Distribution"
  histogram [in-degree] of turtles
  
  set-current-plot "Out Degree Distribution"
  histogram [out-degree] of turtles
end    

There are 4 versions of this model.

Uploaded by When Description Download
Carlos Pedro S. Gonçalves almost 12 years ago Corrected equation for coupled lattice map for diffusive coupling Download this version
Carlos Pedro S. Gonçalves almost 12 years ago V2 - Post-lecture expanded and corrected for a few bugs Download this version
Carlos Pedro S. Gonçalves almost 12 years ago V2 - Post-lecture expanded and corrected for a few bugs Download this version
Carlos Pedro S. Gonçalves almost 12 years ago Initial upload Download this version

Attached files

File Type Description Last updated
Risk Quantum Simulator II - Cyber Threats.png preview Preview for 'Risk Quantum Simulator II - Cyber Threats' over 11 years ago, by Carlos Pedro S. Gonçalves Download

This model does not have any ancestors.

This model does not have any descendants.