Presentation is loading. Please wait.

Presentation is loading. Please wait.

Discovering Outlier Filtering Rules from Unlabeled Data Author: Kenji Yamanishi & Jun-ichi Takeuchi Advisor: Dr. Hsu Graduate: Chia- Hsien Wu.

Published byRoland Morrison Modified over 9 years ago

Similar presentations

Presentation on theme: "Discovering Outlier Filtering Rules from Unlabeled Data Author: Kenji Yamanishi & Jun-ichi Takeuchi Advisor: Dr. Hsu Graduate: Chia- Hsien Wu."— Presentation transcript:

1 Discovering Outlier Filtering Rules from Unlabeled Data Author: Kenji Yamanishi & Jun-ichi Takeuchi Advisor: Dr. Hsu Graduate: Chia- Hsien Wu

2 Outline Motivation Objective Introduction Main Framework Outlier Detector - SmartSifter Rule Generator – DL-ESC/DL-SC Experimentation–The network intrusion Experimental Results Conclusion Opinion

3 Motivation The problem of the SmartSifter’s accuracy The SmartSifter cannot find the general pattern of the identified outliers

4 Objective Improving the accuracy of SmartSiFter. Discovering a new pattern that outliers in a specific group may commonly have

5 Introduction Developing SmartSifer : It is an on-line outlier detection algorithm Improving the power of the SamtSifer by combining supervised learning method

6 Main Framework Classifier L A New Rule

7 Outlier Detector - SmartSifter ->SS Using a probabilistic (Gaussian mixture) model->P(x,y) = p(x)p(y|x) Employing an on-line discounting learning algorithm (SDLE)/(SDEM) to update the model Giving a score to each datum

8 Outlier Detector - SmartSifter ->SS (cont.) SDLE algorithm: An on-line discounting variant of the Laplace law based estimation algorithm SDEM algorithm: An on-line discounting variant of the incremental EM (Expectation Maximization) algorithm

9 Outlier Detector - SmartSifter ->SS (cont.) Outputting a sorted dataset A highly scored data indicates a high possibility be an outlier

10 Rule Generator – DL-ESC/DL-SC Using a stochastic decision list Employing the principle of minimizing extended stochastic complexity or stochastic complexity

11 Rule Generator – DL-ESC/DL-SC (cont.)  If ξ makes t 1 true, then μ = v 1 with probability p 1 else if ξ makes t 2 true, then μ = v 2 with probability p 2 ……………………… else μ = v s with probability p s

12 Experimentation - Network intrusion detection The purpose of our experiment is to detect without making use of the labels concerning intrusions

13 Experimentation – Dataset (cont.) Using the dataset KDD Cup 1999 prepared for network intrusion detection Using the 13 attributes for DL-ESC Using four attributes for SmartSifter (service,duration,src_bytes,dst_bytes) Only “service” is categorical Y= log(x+0.1),where the base of logarithm is e Generating five datasets S0,S1,S2,S3,S4

14 Experimentation – Dataset (cont.)

15 Experimentation – Illustration by an Example (cont.) Update Rule – S1 First Rule – S1 Update Rule – S2

16 Experimental Results SS : SmartSifter R&S: Rule and SmartSifter (This framework) Using S0 as a training set to construct a filtering rule, each of S1,S2,S3,and S4 is used for test

17 Experimental Results (cont.)

18

19 Conclusion This new framework has two features  Improving the power of SmartSifter  Helping the user discovers a general pattern

20 Opinion Making the detection process more effective and more understandable This framework can apply to other field

Download ppt "Discovering Outlier Filtering Rules from Unlabeled Data Author: Kenji Yamanishi & Jun-ichi Takeuchi Advisor: Dr. Hsu Graduate: Chia- Hsien Wu."

Similar presentations

Applications of one-class classification

Applications of one-class classification
Pat Langley Computational Learning Laboratory Center for the Study of Language and Information Stanford University, Stanford, California

Pat Langley Computational Learning Laboratory Center for the Study of Language and Information Stanford University, Stanford, California
A General Framework for Mining Concept-Drifting Data Streams with Skewed Distributions Jing Gao Wei Fan Jiawei Han Philip S. Yu University of Illinois.

A General Framework for Mining Concept-Drifting Data Streams with Skewed Distributions Jing Gao Wei Fan Jiawei Han Philip S. Yu University of Illinois.
PEBL: Web Page Classification without Negative Examples Hwanjo Yu, Jiawei Han, Kevin Chen- Chuan Chang IEEE TRANSACTIONS ON KNOWLEDGE AND DATA ENGINEERING,

PEBL: Web Page Classification without Negative Examples Hwanjo Yu, Jiawei Han, Kevin Chen- Chuan Chang IEEE TRANSACTIONS ON KNOWLEDGE AND DATA ENGINEERING,
Rapid Object Detection using a Boosted Cascade of Simple Features Paul Viola, Michael Jones Conference on Computer Vision and Pattern Recognition 2001.

Rapid Object Detection using a Boosted Cascade of Simple Features Paul Viola, Michael Jones Conference on Computer Vision and Pattern Recognition 2001.
2001/12/181/50 Discovering Robust Knowledge from Databases that Change Author: Chun-Nan Hsu, Craig A. Knoblock Advisor: Dr. Hsu Graduate: Yu-Wei Su.

2001/12/181/50 Discovering Robust Knowledge from Databases that Change Author: Chun-Nan Hsu, Craig A. Knoblock Advisor: Dr. Hsu Graduate: Yu-Wei Su.
A Probabilistic Framework for Semi-Supervised Clustering

A Probabilistic Framework for Semi-Supervised Clustering
Feature Vector Selection and Use With Hidden Markov Models to Identify Frequency-Modulated Bioacoustic Signals Amidst Noise T. Scott Brandes IEEE Transactions.

Feature Vector Selection and Use With Hidden Markov Models to Identify Frequency-Modulated Bioacoustic Signals Amidst Noise T. Scott Brandes IEEE Transactions.
Integrating Bayesian Networks and Simpson’s Paradox in Data Mining Alex Freitas University of Kent Ken McGarry University of Sunderland.

Integrating Bayesian Networks and Simpson’s Paradox in Data Mining Alex Freitas University of Kent Ken McGarry University of Sunderland.
Locally Constraint Support Vector Clustering

Locally Constraint Support Vector Clustering
On Appropriate Assumptions to Mine Data Streams: Analyses and Solutions Jing Gao† Wei Fan‡ Jiawei Han† †University of Illinois at Urbana-Champaign ‡IBM.

On Appropriate Assumptions to Mine Data Streams: Analyses and Solutions Jing Gao† Wei Fan‡ Jiawei Han† †University of Illinois at Urbana-Champaign ‡IBM.
Unsupervised Learning: Clustering Rong Jin Outline  Unsupervised learning  K means for clustering  Expectation Maximization algorithm for clustering.

Unsupervised Learning: Clustering Rong Jin Outline  Unsupervised learning  K means for clustering  Expectation Maximization algorithm for clustering.
Supervised learning: Mixture Of Experts (MOE) Network.

Supervised learning: Mixture Of Experts (MOE) Network.
Object Class Recognition Using Discriminative Local Features Gyuri Dorko and Cordelia Schmid.

Object Class Recognition Using Discriminative Local Features Gyuri Dorko and Cordelia Schmid.
Co-training LING 572 Fei Xia 02/21/06. Overview Proposed by Blum and Mitchell (1998) Important work: –(Nigam and Ghani, 2000) –(Goldman and Zhou, 2000)

Co-training LING 572 Fei Xia 02/21/06. Overview Proposed by Blum and Mitchell (1998) Important work: –(Nigam and Ghani, 2000) –(Goldman and Zhou, 2000)
Relevance Feedback Content-Based Image Retrieval Using Query Distribution Estimation Based on Maximum Entropy Principle Irwin King and Zhong Jin The Chinese.

Relevance Feedback Content-Based Image Retrieval Using Query Distribution Estimation Based on Maximum Entropy Principle Irwin King and Zhong Jin The Chinese.
Introduction to machine learning

Introduction to machine learning
1. Introduction Generally Intrusion Detection Systems (IDSs), as special-purpose devices to detect network anomalies and attacks, are using two approaches.

1. Introduction Generally Intrusion Detection Systems (IDSs), as special-purpose devices to detect network anomalies and attacks, are using two approaches.
Anomaly detection Problem motivation Machine Learning.

Anomaly detection Problem motivation Machine Learning.
(ACM KDD 09’) Prem Melville, Wojciech Gryc, Richard D. Lawrence

(ACM KDD 09’) Prem Melville, Wojciech Gryc, Richard D. Lawrence

Similar presentations

Ads by Google