Technical Tuesday – 2 December 2014 – Receiver Operating Characteristic (ROC) statistics and their successful use in medical studies, Nigerian scams, and APT detection by Jeff Kuhn of Amches, Inc.

Posted by on Dec 2, 2014 in Events Archive | No Comments

Receiver Operating Characteristic (ROC) statistics have been a practical tool in the field of clinical medicine for more than 50 years, an area where stakes can be very high and test results are understood to be inherently uncertain. ROC statistics and that half-century body of knowledge also usefully inform networked system security across a range of activities including system design, analytics tuning, and operational tactics. This discussion first introduces ROC statistics in the context of clinical medicine, uses those concepts to explain why you can shortly expect a very well written Nigerian scam email, and then examines how ROC statistics can be used for practical improvements to networked system defense against Advanced Persistent Threat activity.

Presented by: Jeff Kuhn of Amches, Inc.

Mr. Kuhn has 30 years of Intelligence Community and commercial experience with networked system vulnerability analysis and security engineering. He began his career in the early 1980s at the R&D division of the National Computer Security Center before spending more than a decade performing Computer Network Operations engineering as a Department of Defense civilian. Mr. Kuhn then spent five years with GTE supporting their early CALEA lawful intercept efforts and a series of telecommunications security engineering programs. After another ten years providing technical direction and key engineering for Pangia Technologies’ Cyber Network Operations practice, he is now Vice President of Security Engineering at Amches, strongly focused on networked system security and Comprehensive National Cybersecurity Initiative programs.