University of Cagliari
Detection theory and its applications to computer security
14 June 2011
Nell'ambito del programma Visiting Professor 2010 finanziato dalla Regione Autonoma della Sardegna,
il Dr. Alvaro Cardenas
(Fujitsu Laboratories of America)
terrà dal 14 al 24 Giugno
presso la Facoltà di Ingegneria il seguente ciclo di lezioni sul tema
Detection theory and its applications to computer security.
Descrizione
Several problems in computer and network security require the analysis of a sequence of observations over time or space. Because these sequence (time-series) can be interpreted as a "signal", many computer security problems can benefit from the theory and algorithms developed by the signal processing community, and in particular, from detection theory, which focuses on determining the hypothesis that generated the signal (e.g., normal hypothesis, or attack hypothesis).
Most of the theory and results of signal processing were obtained under the assumptions of relatively benign scenarios. In signal processing we usually assume specific properties of the signal or the noise. These assumptions--while not valid at all times--may model the system accurately enough for most practical purposes. However, when we apply signal processing tests for computer security problems, we face an intelligent opponent who will try to exploit any of our erroneous assumptions. In this course we will study how and when to apply detection theory algorithms to computer security problems.
Most of the theory and results of signal processing were obtained under the assumptions of relatively benign scenarios. In signal processing we usually assume specific properties of the signal or the noise. These assumptions--while not valid at all times--may model the system accurately enough for most practical purposes. However, when we apply signal processing tests for computer security problems, we face an intelligent opponent who will try to exploit any of our erroneous assumptions. In this course we will study how and when to apply detection theory algorithms to computer security problems.
Calendario delle lezioni
14 Giugno, 9:00 - 11:00, aula "Mocci" (DIEE Pad. A)
General overview of detection theory, Neyman-Pearson theory, sequential detection, and change detection algorithms. It will also cover some basic game theoretic concepts that will be applied in future lectures.
General overview of detection theory, Neyman-Pearson theory, sequential detection, and change detection algorithms. It will also cover some basic game theoretic concepts that will be applied in future lectures.
21 Giugno, 9:00 - 11:00, aula I (edificio principale della Facoltà)
The second lecture will apply game theory to the detection problem with the goal of modeling the adversary and obtain provably-secure detection algorithms. These algorithms will be applied to problems in MAC-layer protocol misbehavior, intrusion detection, and watermarking.
22 Giugno, 9:00 - 11:00, aula I (edificio principale della Facoltà)
The third lecture will describe how to combine multiple classifiers in order to maximize the area under the ROC curve metric. We will then present practical examples in machine learning and intrusion detection that can benefit from these multiple classifier combinations.
24 Giugno, 9:00 - 11:00, aula I (edificio principale della Facoltà)
The final lecture will cover miscellaneous topics and some of my current research, including metrics and how to evaluate classifiers, autoregressive models for clustering and anomaly detection, and detection of anomalies in critical infrastructures.
Tutti gli interessati sono invitati a partecipare.
Bio: Alvaro A. Cárdenas is a research staff engineer at Fujitsu Laboratories of America. Prior to this he was a postdoctoral fellow at the University of California, Berkeley. His research focuses on machine learning and statistical methods applied to network security, cyber-physical systems security, and wireless communications for embedded systems. He has received numerous awards for his research including a best paper award from the U.S. Army Research Office, a best presentation award from the IEEE, a fellowship from the University of Maryalnd, and a distinguished research assistant from the Institute of Systems Research. Alvaro holds an M.S. and Ph.D. from the University of Maryland, College Park, and a B.S. from Los Andes University, in Colombia.
-------------------------------------------------------
Prof. Giorgio Giacinto
Dip. Ing. Elettrica ed Elettronica
Università di Cagliari
Piazza D'Armi - 09123 Cagliari
Tel: 070 675 5752 Fax: 070 675 5782
URL: http://www.diee.unica.it/giacinto/