Abstract

A common application of security analytics is binary classification problems, which are typically assessed using measures derived from signal detection theory, such as accuracy, sensitivity, and specificity. However, these measures fail to incorporate the uncertainty inherent to many contexts into the results. We propose that the types of binary classification problems studied by security researchers can be described based on the level of uncertainty present in the data. We demonstrate the use of Bayes data analysis in security contexts with varying levels of uncertainty and conclude that Bayesian analysis is particularly relevant in applications characterized by high uncertainty. We discuss how to apply similar analyses to other information security research.

Share

COinS