modeling filter configuration
play

Modeling filter configuration Tyler Moore Computer Science & - PDF document

Mar 21, 2023 •173 likes •236 views

Notes Modeling filter configuration Tyler Moore Computer Science & Engineering Department, SMU, Dallas, TX CSE 5/7338 Lecture 9 ROC curves Optimal filter configuration An economic model of optimal filter configuration Notes

  1. Notes Modeling filter configuration Tyler Moore Computer Science & Engineering Department, SMU, Dallas, TX CSE 5/7338 Lecture 9 ROC curves Optimal filter configuration An economic model of optimal filter configuration Notes Domain-specific models Up to now we have modeled security investment at a very high level Map costs to benefits, assume diminishing marginal returns to investment, etc. Useful for when justifying security budgets compared to non-security expenditures Not useful for deciding how best to allocate a given security budget Today, we discuss a model for a tactical security investment decision: configuring a filter to balance false positives and negatives 3 / 15 ROC curves Optimal filter configuration An economic model of optimal filter configuration Notes Binary classification is a recurring problem in CS Common task: distill many observations to a binary signal { 0 , 1 } : communications theory S = { undervalued , overvalued } : stock trading S = { reject , accept } : research hypothesis S = { benign , malicious } : security filter Such simplification inevitably leads to errors compared to reality (aka ground truth ) 4 / 15 ROC curves Optimal filter configuration An economic model of optimal filter configuration Notes Filter defense mechanism Reality Signal no attack attack benign 1 − α β malicious 1 − β α α : false positive rate, β : false negative rate 5 / 15

  2. ROC curves Optimal filter configuration An economic model of optimal filter configuration Notes Receiver operating characteristic 1 Detection rate 1 − β 45 ◦ 0 1 False positive rate α 6 / 15 ROC curves Optimal filter configuration An economic model of optimal filter configuration Notes Receiver operating characteristic 1 Detection rate 1 − β α = β 45 ◦ 0 1 EER dashed EER solid False positive rate α 6 / 15 ROC curves Optimal filter configuration An economic model of optimal filter configuration Notes Model for optimal filter configuration Binary classifiers are imperfect Finding the optimal trade-off, say for an IDS or spam filter, is hard Can be framed as an economic trade-off between opportunity cost of false positives and losses incurred by false negatives 7 / 15 ROC curves Optimal filter configuration An economic model of optimal filter configuration Notes Model for optimal filter configuration We can see from ROCs that β can be expressed as a function of α . β : [0 , 1] → [0 , 1] defines the false negative rate as a function of the false positive rate α β (0) = 1 , β (1) = 0 We assume β ′ ( x ) < 0 and β ′′ ( x ) ≥ 0 8 / 15

  3. ROC curves Optimal filter configuration An economic model of optimal filter configuration Notes Model for optimal filter configuration Suppose we rely on a filter to scan incoming email attachments for malware a : cost of false positive (blocking a benign email) b : cost of false negative (delivering malicious email) p : probability of email containing malware Cost C ( α ) = p · β ( α ) · b + (1 − p ) · α · a Suppose p = 0 . 1 , a = $250 , b = $500 , α = 0 . 1 , β = . 2 C ( α ) = 0 . 1 · 0 . 2 · 500 + 0 . 9 · 0 . 1 · 250 = $32 . 50 9 / 15 ROC curves Optimal filter configuration An economic model of optimal filter configuration Notes Optimal filter configuration: exercise 1 Suppose we rely on a filter to scan incoming email attachments for malware. Suppose the cost of dealing with a false negative event is $400, and the cost of dealing with a false positive is $200. 20% of incoming email has malware. You can choose between two configurations Config. A: 10% false positive rate and 30% false negative rate Config. B: 25% false positive rate and 15% false negative rate Your task: compute the expected costs for both configurations, and state which configuration you prefer. 10 / 15 ROC curves Optimal filter configuration An economic model of optimal filter configuration Notes Model for optimal filter configuration α ∗ = arg min α p · β ( α ) · b + (1 − p ) · α · a which has first-order condition (FOC) p · β ( α ∗ ) · b + (1 − p ) · α ∗ · a � � 0 = δ α after rearranging, we obtain: β ′ ( α ∗ ) = − 1 − p · a p b 11 / 15 ROC curves Optimal filter configuration An economic model of optimal filter configuration Notes Optimal filter configuration (continuous ROC curves) 1 (1 − p ) a p · b Detection rate 1 − β α ∗ B Indifference curves α ∗ A 0 False positive rate α 1 12 / 15

  4. ROC curves Optimal filter configuration An economic model of optimal filter configuration Notes Optimal filter configuration (continuous ROC curves) A 1 B Detection rate 1 − β EER A = EER B α = β AUC A = AUC B 45 ◦ 0 False positive rate α 1 12 / 15 ROC curves Optimal filter configuration An economic model of optimal filter configuration Notes Optimal filter configuration (continuous ROC curves) A 1 B (1 − p ) a p · b Detection rate 1 − β α ∗ B α ∗ A 45 ◦ 0 False positive rate α 1 12 / 15 ROC curves Optimal filter configuration An economic model of optimal filter configuration Notes Optimal filter configuration (discrete ROC curves) 1 E F (1 − p ) a p · b Detection rate 1 − β α ∗ D 45 ◦ C 0 False positive rate α 1 13 / 15 ROC curves Optimal filter configuration An economic model of optimal filter configuration Notes Optimal filter configuration example (discrete ROC curves) slope 1/3 1 E F 0.1 0.3 0.9 Detection rate 1 − β (1 − p ) a p · b 1 0.5 e p o l s α ∗ D 0.5 0.4 2 α ∗ = 0 . 2 if 1 ≤ (1 − p ) a e ≤ 2 0.4 p p · b o l s C 0.2 0.2 0.7 0 1 False positive rate α 14 / 15

  5. ROC curves Optimal filter configuration An economic model of optimal filter configuration Notes Optimal filter configuration: exercise 2 Suppose we rely on a filter to scan incoming email attachments for malware. Suppose the cost of dealing with a false negative event is $400, and the cost of dealing with a false positive is $200. 20% of incoming email has malware. You can choose between two configurations Config. A: 10% false positive rate and 30% false negative rate Config. B: 25% false positive rate and 15% false negative rate Your task Draw the ROC curve for configurations A and B (plus (0% FP, 1 100% FN) and (100% FP, 0% FN)) Calculate the slope of the indifference curve for the optimal 2 configuration Select the optimal point for the ROC curve 3 15 / 15 Notes Notes Notes

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Modeling filter configuration and introduction to data exploration Tyler Moore Computer Science

Modeling filter configuration and introduction to data exploration Tyler Moore Computer Science

Notes Modeling filter configuration and introduction to data exploration Tyler Moore Computer Science &amp; Engineering Department, SMU, Dallas, TX October 4, 2012 Optimal filter configuration Data exploration overview Notes Outline

123 views • 9 slides
Kalman Filter recall: estimating the robot configuration by iterative integration of the

Kalman Filter recall: estimating the robot configuration by iterative integration of the

Autonomous and Mobile Robotics Prof. Giuseppe Oriolo Localization 2 Kalman Filter recall: estimating the robot configuration by iterative integration of the kinematic model (dead reckoning) is subject to an error that diverges over time

400 views • 23 slides
STUFF FILTER POPULARITY FILTER PERSONALITY FILTER TALENT FILTER GODS FILTER WE HAVE THE

STUFF FILTER POPULARITY FILTER PERSONALITY FILTER TALENT FILTER GODS FILTER WE HAVE THE

STUFF FILTER POPULARITY FILTER PERSONALITY FILTER TALENT FILTER GODS FILTER WE HAVE THE MESSAGE TO MOVE PEOPLE FROM CURSED TO BLESSED. BLESSING DEUTERONOMY 28:1 AND IF YOU FAITHFULLY OBEY THE VOICE OF THE LORD YOUR GOD, BEING

538 views • 34 slides
Configuration management Configuration management Configuration management Configuration

Configuration management Configuration management Configuration management Configuration

Configuration management Configuration management Configuration management Configuration management Configuration management Field of management that focuses on establishing and maintaining consistency of a systems attributes

647 views • 6 slides
Kalman filter Kalman Filter Kalman filter is used to filter true system states from noisy

Kalman filter Kalman Filter Kalman filter is used to filter true system states from noisy

Kalman filter Kalman Filter Kalman filter is used to filter true system states from noisy measurements T o apply the filter, we have to have good model of a system Common use cases: localization of robots, spaceships, ... radar

500 views • 11 slides
Modeling Next Generation Configuration Management Tools Mark Burgess (Oslo University College)

Modeling Next Generation Configuration Management Tools Mark Burgess (Oslo University College)

Modeling Next Generation Configuration Management Tools Mark Burgess (Oslo University College) Alva Couch (Tufts University) Aspects and Closures and Promises (Oh My!) Theories of configuration management employ three distinct

586 views • 31 slides
Modeling trade-offs between false positives and negatives Tyler Moore Computer Science &amp;

Modeling trade-offs between false positives and negatives Tyler Moore Computer Science &amp;

Notes Modeling trade-offs between false positives and negatives Tyler Moore Computer Science &amp; Engineering Department, SMU, Dallas, TX October 2, 2012 Homework 1 Optimal filter configuration Notes Outline Homework 1 1 Summary

278 views • 9 slides
Augeas a configuration API Raphal Pinson Configuration Management Sitewide configuration

Augeas a configuration API Raphal Pinson Configuration Management Sitewide configuration

Augeas a configuration API Raphal Pinson Configuration Management Sitewide configuration Local configuration Editing of Configuration Data (1) Keyhole approaches (2) Greenfield approaches (3) Templating Missing pieces Handle

831 views • 61 slides
Series R FILTER www.rpesrl.it Series R FILTER 2 Rpe presents the Filter R series for an

Series R FILTER www.rpesrl.it Series R FILTER 2 Rpe presents the Filter R series for an

RPE Srl Leader in Fluid Management Control Series R FILTER www.rpesrl.it Series R FILTER 2 Rpe presents the Filter R series for an effective protection from particles and impurities in the water. Save the high quality and reliability of

143 views • 11 slides
Recursive State Estimation 2 Lecture 8 Recap Today Kalman Filter Extended Kalman Filter

Recursive State Estimation 2 Lecture 8 Recap Today Kalman Filter Extended Kalman Filter

Recursive State Estimation 2 Lecture 8 Recap Today Kalman Filter Extended Kalman Filter Particle Filter Kalman Filter Kalman Filter Note: Conditioning Kalman Filter Multi-Modal Kalman Filter Vision Force State Proprioception

671 views • 34 slides
Filter Design Specifications Chaiwoot Boonyasiriwat September 29, 2020 Filter Design

Filter Design Specifications Chaiwoot Boonyasiriwat September 29, 2020 Filter Design

Filter Design Specifications Chaiwoot Boonyasiriwat September 29, 2020 Filter Design Specifications Lowpass filter is the most common type of digital filter. A lowpass filter is a filter that removes the higher frequencies but passes

992 views • 82 slides
Lecture 8 Today: FIR filter design IIR filter design Filter roundoff and overflow sensitivity

Lecture 8 Today: FIR filter design IIR filter design Filter roundoff and overflow sensitivity

Lecture 8 Today: FIR filter design IIR filter design Filter roundoff and overflow sensitivity Announcements: Team proposals are due tomorrow at 6PM Homework 4 is due next thur. Proposal presentations are next mon in 1311EECS. References:

738 views • 32 slides
Kalman Filter Kalman Filter = special case of a Bayes filter with dynamics model and n

Kalman Filter Kalman Filter = special case of a Bayes filter with dynamics model and n

EKF, UKF Pieter Abbeel UC Berkeley EECS Many slides adapted from Thrun, Burgard and Fox, Probabilistic Robotics Kalman Filter Kalman Filter = special case of a Bayes filter with dynamics model and n sensory model being linear Gaussian: 2

535 views • 17 slides
Optimal filter and Cost-Benefit Analysis Tyler Moore CSE 7338 Computer Science &amp; Engineering

Optimal filter and Cost-Benefit Analysis Tyler Moore CSE 7338 Computer Science &amp; Engineering

Notes Optimal filter and Cost-Benefit Analysis Tyler Moore CSE 7338 Computer Science &amp; Engineering Department, SMU, Dallas, TX Lecture 3 Notes Outline Information security risk management 1 Optimal filter configuration 2 Cost-benefit

180 views • 14 slides
PURE POWER FILTERS brand guarantee the high quality and performance I N D E X Introduction Air

PURE POWER FILTERS brand guarantee the high quality and performance I N D E X Introduction Air

ENG Innovative Manufacturer of Filters PURE POWER FILTERS brand guarantee the high quality and performance I N D E X Introduction Air Filter Cabin filter Oil Filter Fuel Filter Hydraulic filter Costum made filter and Private label filter

339 views • 14 slides
Oil Filter Cleaner Green A: Sketch Model Review 1 Concept: Oil Filter Cleaner n Clean oil off

Oil Filter Cleaner Green A: Sketch Model Review 1 Concept: Oil Filter Cleaner n Clean oil off

Oil Filter Cleaner Green A: Sketch Model Review 1 Concept: Oil Filter Cleaner n Clean oil off of vehicle oil filter through rotating at high rpm. n Process: n Puncture holes n Drain oil 2 Product Proposal: Filter Drainer

164 views • 12 slides
Multiple Tests Reality Null is True Null is False (No effect/relation) (Effect/relation

Multiple Tests Reality Null is True Null is False (No effect/relation) (Effect/relation

EDUC 7610 Chapter 11 Multiple Tests Reality Null is True Null is False (No effect/relation) (Effect/relation exists) Null is True Type II Error Correct Decision (Fail to Reject Null) (false negative) Null is False Type I Error

544 views • 12 slides
Chapter 3: Performance Measures in Classification Dr. Xudong Liu Assistant Professor School of

Chapter 3: Performance Measures in Classification Dr. Xudong Liu Assistant Professor School of

Chapter 3: Performance Measures in Classification Dr. Xudong Liu Assistant Professor School of Computing University of North Florida Monday, 9/16/2019 1 / 8 Confusion Matrix Each row in a confusion matrix represents an actual class. Each

280 views • 8 slides
A True Positives Theorem for a Static Race Detector Presentation by Julia Belyakova and Artem

A True Positives Theorem for a Static Race Detector Presentation by Julia Belyakova and Artem

A True Positives Theorem for a Static Race Detector Presentation by Julia Belyakova and Artem Pelenitsyn For CS 7580 (instructor: Jan Vitek), 10/30/2019 A subset of slides is taken from Ilya Sergeys web page Static Analyses for Program

1.11k views • 75 slides
Money that is paid in order to free someone who has been captured or kidnapped. -Merriam-Webster

Money that is paid in order to free someone who has been captured or kidnapped. -Merriam-Webster

Ransom : Money that is paid in order to free someone who has been captured or kidnapped. -Merriam-Webster Ransomware : A malware designed to block access to a computer system, files, screen, disk or etc. until the requested amount of money is

338 views • 17 slides
Optimal Personalized Filtering Against Spear-Phishing Attacks Aron Laszka, Yevgeniy

Optimal Personalized Filtering Against Spear-Phishing Attacks Aron Laszka, Yevgeniy

Optimal Personalized Filtering Against Spear-Phishing Attacks Aron Laszka, Yevgeniy Vorobeychik, and Xenofon Koutsoukos Institute for Software Integrated Systems Department of Electrical Engineering and Computer Science Malicious E-Mails

315 views • 14 slides
An Examination of Bloom Filters and their Applications Jacob Honoroff March 16, 2006 Outline

An Examination of Bloom Filters and their Applications Jacob Honoroff March 16, 2006 Outline

An Examination of Bloom Filters and their Applications Jacob Honoroff March 16, 2006 Outline Bloom Filter Overview Traditional Applications Hierarchical Bloom Filters Paper Less Traditional Applications &amp; Extensions 1

1.45k views • 113 slides
DISTROY: Detec-ng IC Trojans with Compressive Measurements

DISTROY: Detec-ng IC Trojans with Compressive Measurements

DISTROY: Detec-ng IC Trojans with Compressive Measurements Youngjune Gwon, H. T. Kung, and Dario Vlah Harvard University August 9, 2011 Understanding

415 views • 17 slides
Disordered systems and random graphs 3 Amin Coja-Oghlan Goethe University based on joint work

Disordered systems and random graphs 3 Amin Coja-Oghlan Goethe University based on joint work

Disordered systems and random graphs 3 Amin Coja-Oghlan Goethe University based on joint work with Dimitris Achlioptas, Oliver Gebhard, Max Hahn-Klimroth, Joon Lee, Philipp Loick, Noela Mller, Manuel Penschuck, Guangyan Zhou The problem

581 views • 21 slides

More recommend