Presentation is loading. Please wait.

Presentation is loading. Please wait.

Future of Finance Beyond Flash Boys Risk Modeling for Managing Uncertainty in an Increasingly Non-Deterministic Cyber World www.FutureOfFinance.org [1]

Similar presentations


Presentation on theme: "Future of Finance Beyond Flash Boys Risk Modeling for Managing Uncertainty in an Increasingly Non-Deterministic Cyber World www.FutureOfFinance.org [1]"— Presentation transcript:

1 Future of Finance Beyond Flash Boys Risk Modeling for Managing Uncertainty in an Increasingly Non-Deterministic Cyber World [1] Copyright, Yogesh Malhotra, PhD, Princeton Quant Trading Conference April 04, 2015 Conference sponsors include: Knight Reconsidered: Risk, Uncertainty, and Profit for the Cyber Era: Future of Finance: Cyber-Finance? : Uncertainty Modeling & Model Risk Management Yogi Yogesh Malhotra PhD, MSQF, MSCS, MSNCS, MSAcc, MBAEco BE, CEng, CISSP, CISA, CEH, CCP/CDP (646) Global Risk Management Network, LLC 757 Warren Road, Cornell Business & Technology Park, Ithaca, NY

2 Future of Finance Beyond Flash Boys Risk Modeling for Managing Uncertainty in an Increasingly Non-Deterministic Cyber World [2] Copyright, Yogesh Malhotra, PhD, Princeton Quant Trading Conference April 04, 2015 Conference sponsors include: Knight’s Risk, Uncertainty, and Profit of Emergence of the World Wide Web in early-1990s, -Derman’s Model Risk Management, Goldman Sachs, mid-late-1990s, -Backlash against quantitative models after Financial Crisis, 2008, - Basel to Consider Risk Metrics other than VaR, Feb 2012, -Post-Snowden Cyber era starting May Information-based view of Financial risk modeling practices, -Exponentially increasing Cyber era uncertainty, -Cyber-Finance, the emerging Future of Finance? -Risk modeling focus on metaphorical ‘tip’ of the iceberg, -Significant risks not readily meet the human eye. -Cyber-risk, the predominant risk… subsumes traditional risks.

3 Future of Finance Beyond Flash Boys Risk Modeling for Managing Uncertainty in an Increasingly Non-Deterministic Cyber World [3] Copyright, Yogesh Malhotra, PhD, Princeton Quant Trading Conference April 04, 2015 Conference sponsors include: Exponentially increasing tail risks and systemic risks -Characterize highly systemic, interdependent, correlated Cyber-risks -Cyber risks in turn characterize financial risks. Based on research of two-decades -Starting around the emergence of the WWW (1993), Philosophy of IS -How to ‘anticipate surprise’ when ‘prediction’ of risk is infeasible, - Wall Street Chief Risk Officers, Top Investment Bank CxOs, Fed/OCC - -Explore advances in quantitative risk models, statistical methodologies, and, computational statistical technologies Facilitate dialog on the above issues of central concern -Future of Finance -Future of Risk.

4 Future of Finance Beyond Flash Boys Risk Modeling for Managing Uncertainty in an Increasingly Non-Deterministic Cyber World [4] Copyright, Yogesh Malhotra, PhD, Princeton Quant Trading Conference April 04, 2015 Conference sponsors include: SSRN Top-10 Papers: 20 Quantitative Finance-Risk Analytics Top-10 Rankings in recent 11 Weeks: 1.Beyond ‘Bayesian vs. VaR’ Dilemma to Empirical Model Risk Management: How to Manage Risk (After Risk Management Has Failed) for Hedge Funds (Malhotra 2014). 2.Risk, Uncertainty, and Profit for the Cyber Era: Model Risk Management of Cyber Insurance Models Using Quantitative Finance & Advanced Analytics (Malhotra 2015). 3.Markov Chain Monte Carlo Models, Gibbs Sampling & Metropolis Algorithm for High-Dimensionality Complex Stochastic Problems (Malhotra 2014). 4.Extending Above Observations to High Frequency Trading: FIX, FAST (Beyond ‘Flash Boys’). 5.A Risk Management Framework for Penetration Testing of Global Banking & Finance Networks VoIP Protocols (Malhotra 2014). 6.Future of Bitcoin & Statistical Probabilistic Quantitative Methods: Interview, Hong Kong Institute of CPAs (Malhotra 2014). 7.Bitcoin Protocol: Model of ‘Cryptographic Proof’ Based Global Crypto-Currency & Electronic Payments Systems (Malhotra 2013). 8.Cryptology Beyond Shannon's Information Theory: Number Field Sieve Cryptanalysis Algorithms for Most Efficient Prime Factorization on Composites (Malhotra 2013). 9.Quantum Computing, Quantum Cryptography, Shannon’s Entropy and Next Generation Encryption & Decryption (Malhotra 2013)… One more reference about Shannon’s Information Theory (Malhotra 2001)

5 Future of Finance Beyond Flash Boys Risk Modeling for Managing Uncertainty in an Increasingly Non-Deterministic Cyber World [5] Copyright, Yogesh Malhotra, PhD, Princeton Quant Trading Conference April 04, 2015 Conference sponsors include: How to Manage Risk (After Risk Management Has Failed) Fall 2010 Vol. 52 Bayesian modeling instead of VaR would minimize risk management failures - Given key role of ‘subjective judgment’ in the Bayesian methodology Beyond ‘Bayesian vs. VaR’ Dilemma to Empirical Model Risk Management: How to Manage Risk (After Risk Management Has Failed) for Hedge Funds (Malhotra 2014) - Subjective judgment … Bayesian priors… key limitation of Bayesian methodology - Since before the Crisis, non-Bayesian and Bayesian VaR models in Finance practice -Bayesian vs. VaR dilemma needs to be resolved -To minimize model specification and estimation errors. -Model Risk Management is crucial for VaR, Bayesian, and Bayesian VaR

6 Future of Finance Beyond Flash Boys Risk Modeling for Managing Uncertainty in an Increasingly Non-Deterministic Cyber World [6] Copyright, Yogesh Malhotra, PhD, Princeton Quant Trading Conference April 04, 2015 Conference sponsors include: Beyond ‘Bayesian vs. VaR’ Dilemma to Empirical Model Risk Management: How to Manage Risk (After Risk Management Has Failed) for Hedge Funds, Examples of Multi-Portfolio Asset Classes Modeled  Developed Large Equity  Developed Small Equity  Emerging Market Equity  Listed Private Equity  Various Commodities  Government Bonds  Investment Grade Bonds  Inflation-Linked Bonds  High Yield Corporate Bonds  Emerging Market Hard Currency Bonds  Emerging Market Local Currency Bonds  Major Currencies  Statistical Arbitrage Hedge Fund  Event Driven Hedge Fund (HFRIEDI)  Equity Hedge Fund (HFRIEHI)  Merger Arbitrage Hedge Fund  Macro Strategy Hedge Fund  Relative Value Hedge Fund Advancing upon: Measuring & Managing Financial Risks with Improved Alternatives Beyond Value-At-Risk (VaR), Jan. 26,

7 Future of Finance Beyond Flash Boys Risk Modeling for Managing Uncertainty in an Increasingly Non-Deterministic Cyber World [7] Copyright, Yogesh Malhotra, PhD, Princeton Quant Trading Conference April 04, 2015 Conference sponsors include: Beyond ‘Bayesian vs. VaR’ Dilemma to Empirical Model Risk Management: How to Manage Risk (After Risk Management Has Failed) for Hedge Funds

8 Future of Finance Beyond Flash Boys Risk Modeling for Managing Uncertainty in an Increasingly Non-Deterministic Cyber World [8] Copyright, Yogesh Malhotra, PhD, Princeton Quant Trading Conference April 04, 2015 Conference sponsors include: Beyond ‘Bayesian vs. VaR’ Dilemma to Empirical Model Risk Management: How to Manage Risk (After Risk Management Has Failed) for Hedge Funds

9 Future of Finance Beyond Flash Boys Risk Modeling for Managing Uncertainty in an Increasingly Non-Deterministic Cyber World [9] Copyright, Yogesh Malhotra, PhD, Princeton Quant Trading Conference April 04, 2015 Conference sponsors include: Beyond ‘Bayesian vs. VaR’ Dilemma to Empirical Model Risk Management: How to Manage Risk (After Risk Management Has Failed) for Hedge Funds

10 Future of Finance Beyond Flash Boys Risk Modeling for Managing Uncertainty in an Increasingly Non-Deterministic Cyber World [10] Copyright, Yogesh Malhotra, PhD, Princeton Quant Trading Conference April 04, 2015 Conference sponsors include: Beyond ‘Bayesian vs. VaR’ Dilemma to Empirical Model Risk Management: How to Manage Risk (After Risk Management Has Failed) for Hedge Funds

11 Future of Finance Beyond Flash Boys Risk Modeling for Managing Uncertainty in an Increasingly Non-Deterministic Cyber World [11] Copyright, Yogesh Malhotra, PhD, Princeton Quant Trading Conference April 04, 2015 Conference sponsors include: Beyond ‘Bayesian vs. VaR’ Dilemma to Empirical Model Risk Management: How to Manage Risk (After Risk Management Has Failed) for Hedge Funds

12 Future of Finance Beyond Flash Boys Risk Modeling for Managing Uncertainty in an Increasingly Non-Deterministic Cyber World [12] Copyright, Yogesh Malhotra, PhD, Princeton Quant Trading Conference April 04, 2015 Conference sponsors include: Beyond ‘Bayesian vs. VaR’ Dilemma to Empirical Model Risk Management: How to Manage Risk (After Risk Management Has Failed) for Hedge Funds

13 Future of Finance Beyond Flash Boys Risk Modeling for Managing Uncertainty in an Increasingly Non-Deterministic Cyber World [13] Copyright, Yogesh Malhotra, PhD, Princeton Quant Trading Conference April 04, 2015 Conference sponsors include: Beyond ‘Bayesian vs. VaR’ Dilemma to Empirical Model Risk Management: How to Manage Risk (After Risk Management Has Failed) for Hedge Funds

14 Future of Finance Beyond Flash Boys Risk Modeling for Managing Uncertainty in an Increasingly Non-Deterministic Cyber World [14] Copyright, Yogesh Malhotra, PhD, Princeton Quant Trading Conference April 04, 2015 Conference sponsors include: Beyond ‘Bayesian vs. VaR’ Dilemma to Empirical Model Risk Management: How to Manage Risk (After Risk Management Has Failed) for Hedge Funds

15 Future of Finance Beyond Flash Boys Risk Modeling for Managing Uncertainty in an Increasingly Non-Deterministic Cyber World [15] Copyright, Yogesh Malhotra, PhD, Princeton Quant Trading Conference April 04, 2015 Conference sponsors include: Beyond ‘Bayesian vs. VaR’ Dilemma to Empirical Model Risk Management: How to Manage Risk (After Risk Management Has Failed) for Hedge Funds

16 Future of Finance Beyond Flash Boys Risk Modeling for Managing Uncertainty in an Increasingly Non-Deterministic Cyber World [16] Copyright, Yogesh Malhotra, PhD, Princeton Quant Trading Conference April 04, 2015 Conference sponsors include: Beyond ‘Bayesian vs. VaR’ Dilemma to Empirical Model Risk Management: How to Manage Risk (After Risk Management Has Failed) for Hedge Funds

17 Future of Finance Beyond Flash Boys Risk Modeling for Managing Uncertainty in an Increasingly Non-Deterministic Cyber World [17] Copyright, Yogesh Malhotra, PhD, Princeton Quant Trading Conference April 04, 2015 Conference sponsors include: Beyond ‘Bayesian vs. VaR’ Dilemma to Empirical Model Risk Management: How to Manage Risk (After Risk Management Has Failed) for Hedge Funds

18 Future of Finance Beyond Flash Boys Risk Modeling for Managing Uncertainty in an Increasingly Non-Deterministic Cyber World [18] Copyright, Yogesh Malhotra, PhD, Princeton Quant Trading Conference April 04, 2015 Conference sponsors include: Beyond ‘Bayesian vs. VaR’ Dilemma to Empirical Model Risk Management: How to Manage Risk (After Risk Management Has Failed) for Hedge Funds

19 Future of Finance Beyond Flash Boys Risk Modeling for Managing Uncertainty in an Increasingly Non-Deterministic Cyber World [19] Copyright, Yogesh Malhotra, PhD, Princeton Quant Trading Conference April 04, 2015 Conference sponsors include: Beyond ‘Bayesian vs. VaR’ Dilemma to Empirical Model Risk Management: How to Manage Risk (After Risk Management Has Failed) for Hedge Funds Sophistication and Complexity of models… two-edged sword, -Simple models preferred… if help understanding the assumptions and limits, -Complex models increase model risk… if obfuscate understanding and clarity. Regardless of which model seems relatively superior… it may still not be a good model of the data, but the least worse of the models that are compared. Evaluation of complex integrals [in denominator of Bayes’ formula] over high dimensional parameter space… major challenge for actual Bayesian analysis. - Model with 8 parameters, each with 1E3 values: 8-D parameter space contains 1E24 combinations of parameter values: computationally complex.

20 Future of Finance Beyond Flash Boys Risk Modeling for Managing Uncertainty in an Increasingly Non-Deterministic Cyber World [20] Copyright, Yogesh Malhotra, PhD, Princeton Quant Trading Conference April 04, 2015 Conference sponsors include: Beyond ‘Bayesian vs. VaR’ Dilemma to Empirical Model Risk Management: How to Manage Risk (After Risk Management Has Failed) for Hedge Funds

21 Future of Finance Beyond Flash Boys Risk Modeling for Managing Uncertainty in an Increasingly Non-Deterministic Cyber World [21] Copyright, Yogesh Malhotra, PhD, Princeton Quant Trading Conference April 04, 2015 Conference sponsors include: Beyond ‘Bayesian vs. VaR’ Dilemma to Empirical Model Risk Management: How to Manage Risk (After Risk Management Has Failed) for Hedge Funds

22 Future of Finance Beyond Flash Boys Risk Modeling for Managing Uncertainty in an Increasingly Non-Deterministic Cyber World [22] Copyright, Yogesh Malhotra, PhD, Princeton Quant Trading Conference April 04, 2015 Conference sponsors include: To VaR or Not to VaR? Why VaR & Why ES or EVT? -Systemic, highly correlated, and interdependent nature of Cyber risks -VaR not appropriate model given the ‘systemic’ nature of Cyber risks -VaR doesn’t satisfy ‘subadditivity’ criterion of ‘coherent risk measures.’ Historical Simulation Based VaR: relies upon historical correlations; MC based VaR: can use any statistical distribution (including normal), relies on several assumptions about specific statistical distributions chosen and extensive computing power or statistical computing algorithms (MCMC). Parametric VaR: relies upon statistical linearity and normality assumptions; Risk, Uncertainty, and Profit for the Cyber Era: Model Risk Management of Cyber Insurance Models Using Quantitative Finance and Advanced Analytics. (Malhotra 2015)

23 Future of Finance Beyond Flash Boys Risk Modeling for Managing Uncertainty in an Increasingly Non-Deterministic Cyber World [23] Copyright, Yogesh Malhotra, PhD, Princeton Quant Trading Conference April 04, 2015 Conference sponsors include: Modified VaR: Expected Shortfall (ES, ETL, T-VaR, CTE):

24 Future of Finance Beyond Flash Boys Risk Modeling for Managing Uncertainty in an Increasingly Non-Deterministic Cyber World [24] Copyright, Yogesh Malhotra, PhD, Princeton Quant Trading Conference April 04, 2015 Conference sponsors include: Markov Chain Monte Carlo Models, Gibbs Sampling & Metropolis Algorithm for High-Dimensionality Complex Stochastic Problems. (Malhotra 2014) Bayesian inference for doing high dimension parameter space analyses -Feasible with Markov Chain Monte Carlo statistical computing algorithms -Metropolis Hastings algorithm and Gibbs Sampling algorithm MCMC: A common general quantitative method to find approximate solutions to computationally complex problems in polynomial time… Polynomial Time O(n k ) s.t. k > 1 Exponential Time O(k n ) s.t. k > 1 n = length of input Source: stackoverflow.com

25 Future of Finance Beyond Flash Boys Risk Modeling for Managing Uncertainty in an Increasingly Non-Deterministic Cyber World [25] Copyright, Yogesh Malhotra, PhD, Princeton Quant Trading Conference April 04, 2015 Conference sponsors include: Markov Chain Monte Carlo Models, Gibbs Sampling & Metropolis Algorithm for High-Dimensionality Complex Stochastic Problems. Gibbs Sampling: Generating random variables from a marginal distribution indirectly without the need for calculating the distribution density. -E.g. Solve complex multivariate stochastic model with N parameters (i.e. N- Dim.) using N univariate (i.e., one-dimensional) conditional distributions.

26 Future of Finance Beyond Flash Boys Risk Modeling for Managing Uncertainty in an Increasingly Non-Deterministic Cyber World [26] Copyright, Yogesh Malhotra, PhD, Princeton Quant Trading Conference April 04, 2015 Conference sponsors include: Dropping the burn-in sample of first m draws ≈ Metropolis Algorithm :

27 Future of Finance Beyond Flash Boys Risk Modeling for Managing Uncertainty in an Increasingly Non-Deterministic Cyber World [27] Copyright, Yogesh Malhotra, PhD, Princeton Quant Trading Conference April 04, 2015 Conference sponsors include: Metropolis-Hastings Algorithm : Metropolis-Hastings Algorithm = Metropolis Algorithm when Risk, Uncertainty, and Profit for the Cyber Era: Model Risk Management of Cyber Insurance Models Using Quantitative Finance and Advanced Analytics. (Malhotra 2015)

28 Future of Finance Beyond Flash Boys Risk Modeling for Managing Uncertainty in an Increasingly Non-Deterministic Cyber World [28] Copyright, Yogesh Malhotra, PhD, Princeton Quant Trading Conference April 04, 2015 Conference sponsors include: Cyber risk insurance (CRI) modeling… nascent … sparse research & data. -VaR, Value-at-Risk, predominant model of choice for CRI modeling -Model risk related to VaR key factor in the Global Financial Crisis -Known limitations of VaR in modeling tail risks and systemic risks -US Federal and OCC issued model risk guidance SR11-7/OCC Basel Committee stopped reliance on VaR for risk modeling. Investigation: if current reliance of CRI modeling on VaR entails model risk. - Benchmark relative levels of tail risks and systemic risks for cyber risks - Based upon analysis of statistical correlations and dependence, systemic risks - Finding: Cyber risk entails exponentially higher tail risks and systemic risks - Hence, VaR unfit as primary risk model for CRI modeling - Coherent Risk Measures Beyond VaR: T-VaR/ES EVT Power Laws

29 Future of Finance Beyond Flash Boys Risk Modeling for Managing Uncertainty in an Increasingly Non-Deterministic Cyber World [29] Copyright, Yogesh Malhotra, PhD, Princeton Quant Trading Conference April 04, 2015 Conference sponsors include: Cyber-Finance-Trust Framework for Cyber Risk Insurance Modeling Cyber risk inherent in all cyber activities including cyber-finance,-economics. Just like use of any model entails associated model risk, Similarly use of cyber activities entails associated cyber risk. Cyber risk is “risk affecting the confidentiality, availability, integrity, authentication, non-repudiation, or accessibility of information.” “Unlike other risks, cyber risk poses a uniquely different set of exposures as it is intertwined with the medium and the message in the increasingly global interconnected, distributed, and, networked world of digital communications powered by universal use and reuse of enabling global monocultures of information and communication technologies and standard computing network protocols.” To VaR or Not to VaR? Why VaR & Why ES or EVT?

30 Future of Finance Beyond Flash Boys Risk Modeling for Managing Uncertainty in an Increasingly Non-Deterministic Cyber World [30] Copyright, Yogesh Malhotra, PhD, Princeton Quant Trading Conference April 04, 2015 Conference sponsors include: “Cyberwarfare is not something theoretical or reserved for conflict in the distant future, but happening continuously right now… We're doing it all of the time. So is everybody else…” -Ability of incapacitating a country’s power grids as early as Ability to disable complete national critical information infrastructure banking, railroads, airlines, sewage, water and electric power since Global financial systems and national financial infrastructures have been explicitly specified as potential targets of Cyberwarfare by key representatives.

31 Future of Finance Beyond Flash Boys Risk Modeling for Managing Uncertainty in an Increasingly Non-Deterministic Cyber World [31] Copyright, Yogesh Malhotra, PhD, Princeton Quant Trading Conference April 04, 2015 Conference sponsors include: In our information based view, all networked information based risks including market risks, credit risks, currency risks, interest rate risks, etc., are subject to cyber risks. In as much as all these risks are represented in terms of digital information which can be subject to information based manipulation or hacking, they are in fact cyber risks. Banking and Finance is the most information intensive industry given that most of its products and services, processes, as well as channels of distribution and consumption are all digital. Given common and shared platforms, hardware, software, exchanges, and networks across many of the players in the Finance industry, there is a greater probability of correlated cyber risks. Risk, Uncertainty, and Profit for the Cyber Era: Model Risk Management of Cyber Insurance Models Using Quantitative Finance and Advanced Analytics. (Malhotra 2015)

32 Future of Finance Beyond Flash Boys Risk Modeling for Managing Uncertainty in an Increasingly Non-Deterministic Cyber World [32] Copyright, Yogesh Malhotra, PhD, Princeton Quant Trading Conference April 04, 2015 Conference sponsors include: Cyber Finance (information networks based finance) – pretty much most of post-WWW contemporary finance of this century – all products (and services), processes, channels (of production, distribution, and consumption) increasingly more or less information-based, digital, cyber, and virtual. Source of cyber risk and cyber loss is uncertain: In contrast to (traditional) financial risk realm of the finance domain, it is most challenging to even ascertain the source of cyberattack with certainty. “However you read it, this sort of evidence is circumstantial at best. It's easy to fake, and it's even easier to interpret it wrong.”

33 Future of Finance Beyond Flash Boys Risk Modeling for Managing Uncertainty in an Increasingly Non-Deterministic Cyber World [33] Copyright, Yogesh Malhotra, PhD, Princeton Quant Trading Conference April 04, 2015 Conference sponsors include: Related examples include FIX (Financial Information eXchange) and FAST (FIX Adapted for STreaming) protocols that form the backbone of buy- and sell-side trading or SWIFT (Society for Worldwide Interbank Financial Telecommunication) protocol that forms the backbone of worldwide banking transactions and messaging. Regulated & Controlled Risks… Application Layer L7: Accounting & Auditing irregularities, Insider trading, Repo 105, LIBOR fixing, FOREX fixing, Credit ratings manipulations, Wash sales (High Frequency Trading), … Unregulated & Uncontrolled Risks… Network Layers L3-6: Same or similar impacts on specific information but through cyber manipulations and cyber attacks… at the Network Layer, Transport layer, related Security Protocols… Such cyber risk ‘losses’ remain substantially unaccounted & unreported. - SEC Corp Fin ‘materiality’ criteria guidance for self-reporting by firms.

34 Future of Finance Beyond Flash Boys Risk Modeling for Managing Uncertainty in an Increasingly Non-Deterministic Cyber World [34] Copyright, Yogesh Malhotra, PhD, Princeton Quant Trading Conference April 04, 2015 Conference sponsors include: Source: microsoft.com Source: indigoo.com MODELS RISKS Increasing Knightian Uncertainty Model Risk Management Critical

35 Future of Finance Beyond Flash Boys Risk Modeling for Managing Uncertainty in an Increasingly Non-Deterministic Cyber World [35] Copyright, Yogesh Malhotra, PhD, Princeton Quant Trading Conference April 04, 2015 Conference sponsors include: “The Heartbleed Bug is a serious vulnerability in the popular OpenSSL cryptographic software library. This weakness allows stealing the information protected, under normal conditions, by the SSL/TLS encryption used to secure the Internet. This allows attackers to eavesdrop communications, steal data directly from the services and users and to impersonate services and users.” “Half a million sites are vulnerable, including my own.” “Basically, an attacker can grab 64K of memory from a server. The attack leaves no trace, and can be done multiple times to grab a different random 64K of memory. This means that anything in memory -- SSL private keys, user keys, anything -- is vulnerable. And you have to assume that it is all compromised. All of it.” “The real question is whether or not someone deliberately inserted this bug into OpenSSL, and has had two years of unfettered access to everything.” “"Catastrophic" is the right word. On the scale of 1 to 10, this is an 11.”

36 Future of Finance Beyond Flash Boys Risk Modeling for Managing Uncertainty in an Increasingly Non-Deterministic Cyber World [36] Copyright, Yogesh Malhotra, PhD, Princeton Quant Trading Conference April 04, 2015 Conference sponsors include: Source: Retained Search Model Risk Management Job Spec for Managing Director/Executive Director Role of a Top Wall Street Investment Bank, April “[T]he approaches to mitigate operating risk associated with the use of models need to evolve to reflect recent trends in the Finance Industry. In particular there are a number of new areas where it is not possible for the "human eye" to necessarily detect material flaws: in the case of models operating over very small time scales in high frequency algorithmic trading, or for portfolio risk measurement models where outputs lack interpretability due to high-dimensionality and complex interactions in inputs, the periodic inspection of predicted versus realized outcomes is unlikely to be an effective risk mitigate. These situations require a holistic validation framework of the system focused on identifying and mitigating potential failures, taking into account the models’ objectives, their implementation including the joint interaction of software and hardware, their response to potential input shocks in real time and the fail- safe mechanisms.” “As much as $600 million in assets changed hands in the 7 milliseconds before traders in Chicago could learn of the Fed's ‘no taper’ decision made in Washington DC on Sep. 18, 2014.” - CNBC

37 Future of Finance Beyond Flash Boys Risk Modeling for Managing Uncertainty in an Increasingly Non-Deterministic Cyber World [37] Copyright, Yogesh Malhotra, PhD, Princeton Quant Trading Conference April 04, 2015 Conference sponsors include: MODELS RISKS FIX AND XML: FIXML (fixprotocol.org) Source: Canadian Securities Exchange vendor Source: b2bits.com

38 Future of Finance Beyond Flash Boys Risk Modeling for Managing Uncertainty in an Increasingly Non-Deterministic Cyber World [38] Copyright, Yogesh Malhotra, PhD, Princeton Quant Trading Conference April 04, 2015 Conference sponsors include: A Risk Management Framework for Penetration Testing of Global Banking & Finance Networks VoIP Protocols, May 8, “A vulnerability inside all current Cisco IP phones allows hackers to take complete control of the devices… It’s relatively easy to penetrate any corporate phone system, any government phone system… All current Cisco IP phones, including the ones seen on desks in the White House and aboard Air Force One, have a vulnerability that allows hackers to take complete control of the devices.” Malhotra, Y. A Risk Management Framework for Penetration Testing & Security of Global Banking & Finance networks Voice Over Internet Protocols (May 3, 2014), WWW: Columbia University and Palindrome Technologies.

39 Future of Finance Beyond Flash Boys Risk Modeling for Managing Uncertainty in an Increasingly Non-Deterministic Cyber World [39] Copyright, Yogesh Malhotra, PhD, Princeton Quant Trading Conference April 04, 2015 Conference sponsors include: Future of Bitcoin & Statistical Probabilistic Quantitative Methods: Interview, Hong Kong Institute of CPAs, A+, January 20, “Recently, such probabilistic, statistical, and numerical methods related concerns are in globally popular press related to cybersecurity controls and compliance. Earlier, similar probabilistic, statistical, and numerical methods related concerns were in the global popular press in the context of the global financial crisis. Future questions focused on the underlying assumptions and logic may focus on related implications for compliance, controls, valuation, risk management, etc. Likewise, recent developments about mathematical entropy measures shedding new light on apparently greater vulnerability of prior encryption mechanisms may offer additional insights for compliance and control experts. For instance, given related mathematical, statistical and numerical frameworks, analysis may also focus on potential implications for pricing, valuation and risk models. The important point is that many such fundamental assumptions and logic underlying widely used probabilistic, statistical, and numerical methods may not as readily meet the eye.”

40 Future of Finance Beyond Flash Boys Risk Modeling for Managing Uncertainty in an Increasingly Non-Deterministic Cyber World [40] Copyright, Yogesh Malhotra, PhD, Princeton Quant Trading Conference April 04, 2015 Conference sponsors include: Bitcoin Protocol: Model of ‘Cryptographic Proof’ Based Global Crypto-Currency & Electronic Payments System, December 04, “Money is an interesting construct that continues to occupy the fancy of many ranging from economists to quantum physicists... The future of money becomes “entangled” with future of money laundering when focus is not on privacy and anonymity alone, but also lack of traceability... Situated somewhere along the trajectory between real money and quantum money, virtual crypto-currencies based upon ‘cryptographic proof’ represent a natural stage in the evolution of global finance... The future of money, whatever form it may take – virtual or quantum, will quite likely be "entangled" with the future evolution of ‘cryptographic proof of work.’”

41 Future of Finance Beyond Flash Boys Risk Modeling for Managing Uncertainty in an Increasingly Non-Deterministic Cyber World [41] Copyright, Yogesh Malhotra, PhD, Princeton Quant Trading Conference April 04, 2015 Conference sponsors include: Bitcoin Protocol: Model of ‘Cryptographic Proof’ Based Global Crypto-Currency & Electronic Payments System, December 04, SHA 256 ECDSA (ECDR B G)

42 Future of Finance Beyond Flash Boys Risk Modeling for Managing Uncertainty in an Increasingly Non-Deterministic Cyber World [42] Copyright, Yogesh Malhotra, PhD, Princeton Quant Trading Conference April 04, 2015 Conference sponsors include: Cryptology Beyond Shannon's Information Theory: Preparing for When the ‘Enemy Knows the System’ with Technical Focus on Number Field Sieve Cryptanalysis Algorithms for Most Efficient Prime Factorization on Composites, May 3, Number Field Sieves: Most powerful family of factoring algorithms 1970: 20-digit becoming feasible 1977: RSA “40 quadrillion years” challenge by R 1980: 50-digit commonplace, 1984: – 1 (300 yr. ago…) 1990: 116-digit quadratic sieve QS… Pomerance 1994: 129-digit RSA challenge won… within 17 years! 1996: 130-digit NFS … Pollard, 15% time of QS 2003: 174-digit RSA-576 NFS number field sieve 2005: 193-digit RSA-640 NFS 2009: 232-digit RSA-768 NFS 309-digit RSA-1024 Major security implications! $100K. 2012: SNFS Factorization of Mersenne number, – 1 Size of composite of prime factors being factored. Number Field Sieve (NFS) Special Number Field Sieve (SNFS) General Number Field Sieve (GNFS) Quadratic Sieve (QS) Rational Sieve (RS)

43 Future of Finance Beyond Flash Boys Risk Modeling for Managing Uncertainty in an Increasingly Non-Deterministic Cyber World [43] Copyright, Yogesh Malhotra, PhD, Princeton Quant Trading Conference April 04, 2015 Conference sponsors include: Cryptology Beyond Shannon's Information Theory: Preparing for When the ‘Enemy Knows the System’ with Technical Focus on Number Field Sieve Cryptanalysis Algorithms for Most Efficient Prime Factorization on Composites, May 3, “First, based on available evidence, it is not improbable that the current officially ‘recommended’ most widely used global standard of encryption [1024-bit RSA] may have already been compromised. Second, it would not really be a ‘surprise’ given that the infamous ‘40 quadrillion years’ challenge for an earlier version of the standard was unraveled in mere 17 years. Third, given recent multi-billion dollar global Finance deals blown by compromise of such technologies, it is increasingly critical to recognize the exponentially increasing cybersecurity risk among other Financial Risks.” – Number Field Sieve Cryptanalysis Algorithms for Most Efficient Prime Factorization on Composites presentation, May 1, 2013, Presentation 15 miles from AFRL.

44 Future of Finance Beyond Flash Boys Risk Modeling for Managing Uncertainty in an Increasingly Non-Deterministic Cyber World [44] Copyright, Yogesh Malhotra, PhD, Princeton Quant Trading Conference April 04, 2015 Conference sponsors include: Congruent Squares: Legendre’s Congruence: Prime Factors p & q

45 Future of Finance Beyond Flash Boys Risk Modeling for Managing Uncertainty in an Increasingly Non-Deterministic Cyber World [45] Copyright, Yogesh Malhotra, PhD, Princeton Quant Trading Conference April 04, 2015 Conference sponsors include:

46 Future of Finance Beyond Flash Boys Risk Modeling for Managing Uncertainty in an Increasingly Non-Deterministic Cyber World [46] Copyright, Yogesh Malhotra, PhD, Princeton Quant Trading Conference April 04, 2015 Conference sponsors include: 1.Polynomial Selection Find f(x) irreducible over ℤ [x] with root m modulo n, f(x) ϵ ℤ [x]. 2.Finding Factor Bases Choose size for factor bases and set up: Rational Factor Base, RFB Algebraic Factor Base, AFB Quadratic Character Base, QCB 3.Sieving → Set S of relations (a, b) Find pairs of integers (a, b) with properties: gcd(a, b) = 1 a, b are relative primes a + bm is smooth over RFB b deg(f) f(a/b) is smooth over AFB Pairs (a, b) with above properties: relation.

47 Future of Finance Beyond Flash Boys Risk Modeling for Managing Uncertainty in an Increasingly Non-Deterministic Cyber World [47] Copyright, Yogesh Malhotra, PhD, Princeton Quant Trading Conference April 04, 2015 Conference sponsors include:

48 Future of Finance Beyond Flash Boys Risk Modeling for Managing Uncertainty in an Increasingly Non-Deterministic Cyber World [48] Copyright, Yogesh Malhotra, PhD, Princeton Quant Trading Conference April 04, 2015 Conference sponsors include: Cryptology Beyond Shannon's Information Theory: Preparing for When the ‘Enemy Knows the System’ with Technical Focus on Number Field Sieve Cryptanalysis Algorithms for Most Efficient Prime Factorization on Composites, May 3, Expert Systems for Knowledge Management: Crossing The Chasm Between Information Processing and Sense Making. Journal of Expert Systems with Applications (Malhotra, 2001). Entropy increases with a larger repertoire of symbols. Entropy increases when meanings detached from symbols. Complex Systems & Cybernetics: Ashby's Law of Requisite Variety

49 Future of Finance Beyond Flash Boys Risk Modeling for Managing Uncertainty in an Increasingly Non-Deterministic Cyber World [49] Copyright, Yogesh Malhotra, PhD, Princeton Quant Trading Conference April 04, 2015 Conference sponsors include: Quantum Computing, Quantum Cryptography, Shannon’s Entropy and Next Generation Encryption & Decryption, November (Invited Presentation) Information entropy of 27-char. language ~ 4.8 bits per char. Information entropy of 5,000-char. language ~ 12.3 bits per char. Entropy increases with a larger repertoire of symbols. Entropy increases when meanings detached from symbols. Quantum computer: qubits… can be 0, 1, or any superposition of both. n-qubit system: superposition of up to 2 n states simultaneously. 2 k dimensional vector (a, b, c, d, e, f, g, h)… complex values: |a| 2 + |b| 2 + …+ |h| 2 = 1, |x| 2 is probability amplitude of respective state. Phase between any two states (complex-valued coefficients )… meaningful.

50 Future of Finance Beyond Flash Boys Risk Modeling for Managing Uncertainty in an Increasingly Non-Deterministic Cyber World [50] Copyright, Yogesh Malhotra, PhD, Princeton Quant Trading Conference April 04, 2015 Conference sponsors include: Quantum Cryptography, Shor's algorithm, and Quantum Money Integer Factorization of large primes and Discrete Logarithm problem. Quantum computer efficiently find such factors using Shor's algorithm. Decrypt many critical cryptographic systems in polynomial time: RSA, secure Web pages, encrypted , many other types of data. “For a 1024-bit number, Shor's Algorithm requires on the order of , about one billion, operations. If each quantum operation took one second, our factorization would last 34 years. If a quantum computer could run at the speed of today's electronic computers (100 million instructions per second and up) then factorization of the bit number would be a matter of seconds.” IEEE

51 Future of Finance Beyond Flash Boys Risk Modeling for Managing Uncertainty in an Increasingly Non-Deterministic Cyber World [51] Copyright, Yogesh Malhotra, PhD, Princeton Quant Trading Conference April 04, 2015 Conference sponsors include: N-dimensional Hilbert Space + OTHER BOOKS

52 Future of Finance Beyond Flash Boys Risk Modeling for Managing Uncertainty in an Increasingly Non-Deterministic Cyber World [52] Copyright, Yogesh Malhotra, PhD, Princeton Quant Trading Conference April 04, 2015 Conference sponsors include: Knight’s Risk, Uncertainty, and Profit of Emergence of the World Wide Web in early-1990s, -Derman’s Model Risk Management, Goldman Sachs, mid-late-1990s, -Backlash against quantitative models after Financial Crisis, 2008, - Basel to Consider Risk Metrics other than VaR, Feb 2012, -Post-Snowden Cyber era starting May Information-based view of Financial risk modeling practices, -Exponentially increasing Cyber era uncertainty, -Cyber-Finance, the emerging Future of Finance? -Risk modeling focus on metaphorical ‘tip’ of the iceberg, -Significant risks not readily meet the human eye. -Cyber-risk, the predominant risk… subsumes traditional risks. CONCLUSION

53 Future of Finance Beyond Flash Boys Risk Modeling for Managing Uncertainty in an Increasingly Non-Deterministic Cyber World [53] Copyright, Yogesh Malhotra, PhD, Princeton Quant Trading Conference April 04, 2015 Conference sponsors include: Exponentially increasing tail risks and systemic risks -Characterize highly systemic, interdependent, correlated Cyber-risks -Cyber risks in turn characterize financial risks. Based on research of two-decades -Starting around the emergence of the WWW (1993), Philosophy of IS -How to ‘anticipate surprise’ when ‘prediction’ of risk is infeasible, - Wall Street Chief Risk Officers, Top Investment Bank CxOs, Fed/OCC -Explore advances in quantitative risk models, statistical methodologies, and, computational statistical technologies Facilitate dialog on the above issues of central concern -Future of Finance -Future of Risk. CONCLUSION

54 Future of Finance Beyond Flash Boys Risk Modeling for Managing Uncertainty in an Increasingly Non-Deterministic Cyber World [54] Copyright, Yogesh Malhotra, PhD, Princeton Quant Trading Conference April 04, 2015 Conference sponsors include: SSRN Top-10 Papers: 20 Quantitative Finance-Risk Analytics Top-10 Rankings in recent 11 Weeks: 1.Beyond ‘Bayesian vs. VaR’ Dilemma to Empirical Model Risk Management: How to Manage Risk (After Risk Management Has Failed) for Hedge Funds (Malhotra 2014). 2.Risk, Uncertainty, and Profit for the Cyber Era: Model Risk Management of Cyber Insurance Models Using Quantitative Finance & Advanced Analytics (Malhotra 2015). 3.Markov Chain Monte Carlo Models, Gibbs Sampling & Metropolis Algorithm for High-Dimensionality Complex Stochastic Problems (Malhotra 2014). 4.Extending Above Observations to High Frequency Trading: FIX, FAST (Beyond ‘Flash Boys’). 5.A Risk Management Framework for Penetration Testing of Global Banking & Finance Networks VoIP Protocols (Malhotra 2014). 6.Future of Bitcoin & Statistical Probabilistic Quantitative Methods: Interview, Hong Kong Institute of CPAs (Malhotra 2014). 7.Bitcoin Protocol: Model of ‘Cryptographic Proof’ Based Global Crypto-Currency & Electronic Payments Systems (Malhotra 2013). 8.Cryptology Beyond Shannon's Information Theory: Number Field Sieve Cryptanalysis Algorithms for Most Efficient Prime Factorization on Composites (Malhotra 2013). 9.Quantum Computing, Quantum Cryptography, Shannon’s Entropy and Next Generation Encryption & Decryption (Malhotra 2013)… One more reference about Shannon’s Information Theory (Malhotra 2001).

55 Future of Finance Beyond Flash Boys Risk Modeling for Managing Uncertainty in an Increasingly Non-Deterministic Cyber World [55] Copyright, Yogesh Malhotra, PhD, Princeton Quant Trading Conference April 04, 2015 Conference sponsors include: Knight Reconsidered: Risk, Uncertainty, and Profit for the Cyber Era: Future of Finance: Cyber-Finance? : Uncertainty Modeling & Model Risk Management Yogi Yogesh Malhotra PhD, MSQF, MSCS, MSNCS, MSAcc, MBAEco BE, CEng, CISSP, CISA, CEH, CCP/CDP (646) Global Risk Management Network, LLC 757 Warren Road, Cornell Business & Technology Park, Ithaca, NY


Download ppt "Future of Finance Beyond Flash Boys Risk Modeling for Managing Uncertainty in an Increasingly Non-Deterministic Cyber World www.FutureOfFinance.org [1]"

Similar presentations


Ads by Google