Machine learning and other information analyses for risk in social networks.

The world has entered a digital era where people and machines leave digital footprints in websites, social media, cameras, sensor logs, and mobile devices. For example, manufacturing and operating systems collect streaming data through sensors and the Internet of Things (IoT); vehicles generate vast amounts of trajectory and sensor log data in aviation and surface transportation. Whether from natural, technological, or adversarial hazards, risks arise from various root causes, including human errors. Risk analysis has opportunities to integrate big data, natural language processing, computer vision, and machine learning methods in the digital era. This special issue features papers presented at the Conference on Risk Analysis, Decision Analysis and Security, Buffalo/Niagara Falls, NY, July 30–August 2, 2019 (organized by Drs. Jun Zhuang and Chen Wang). Collectively, the papers describe cutting-edge research on the possibilities of harnessing high-volume, high-dimensional, multisource, and multimodal data to give insights for risk assessment, communication, and management, as well as cover perspectives discussing the scope and limitations of big data risk analytics. The applications include food safety, cyber security, disaster mitigation, and recovery, misinformation and disinformation in social media, aviation safety, insurance fraud detection, health risk for emergency responders, autonomous driving, privacy risk management, and service failure prediction in transportation. The data utilized by these studies range from streaming data (e.g., from online social media, flight data recorders, and sensors of operating equipment), event data (e.g., fraud records of insurance, logs of stress leaves of emergency responders, and food safety incidents), to expert judgments. The methodologies cover a broad spectrum of analytic modeling, statistical inference, machine learning, expert elicitation, and combinations. Welburn and Strong propose an analytic framework to describe the systemic cyber risk resulting from cascading common cause or independent failures following a cyber incident. They apply the sector-level input–output analysis in economics to assess the aggregate losses associated with firm-level cyber incidents. Their model is validated using a cyber-attack case with known damages. The model can help determine cyber insurance premiums and make cybersecurity policies. Allodi et al. propose a model of a “work averse” attacker in a cybersecurity setting where the attacker is inclined to adopt existing toolkits if they can cause enough harm to the systems rather than develop exploits for new vulnerabilities. The authors build hypotheses based on this model, and evaluate these hypotheses using a large-scale dataset involving two million attack signatures recorded by Symantec against an extensive collection of information systems. The analytic and empirical analyses provide an example of work-aversion tendencies of cyber attackers using mass (but imperfect) data. Cains et al. conduct expert elicitation by interviewing cyber researchers from multiple disciplines and academia and government-military sectors. They perform a data-driven thematic analysis of the interview responses. They identify “context-driven,” “resilient system functionality,” and “maintenance of CIA (confidentiality, integrity, availability)” as salient themes for defining cyber security, and found “impacts of CIA vulnerabilities,” “probabilities of outcomes,” and “context-driven” as the most salient themes for cyber security risk. The resulting definitions encompass interdisciplinary perspectives and explicitly incorporate human factors as a significant cyber security risk factor. Yeo et al. examine the Twitter communication data corresponding to the 2016 Southern Louisiana flood recovery process. They discover fading communication volumes, a lack of local voices, and prolonging negative sentiments over the recovery period. The findings highlight the need for investing in risk communication during the disaster recovery process by better utilizing the platform of online social media and supporting local voices. Gongora-Svartzman and Ramirez-Marquez measure social cohesion in disasters by connections and interactions of people through social media outlets. They implement text processing techniques and graph network analysis to understand the relationships between nine types of participants (e.g., citizen, media, politics-government, entertainment, business, charity-NGOs-volunteering, etc.) during hurricanes Harvey, Irma, and Maria. The social cohesion measure revealed the various actors and their dynamics before, during, and after a disaster strikes. Byrd and John conduct experiments to investigate how the public distinguishes between true and false information in online social media following extreme events. They present the subjects with actual social media posts following a natural disaster or soft-target terrorist attack in the United States, and deliberately controlled the error penalties and base rate of true posts. They observe that the subjects performed