Download Anomaly Detection via Online Over-Sampling Principal Component

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

page
1
page
2
page
3
Document related concepts

Nonlinear dimensionality reduction wikipedia , lookup

Principal component analysis wikipedia , lookup

Transcript 
1
Anomaly Detection via Online OverSampling Principal Component Analysis
Abstract—Anomaly detection has been an important research topic in data mining
and machine learning. Many real-world applications such as intrusion or credit card
fraud detection require an effective and efficient framework to identify deviated data
instances. However, most anomaly detection methods are typically implemented in
batch mode, and thus cannot be easily extended to large-scale problems without
sacrificing computation and memory requirements. In this paper, we propose an
online over-sampling principal component analysis (osPCA) algorithm to address this
problem, and we aim at detecting the presence of outliers from a large amount of
data via an online updating technique. Unlike prior PCA based approaches, we do
not store the entire data matrix or covariance matrix, and thus our approach is
especially of interest in online or large-scale problems. By over-sampling the target
instance and extracting the principal direction of the data, the proposed osPCA
allows us to determine the anomaly of the target instance according to the variation
of the resulting dominant eigenvector. Since our osPCA need not perform eigen
analysis explicitly, the proposed framework is favored for online applications which
have computation or memory limitations. Compared with the well-known power
method for PCA and other popular anomaly detection algorithms, our experimental
results verify the feasibility of our proposed method in terms of both accuracy and
efficiency.
INTRODUCTION
Anomaly (or outlier) detection aims to identify a small group of instances which
deviate remarkably from the existing data. A well-known definition of "outlier" is
given in [1]: "an observation which deviates so much from other observations as to
arouse suspicions that it was generated by a different mechanism," which gives the
general idea of an outlier and motivates many anomaly detection methods [1], [2],
[3], [4], [5], [6], [7]. Practically, anomaly detection can be found in applications such
as homeland security, credit card fraud detection, intrusion and insider threat
detection in cybersecurity, fault detection, or malignant diagnosis [3], [4], [6], [8], [9].
However, since only a limited amount of labeled data are available in the above realworld applications, how to determine anomaly of unseen data (or events) draws
attention from the researchers in data mining and machine learning communities [1],
[2], [3], [4], [5], [6], [7].
www.frontlinetechnologies.org
[email protected]
+91 7200247247
2
Architecture Diagram :
CONCLUSION
In this paper, we proposed an online anomaly detection method based on oversample PCA. We showed that the osPCA with LOO strategy will amplify the effect
of outliers, and thus we can successfully use the variation of the dominant principal
direction to identify the presence of rare but abnormal data. When oversampling a
data instance, our proposed online updating technique enables the osPCA to
efficiently update the principal direction without solving eigenvalue decomposition
problems. Furthermore, our method does not need to keep the entire covariance or
data matrices during the online detection process. Therefore, compared with other
anomaly detection methods, our approach is able to achieve satisfactory results
while significantly reducing computational costs and memory requirements. Thus,
our online osPCA is preferable for online large-scale or streaming data problems.
References
1.
D. M. Hawkins, Identification of Outliers. Chapman and Hall, 1980.
2.
M. Breunig, H.-P. Kriegel, R. T. Ng, and J. Sander, "LOF: Identifying densitybased local outliers," in Proceeding of the 2000 ACM SIGMOD International Conference
on Management of Data, 2000.
3.
V. Chandola, A. Banerjee, and V. Kumar, "Anomaly detection: A survey,"
ACM Computing Surveys, vol. 41, no. 3, pp. 15:1-58, 2009.
4.
L. Huang, X. Nguyen, M. Garofalakis, M. Jordan, A. D. Joseph, and N. Taft,
"In-network pca and anomaly detection," in Proceeding of Advances in Neural
Information Processing Systems 19, 2007.
5.
H.-P. Kriegel, M. Schubert, and A. Zimek, "Angle-based outlier detection in
high-dimensional data," in Proceeding of the 14th ACM SIGKDD international
conference on Knowledge discovery and data mining, 2008.
6.
A. Lazarevic, L. Ertoz, V. Kumar, A. Ozgur, and J. Srivastava, "A comparative
study of anomaly detection schemes in network intrusion detection," in Proceedings of
the Third SIAM International Conference on Data Mining, 2003.
www.frontlinetechnologies.org
[email protected]
+91 7200247247
3
X. Song, M. Wu, and C. J. andSanjay Ranka, "Conditional anomaly detection,"
IEEE Transactions on Knowledge and Data Engineering, vol. 19, no. 5, pp. 631-645, 2007.
8.
S. Rawat, A. K. Pujari, and V. P. Gulati, "On the use of singular value
decomposition for a fast intrusion detection system," Electronic Notes in Theoretical
Computer Science, vol. 142, no. 3, pp. 215-228, 2006.
9.
W. Wang, X. Guan, and X. Zhang, "A novel intrusion detection method based
on principal component analysis in computer security," in Proceeding of the
International Symposium on Neural Networks, 2004.
10.
F. Angiulli, S. Basta, and C. Pizzuti, "Distance-based detection and prediction
of outliers," IEEE Transactions on Knowledge and Data Engineering, vol. 18, no. 2, pp.
145-160, 2006.
7.
www.frontlinetechnologies.org
[email protected]
+91 7200247247
Related documents
Anomaly Detection via Online Over-Sampling Principal Component
Anomaly Detection via Online Over-Sampling Principal Component
Abstract - CSEPACK
Abstract - CSEPACK
PPTX - TuxHPC
PPTX - TuxHPC
Anomaly Detection vi..
Anomaly Detection vi..
Event Detection on Call Data Records
Event Detection on Call Data Records
Anomaly Detection via Online Over-Sampling Principal Component
Anomaly Detection via Online Over-Sampling Principal Component
Anomaly detection algorithms in Scikit-Learn
Anomaly detection algorithms in Scikit-Learn
Data Mining BS/MS Project
Data Mining BS/MS Project
anomaly detection
anomaly detection
Formation of the Oort Cloud25 Mar Homework 7 will be assigned on Mon. • Next topics
Formation of the Oort Cloud25 Mar Homework 7 will be assigned on Mon. • Next topics
EECE News > University of Pretoria - University of Pretoria Archived
EECE News > University of Pretoria - University of Pretoria Archived
CS548 Spring 2015 Anomaly Detection Showcase Anomaly
CS548 Spring 2015 Anomaly Detection Showcase Anomaly
Atmospheric Response to Atlantic Cold Blob - Blue
Atmospheric Response to Atlantic Cold Blob - Blue
Project Report -- Fall 2010
Project Report -- Fall 2010
Advances in Natural and Applied Sciences
Advances in Natural and Applied Sciences
The impact of 1.5°C and 2.0 °C above pre-industrial levels
The impact of 1.5°C and 2.0 °C above pre-industrial levels
Pasechnik
Pasechnik
User Behavior based Anomaly Detection for Cyber
User Behavior based Anomaly Detection for Cyber
In anomaly detection, the goal is to find objects that are
In anomaly detection, the goal is to find objects that are
Dispersive approach to axial anomaly and hadronic contribution to g-2
Dispersive approach to axial anomaly and hadronic contribution to g-2
Unsupervised Anomaly Detection In Network Intrusion Detection
Unsupervised Anomaly Detection In Network Intrusion Detection
Project Report -
Project Report -