Skip to main content
SpringerLink
Log in

Anomaly Detection Using Ensembles

  • Conference paper
Multiple Classifier Systems (MCS 2011)

Part of the book series: Lecture Notes in Computer Science ((LNIP,volume 6713))

Included in the following conference series:

Abstract

We show that using random forests and distance-based outlier partitioning with ensemble voting methods for supervised learning of anomaly detection provide similar accuracy results when compared to the same methods without partitioning. Further, distance-based outlier and one-class support vector machine partitioning and ensemble methods for semi-supervised learning of anomaly detection also compare favorably to the corresponding non-ensemble methods. Partitioning and ensemble methods would be required for very large datasets that need distributed computing approaches. ROC curves often show significant improvement from increased true positives in the low false positive range for ensemble methods used on several datasets.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Abe, N., Zadrozny, B., Langford, J.: Outlier detection by active learning. In: KDD 2006: Proceedings of the 12th ACM SIGKDD International Conference on Knowledge Discovery and Data Mining, pp. 504–509. ACM, New York (2006)

    Google Scholar 

  2. UCI KDD Archive. Kdd cup 1999 data (accessed on, January 1 2010), http://kdd.ics.uci.edu/databases/kddcup99/kddcup99.html

  3. Banfield, R.E., Hall, L.O., Bowyer, K.W., Kegelmeyer, W.P.: A comparison of decision tree ensemble creation techniques. IEEE Transactions on Pattern Analysis and Machine Intelligence, 173–180 (2007)

    Google Scholar 

  4. Bay, S.D., Schwabacher, M.: Mining distance-based outliers in near linear time with randomization and a simple pruning rule. In: Proceedings of the Ninth ACM SIGKDD International Conference on Knowledge Discovery and Data Mining, pp. 29–38. ACM Press, New York (2003)

    Chapter  Google Scholar 

  5. Bradley, A.P.: The use of the area under the roc curve in the evaluation of machine learning algorithms. Pattern Recognition 30, 1145–1159 (1997)

    Article  Google Scholar 

  6. Breiman, L.: Random forests. Machine Learning 45(1), 5–32 (2001)

    Article  MATH  Google Scholar 

  7. Chandola, V., Banerjee, A., Kumar, V.: Anomaly detection: A survey. ACM Comput. Surv. 41(3), 1–58 (2009)

    Article  Google Scholar 

  8. Chang, C.C., Lin, C.J.: Libsvm: a library for support vector machines (accessed on, November 1 2010), http://www.csie.ntu.edu.tw/~cjlin/libsvm

  9. Cumming, G., Fidler, F., Vaux, D.L.: Errror bars in experimental biology. The Journal of Cell Biology 177(1), 7–11 (2007)

    Article  Google Scholar 

  10. Cumming, G., Finch, S.: Inference by eye: Confidence intervals and how to read pictures of data. American Psychologist 60(2), 170–180 (2005)

    Article  Google Scholar 

  11. Fawcett, T.: An introduction to roc analysis. Pattern Recognition Letters 27(8), 861–874 (2006), rOC Analysis in Pattern Recognition

    Article  Google Scholar 

  12. Giacinto, G., Perdisci, R., Del Rio, M., Roli, F.: Intrusion detection in computer networks by a modular ensemble of one-class classifiers. Inf. Fusion 9, 69–82 (2008), http://portal.acm.org/citation.cfm?id=1297420.1297578

    Article  Google Scholar 

  13. Hanley, J.A., McNeil, B.J.: The meaning and use of the area under a receiver operating characteristic (roc) curve. Radiology 143, 29–36 (1982)

    Article  Google Scholar 

  14. Hempstalk, K., Frank, E., Witten, I.H.: One-class classification by combining density and class probability estimation. In: Daelemans, W., Goethals, B., Morik, K. (eds.) ECML PKDD 2008, Part I. LNCS (LNAI), vol. 5211, pp. 505–519. Springer, Heidelberg (2008), http://portal.acm.org/citation.cfm?id=1431932&picked=prox&cfid=19593191&cftoken=93015848 http://dx.doi.org/10.1007/978-3-540-87479-951 , ISBN: 978-3-540-87478-2, doi:10.1007/978-3-540-87479-951

    Chapter  Google Scholar 

  15. John, B.S., Platt, J.C., Shawe-taylor, J., Smola, A.J., Williamson, R.C.: Estimating the support of a high-dimensional distribution. Neural Computation 13, 1443–1471 (2001)

    Article  MATH  Google Scholar 

  16. Lazarevic, A.: Feature bagging for outlier detection. In: KDD 2005, pp. 157–166 (2005)

    Google Scholar 

  17. Niennattrakul, V., Keogh, E., Ratanamahatana, C.A.: Data editing techniques to allow the application of distance-based outlier detection to streams. In: IEEE International Conference on Data Mining, vol. 0, pp. 947–952 (2010)

    Google Scholar 

  18. Perdisci, R., Ariu, D., Fogla, P., Giacinto, G., Lee, W.: Mcpad: A multiple classifier system for accurate payload-based anomaly detection. Computer Networks 53(6), 864–881 (2009), http://www.sciencedirect.com/science/article/B6VRG-4V3547G-1/2/62411af43f5a5f13444f6ab985b9f6ef ; Traffic Classification and Its Applications to Modern Networks

    Article  MATH  Google Scholar 

  19. Shoemaker, L.: Ensemble Learning With Imbalanced Data. Ph.D. thesis. University of South Florida (2010)

    Google Scholar 

  20. Tan, P., Steinbach, M., Kumar, V.: Introduction to Data Mining. Addison-Wesley, Reading (2006)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Computer Science and Engineering, University of South Florida, Tampa, FL, 33620-5399, USA

    Larry Shoemaker & Lawrence O. Hall

Authors
  1. Larry Shoemaker
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Lawrence O. Hall
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Department of Computer Engineering and Systems, Universitá di Napoli Federico II, Italy

    Carlo Sansone

  2. Centre for Vision, Speech and Signal Processing, University of Surrey, Guildford, GU2 7XH, Surrey, UK

    Josef Kittler

  3. Department of Electrical and Electronic Engineering, University of Cagliari, Piazza d’Armi, 09123, Cagliari, Italy

    Fabio Roli

Rights and permissions

Reprints and permissions

Copyright information

© 2011 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Shoemaker, L., Hall, L.O. (2011). Anomaly Detection Using Ensembles. In: Sansone, C., Kittler, J., Roli, F. (eds) Multiple Classifier Systems. MCS 2011. Lecture Notes in Computer Science, vol 6713. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-21557-5_3

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-21557-5_3

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-21556-8

  • Online ISBN: 978-3-642-21557-5

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation