15 results after applying filter
In all collections
2020 September 29 Audit and Business Committee meeting presentation
2020-09-29
2020 September 29 Audit and Business Committee meeting agenda
2020-09-29
2020 September 29 Audit and Business Committee meeting materials
2020-09-29
2020 September 29 Board of Trustees meeting materials
2020-09-29
2020 September 29 Board of Trustees meeting agenda
2020-09-29
2020 September 29 Board of Trustees meeting minutes
2020-09-29
2020 September 29 Board of Trustees meeting presentation
2020-09-29
Notice of Rulemaking Hearing: Student Conduct - original filing
2020-09-29
Notice of Rulemaking Hearing: Student Conduct - revisions to original filing
2020-09-29
Notice of Rulemaking Hearing:Title IX Compliance
2020-09-29
2020 September 29 Academic and Student Affairs Committee meeting agenda
2020-09-29
2020 September 29 Academic and Student Affairs Committee meeting materials
2020-09-29
2020 September 29 Academic and Student Affairs Committee meeting presentation
2020-09-29
2020 September 29 Executive Committee meeting materials
2020-09-29
Intrusion Detection Systems (IDS) based on algorithms derived from machine learning techniques can be an effective means of defending industrial control systems (ICS). Unfortunately, the relative immaturity of these systems within the commercial marketplace is often highlighted by the data scientist and mathematician focused set of configuration options that the network operations staff are ill-equipped to select. Should the system use multiple algorithms to evaluate each flow (ensemble) or a single algorithm? Should various features (e.g. diurnal time period) be included or excluded? Should the alerting threshold be set at 3.48 or 3.65? How do each of these options really affect the security of the network to be protected? Here, a method of assessment is presented that supports the system operators in understanding the relative security implications of various IDS settings. By defining the security categories of interest and mapping exemplars to those categories, operators have a solid basis for evaluation. We provide a testing and scoring system process by which they can compare the implications of one configuration set to another while allowing them to extend the approach and incorporate institutional or operator knowledge. The results show that this assessment methodology provides a metric that, in concert with other data (e.g. false positive count) can be used to make informed decisions regarding the configuration and protection of the network. Further, we show how the testing methodology can illuminate characteristics of the IDS that may make it susceptible to defeat given certain attacker behaviors.
2020-09-29
