Monday, June 06, 2005 - Posts
In my recent rabbit hole post, I challenge the reader (after the challenge to actually read it), to become multi-disciplinary.
So let's take a look at some issues that cover security, viruses, virus detection (emphasis on detection) and other computer badness. I talk about the honey monkeys here and how they do some computing goodness. It is my hope that the researchers for this work continue to take a serious look at the adaptive nature of criminals and the spread of spyware.
I need to comment on viruses. It has been commonplace in computing to label viruses as just that: viruses. If we are going to borrow from biological systems, let's organize our taxonomy so that it is clear what we are facing. The current nomenclature appears to contain virus, trojan horse, worm and what else? May we expand on this vocabulary?
Let's move on to immunology. I was struck 11 years ago by a paper written by Stephanie Forrest, Alan S. Perelson, Lawrence Allen and Rajesh Cherukuri titled "Self-Nonself Discrimination in a computer". I'll refer to this as the Forrest paper below, in hopes that the other authors are not offended (like they might actually read this). It turns out that Dr. Forrest was a college classmate of a friend on mine and he had mentioned her work. As I recall, Dr. Forrest was a Ph.D. student of Dr. John H. Holland, the generally recognized father of Genetic Algorithms. She did work on the Echo Project that is the basis for much of today's swarm work. This paper, while simple in content and context, describes a problem that manifests itself. How does a thing know of it's thingness? How does my body know my arm is my arm? How does my body know my blood cells are my blood cells? How does my body know that a bacteria is a useful or a malicious bacteria and construct a policy for the handling of the bacteria? How does a computer know it's identity and the identity of all of the things that are to be contained on it?
Much of the current consumer protection from computer viruses originates from the good folks at the virus protection labs, e.g. Symantec, McAfee and others. Let's take a philosophical and set-theoretical (not rigorous) perspective of the strategies in place from these folks. We'll borrow from the legal community.
In the United States, as a free citizen, I'm granted inalienable rights. Some of my rights are restricted by law so that I do not bring harm to myself or to others. In the United Kingdom, the rule of law is that citizens start with no rights. They are then granted rights by law providing for activities that they perform in their everyday lives.
So the U.S. citizen starts with a finite set of rights and reduces that set to another finite set of rights. The U.K. starts with the empty set and populates the set remaining a finite set of rights. One could argue that citizens of the U.S. and the U.K. can function in their daily lives in similar manners. The point here is that while both systems have different etiologies, both systems, arguably, result in similar if not exact set of citizen rights. The the sets are equal, the set of rights of the U.S. citizen is a bijection onto the set of rights of the U.K. citizen (or vice-versa).
Now let's return to viruses. Is the computer like the U.S. or the U.K. system of law? It would appear that the if the virus were the citizen, the current philosophy for consumer protection looks much like the U.S. system of justice. You may reside here. I'll give you full rights (more on this in a moment). I'll provide laws on how you may act. If it is found (key operative word, i.e. discover) that you are not acting within the boundaries of the restrictions, action (disinfection, removal, etc.) must be taken. Some of the antivirus software provide for a penal system for viruses, i.e. the quarantine area. Most antivirus software provides for immediate capital punishment, i.e. the erasure of life.
By now in this post I'll assume that you've gotten your copy of the Forrest paper and have at least given it a cursory read. If not, please do so now. Another resource on this topic may be found here.
Dr. Forrest and others have improved on this research since it was originally written. But I'd like to highlight points that I believe to be critical in continuing this allegory with the legal system.
Specifically, let's refer to section 2, Probability of Detection. Since Forrest, et. al. chose probablistic detection over deterministic detection, an estimate of the detection must be made under measurable conditions. I'll not do justice to this research, but I'll distill this into a simple observation: I can provide for means for my computer police force (in the above allegory). These enforcer(s) are aware of the law, i.e. have the appropriate detector strings and detectors, and are tasked with detection at some expected level of service. We all know that the police don't catch us speeding on our way to work (or is that just me?). But the fact that there is a probablistic measure of their success is what is important. Again, I do the Forrest paper an injustice here, but I hope this point is clear. I have the right to speed that is limited by other laws designed to protect me and others from any reckless behavior and the increased risk of accident. The onus is on the system of discovery to determine that there is a law, that I'm breaking the law and enforce the law (write a ticket). Otherwise, I'll behave badly. Viruses are indiscriminant as well.
Let's move on to section 4, Discussion. The removal of virus by the antivirus software, i.e. the capital punishment, is similar to the "antibodies" and the "deletion of self reactive T cells". "Our artificial immune system works on similar principles, generating detectors randomly, and eliminating (censoring) the ones that detect self." The current philosophy of virus protection is the deletion of non-self and only those that are contained in the set of deterministic detection strings outside of any context of self.
While the Forrest paper is only guidance on significant concepts, it provides perspectives on what we can learn from our biological models.
Chris Sells posted this tidbit. I love this post. This is great stuff. Mr. Sells brings up a great point in this post, and I'm not talking about the homework part.
I don't know Mr. Sells, but I know of his reputation. His reputation is sterling and first rate among the members of the .Net developer community. As an author of a few books, he leads by example.
In the above mentioned tidbit, Mr. Sells mentions working on math problem with his kid. I can identify with doing math homework with your kid. I can also identify with becoming obsessed with doing math until a concept is well understood.
But what I most like about this tidbit is that Mr. Sells has crossed over into another set of disciplines to solve the problem. He started by attacking the project as a programming exercise and found that there were difficulties in a "trial and error approach". I'll take an excerpt from his entry:
My grandmother's problem statement doesn't fit the traditional algorithmic statements that I'm used to using computers for, nor was I ever able to re-form the problem in those terms . . .
There is the essence of becoming a person in the practice of multiple disciplines . Rather than saying "I'm done." upon successful completion of his program, Mr. Sells pursues the problem and gives a few insights into what he has discovered. As I don't want to pollute his discussion area with a long post, I thought I'd provide a few comments here and then link him.
There is a lot of discussion regarding OO-Relational Database mappings (ORM), SOA and OO, AOP and OO and other "discontinuities" in the programming models that the .Net practitioner faces. Most of these problems derive from problems in the underlying mathematics. Fix the math (and the linguistics) and the programming model becomes simplified. When Mr. Sells mentions ". . . traditional algorithmic statements . . .", he is discussing his context for the use of problem solving methods in an imperative language with static scoping and a lack of grammar, morphology and semantics (axiomatic) in the language for the solution of the problem at hand, i.e. a language crafted for problems in computational complexity. While I haven't posted on DSLs (Domain Specific Languages) yet, I believe that this is one area that may show promise. I have a tendency to characterize in linguistics and formalize in mathematics.
I recently mentioned (along with Boris) the zoo and complexity classes here. As I said, I only introduce them; I do not give them proper treatment. I need to write a post giving proper treatment of the classes P and NP soon.
The problem that Mr. Sell's kid faced is in NP and I believe it to be NP-Complete. The characterization of the problem had a small number of variables (with only one measurable attribute, cost, per variable) and a small number of constraints (all of which were linear) which made the perception of the solution to be solvable in P. Imagine a problem where there are 3000 variables and 65 attributes on those variables and 200 constraints (a common example in equities in financial markets). Now make some of those constraints non-linear. The solution search space changes considerably.
It is important to note that constraint logic programming techniques perform best on integer problems. This problem does contain "real numbers" (our computational platform doesn't handle real numbers, but rather estimates of real numbers), but these could easily be converted to their corresponding integer values with a bit of multiplication to cover the appropriate precision (significant digits in the integer portion of the variable). I agree with Luke Hutteman that rounding (precision) is a difficult problem, but it is a problem in the modeling (in particular the hypothesis phase and during model characterization), not just the implementation.
A good guide to linear programming on the web (there are many others) may be found here http://www-unix.mcs.anl.gov/otc/Guide/faq/linear-programming-faq.html
I hope to give this topic proper treatment in my writings. There are a significant number of problems that developers face on a daily basis that have specific computational complexity and given proper guidance, the developer can recognize the problem (which is usually difficult) and find solutions (or lack of solutions) quickly. Being a .Net guy and having a bias in AI, specifically in Genetic Programming and Emergent Computation and other modeling methodologies, I see considerable complexity (usually in NP, NE, co-NE and further out) in the research that I perform.
I also just noticed Mr. Craviero's beautiful (and practical) post on the topic as well (I just subscribed). Excel is the one of my best friends. Other good friends are Mathematica, Matlab, S-Plus and Maple.
It's time for some word associations in titles. Marty, a colleague of mine, posted this titled "The risk of speculating".
A few silly, myopic comments found their way onto this post. I've been meaning to do an SMC post on arbitrage, but I couldn't resist the setup here. Doesn't everyone know the one and only true meaning of speculation? Let's review and get into some serious topics.
- View - An expected measure in a capital market. This is typically an expected return, E(r), but could be volatility or any other observable measure (of an instrument or market). The expectedness of the view is derived from a model, quantitative or otherwise. A concrete example might be: "I believe that IBM's current server strategy will be successful. It should improve earnings in the next four quarters QoQ and YoY (Quarter over Quarter and Year over Year). Therefore, my view is to be long IBM common stock." It is important to note that view is separate and distinct of the current price, i.e. I may determine that the information that I believe I can leverage in my view is already represented in the attribute, e.g. in the price of IBM.
- Horizon - A period of time in which a view is believed to be true.
- Arbitrage - The execution of a risk-less trade in a market.
- Arbitrageur (slang: arb) - One in the practice of arbitrage as a means of employment. Most arbs on Wall Street are rehabilitated ax-murderers, drug dealers or car thieves, so the practice of arbitrage is already genetically encoded (just kidding guys).
- Statistical Arbitrage - The construction and execution of multi-legged positions which have underlying beliefs in some statistical measure that provides for an arbitrage.
- Speculation - The act of trading based on a view.
- Speculator - One who engages in the act of speculation. Most speculators are doctors, dentists, attorneys and other professionals with reasonable pools of disposable income to donate to the arbs (I'm not kidding here).
- Money - cash money, dough, moola, coin, bread, cabbage, green, jack, scratch. Can be exchanged for bling.
For further information on basic trade semantics, look here.
Arbitrageurs typically make their bread by picking up nickels, i.e. finding mispriced assets, buying them and immediately selling them (or selling them and then immediately buying them) and pocketing the small difference in the mispricing. Statistical Arbitrage typically is practiced by those that have infinitesimal transaction costs and infinitesimal slippage in the transaction. The utility function of the arb is that they provide liquidity in markets over and above other counterparties in traditional positions, e.g. the specialist.
The speculator, because of the motivations originated by a view, must trade to be profitable. Because most trades are speculative based on the view, it is common to perform trade construction (order construction) that leverages the view. This leverage may or may not be aligned with price or other market conditions. If it is aligned with another market attribute, the trade is said to be correlated to the secondary attribute. The speculator is said to be exposed to risk in the view and any secondary attributes. If there is failure of the view (or secondary attributes) in the market during the horizon, i.e. the likely holding period of the speculator, the speculator is affected negatively, i.e. loses cabbage. This risk becomes greater when the speculator is unaware of the risks or the speculator trades excessive moola. Common examples of secondary attributes might include delta or gamma exposure on a long or short equity derivatives position. Because a speculator commonly does not hedge a position (or it wouldn't be speculation), an options position has both pricing risk and delta and gamma risk. I'll leave it to the reader to look up delta and gamma for options or I may post on them at some time in the future.
Summary
So, the risk of speculating, is the unintended opportunity to lose scratch because of secondary attribute risk.
Alternative Summary
So I have to ask: Is Erich Gamma a speculator, an arb or just another agent? Are design patterns an extension of statistical arbitrage, i.e. is there a make-excessive-green design pattern? More importantly, are the agile one and the redheaded one always counterparties of the successful speculator? Because Erich Gamma's last name is Gamma and there is an options attribute called Gamma, could Erich Gamma incur secondary attribute risk in any acquired options position?
And finally, are GoF patterns really about the bling?
Maybe I misread it, but I tend to think that these should have been the issues under discussion in Marty's post.
Copyright (c), JJB Research. All Rights Reserved.