State of Science in Alarm System Safety: Implications for Researchers, Vendors, and Clinical Leaders.

Alarm fatigue is a complex phenomenon that needs to be assessed within the context of the clinical setting. Considering that complexity, the available information on how to address alarm fatigue and improve alarm system safety is relatively scarce. This article summarizes the state of science in alarm system safety based on the eight dimensions of a sociotechnical model for studying health information technology in complex adaptive healthcare systems. The summary and recommendations were guided by available systematic reviews on the topic, interventional studies published between January 2019 and February 2022, and recommendations and evidence-based practice interventions published by professional organizations. The current article suggests implications to help researchers respond to the gap in science related to alarm safety, help vendors design safe monitoring systems, and help clinical leaders apply evidence-based strategies to improve alarm safety in their settings. Physiologic monitors in intensive care units-the devices most commonly used in complex care environments and associated with the highest number of alarms and deaths-are the focus of the current work.

Statistical modeling of computer malware propagation dynamics in cyberspace.

Modeling cyber threats, such as the computer malicious software (malware) propagation dynamics in cyberspace, is an important research problem because models can deepen our understanding of dynamical cyber threats. In this paper, we study the statistical modeling of the macro-level evolution of dynamical cyber attacks. Specifically, we propose a Bayesian structural time series approach for modeling the computer malware propagation dynamics in cyberspace. Our model not only possesses the parsimony property (i.e. using few model parameters) but also can provide the predictive distribution of the dynamics by accommodating uncertainty. Our simulation study shows that the proposed model can fit and predict the computer malware propagation dynamics accurately, without requiring to know the information about the underlying attack-defense interaction mechanism and the underlying network topology. We use the model to study the propagation of two particular kinds of computer malware, namely the Conficker and Code Red worms, and show that our model has very satisfactory fitting and prediction accuracies.

Human Cognition Through the Lens of Social Engineering Cyberattacks.

Social engineering cyberattacks are a major threat because they often prelude sophisticated and devastating cyberattacks. Social engineering cyberattacks are a kind of psychological attack that exploits weaknesses in human cognitive functions. Adequate defense against social engineering cyberattacks requires a deeper understanding of what aspects of human cognition are exploited by these cyberattacks, why humans are susceptible to these cyberattacks, and how we can minimize or at least mitigate their damage. These questions have received some amount of attention, but the state-of-the-art understanding is superficial and scattered in the literature. In this paper, we review human cognition through the lens of social engineering cyberattacks. Then, we propose an extended framework of human cognitive functions to accommodate social engineering cyberattacks. We cast existing studies on various aspects of social engineering cyberattacks into the extended framework, while drawing a number of insights that represent the current understanding and shed light on future research directions. The extended framework might inspire future research endeavor toward a new sub-field that can be called Cybersecurity Cognitive Psychology, which tailors or adapts principles of Cognitive Psychology to the cybersecurity domain while embracing new notions and concepts that are unique to the cybersecurity domain.

Relationships between Driver Errors and Delay Discounting in a Simulated Driving Task.

The majority of vehicle accidents are attributable to driver error, such as substance use, distractions, fatigue, speeding, and driving experience. Many of these driver errors are also associated with delay discounting, where individuals that excessively devalue a reward are more likely to use substances such as alcohol, cigarettes, and cocaine, and text-while-driving. The current study sought to examine a more direct association between delay discounting and driver error by providing 50 participants with a series of simulated driving tasks, along with measuring their delay discounting rates. A median-split for delay discounting rates showed that participants with high-delay discounting rates made significantly more total errors for simple driving tasks (e.g., braking and one-lane change) early during the simulation, relative to participants with low-delay discounting rates. On the other hand, high-delay discounting participants continued to make more total errors for a more complicated two-lane change driving task after multiple trials, relative to low-delay discounting participants. These results support the idea that delay discounting is a transdisease process that can significantly negatively affect a large range of health-related behaviors, including driver errors. Treatment implications for reducing driver errors are discussed.

Optimizing interconnections to maximize the spectral radius of interdependent networks.

The spectral radius (i.e., the largest eigenvalue) of the adjacency matrices of complex networks is an important quantity that governs the behavior of many dynamic processes on the networks, such as synchronization and epidemics. Studies in the literature focused on bounding this quantity. In this paper, we investigate how to maximize the spectral radius of interdependent networks by optimally linking k internetwork connections (or interconnections for short). We derive formulas for the estimation of the spectral radius of interdependent networks and employ these results to develop a suite of algorithms that are applicable to different parameter regimes. In particular, a simple algorithm is to link the k nodes with the largest k eigenvector centralities in one network to the node in the other network with a certain property related to both networks. We demonstrate the applicability of our algorithms via extensive simulations. We discuss the physical implications of the results, including how the optimal interconnections can more effectively decrease the threshold of epidemic spreading in the susceptible-infected-susceptible model and the threshold of synchronization of coupled Kuramoto oscillators.

Spatiotemporal patterns and predictability of cyberattacks.

A relatively unexplored issue in cybersecurity science and engineering is whether there exist intrinsic patterns of cyberattacks. Conventional wisdom favors absence of such patterns due to the overwhelming complexity of the modern cyberspace. Surprisingly, through a detailed analysis of an extensive data set that records the time-dependent frequencies of attacks over a relatively wide range of consecutive IP addresses, we successfully uncover intrinsic spatiotemporal patterns underlying cyberattacks, where the term "spatio" refers to the IP address space. In particular, we focus on analyzing macroscopic properties of the attack traffic flows and identify two main patterns with distinct spatiotemporal characteristics: deterministic and stochastic. Strikingly, there are very few sets of major attackers committing almost all the attacks, since their attack "fingerprints" and target selection scheme can be unequivocally identified according to the very limited number of unique spatiotemporal characteristics, each of which only exists on a consecutive IP region and differs significantly from the others. We utilize a number of quantitative measures, including the flux-fluctuation law, the Markov state transition probability matrix, and predictability measures, to characterize the attack patterns in a comprehensive manner. A general finding is that the attack patterns possess high degrees of predictability, potentially paving the way to anticipating and, consequently, mitigating or even preventing large-scale cyberattacks using macroscopic approaches.

L-hop percolation on networks with arbitrary degree distributions and its applications.

Site percolation has been used to help understand analytically the robustness of complex networks in the presence of random node deletion (or failure). In this paper we move a further step beyond random node deletion by considering that a node can be deleted because it is chosen or because it is within some L-hop distance of a chosen node. Using the generating functions approach, we present analytic results on the percolation threshold as well as the mean size, and size distribution, of nongiant components of complex networks under such operations. The introduction of parameter L is both conceptually interesting because it accommodates a sort of nonindependent node deletion, which is often difficult to tackle analytically, and practically interesting because it offers useful insights for cybersecurity (such as botnet defense).