The Chief Information Officer (CIO) at Old Dominion University –ODU- is trying to improve the university’s information network security. The CIO is trying to evaluate a new intrusion detection technology in the market for a possible replacement for the existing system. An intrusion detection system sounds an “alarm” each time possible malicious attack on a network is detected. The following information is provided: Event of interest, A, is an attack Evidence, B, is intrusion detection system setting off due to anomalous traffic Probability of an attack is 0.01 For the currently installed system, the probability of an alarm given that there is an attack is 0.9, while the probability of an alarm given there is no attack is 0.25. For the new technology, the probability of an alarm given that there is an attack is 0.8, while the probability of an alarm given there is no attack is 0.1. The CIO assumes that there are only two types of events: either there is, or there is no attack. The CIO is using “evidence ratio,” described as P(B|A) / P(B|A’) as a way to compare the technologies. Please help the CIO compare the new technology with the currently installed system by answering the following questions: What is evidence ratio for the currently installed system?
Inverse Normal Distribution
The method used for finding the corresponding z-critical value in a normal distribution using the known probability is said to be an inverse normal distribution. The inverse normal distribution is a continuous probability distribution with a family of two parameters.
Mean, Median, Mode
It is a descriptive summary of a data set. It can be defined by using some of the measures. The central tendencies do not provide information regarding individual data from the dataset. However, they give a summary of the data set. The central tendency or measure of central tendency is a central or typical value for a probability distribution.
Z-Scores
A z-score is a unit of measurement used in statistics to describe the position of a raw score in terms of its distance from the mean, measured with reference to standard deviation from the mean. Z-scores are useful in statistics because they allow comparison between two scores that belong to different normal distributions.
The Chief Information Officer (CIO) at Old Dominion University –ODU- is trying to improve the university’s information network security. The CIO is trying to evaluate a new intrusion detection technology in the market for a possible replacement for the existing system. An intrusion detection system sounds an “alarm” each time possible malicious attack on a network is detected. The following information is provided:
Evidence, B, is intrusion detection system setting off due to anomalous traffic
For the currently installed system, the probability of an alarm given that there is an attack is 0.9, while the probability of an alarm given there is no attack is 0.25.
For the new technology, the probability of an alarm given that there is an attack is 0.8, while the probability of an alarm given there is no attack is 0.1.
The CIO assumes that there are only two types of events: either there is, or there is no attack.
The CIO is using “evidence ratio,” described as P(B|A) / P(B|A’) as a way to compare the technologies. Please help the CIO compare the new technology with the currently installed system by answering the following questions:
What is evidence ratio for the currently installed system?
Trending now
This is a popular solution!
Step by step
Solved in 2 steps