The Community for Technology Leaders
RSS Icon
Subscribe
Orlando, Florida
Dec. 14, 2006 to Dec. 16, 2006
ISBN: 0-7695-2735-3
pp: 55-62
Sergey Bratus , Dartmouth College, USA
Javed Aslam , Northeastern University, USA
ABSTRACT
We consider the problem of interactive iterative analysis of datasets that consist of a large number of records represented as feature vectors. The record set is known to contain a number of anomalous records that the analyst desires to locate and describe in a short and comprehensive manner. The nature of the anomaly is not known in advance (in particular, it is not known, which features or feature values identify the anomalous records, and which are irrelevant to the search), and becomes clear only in the process of analysis, as the description of the target subset is gradually refined. This situation is common in computer intrusion analysis, when a forensic analyst browses the logs to locate traces of an intrusion of unknown nature and origin, and extends to other tasks and data sets. <p>To facilitate such "browsing for anomalies", we propose an unsupervised data organization technique for initial summarization and representation of data sets, and a semi-supervised learning technique for iterative modifications of the latter representation. Our approach is based on information content and Jensen-Shannon divergence and is related to information bottleneck methods. We have implemented it as a part of the Kerf log analysis toolkit.</p>
INDEX TERMS
null
CITATION
Sergey Bratus, Javed Aslam, "Semi-supervised Data Organization for Interactive Anomaly Analysis.", ICMLA, 2006, Machine Learning and Applications, Fourth International Conference on, Machine Learning and Applications, Fourth International Conference on 2006, pp. 55-62, doi:10.1109/ICMLA.2006.47
13 ms
(Ver 2.0)

Marketing Automation Platform Marketing Automation Tool