ST ADVNCD ARTIFICL INTLLGNCE
ST ADVNCD ARTIFICL INTLLGNCE CMSC 691
Virginia Commonwealth University
Popular in Course
Popular in ComputerScienence
This 3 page Class Notes was uploaded by Adriel Romaguera on Wednesday October 28, 2015. The Class Notes belongs to CMSC 691 at Virginia Commonwealth University taught by David Primeaux in Fall. Since its upload, it has received 16 views. For similar materials see /class/230650/cmsc-691-virginia-commonwealth-university in ComputerScienence at Virginia Commonwealth University.
Reviews for ST ADVNCD ARTIFICL INTLLGNCE
Report this Material
What is Karma?
Karma is the currency of StudySoup.
You can buy or earn more Karma at anytime and redeem it for class notes, study guides, flashcards, and more!
Date Created: 10/28/15
Primeaux Musings A system is associated with a set of desired behaviors A risk to a system represents the potential loss of some desired system behavior A cost is often associated with a risk A threat to a system is a specific exposure to a specific risk A system is secure to the extent that threats to the system are reduced Some systems are more secure than others However complete elimination of threat is not possible therefore an absolutely secure system is not attainable So when people talk about a secure system they are talking about one of three things 0 An impossibility 0 An ideal that while not attainable provides an understandable goal 0 A system that claims to adequately addresses a specific threat Some maxims to think about A ship is safe in harbor but that is not what ships are for By isolating a system on a deserted island with no humans around we might create a nearly perfectly secure system don t forget the possibility of earthquake tsunami and lightning but such a system would not exhibit all or even many desired behaviors When we put a system to use that system is threatened The architecture of system security should be structured in layers like an onion This means that just as an onion presents itself as a layered structure layer after layer of security measures are incorporated in a system Another way of describing this approach is that to address a specific risk we should have in place a chain or sequence of measures As a simple example we might have user authentication by usemame followed by password followed by a biometric measure followed by scanning of some RFD device If anyone of these links in the chain breaks the user is not authenticated From another perspective A chain is only as strong as its weakest link Suppose a system has no network connections Then this might be seen as a robust link is a chain However often the weakest link in system security is an authorized human user who either unintentionally or maliciously behaves in such a way as to incur cost by reducing desired system behavior Note too that humans are subject to social engineering attacks Further enhancing other links in this chain of security without addressing the weaker links might not be cost effective Security has associated costs When we look at the cost ofa security measure we should include not only the cost of implementation and maintenance but also the extent to which the security measure itself adversely affects the system s desired behavior The question to address in this course is o How can we use machine learning techniques to enhance a system s security 0 Or in terms that we can measure How can we use machine learning techniques to reduce threats and their associated costs to a system Below is a matrix relating some aspects of systems to security issues that can be addressed by machine learning User Data Processing transport Assurance Student presentations Notes Consider your approach to your topic in the context of other topics Thus if you select Support vector machines to detect malicious executables you should not include much if any information you would expect another student to have presented in the topic What is a malicious executable Remember our goal is to have nonoverlapping presentations Also the questions listed with each topic are mere suggestions and should certainly not be viewed as exhaustive 0 And as you look at a topic creatively ask whether the approach might be transferred to other issues or components of a system Each topic must be approached in the context of machine learning For each presentation indicate open questions that might bene t from additional exploration M any important and relevant topics are not addressed by our book As but one example How can machine learning techniques be applied to Maninthemiddle attacks Some Suggested Presentation Topics What is a malicious executable What types of malicious executable are there Who creates them What damage can they do How can they be introduced in a system What are na39139ve Bayes and Support Vector Machines and how can we use them in the detection of malicious executables What are decision trees and boosted classi ers and how can we use them in the detection of malicious executables Analyze the experimental results provided in our text for the various methods of detection of malicious executables What is intrusion detection Where are the entry points for intrusion in a system What are the challenges associated with intrusion detection With respect to intrusion detection what are and how can we effect feature selection and data aggregation What is HOMER What is BART How can a classi er be used to reduce false alarms What are the advantages and disadvantages of various intrusion detection systems How can we determine the cost of an intrusion detection system What is a decisiontheoretic model especially in the context of intrusion detection What is the semisupervised model for intrusion detection discussed in our text Provide analysis of experimental results What are the vulnerabilities of networks What is meant by network misuse What is meant by a network anomaly What is data cleaning What is a motif
Are you sure you want to buy this material for
You're already Subscribed!
Looks like you've already subscribed to StudySoup, you won't need to purchase another subscription to get this material. To access this material simply click 'View Full Document'