Monthly Archives: February 2023
CISSP考試心得 – 陳建棠 (Matt)
CISSP考試心得 – 呂士鳴 (Andy)
Standards by ISO/IEC JTC 1/SC 42 – Artificial intelligence
I tried to use ChatGPT for some fundamental business analysis, specifically SWOT analysis. It performs quite well.
Standards by ISO/IEC JTC 1/SC 42 – Artificial intelligence
AI is an excellent tool that provides a bounty of helpful information for decisions. However, it may involve risk and ethical and societal concerns. Standards by ISO/IEC JTC 1/SC 42 about Artificial intelligence provide a comprehensive framework to guide the development of the AI roadmap.
WUSON Information Security Essentials (WISE Model)
I organize fundamental cybersecurity concepts into this diagram and hope it helps CISSP aspirants prepare for the CISSP exam.
The WISE Model defines information security as follows:
Information Security is a discipline of protecting assets from threats through security controls to: T3) achieve confidentiality, integrity, and availability (CIA), T2) support business, and T1) create value and fulfill organizational mission and vision.
What Does It Mean By “Positive?”
Anomaly-based Detection and Classification
An anomaly-based detection is an approach that builds or trains a model of normality to identify occurrences of any deviation or anomaly based on the model. It is commonly applied in intrusion detection systems (IDS) to detect intrusion, medical tests to screen for virus infection, radar receivers to identify enemy airplanes, physical access control systems (PACS) to stop strangers, etc.
Detecting anomalies is a typical application of classification, especially binary classification, in statistics and machine learning. The model of anomaly-based detection is a binary classifier that predicts and classifies cases as either “anomalous” or “normal” with an interest in anomalies. The two exclusive groups (Anomalous and Normal) can be labeled as anything; however, it is common to label anomalous cases as “Positive” while normal cases as “Negative.” The following is a labeling example from Wikipedia:
Given a sample of 12 individuals, 8 that have been diagnosed with cancer and 4 that are cancer-free, where individuals with cancer belong to class 1 (positive) and non-cancer individuals belong to class 0 (negative), we can display that data as follows…
Ambiguous “Positive” in Biometric Identification
“Biometric recognition (also known as biometrics) refers to the automated recognition of individuals based on their biological and behavioral traits (ISO/IEC JTC1 SC37).” (Scholarpedia) Biometrics is a binary classifier commonly used to identify or verify identities. However, biometrics can have semantic ambiguity in biometric identification.
In biometric identification, we care about whether the biometric scan matches the enrolled or stored biometric template/model. We may label the result of a match as “Positive,” and otherwise as “Negative.” It is not anomaly-based, because an anomaly implies a result of unmatched. Wayman et al, Andress, and Chapple, the author of the CISSP OSG 9th edition, share the same perspective. The following table demonstrates this perspective of biometric matches:
Wayman, Possolo, and Mansfield
Technical testing in biometrics has historically focused on throughput and recognition error rates – the latter of two types: false positives (also called false matches – an incorrect decision that two biometric samples are from the same individual when they are not) and false negatives (also called false non-matches – an incorrect decision that two biometric samples are not from the same individual when they in fact are).Source: Wayman et al.
False acceptance rate (FAR) and false rejection rate (FRR) are two of these. FAR occurs when we accept a user whom we should actually have rejected. This type of issue is also referred to as a false positive. FRR is the problem of rejecting a legitimate user when we should have accepted him. This type of issue is commonly known outside the world of biometrics as a false negative.Source: Jason Andress
Inconsistent Terms against the Confusion Matrix
The confusion matrix is used to visualize the performance of a binary classifier. It is commonly accepted that a False Positive is also known as a Type I Error and a False Negative as a Type II Error.
If we take the viewpoint from the biometric pattern match (not anomaly-based), we tend to conclude that False Match = False Positive = Type I Error = False Acceptance. However, the CISSP OSG suggests False Positive is a Type II Error. It confuses people who study statistical hypothesis testing and classification in machine learning.
In the field of machine learning and specifically the problem of statistical classification, a confusion matrix, also known as an error matrix, is a specific table layout that allows visualization of the performance of an algorithm, typically a supervised learning one (in unsupervised learning it is usually called a matching matrix). Each row of the matrix represents the instances in an actual class while each column represents the instances in a predicted class, or vice versa – both variants are found in the literature. The name stems from the fact that it makes it easy to see whether the system is confusing two classes (i.e. commonly mislabeling one as another).
It is a special kind of contingency table, with two dimensions (“actual” and “predicted”), and identical sets of “classes” in both dimensions (each combination of dimension and class is a variable in the contingency table).Source: Wikipedia
Anomaly-based Biometric Verification
In biometric verification, we care more about if it is a valid user than its identity. For instance, physical access control systems (PACS) can verify identities or authenticate users via biometrics. Regarding anomaly-based detection, we may use “Positive” to label strangers (anomalies) and “Negative” for valid users. That is why “Rejection” and “Acceptance” are used in the PACS to avoid potential ambiguity and miscommunication. If we use the anomaly-based approach, we can align with the terms used in the confusion matrix; that is, a False Positive (False Rejection) leads to a Type I Error and a False Negative (False Acceptance) leads to a Type II Error.
Terminologies have their contexts. We use Type I and Type II errors in statistical hypothesis testing, False Positive and False Negative in binary classification, and False Rejection and False Acceptance in biometric verification or PACS. To communicate effectively, the best strategy is to use terms in the proper contexts. If you use Type I/II or Positive/Negative, instead of Rejection/Acceptance, in PACS, it creates ambiguity and hinders communication. If we need to mix the terms from different contexts, use the anomaly-based approach to ensure the concepts behind those terms are consistent.
- Biometric recognition and authentication systems
- Explainer: Verification vs. Identification Systems
- What Is a Physical Access Control System?
- Biometric Identification: What Is It? (A 2023 Review)
- Fundamental issues in biometric performance testing: A modern statistical and philosophical framework for uncertainty assessment
- Biometric authentication
- What is biometrics?
- Confusion matrix
- Binary classification
- Receiver operating characteristic
- Anomaly-based intrusion detection system
- What does it mean by positive and negative class in machine learning?