Trust and Distrust: On Sense and Nonsense in Big Data

  • Stefan RassEmail author
  • Andreas Schorn
  • Florian Skopik
Part of the IFIP Advances in Information and Communication Technology book series (IFIPAICT, volume 547)


Big data is an appealing source and often perceived to bear all sorts of hidden information. Filtering out the gemstones of information besides the rubbish that is equally easy to “deduce” is, however, a nontrivial issue. This position paper will open with the motivating problem of risk estimation for an enterprise, using big data. Our illustrative context here is the synERGY project (“security for cyber-physical value networks Exploiting smaRt Grid sYstems”), which serves as a case study to show the (unexplored) potential, application and difficulties of using big data in practice. The paper first goes into a list of a few general do’s and don’ts about data analytics, and then digs deeper into (semi-) automated risk evaluation via a statistical trust model. Ideally, the trust and hence risk assessment should be interpretable, justified, up-to-date and comprehensible in order to provide a maximum level of information with minimal additional manual effort. The ultimate goal of projects like synERGY is to establish trust in a system, based on observed behavior and its resilience to anomalies. This calls for a distinction of “normal” (in the sense of behavior under expected working conditions) from “abnormal” behavior, and trust can intuitively be understood as the (statistical) expectation of “normal” behavior.


Big data Trust Statistics Anomaly detection Security Reasoning 



This work was partly funded by the Austrian FFG research project synERGY (855457).


  1. 1.
    Skopik, F., Wurzenberger, M., Fiedler, R.: synERGY: detecting advanced attacks across multiple layers of cyber-physical systems (2018). Accessed 13 Jul 2018
  2. 2.
    SecurityAdvisor. HuemerIT. Accessed 4 July 2018
  3. 3.
    Wurzenberger, M., Skopik, F., Settanni, G., et al.: AECID: a self-learning anomaly detection approach based on light-weight log parser models. In: Proceedings of the 4th International Conference on Information Systems Security and Privacy, pp. 386–397. SCITEPRESS - Science and Technology Publications (2018)Google Scholar
  4. 4.
    Friedberg, I., Skopik, F., Settanni, G., et al.: Combating advanced persistent threats: from network event correlation to incident detection. Comput. Secur. 48, 35–57 (2015). Scholar
  5. 5.
    Rass, S., Kurowski, S.: On Bayesian trust and risk forecasting for compound systems. In: Proceedings of the 7th International Conference on IT Security Incident Management & IT Forensics (IMF), pp. 69–82. IEEE Computer Society (2013)Google Scholar
  6. 6.
    Robert, C.P.: The Bayesian Choice. Springer, New York (2001)Google Scholar
  7. 7.
    Jøsang, A., Ismail, R.: The beta reputation system. In: Proceedings of the 15th Bled Electronic Commerce Conference (2002)Google Scholar
  8. 8.
    Rass, S., Slamanig, D.: Cryptography for Security and Privacy in Cloud Computing. Artech House, Norwood (2013)Google Scholar
  9. 9.
    Vigen, T.: Spurious Correlations, 1st edn. Hachette Books, New York (2015)Google Scholar
  10. 10.
    Newcomb, S.: Note on the frequency of use of the different digits in natural numbers. Am. J. Math. 4(1/4), 39 (1881). Scholar
  11. 11.
    Benford, F.: The law of anomalous numbers. Proc. Am. Philos. Soc. 78(4), 551–572 (1938)zbMATHGoogle Scholar
  12. 12.
    Cinelli, C.: benford.analysis: Benford analysis for data validation and forensic analytics (2017).
  13. 13.
    Joenssen, D.W.: BenfordTests: statistical tests for evaluating conformity to Benford’s Law (2015).
  14. 14.
    R Core Team. R: a language and environment for statistical computing (2018).

Copyright information

© IFIP International Federation for Information Processing 2019

Authors and Affiliations

  1. 1.System Security Group, Institute of Applied InformaticsUniversitaet KlagenfurtKlagenfurtAustria
  2. 2.Center for Digital Safety and SecurityAustrian Institute of TechnologyViennaAustria

Personalised recommendations