Anomaly Detection
- S A L IL NAVG IR E
Introduction
• problem of finding patterns in data that do not
conform to expected behavior
• covers diverse disciplines f...
Applications
• Intrusion detection- detection of malicious activity
• Host based – OS call traces
• Network based – packet...
Challenges
• Defining normal region
• Sometimes malicious agent adapt themselves to
appear as normal observation

• Differ...
Different aspects of detection
techniques
• Nature of input data
• Types of Anomaly
• Point Anomalies
• Contextual Anomali...
Anomaly Detection Techniques

Anomaly
detection
techniques

Classification

Nearest
Neighbor

Clustering

Spectral

Inform...
• Classification
• Neural network based
• Bayesian Network based

• Support Vector Machine based
• Rule based

• Nearest N...
• Statistical
• Parametric
• Gaussian model based
• Regression model based
• Mixture of parametric distributions based

• ...
Upcoming SlideShare
Loading in …5
×

Salil presentation 11.07

507 views

Published on

Published in: Technology, Education
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
507
On SlideShare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
6
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Salil presentation 11.07

  1. 1. Anomaly Detection - S A L IL NAVG IR E
  2. 2. Introduction • problem of finding patterns in data that do not conform to expected behavior • covers diverse disciplines from statistics, machine learning, data mining, information theory, spectral theory
  3. 3. Applications • Intrusion detection- detection of malicious activity • Host based – OS call traces • Network based – packet level traces • Fraud detection - detection of criminal activities in commercial organizations • Credit card fraud detection • Insurance Claim Fraud Detection • Insider trading detection • Industrial damage detection • Anomaly detection in data • Anomaly detection in sensor networks
  4. 4. Challenges • Defining normal region • Sometimes malicious agent adapt themselves to appear as normal observation • Different techniques for different application domain • Availability of labeled data for training • Sometimes noise is similar to anomaly and difficult to distinguish
  5. 5. Different aspects of detection techniques • Nature of input data • Types of Anomaly • Point Anomalies • Contextual Anomalies • Collective Anomalies • Data Labels • Supervised anomaly detection • Semi-Supervised anomaly detection • Unsupervised anomaly detection • Output • Scores • Labels
  6. 6. Anomaly Detection Techniques Anomaly detection techniques Classification Nearest Neighbor Clustering Spectral Information theoretic Statistical Time Series
  7. 7. • Classification • Neural network based • Bayesian Network based • Support Vector Machine based • Rule based • Nearest Neighbor • KNN • Relative density • Clustering • K means • SOM
  8. 8. • Statistical • Parametric • Gaussian model based • Regression model based • Mixture of parametric distributions based • Non-parametric • Histogram based • Kernel function based • Spectral • Dimensionality reduction

×