EnglishDetection theory and its applications to computer security
in
 |
Corso seminariale su
|
 |
|
|
Detection theory and its applications to computer security |
|||
|
Cagliari, 14-24 Giugno, 2011
|
|||
| Docente: | Dr. Alvaro Cardenas
Alvaro A. Cárdenas is a research staff engineer at Fujitsu Laboratories of America. Prior to this he was a postdoctoral fellow at the University of California, Berkeley. His research focuses on machine learning and statistical methods applied to network security, cyber-physical systems security, and wireless communications for embedded systems. He has received numerous awards for his research including a best paper award from the U.S. Army Research Office, a best presentation award from the IEEE, a fellowship from the University of Maryalnd, and a distinguished research assistant from the Institute of Systems Research. Alvaro holds an M.S. and Ph.D. from the University of Maryland, College Park, and a B.S. from Los Andes University, in Colombia.
|
| Durata: | 8 ore |
| Programma: |
Lecture 1 - June 14, 9:00am - 11:00am
General overview of detection theory, Neyman-Pearson theory, sequential detection, and change detection algorithms. It will also cover some basic game theoretic concepts that will be applied in future lectures. Slides. Lecture 2 - June 21, 9:00am - 11:00am The second lecture will apply game theory to the detection problem with the goal of modeling the adversary and obtain provably-secure detection algorithms. These algorithms will be applied to problems in MAC-layer protocol misbehavior, intrusion detection, and watermarking. Slides. Lecture 3 - June 22, 9:00am - 11:00am The third lecture will describe how to combine multiple classifiers in order to maximize the area under the ROC curve metric. We will then present practical examples in machine learning and intrusion detection that can benefit from these multiple classifier combinations. Slides. Lecture 4 - June 24, 9:00am - 11:00am The final lecture will cover miscellaneous topics and some of my current research, including metrics and how to evaluate classifiers, autoregressive models for clustering and anomaly detection, and detection of anomalies in critical infrastructures. |
| Aula/e: |
|
| Argomenti: |
AbstractSeveral problems in computer and network security require the analysis of a sequence of observations over time or space. Because these sequence (time-series) can be interpreted as a "signal", many computer security problems can benefit from the theory and algorithms developed by the signal processing community, and in particular, from detection theory, which focuses on determining the hypothesis that generated the signal (e.g., normal hypothesis, or attack hypothesis).Most of the theory and results of signal processing were obtained under the assumptions of relatively benign scenarios. In signal processing we usually assume specific properties of the signal or the noise. These assumptions--while not valid at all times--may model the system accurately enough for most practical purposes. However, when we apply signal processing tests for computer security problems, we face an intelligent opponent who will try to exploit any of our erroneous assumptions. In this course we will study how and when to apply detection theory algorithms to computer security problems. |
| Organizzatore: | Prof. Giorgio Giacinto Dip. di Ingegneria Elettrica ed Elettronica Università di Cagliari Email: giacinto(at)diee(dot)unica(dot)it |
- Login per inviare commenti