Upload
anthony-stark
View
59
Download
0
Tags:
Embed Size (px)
DESCRIPTION
Integration Risk Optimization Models and Algorithms. Vladimir ZASLAVSKY Head of Department of Mathematical Methods in Ecology and Economic Research Faculty of Cybernetics National Taras Shevchenko University of Kiev. System analysis and risk management. - PowerPoint PPT Presentation
Citation preview
Velingrad, 2006 1
Integration Risk Optimization Models and Algorithms
Vladimir ZASLAVSKY
Head of Department of Mathematical Methods in Ecology and Economic Research
Faculty of Cybernetics National Taras Shevchenko University of Kiev
Velingrad, 2006 2
System analysis and risk management
• Risk management and safety providing are system problems that concern different countries and unite industrial regions, depend on technical conditions of enterprises and influence on economy and ecology.
• Harmful attitude connecting with human activity to nature and its resources has a great negative influence on ecology, land and water resources and requires more and more financial expenses for risk reduction, reconstruction and prevention of technical and ecological cataclysms.
Velingrad, 2006 3
Sustainable development
• Exclusive importance of risk management problems connected with the concept of sustainable development and it’s component -
provision of life safety and environment protection.
Sustainable development
Human rights
Providing securityImproving of life quality
Economics Education Health Environment
Velingrad, 2006 4
1.What is happens? (What is brouken?)
js Fire/ explosion
2. Probability?
jp 0.01%
Consequences? jw $100.000
{ , , , }j j j SR s p w F ,
:{ , , }j j j SF s p w .
Source Consequences
Scenario
System analysis and risk definition
Velingrad, 2006 5
Risk factors• Consequences of global industrialization, growth of megalopolises,
global warming and climate changes destroy natural balance and realize ever increasing pressure on natural facilities.
• Such processes represent complex social, economic, ecological, military and political problems and stability of regions, countries and planet as a whole is greatly depend on their successful solving.
• Modern risk factors for many countries are:– nature disasters (floods, tsunami, typhoons, earthquakes, droughts,
global warming); – terrorism (that nowadays has miscellaneous roots and takes different
forms); – technical catastrophes; – military conflicts;– globalization and industrialization (problems of megalopolises); – environment pollution;– exhausting of natural resources..
Velingrad, 2006 6
Scenario development
Catastrophes that occur in different pointsof the globe and their consequences (radioactive and other surges) perceived not only in the area nearest to the place of the accident but also in the other regions as the acid rains, ozone holes, radioactive pollution of wide territories
Source
Underground waters
Temperature and pressure
distance
co nc
en
tr ati
on
Standart
Safetyzone
results
time
C on
ce ntr
ati
on
standart
time
results
Velingrad, 2006 7
Risk problems• Countries and regions exist and develop in close connection with
border territories and each of them has it’s own standards, traditions of land use, ethnic particularities, etc. This neighborhood stipulates need of interaction and coordination during the governing of territories from the position of risk minimization.
• Mutual identification of risk sources (hazards), possible scenarios of their development (the model: Hazards - Scenarios - Consequences), accumulation of statistics and changes are necessary.
• Problems of system safety are investigated on different organizational levels (The World Bank, IIASA, Government, Administration, Ministries of Nature of different countries, MAGATE, Local Communities) and demand attracting of significant financial, human and technical resources
Velingrad, 2006 8
Risk and resources
Central Government
Municipal (City) Administration
Level of Administration Size of Damage and Loss
Provincial Governorate
Regional Coordinating Administration
Local Community Organization
Individual Household
Velingrad, 2006 9
Risk and decision making• On each management level it’s necessary to evaluate scales of the
damages and losses, to have real and adequate cards of risk regions and classification of dangerous objects. System approach to risk investigation and hazards ranking (taking into account uncertainties) is very important along with understanding the fact that they can be interconnected, affect one another thus intensifying the negative effect.
• The core question in provision of safety and security and liquidation of accidents’ consequences is responsibility for decisions. Taking the responsible decisions should be collegiate and weighted.
• Experts should consider all possible scenarios of events’ development, clearly understand the consequences of each of them and their influence on safety and life quality, because the human safety is considered today as main criteria.
• Significant risks to regional safety are also brought by terrorism. They objectively-real and recently become more often and their prevention requires new approaches. Therefore it’s necessary to establish automated protection systems and organize trained personnel to provide safety of critical infrastructure objects.
Velingrad, 2006 10
Critical infrastructure
Government
Agriculture
Water-Supply
Communications
Transportation and Shipping
Air transport
- Passenger
- Freight
Rail-freight traffic
- Passenger
- Freight
Maritime
Roads
- Highway
- Bridges
Local objects
- Bridges
- Ferries
- Subways
- Buses
Buildings
- Industrial
- Retail
- Schools
- Residential
Velingrad, 2006 11
Systems with high level price of failure
Special place among the objects of critical infrastructure occupied systems with high level price of failure. They consist of the set of different interconnected and functionally interacting components (subsystems, elements), which interacting as a hole under certain conditions. Their operation is valuable for development of industry and economy and they cost hundreds million USD.
Examples of such systems are: •Satellite systems,•Nuclear Power Stations, •Chemical industry plants,•Payment and Bank systems, global databanks and information systems.
Need for security of complex systems with high level price of failure is conditioned by their importance and difficulty, as well as impossibility of their full change or renovation of some elements. This requires complex study of the problem and information support, discovery of possible organizational or technical reserves, improvements in approach to security of such systems on different stages of their life- cycle, using system approach and principles of system analysis in risk management.
Velingrad, 2006 12
Life-cycle of complex systems
IResearching
IIDesigning
IIIProduction of prototypes of
system
IVProduction
VExploitation and
technical services
VIUtilization
First level of designing
Designing model
Designing and documentation
Construction analysis and
material analysisNondestructive
testingTechnical services
Optimal planning of modernization
Life-cycle of complex systems
Velingrad, 2006 13
Type variety principle of applied system
analysis
• For research and provision of systems’ safety type variety principle of applied system analysis (of difference in types) is offered to use.
• It consists in using systems with:• - different types and different equipment redundancy elements in systems’
design; • - using of similar equipment from different producers; • - active and passive measures of fire prevention; • - different monitoring methods; • - different models and algorithms of decision making; • - protection from terrorism in different ways; • - using different data and signs of objects in categorization problems.
Velingrad, 2006 14
Risk management
Risk analysis planning
System definition
Hazard identification
Risk picture
Frequency analysis
Consequence analysis
Risk acceptance
criteriaRisk
reducing measures
Further risk reducing measures
Risk evaluatio
n
RISK ESTIMATION
RISK ANALYSIS
RISK ASSESSMENT
Part of safety management and risk control
UNACCEPTABLE
UNACCEPTABLE
Velingrad, 2006 15
Minimize risk
( ) 1 (1 ( )) minn nn N
R x R x
(1)
subject to
0( ) ( )n nn N
C x C x C
, (2)
( ) ,n nC x C n N , (3)
( ) ( ) , ,i in n in N
G x g x b i I
(4)
( ) ( ) , ,nk
kin n in n in n
j J
G x g x b i I
n N , (5)
( )nk
k jn nk j J nkx x X , ( )
n
kn n k K nx x X ,
nk
jnk nk
j J
X X
, , nn N k K ,
*1( ,..., ,..., )n nnn N
x x x x X X
. (6)
Minimize cost
( ) ( ) minn nn N
C x C x
(7)
under risk constrain *( ) 1 (1 ( ))k
n nn N
R x R x R
(8)
1. Mathematical models for risk management
Velingrad, 2006 16
Risk for element jnke , is
3
1
( ) ( )j jnk l nk
l
r e q e
.
Risk for region : 1( ) 1 ( ) (1 ( )) ( )nk nk
n n n
y yk kn n n n n
y Y k K
R x y r x r x
.
Cost is calculate as
1 2 2 3 3( ) ( ) ( )[ ( ) ( ) ( )]j j j j j jnk nk nk nk nk nkC e C e q e C e q e C e ,
3 2 1( ) ( ) ( )j j jnk nk nkC e C e C e
2 1( ) ( )j jnk nkC e C e
1( )jnkC e
0
1( )jnkq e 2( )j
nkq e 3( )jnkq e
Element failure
Explosion Fatal situation Cost
Mathematical models for risk management
Velingrad, 2006 17
2. Optimization of complex of methods for nondestructive testing (NDT)
• Application of optimal complex of nondestructive testing (NDT) methods can contribute significantly to the extension of life expectation, reliability and, finally, safety, especially for very complex systems like nuclear power plants, ground rocket complexes, etc.
• The NPP is a complex system and its safety is related to the safety of each of the system elements. Safety of power supply systems occupies one of the most important roles in the NPP safety, because cables are potential source of fire.
• This article deals with the task of complex optimization of NDT methods and contains the idea to detect the set of possible and dangerous defects for NPP power system cables taking into account the criteria of defect detection and efficiency level. The application of multilevel one-criterion task of discrete programming is presented and discussed. Efficiency of complex application of NDT methods depends on scheme of testing organization, planning, data acquisition and processing and personnel qualification.
Velingrad, 2006 18
Mathematical model for NDT optimization
•
Let's carry out formalization of a task of formation of NDT complex for detection of set of dangerous defects in power system of NPP, as the discrete optimization-programming problem.
Let's assume, that the final set of possible defects dl D, is given, and defects can be present at cables of power system, where }},...,1{,{ *lLldD l - set of different types of defects, and L - set of indexes for various types of defects. The defects dl D, are being characterized by parameters, for example, parameters of potential danger of defect, geometrical parameters (such as extent of defect or cracks) etc.
Let's assume, that for detection of defects dl D some NDT methods are used. Let’s suggest, that },{ jjkjl KkmM NDT method set of a j -type, which can be used for detection of defect dl, where
},...,2,1{ ll nJj set of NDT types indexes, and km jk modification of j – NDT method, where },...,2,1{ *
jj kK - set of indexes of modification type j –NDT method.
Velingrad, 2006 19
Mathematical model for NDT optimization
•
Let's designate ),( ldjkmjp probability of detection of defect dl,
and ),( ljkil dmg , Ii - efforts to conduct testing by method jkm (time necessary for realization the control by the group of experts, cost of the control), },,1{ *mI set of indexes of effort parameters.
To detect set of defects D it’s necessary to construct the NDT complex (set of devices and order of employment of using for each of them), which would be most effective for the NPP power system. Under formation and choosing of a NDT complex, we consider, that the strategy, or order of application the methods from a NDT complex is fixed.
Let's designate },...,,},...,,{{ ** 2121 lllll JjjjjjjsS set of combination ls indexes of NDT method types, which are used for diagnostics of defect ld . A combination ls would be interpreted as technology of application of separate NDT methods in a complex, where the specificity of devices as well as specificity of specimen to be tested is taken into account.
Velingrad, 2006 20
Mathematical model for NDT optimization
•
Problem. Some unimportant defects are considered not to be detected.
Defects in set D could have various importance and therefore it is possible to speak about inadmissibility, possibility of detection or not detection of dangerous and other defects, and these defects cannot result in considerable consequences. By other worlds the probable cost of element fault is insignificant for availability of power system as a whole.
This task could be interpreted in the terms of reliability of systems with complex (coherent) structure [4,5]. In a common case for such tasks, the fault of separate elements could not always result in occurrence of an emergency or fault of system as a whole.
Let’s lx , Ll - Boolean variable, such as
accepted becan defect of missingwhen ,1
accepted benot can defect of missingwhen ,0x
Than ),...,,....,( *1 ll xxxx - is a vector of possible combinations of defect detection. X - set of all possible combinations Xx and )(x is structure functions. [4,5].
Velingrad, 2006 21
Mathematical model for NDT optimization
•
It is necessary to form such NDT complex v , which has a maximum to detect the defects for given restrictions on resources available Iibi , .
The mathematical model for this problem is: to maximize l
l
l
l
xs
Xx Ll
xsD vPvPxvP
1))(1()()()( , (1)
Under constraints ,,))(),...,(),...,(()(
**
11 IibvgvgvgGvG isilsilsiiill
(2)
lLl
sss VVvvvvl
),...,,(*21
. (3)
Parameters of resource efforts IivGi ),( for using method with a complex of methods are defined, for example, by total inspection cost for methods from NDT complex; by cost of auxiliary activities necessary to conduct the examination, by cost of expense deal with the charge for energy and routing of premises, etc. Thus )(vGi is additive function: LlvgvG
Llsili l
),()( and
the parameters of resource efforts for a vector lsv could be
determined in the following way: ),()( ljksj
ilsil dmgvgl
l
.
Velingrad, 2006 22
3. Risk and payment systems • Bank payment systems today are a dartboard for criminal encroachments.
Though methods of fraud prevention are constantly improved, losses of banks still amount to thousands million dollars all over the world.
• Development of effective mechanisms for separating unusual behavior of a legal client and fraud attack is critically important.
• Financial fraud with payment cards are made on different ways, mainly its unauthorized copying of facilities from bank accounts of the cardholders. The most wide-spread ways of criminal use of credit cards are:
– counterfeit credit card use and – data "skimming", – illegal use of lost or stolen cards, – fraud committed without the actual use of a card (no-card fraud), – fraud committed on cards not received by the legitimate cardholder (non-receipt
fraud), etc.
• Different variants of fraud are constantly change and the new ways appear. • The purpose of the payment system or the bank is to identify the fraud
transaction on-line and to prevent it.
Velingrad, 2006 23
Payment System Structure
Payment Association
ATM
Accounting bank
Clearing Centre
Processing Centre
Bank Issuer Bank Equire
CardholderPOS
Velingrad, 2006 24
Risks in Payment System
Every payment system (PS) is characterized by high level of risk in its different domains, caused by:
• great volume and number of operations,
• complex relations between its members,
• ever increasing speed of data transmission.
In order to control risks PS should develop and use mathematical models, which enable to determine hazardous situations in PS, establish scenario of their development and evaluate consequences of their realization.
Velingrad, 2006 25
Problem definition Banks-members of PS keep databases (DB) of all their cards issued in PS. For every card
DB contains card number, account number, operational limits, current state of account (account
balance) and also some other data about the cardholder.
Let },...,,...,{ 1 nkkn cccC be a set of records in DB, that contains information about all
cards used in PS; ),...,,( 21ks
kkk cccc is a record in DB which contains information about the card
kc , and its component kc1 is a unique card number.
Let },...,,...,{ 1 nin xxxX be a set of transactions, carried out in PS up to some moment nt .
Set nX is replenished as time goes by and as new transactions are executed in PS. Let us
suppose that transactions executed after moment nt up to n kt are new ones and denote them as
1 2, ,...,n n n kx x x .
Let 1{ , }k
i i ic k nX x x c x X be the set of transactions
kc nX X , executed in PS using
card k nc C up to the moment nt . The problem of detection of fraudulent transactions in PS lies
in classifying a new transaction );...;;...;( 1111
1 nm
nj
nn xxxx using information about transactions
nX performed earlier and appropriate record nC in DB. Classify means to determine class (fraud
or legal) to which the transaction belongs.
Velingrad, 2006 26
Problem analysisA variety of methods can be applied for solving represented problem.
The most simple method, which was used in the first transactions monitoring systems, is creation of a set of rules describing fraud transactions and establishment of thresholds for different parameters of transaction.
Such methods are rather simple, but they have obvious disadvantages: • they detect only fixed suspicious situations established beforehand and don’t take into
account mutable nature of fraud; • they don’t take into account individual characteristics of cardholders’ behaviour.• control of such system of rules is rather complex task for the expert.
Using of contemporary methods of neural nets, fuzzy logic, theory of probability and math statistic and other data mining methods is more effective for automatically creation of fraudulent transaction patterns on the basis of transaction’s history, their updating and verifying all new transactions.
We propose to use one of the neural nets algorithms – the Self Organizing Maps (SOM) – for analysis of transactional data and detection of fraudulent behaviour.
Velingrad, 2006 27
Transactions classification principleThe described fraud detection problem can be considered as pattern recognition problem or
classification problem. The set nX of all transactions in PS should be divided into two disjoint
subsets: legal transactions ln nX X and fraud ones f
n nX X , l fn nX X . If we suppose that
numeric images of fraudulent and legal transactions belong to different areas in some
multidimensional space, then its possible to make a decision about the image of a new transaction
1nx .
We propose to assume following two hypotheses as a basis of such classification.
1. Hypothesis lH : transaction ),...,( 111
1 nm
nn xxx over card kc is similar to all previous
transactions from the set kcX , which were carried out earlier by the cardholder. If hypothesis
lH is accepted for transaction 1nx , then transaction 1nx is classified as legal and is included
into the set lnX .
2. Hypothesis fH : transaction ),...,( 111
1 nm
nn xxx is similar to earlier executed fraudulent
transactions { }f i in nX x considered fraudulent x X . If hypothesis fH is accepted for
transaction 1nx , then transaction 1nx is classified as fraudulent and is included into the set
fnX .
Velingrad, 2006 28
Transactions classification principle
It seems effective to use neural methods of classification and clusterization to check
proposed hypotheses lH and fH . Main idea is in creation and recognition the pattern of “legal
cardholder” and pattern of “fraudster” on the basis of “learning” by neural net transactions nX
executed earlier and creation “rules” of cardholder’s behavior and fraudsters’ behavior. Learning
algorithms allow the system to follow the cardholder’s behavior and self adapt to changes in it. If
transaction doesn’t correspond to the pattern of “legal cardholder” or is similar to the
“fraudulent” pattern it is classified as suspicious for fraud.
Velingrad, 2006 29
Transactions analysis with SOM. Main principles
SOM is specific neural net with feed forward information and unsupervised training
algorithm, which use self organizing process to configure output neurons in accordance with
topological structure of input data. Self organizing process is based on competitive training and
consists in tuning weights ),...,,( 21iq
iii wwww di ;1 ( q is dimension of input vector
1 2( , ,..., )j j j jqa a a a ) by method of progressive approximation using their values on previous
iteration: )()()()()1( twtathtwtw ijii , here t is iteration number, h(t) is radius function of
neighbor capture. The result of learning is weight matrix of input connections of neurons, which
allows to group subsets of input data in the best way to form their prototypes (profiles):
dqqq
d
d
www
www
www
W
...
............
...
...
21
222
12
121
11
.
Velingrad, 2006 30
Testing hypothesesTesting the hypothesis lH for transaction 1nx over card kc consists in the following steps.
1) Creation of typical cardholder’s behavior model (pattern) kcW on the basis of his transactions
k
lc nX X earlier executed over card kc . This model
kcW is represented as a SOM, which is a
cardholder’s profile.
2) Determine the similarity rate );( 1kc
n Wx of transaction 1nx to profile kcW .
3) Hypothesis lH is accepted if the similarity rate 1( , )k
ncx W satisfies the condition:
1( , )k
nc lx W , where l is some parameter.
Testing the hypothesis fH for transaction 1nx is similar to previous scheme:
1) Creation of typical fraudster’s behavior model (pattern) fW on the basis fraudulent transactions fnX
earlier executed in PS and determined as fraudulent. This model fW is also represented as SOM,
which is a fraudster’s profile.
2) Determine the similarity rate 1( , )nfx W of transaction 1nx to profile fW .
3) Hypothesis fH is accepted if the similarity rate 1( , )nfx W satisfies the condition:
1( , )nf fx W , where f is some parameter.
Velingrad, 2006 31
Creation of cardholder profile
Cardholder’s profile kcW is a typical cardholder’s behavior model, which is a generalized pattern
of transactions executed earlier by the holder of card kc . This model is a special structure neural net
trained by SOM algorithm on the basis of transactions set k
lc nX X and is able to recognize typical
transactions of legal cardholder.
In process of building map we use not k
icx X directly, but vectors 1( ,..., ,..., )
k
i i i im M cp p p p P ,
1;i v , obtained from vectors k
icx X , and parameters of current state of card account 1( ,..., )k k
k sc c c .
To build the set kcP we use function :
k kc cX P , which is a composition of functions 0 1, ,..., M m .
Components of vector k
icp P can be divided into two groups:
1) 1,...,i imp p characteristics of the current transaction
k
icx X , which are in fact the values of
appropriate components of k
icx X to which function 0 is applied:
0
,( )
( ),
i ij ji i
j j i ij j
x if x is a numeric characteristicp x
I x if x is a symbolic characteristic
, mj ;1 .
Velingrad, 2006 32
Creation of cardholder profileFunction ( )i
jI x is build using statistics based index method. Every symbolic value we associate with
numeric index in accordance with its frequency in the training set, which is later used in training of
neural net in a following way.
a. Frequency ( )sjF of every unique value s
j j of symbolic parameter jx in training set kcX
is calculated: 1
vs sj k j
k
F
, where 1,
0,
k sj js
k j k sl j
if x
if x
, 1; js s
b. The set of unique values 1{ ,..., ,..., }jssj j j j is ordered by decreasing of their frequency
( )sjF , 1; js s , 1 2 ... js
j j jF F F .
c. Every unique symbolic value sj j we associate with numeric index s
jI
:
1 1j
I
; 1 1s sj j
I I , 2; js s .
d. Then function ( )ijI x is defined as: ( ) s
j
ijI x I
when i s
j jx .
Such indexation allows to maintain the initial relative importance of unique values and correlation
between them. Examples of characteristics 1,...,i imp p are transaction amount, transaction time,
transaction type, terminal number, terminal city, etc.
Velingrad, 2006 33
Creation of cardholder profile2) i
Mim
im ppp ,...,, 21 are characteristics of transactions history over card kc , which are calculated using
functions 1 2, ,..., M m on the basis if set of transactions kcX , executed earlier over the card kc up
to moment nt :
1 21 1( , ,..., )i i
mp x x x , 1 22 2( , ,..., )i i
mp x x x , …, 1 2( , ,..., )i iM M mp x x x .
Examples of characteristics iM
im
im ppp ,...,, 21 are number of transactions carried out during a
period of D hours, cumulative amount of transactions during D hours, number of terminals used by
cardholder during D hours, etc.
The resultant set 1 1 11 1{ ( ,..., ),..., ( ,..., )}
k
v v vc M MP p p p p p p is the training set for creation
cardholder profile kcW . Result of SOM learning algorithm with the training set
kcP is a matrix of
neurons weights of trained map, which actually is cardholder’s profile for card kc : 1;1;
k
ss dc kk M
W w
.
Weight vectors 1( ,..., )i i iMw w w , 1,i d specify the most typical values of components of vector
1( ,..., )i i iMp p p , which were present in the training set
kcP .
As the result for every transaction k
icx X there is a certain j-th cell on the SOM, that
1;2;...;mini j i k
k dx w x w
.
Velingrad, 2006 34
Calculation the transaction similarity
rate to profile When neural net learning process is finished, every new transaction 1nx over card kc is checked
for correspondence to profile kcW .
Similarity rate 1( , )k
ncx W of transaction 1 1 1
1( ,..., )n n nmx x x to profile
kcW can be determined as
a deviation of vector 1 1( )n np x from the nearest cell of map kcW , that is minimum of distances
between vector 1 1 11( ,..., )n n n
Mp p p and vectors of neurons’ weights dww ,...,1 :
1 1
1;2;...;( , ) min
k
n n ic i d
x W p w
.
The most commonly used distance is Euclidean:
21 1
1
Mn i n i
k kk
p w p w
.
But sometimes it is desirable to use more complex metrics. This depends on specific
characteristics of data space and special features of expected results.
Velingrad, 2006 35
transaction DB
...
...
transactionsBuilding of
set Building of
profile
1. Data accumulation stage
2. Training stage
Calculation
Checking condition:
transaction Building
Replenishing set
Replenishing set
yes no
3. Stage of transactions control
Flow block of transactions analysis algorithm
Velingrad, 2006 36
AlgorithmAt the stage of data accumulation transactions over card kc are gathered in DB. If power of
kcX
exceeds some predefined level sufficient for building adequate profile then the monitoring process goes
to the stage 2. At the training stage cardholder’s profile of kcW is created:
the set kcP is built using function ;
neural net is trained on the basis of set kcP ;
as the result of training profile 1;1;
k
ss dc kk M
W w
is built.
Transactions control stage consists in following:
vector 1np is built by applying function to every new transaction 1nx : 1 1( )n np x ;
deviation of current transaction 1nx from profile kcW (created at the training stage) is calculated:
10 ( , )
k
ncx W ;
value 0 is compared with threshold l fixed for the profile kcW ( l is boundary value of similarity
degree for transactions over card kc to its profile kcW . It allows to cut off transactions, which deviate
from the early established norm, and to control accuracy of fraud detection.);
if 0 l , then transaction 1nx is considered as typical and vector 1nx is added to the set kl cX X ;
if 0 l , then transaction 1nx is considered as suspicious for fraud and is added to the set fX for
further expert analysis.
Velingrad, 2006 37
Rate of similarity
Velingrad, 2006 39
? Questions ?