modeling trade offs between false positives and negatives
play

Modeling trade-offs between false positives and negatives Tyler - PDF document

Jun 17, 2023 •181 likes •278 views

Notes Modeling trade-offs between false positives and negatives Tyler Moore Computer Science & Engineering Department, SMU, Dallas, TX October 2, 2012 Homework 1 Optimal filter configuration Notes Outline Homework 1 1 Summary

  1. Notes Modeling trade-offs between false positives and negatives Tyler Moore Computer Science & Engineering Department, SMU, Dallas, TX October 2, 2012 Homework 1 Optimal filter configuration Notes Outline Homework 1 1 Summary statistics Logistical notes Feedback on particular questions Optimal filter configuration 2 ROC curves An economic model of optimal filter configuration 2 / 32 Summary statistics Homework 1 Logistical notes Optimal filter configuration Feedback on particular questions Notes Summary statistics on grades for HW1 8 6 Grade with 4pt curve 4 Mean: 81% Median: 77.5% 2 0 A B C D 4 / 32 Summary statistics Homework 1 Logistical notes Optimal filter configuration Feedback on particular questions Notes Summary statistics on time required ● ● ● Time spent on the assignment not 100 ● correlated with grade ● ● ● Score (curved) 90 Time spent ● ● Mean: 9.3 hours ● 80 ● ● ● ● Median: 6.5 hours ● ● Take as much time as you need 70 ● ● My goal for most assignments: 5-7 ● 0 5 10 15 20 25 hour median hours spent on assignment 5 / 32

  2. Summary statistics Homework 1 Logistical notes Optimal filter configuration Feedback on particular questions Notes Remember to put your name on the assignment Please put your name on the assignment Future assignments: on-campus students turn in to Debra McDowell; off-campus submit scanned PDF as before I observed a correlation between students submitting their assignment as a Word file and forgetting to put their name on the assignment No name Name Word 4 3 PDF 1 10 6 / 32 Summary statistics Homework 1 Logistical notes Optimal filter configuration Feedback on particular questions Notes Brevity matters Writing with brevity is an important skill ⇒ Blaise Pascal (1657): “I have made this letter longer than usual because I lack the time to make it shorter.” When questions specify the length of answers, it is important to respect the guidelines 3 paragraphs does not mean 3 pages 1 example means 1 example It can be OK if you go slightly longer than guided, provided that you make a worthwhile point as concise as possible I am not interested in a brain dump of all relevant facts on the question’s topic Including extraneous facts can get you into trouble, particularly if you make a mistake in the extra information 7 / 32 Summary statistics Homework 1 Logistical notes Optimal filter configuration Feedback on particular questions Notes Questions about the assignment Come see me if you’re still unsure about how to solve a problem Questions about your grade? If you think I made a mistake (e.g., your answer is correct according to the answer key), please let me know If you think I took off too many points, please do not let me know I don’t negotiate grades out of fairness to all students 8 / 32 Summary statistics Homework 1 Logistical notes Optimal filter configuration Feedback on particular questions Notes Collaboration and attribution Recall from the syllabus: I encourage collaboration between students on assignments and when studying. Collaboration is an essential skill for engineering, not to mention life in general. Unless I say otherwise, feel free to discuss assignments and the project with your classmates, including ideas for how to solve problems. Please do not, however, share code, equations, or written answers that solve an assignment directly with other students. Solutions to homeworks should be written from scratch and must not be pieced together from other students. It is also important to give credit to others when appropriate. If you implement an idea that you got from another student (or students), please say so . Furthermore, if you consult a web resource that directly assists you, please say so. As a reminder, it is also not acceptable to copy code or equations directly from a web resource that solves a problem on an assignment. 9 / 32

  3. Summary statistics Homework 1 Logistical notes Optimal filter configuration Feedback on particular questions Notes Collaboration and attribution It is OK to discuss problems from the assignment with other students It is not OK to share your solutions with other students If you discuss problems at length with other students (especially if you discuss any ideas for how to solve problems), make a note of it on your assignment for each question that you collaborated 10 / 32 Summary statistics Homework 1 Logistical notes Optimal filter configuration Feedback on particular questions Notes Question score distribution mean 100 median 80 % correct 60 40 20 0 Q1 Q2 Q3 Q4 Q5 Q6 Q7 11 / 32 Summary statistics Homework 1 Logistical notes Optimal filter configuration Feedback on particular questions Notes Q4 (15 points) Bruce Schneier maintains a security blog ( http://www.schneier.com/blog/ ) that describes lots of interesting attacks on real-world systems. The site has archives dating to 2004 that are browsable and searchable (see right-hand side under his picture). Your task is to find a post linking to an attack on an information system (i.e., not an attack on a physical system such as terrorism). In 3 paragraphs, describe in your own words the following 1 the threat model of the system that was attacked; 2 how the attack worked; 3 whether and how the attack bypassed the system’s threat model. Be sure to include the URL of the relevant post. Answer varies by response. 12 / 32 Summary statistics Homework 1 Logistical notes Optimal filter configuration Feedback on particular questions Notes Threat models All security is relative, but relative to what? ⇒ Threat models codify assumed adversary behavior Threat models articulate assumed adversary behavior Goal : disrupting defender’s protection goals, make money, 1 wreak havoc Knowledge : does the attacker know how the defense works? 2 Capabilities : Computational power available, time available to 3 target defenders, local vs. global eavesdropping, active vs. passive 13 / 32

  4. Summary statistics Homework 1 Logistical notes Optimal filter configuration Feedback on particular questions Notes Threat models Sarah Palin’s email: http://www.schneier.com/blog/ archives/2008/09/sarah_palins_e-.html Matt Honan’s cloud deletion: http://www.schneier.com/ blog/archives/2008/09/sarah_palins_e-.html Middleperson bank fraud: http://www.schneier.com/ blog/archives/2012/09/man-in-the-midd_5.html 14 / 32 Summary statistics Homework 1 Logistical notes Optimal filter configuration Feedback on particular questions Notes Q7 One of the primary motivations for the failed Cybersecurity Act of 2012 was the view that many critical infrastructure operators weren’t investing enough to protect against the risk of attack. In particular, there were concerns that the industrial control systems used to manage heavy industry such as power plants and refineries are inadequately protected against attacks seeking to disrupt operations. Your task is to briefly (in approximately 300 words) present both sides of the argument. First, present any available evidence that industrial control systems are being adequately protected. Second, present an economic argument that the systems are not being protected enough. In particular, explain which market failures, if any, might explain why there has been underinvestment in security. Finally, conclude by briefly explaining which argument you find more convincing and why. 15 / 32 Summary statistics Homework 1 Logistical notes Optimal filter configuration Feedback on particular questions Notes Q7 Points in favor of adequate security: 1 Very few realized attacks 2 Reputational damage of an attack would be harsh Points against adequate security: 1 Security is difficult for consumers to observe (even if they are willing to pay for it) 2 Security as public good 3 Externalities (firm doesn’t pay the full cost) 4 Often critical infrastructures are run by natural monopolists (water supply, electricity grid, etc.) 16 / 32 Summary statistics Homework 1 Logistical notes Optimal filter configuration Feedback on particular questions Notes Q5 1 Suppose you are in charge of tuning the settings of false negative rate β an intrusion detection Indifference system to balance false curves positives and false negatives. The false negative rate is given by β ∈ (0 , 1], while the false #1 positive rate is given by #2 #3 α ∈ (0 , 1]. 0 false positive rate α 0 1 17 / 32

Recommend

PUBLIC POLICY TOWARD ABUSE OF FIRM DOMINANCE Outline Public policy: false positives and

PUBLIC POLICY TOWARD ABUSE OF FIRM DOMINANCE Outline Public policy: false positives and

PUBLIC POLICY TOWARD ABUSE OF FIRM DOMINANCE Outline Public policy: false positives and false negatives Cases Outline Public policy: false positives and false negatives Cases Basic trade-off: Type I and Type II errors Errors

434 views • 21 slides
Chapter 2 Trade-offs, Comparative Advantage, and the Market System Modeling Trade-offs:

Chapter 2 Trade-offs, Comparative Advantage, and the Market System Modeling Trade-offs:

Chapter 2 Trade-offs, Comparative Advantage, and the Market System Modeling Trade-offs: Production Possibilities Frontier (PPF) The PPF: Demonstrates the maximum attainable combination of two products with a given technology and a given

593 views • 13 slides
ALEKS: The Positives and Negatives of ProficiencyBased Online Math 1:30 to 2:30 October 31,

ALEKS: The Positives and Negatives of ProficiencyBased Online Math 1:30 to 2:30 October 31,

ALEKS: The Positives and Negatives of ProficiencyBased Online Math 1:30 to 2:30 October 31, 2019 Peter Martin Principal Zion Lutheran School Lake Stevens, WA 206-351-5975 p.martin@zionls.org Agenda 1. Introduction--who I am, my

697 views • 32 slides
TRADE-OFFS AMONG AI TRADE-OFFS AMONG AI TECHNIQUES TECHNIQUES Christian Kaestner With slides

TRADE-OFFS AMONG AI TRADE-OFFS AMONG AI TECHNIQUES TECHNIQUES Christian Kaestner With slides

TRADE-OFFS AMONG AI TRADE-OFFS AMONG AI TECHNIQUES TECHNIQUES Christian Kaestner With slides adopted from Eunsuk Kang Required reading: Vogelsang, Andreas, and Markus Borg. " Requirements Engineering for Machine Learning:

760 views • 54 slides
Building Your Own WAF as a Service and Forgetting about False Positives 1 Building Your Own WAF

Building Your Own WAF as a Service and Forgetting about False Positives 1 Building Your Own WAF

Building Your Own WAF as a Service and Forgetting about False Positives 1 Building Your Own WAF as a Service and Forgetting about False Positives Juan Berner Juan Berner @89berner Lead security developer @Booking.com Blog:

694 views • 58 slides
Post hoc bounds on false positives using Post hoc bounds on false positives using reference

Post hoc bounds on false positives using Post hoc bounds on false positives using reference

Post hoc bounds on false positives using Post hoc bounds on false positives using reference families reference families Pierre Neuvial Pierre Neuvial CNRS and Institut de Mathmatiques de Toulouse (France) CNRS and Institut de Mathmatiques

587 views • 23 slides
# of true positives true positive rate = # of known positives (Proportion of actual positives

# of true positives true positive rate = # of known positives (Proportion of actual positives

True positive rate (Sensitivity) # of true positives true positive rate = # of known positives (Proportion of actual positives that are correctly identified) True negative rate (Specificity) # of true negatives true negative rate = # of known

475 views • 24 slides
# of true positives true positive rate = # of known positives (Proportion of actual positives

# of true positives true positive rate = # of known positives (Proportion of actual positives

True positive rate (Sensitivity) # of true positives true positive rate = # of known positives (Proportion of actual positives that are correctly identified) True negative rate (Specificity) # of true negatives true negative rate = # of known

402 views • 18 slides
False-Positives, p-Hacking, Statistical Power, and Evidential Value Leif D. Nelson University of

False-Positives, p-Hacking, Statistical Power, and Evidential Value Leif D. Nelson University of

False-Positives, p-Hacking, Statistical Power, and Evidential Value Leif D. Nelson University of California, Berkeley Haas School of Business Summer Institute June 2014 Who am I? Experimental psychologist who studies judgment and

1.25k views • 88 slides
Specification Mining With Few False Positives Claire Le Goues Westley Weimer University of

Specification Mining With Few False Positives Claire Le Goues Westley Weimer University of

1 Specification Mining With Few False Positives Claire Le Goues Westley Weimer University of Virginia March 25, 2009 2 Slide 0.5: Hypothesis We can use measurements of the trustworthiness of source code to mine specifications with

985 views • 49 slides
Modeling Elasticity Trade-Offs in Adaptive Mixed Systems Muhammad Candra , Hong-Linh Truong,

Modeling Elasticity Trade-Offs in Adaptive Mixed Systems Muhammad Candra , Hong-Linh Truong,

ACEC Track WETICE 2013 Hammamet Tunisia Modeling Elasticity Trade-Offs in Adaptive Mixed Systems Muhammad Candra , Hong-Linh Truong, Schahram Dustdar Distributed System Group Vienna University of Technology Distributed System Group

178 views • 17 slides
Alert classification to reduce false positives in intrusion detection P h D D e f e n s e P r e

Alert classification to reduce false positives in intrusion detection P h D D e f e n s e P r e

Alert classification to reduce false positives in intrusion detection P h D D e f e n s e P r e s e n t a t i o n / 't deu p e'tr ek / Tadeusz Pietraszek tadek@pietraszek.org Albert-Ludwigs-Universitt Freiburg

900 views • 89 slides
(Machine) Learning To Detect Fraudsters Hany Elemary Sarah LeBlanc CREDIT CARD FRAUD

(Machine) Learning To Detect Fraudsters Hany Elemary Sarah LeBlanc CREDIT CARD FRAUD

(Machine) Learning To Detect Fraudsters Hany Elemary Sarah LeBlanc CREDIT CARD FRAUD TRANSACTION APPLICATION CARD NOT FOUND 2 FRAUD DETECTION MODEL PLOT Not Fraud Fraud Application Count False Negatives False Positives 0 0.2 0.4

357 views • 24 slides
An Achilles Heel in Signature-Based IDS: Squealing False Positives in SNORT Sam Patton * Bill

An Achilles Heel in Signature-Based IDS: Squealing False Positives in SNORT Sam Patton * Bill

An Achilles Heel in Signature-Based IDS: Squealing False Positives in SNORT Sam Patton * Bill Yurcik David Doss Department of Applied Computer Science Illinois State University * Overview 1) the problem 2) software tool 3)

750 views • 20 slides
Evaluating Sensitive Question Techniques An Approach that Detects False Positives oglinger 1

Evaluating Sensitive Question Techniques An Approach that Detects False Positives oglinger 1

source: https://doi.org/10.7892/boris.94192 Evaluating Sensitive Question Techniques An Approach that Detects False Positives oglinger 1 Andreas Diekmann 2 Marc H 1 University of Bern, Institute of Sociology, marc.hoeglinger@soz.unibe.ch 2 ETH

482 views • 21 slides
Rheumatoid Arthritis Diagnosis Avoiding CCP False Positives Through Test Selection Dr. Teresa

Rheumatoid Arthritis Diagnosis Avoiding CCP False Positives Through Test Selection Dr. Teresa

Rheumatoid Arthritis Diagnosis Avoiding CCP False Positives Through Test Selection Dr. Teresa Tarrant Duke University School of Medicine The world leader in serving science Bio Dr. Tarrant is a Clinical Immunologist, board certified in

677 views • 51 slides
Duplicate Payments: Remove the Noise of False Positives Karl Andersson, Founder Phone:

Duplicate Payments: Remove the Noise of False Positives Karl Andersson, Founder Phone:

Duplicate Payments: Remove the Noise of False Positives Karl Andersson, Founder Phone: 508-480-8990 Fax: 781-634-0500 www.technology-insight.com Webcast Logistics Collapse or expand the main menu Full screen or reduced screen Raise hand

263 views • 25 slides
Time-memory Trade-offs for Near-collisions Conclusion Combining trunc & codes Time-memory

Time-memory Trade-offs for Near-collisions Conclusion Combining trunc & codes Time-memory

Introduction 1/24 Gatan Leurent Time-memory Trade-offs for Near-collisions Conclusion Combining trunc & codes Time-memory trade-offs Memoryless FSE 2013 UCL Crypto Group FSE 2013 Time-memory Trade-offs for Near-collisions G.

430 views • 31 slides
Scoring model for IoCs by combining open intelligence feeds to reduce false positives Authors:

Scoring model for IoCs by combining open intelligence feeds to reduce false positives Authors:

Scoring model for IoCs by combining open intelligence feeds to reduce false positives Authors: Supervisors: Joao de Novais Marques Jelle Ermerins Leandro Velasco Niek van Noort 1 Introduction Indicators of Compromise (IoCs) identify

349 views • 30 slides
Compositional Static Race Detection at Scale, without False Positives Ilya Sergey Joint work

Compositional Static Race Detection at Scale, without False Positives Ilya Sergey Joint work

Compositional Static Race Detection at Scale, without False Positives Ilya Sergey Joint work with Sam Blackshear, Peter OHearn, Nikos Gorogiannis Key Messages Static analyses for concurrency can be made scalable and precise . Unsound

827 views • 80 slides
Building Your Own WAF as a Service and Forgetting about False Positives Juan Berner 1 About me

Building Your Own WAF as a Service and Forgetting about False Positives Juan Berner 1 About me

Building Your Own WAF as a Service and Forgetting about False Positives Juan Berner 1 About me Lead security developer @Booking.com Twitter: @89berner medium.com/@89berner 2 Building Your Own WAF as a Service and Forgetting

780 views • 56 slides
Harry Xu May 2012 Complex, concurrent software Precision (no false positives) Find real bugs in

Harry Xu May 2012 Complex, concurrent software Precision (no false positives) Find real bugs in

Harry Xu May 2012 Complex, concurrent software Precision (no false positives) Find real bugs in real executions Need to modify JVM (e.g., object layout, GC, or ISA-level code) Need to demonstrate realism (usually performance) Otherwise use

1.05k views • 64 slides
(In)Visibility and Surveillance Questions Surveillance & Security Positives to surveillance

(In)Visibility and Surveillance Questions Surveillance & Security Positives to surveillance

(In)Visibility and Surveillance Questions Surveillance & Security Positives to surveillance added security. Negatives to surveillance loss of privacy Dis-Appearance dis-appearance refers to the processes whereby a visible

496 views • 15 slides
Enemy targeting, trade - offs, and the evolutionary Assembly of

Enemy targeting, trade - offs, and the evolutionary Assembly of

Enemy targeting, trade - offs, and the evolutionary Assembly of a tortoise beetle defense arsenal Fredric V. Vencl Ecology and Evolution, Stony Brook

262 views • 9 slides

More recommend