An Unsupervised Approach for Combining Scores of Outlier Detection Techniques, Based on Similarity Measures

Pasillas-Díaz, José Ramon; Ratté, Sylvie

doi:10.1016/j.entcs.2016.12.005

Cited by 23 publications

(22 citation statements)

References 14 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…As mentioned above, any unsupervised outlier detection method could be used as a base outlier scoring function for feature transformations. However, heterogeneous base functions tend to yield better results, as identical outputs from base functions do not greatly contribute to the ensemble [1], [12]. The diversity among base functions encourages distinct data characteristics to be learned, leading to an improved generalization ability of the ensemble.…”

Section: A Phase I: Unsupervised Representation Learningmentioning

confidence: 99%

See 1 more Smart Citation

XGBOD: Improving Supervised Outlier Detection with Unsupervised Representation Learning

Zhao

Hryniewicki

2018

2018 International Joint Conference on Neural Networks (IJCNN)

View full text Add to dashboard Cite

A new semi-supervised ensemble algorithm called XGBOD (Extreme Gradient Boosting Outlier Detection) is proposed, described and demonstrated for the enhanced detection of outliers from normal observations in various practical datasets. The proposed framework combines the strengths of both supervised and unsupervised machine learning methods by creating a hybrid approach that exploits each of their individual performance capabilities in outlier detection. XGBOD uses multiple unsupervised outlier mining algorithms to extract useful representations from the underlying data that augment the predictive capabilities of an embedded supervised classifier on an improved feature space. The novel approach is shown to provide superior performance in comparison to competing individual detectors, the full ensemble and two existing representation learning based algorithms across seven outlier datasets.

show abstract

Section: A Phase I: Unsupervised Representation Learningmentioning

confidence: 99%

“…EXPERIMENT DESIGN Two comparison analyses are conducted with various baselines included. ROC [1], [10], [11] and Precision@n (P@N) [12] are widely used for evaluation in outlier detection; both are included herein. The final scores are calculated by averaging the results of 30 independent trials.…”

Section: Theoretical Foundationsmentioning

confidence: 99%

XGBOD: Improving Supervised Outlier Detection with Unsupervised Representation Learning

Zhao

Hryniewicki

2018

2018 International Joint Conference on Neural Networks (IJCNN)

View full text Add to dashboard Cite

show abstract

“…In the last step, normalization without assuming a concrete probability distribution is discussed. Instead, the sample means can be normalized to zero and residuals to one by subtracting the sample mean µ and dividing by sample standard deviation σ [35].…”

Section: Model Normalizationmentioning

confidence: 99%

Efficacy Improvement of Anomaly Detection by Using Intelligence Sharing Scheme

Tahir

Ayoub

et al. 2019

Applied Sciences

View full text Add to dashboard Cite

Computer networks are facing threats of ever-increasing frequency and sophistication. Encryption is becoming the norm in both legitimate and malicious network traffic. Therefore, intrusion detection systems (IDSs) are now required to work efficiently regardless of the encryption. In this study, we propose two new methods to improve the efficacy of the Cisco Cognitive Threat Analytics (CTA) system. In the first method, the efficacy of CTA is improved by sharing of intelligence information across a large number of enterprise networks. In the second method, a four variant-based global reputation model (GRM) is designed by employing an outlier ensemble normalization algorithm in the presence of missing data. Intelligence sharing provides additional information in the intrusion detection process, which is much needed, particularly for analysis of encrypted traffic with inherently low information content. Robustness of the novel outlier ensemble normalization algorithm is also demonstrated. These improvements are measured using both encrypted and non-encrypted network traffic. Results show that the proposed information sharing methods greatly improve the anomaly detection efficacy of malicious network behavior with bad base-line detection efficacy and slightly improve upon the average case.

show abstract

“…Entre las técnicas utilizadas se encuentran: 1) Hooking, que se basa en la inyección de código, para la detección y tratamiento de aplicaciones maliciosas (Tinajero-Manjarez et al, 2017); 2) Máquinas de Soporte Vectorial (Support Vector Machines, por sus siglas en inglés SVM), utilizadas para clasificar aplicaciones desconocidas como maliciosas o benignas y en la detección de actividad de los usuarios, mencionadas en (Kaghyan & Sarukhanyan, 2013) y (Spreitzenbarth et al, 2015); 3) Redes Neuronales para localización en interiores y exteriores, aplicado a tráfico y demografía, descritas en (Su et al, 2014), (Huang et al, 2014), (Paul & George, 2015), (Mugagga & Winberg, 2015), (Mugagga & Winberg, 2015), (Carlos E. Galván-Tejada et al, 2015), y (Dou et al, 2015); 4) K-Means y Local Outlier Factor (por sus siglas en inglés LOF) para detección de anomalías, utilizado en dominios como: medicina, detección de intrusos y fraude, abordadas en (Karim et al, 2014) y (Pasillas D. & Ratté, 2016); 5) Árboles de Decisión, Redes Bayesianas y Regresión, en cómputo forense y para la localización y detección de actividad utilizado en la detección de acoso escolar o bullying, analizadas en (Moço & Lobato-Correira, 2014) y (Garcia-Ceja et al, 2014), y; 6) Big Data y Autómatas Celulares para localización en interiores/exteriores y demografía, cubierta en (Tosi et al, 2014), (Asri et al, 2015), y análisis de comportamiento humano en entornos sociales (Human Social Behavior, por sus siglas en inglés HSB), estudiado en (More & Lingam, 2015) y (Dou et al, 2015).…”

Section: Antecedentes De La Herramientaunclassified

“…Por otro lado, los tipos de dato más utilizados para el análisis de comportamiento de un Smartphone son: 1) datos crudos, utilizados en (Tuttle et al, 2010), (Su et al, 2014), (Tosi et al, 2014), (Pasillas D. & Ratté, 2016) y (Garcia-Ceja et al, 2014), y; 2) logs de información, como se muestra en (Asri et al, 2015), (Mestry et al, 2015), (More & Lingam, 2015), (Mugagga & Winberg, 2015), (Moço & Lobato-Correira, 2014); mientras que, las principales vulnerabilidades detectadas son: 1) la infección por malware, analizada en (Karim et al, 2014); 2) el acceso o disposición indebida de la información y comportamiento sospechoso, cubiertos en (Pasillas D. & Ratté, 2016) y (Haque et al, 2013), y; 3) la aplicación de código malicioso, estudiado en (Chen et al, 2015).…”

Section: Antecedentes De La Herramientaunclassified

Detectando aplicaciones maliciosas en Smartphone con sistema Android a través del uso de una aplicación

Mejía

Matemáticas²

2019

RISTI

View full text Add to dashboard Cite

Resumen: En los últimos años, la consolidación de Android, como el sistema operativo más utilizado en Smartphone lo convierte en blanco del mayor número de amenazas creciente; tendencia que se ha mantenido en los últimos años. De acuerdo al informe de 2016, Tendencias en Seguridad publicado por ESET, el número de vulnerabilidades móviles incrementa cada año desde 2013 y, a lo largo de 2015 la tasa de incremento dentro del ecosistema Android que ponen en riesgo la privacidad de su información, ha promediado de 200 nuevas muestras de malware por mes. Por lo tanto, en este artículo se presenta una aplicación (app) para la detección oportuna a potenciales aplicaciones maliciosas presentes en Smartphone, particularmente aquellos con sistema operativo Android, presentando un estudio de caso que ha permitido validar la app a través de la detección de aplicaciones maliciosas instaladas en un dispositivo móvil.

show abstract

An Unsupervised Approach for Combining Scores of Outlier Detection Techniques, Based on Similarity Measures

Cited by 23 publications

References 14 publications

XGBOD: Improving Supervised Outlier Detection with Unsupervised Representation Learning

XGBOD: Improving Supervised Outlier Detection with Unsupervised Representation Learning

Efficacy Improvement of Anomaly Detection by Using Intelligence Sharing Scheme

Detectando aplicaciones maliciosas en Smartphone con sistema Android a través del uso de una aplicación

Contact Info

Product

Resources

About