Hugendubel.info - Die B2B Online-Buchhandlung 

Merkliste
Die Merkliste ist leer.
Bitte warten - die Druckansicht der Seite wird vorbereitet.
Der Druckdialog öffnet sich, sobald die Seite vollständig geladen wurde.
Sollte die Druckvorschau unvollständig sein, bitte schliessen und "Erneut drucken" wählen.

Anomaly Detection Principles and Algorithms

E-BookPDF1 - PDF WatermarkE-Book
217 Seiten
Englisch
Springer Nature Switzerlanderschienen am18.11.20171st ed. 2017
This book provides a readable and elegant presentation of the principles of anomaly detection,providing an easy introduction for newcomers to the field. A large number of algorithms are succinctly described, along with a presentation of their strengths and weaknesses.

The authors also cover algorithms that address different kinds of problems of interest with single and multiple time series data and multi-dimensional data. New ensemble anomaly detection algorithms are  described, utilizing the benefits provided by diverse algorithms, each of which work well on some kinds of data.

 With advancements in technology and the extensive use of the internet as a medium for communications and commerce, there has been a tremendous increase in the threats faced by individuals and organizations from attackers and criminal entities. Variations in the observable behaviors of individuals (from others and from their own past behaviors) have been found to be useful in predicting potential problems of various kinds. Hence computer scientists and statisticians have been conducting research on automatically identifying anomalies in large datasets.





 This book will primarily target practitioners and researchers who are newcomers to the area of modern anomaly detection techniques. Advanced-level students in computer science will also find this book helpful with their studies.mehr
Verfügbare Formate
BuchGebunden
EUR149,79
E-BookPDF1 - PDF WatermarkE-Book
EUR96,29

Produkt

KlappentextThis book provides a readable and elegant presentation of the principles of anomaly detection,providing an easy introduction for newcomers to the field. A large number of algorithms are succinctly described, along with a presentation of their strengths and weaknesses.

The authors also cover algorithms that address different kinds of problems of interest with single and multiple time series data and multi-dimensional data. New ensemble anomaly detection algorithms are  described, utilizing the benefits provided by diverse algorithms, each of which work well on some kinds of data.

 With advancements in technology and the extensive use of the internet as a medium for communications and commerce, there has been a tremendous increase in the threats faced by individuals and organizations from attackers and criminal entities. Variations in the observable behaviors of individuals (from others and from their own past behaviors) have been found to be useful in predicting potential problems of various kinds. Hence computer scientists and statisticians have been conducting research on automatically identifying anomalies in large datasets.





 This book will primarily target practitioners and researchers who are newcomers to the area of modern anomaly detection techniques. Advanced-level students in computer science will also find this book helpful with their studies.
Details
Weitere ISBN/GTIN9783319675268
ProduktartE-Book
EinbandartE-Book
FormatPDF
Format Hinweis1 - PDF Watermark
FormatE107
Erscheinungsjahr2017
Erscheinungsdatum18.11.2017
Auflage1st ed. 2017
ReiheTerrorism, Security, and Computation
Seiten217 Seiten
SpracheEnglisch
IllustrationenXXII, 217 p. 66 illus., 55 illus. in color.
Artikel-Nr.2531347
Rubriken
Genre9200

Inhalt/Kritik

Inhaltsverzeichnis
1;Preface;7
2;Contents;9
3;List of Figures;14
4;List of Tables;19
5;Part I Principles;21
5.1;1 Introduction;22
5.1.1;1.1 What's an Anomaly?;23
5.1.2;1.2 Cybersecurity;26
5.1.2.1;1.2.1 Privacy;26
5.1.2.2;1.2.2 Malware Detection;27
5.1.2.3;1.2.3 Fraudulent Email;27
5.1.3;1.3 Finance;28
5.1.3.1;1.3.1 Credit Card Fraud;28
5.1.3.2;1.3.2 Creditworthiness;29
5.1.3.3;1.3.3 Bankruptcy Prediction;29
5.1.3.4;1.3.4 Investing;29
5.1.4;1.4 Healthcare;30
5.1.4.1;1.4.1 Diagnosis;30
5.1.4.2;1.4.2 Patient Monitoring;31
5.1.4.3;1.4.3 Radiology;31
5.1.4.4;1.4.4 Epidemiology;31
5.1.5;1.5 Defense and Internal Security;31
5.1.5.1;1.5.1 Personnel Behaviors;32
5.1.5.2;1.5.2 Battlefield Behaviors;32
5.1.5.3;1.5.3 Unconventional Attacks;32
5.1.6;1.6 Consumer Home Safety;33
5.1.6.1;1.6.1 Detecting Occurrence of Falls and Other Problems;33
5.1.6.2;1.6.2 Home Perimeter Safety;34
5.1.6.3;1.6.3 Indoor Pollution Monitoring;34
5.1.7;1.7 Manufacturing and Industry;35
5.1.7.1;1.7.1 Quality Control;35
5.1.7.2;1.7.2 Retail Sales;35
5.1.7.3;1.7.3 Inventory Management;36
5.1.7.4;1.7.4 Customer Behavior;36
5.1.7.5;1.7.5 Employee Behavior;36
5.1.8;1.8 Science;37
5.1.9;1.9 Conclusion;38
5.2;2 Anomaly Detection;39
5.2.1;2.1 Anomalies;39
5.2.1.1;2.1.1 Metrics for Measurement;41
5.2.1.2;2.1.2 Old Problems vs. New Problems;42
5.2.1.3;2.1.3 What Kind of Data?;42
5.2.1.4;2.1.4 What's a Norm?;43
5.2.2;2.2 Outliers in One-Dimensional Data;44
5.2.3;2.3 Outliers in Multidimensional Data;46
5.2.4;2.4 Anomaly Detection Approaches;47
5.2.5;2.5 Evaluation Criteria;48
5.2.6;2.6 Conclusion;50
5.3;3 Distance-Based Anomaly Detection Approaches;51
5.3.1;3.1 Introduction;51
5.3.2;3.2 Similarity Measures;52
5.3.3;3.3 Distance-Based Approaches;54
5.3.3.1;3.3.1 Distance to All Points;54
5.3.3.2;3.3.2 Distance to Nearest Neighbor;55
5.3.3.3;3.3.3 Average Distance to k Nearest Neighbors;55
5.3.3.4;3.3.4 Median Distance to k Nearest Neighbors;56
5.3.4;3.4 Conclusion;57
5.4;4 Clustering-Based Anomaly Detection Approaches;58
5.4.1;4.1 Identifying Clusters;58
5.4.1.1;4.1.1 Nearest Neighbor Clustering;59
5.4.1.2;4.1.2 k-Means Clustering;60
5.4.1.3;4.1.3 Fuzzy Clustering;62
5.4.1.4;4.1.4 Agglomerative Clustering;63
5.4.1.5;4.1.5 Density-Based Agglomerative Clustering;64
5.4.1.6;4.1.6 Divisive Clustering;65
5.4.2;4.2 Anomaly Detection Using Clusters;66
5.4.2.1;4.2.1 Cluster Membership or Size;66
5.4.2.2;4.2.2 Proximity to Other Points;67
5.4.2.3;4.2.3 Proximity to Nearest Neighbor;68
5.4.2.4;4.2.4 Boundary Distance;68
5.4.2.5;4.2.5 When Cluster Sizes Differ;70
5.4.2.6;4.2.6 Distances from Multiple Points;71
5.4.3;4.3 Conclusion;72
5.5;5 Model-Based Anomaly Detection Approaches;73
5.5.1;5.1 Models of Relationships Between Variables;73
5.5.1.1;5.1.1 Model Parameter Space Approach;74
5.5.1.2;5.1.2 Data Space Approach;75
5.5.1.2.1;5.1.2.1 Implicit Model;75
5.5.1.2.2;5.1.2.2 Explicit Models;77
5.5.2;5.2 Distribution Models;79
5.5.2.1;5.2.1 Parametric Distribution Estimation;79
5.5.2.2;5.2.2 Regression Models;80
5.5.2.2.1;5.2.2.1 Linear Regression;81
5.5.2.2.2;5.2.2.2 Nonlinear Regression;81
5.5.2.2.3;5.2.2.3 Kernel Regression and Support Vector Machines;82
5.5.2.2.4;5.2.2.4 Splines;83
5.5.3;5.3 Models of Time-Varying Processes;83
5.5.3.1;5.3.1 Markov Models;86
5.5.3.2;5.3.2 Time Series Models;88
5.5.3.2.1;5.3.2.1 ARIMA;90
5.5.3.2.2;5.3.2.2 DFT;92
5.5.3.2.3;5.3.2.3 Haar;92
5.5.4;5.4 Anomaly Detection in Time Series;94
5.5.4.1;5.4.1 Anomaly Within a Single Time Series;95
5.5.4.1.1;5.4.1.1 Methodologies for Anomaly Detection Within a Single Time Series;99
5.5.4.2;5.4.2 Anomaly Detection Among Multiple Time Series;100
5.5.4.2.1;5.4.2.1 Using Point-to-Point Distances;103
5.5.4.2.2;5.4.2.2 Using Variations over Time;103
5.5.4.2.3;5.4.2.3 Correlations with Delays;106
5.5.5;5.5 Learning Algorithms Used to Derive Models from Data;107
5.5.5.1;5.5.1 Regularization;108
5.5.6;5.6 Conclusion;109
6;Part II Algorithms;111
6.1;6 Distance and Density Based Approaches;112
6.1.1;6.1 Distance from the Rest of the Data;112
6.1.1.1;6.1.1 Distance Based-Outlier Approach;115
6.1.2;6.2 Local Correlation Integral (LOCI) Algorithm;117
6.1.2.1;6.2.1 Resolution-Based Outlier Detection;119
6.1.3;6.3 Nearest Neighbor Approach;120
6.1.4;6.4 Density Based Approaches;122
6.1.4.1;6.4.1 Mixture Density Estimation;124
6.1.4.2;6.4.2 Local Outlier Factor (LOF) Algorithm;125
6.1.4.3;6.4.3 Connectivity-Based Outlier Factor (COF) Approach;127
6.1.4.4;6.4.4 INFLuential Measure of Outlierness by Symmetric Relationship (INFLO);129
6.1.5;6.5 Performance Comparisons;131
6.1.6;6.6 Conclusions;132
6.2;7 Rank Based Approaches;133
6.2.1;7.1 Rank-Based Detection Algorithm (RBDA);135
6.2.1.1;7.1.1 Why Does RBDA Work?;136
6.2.2;7.2 Anomaly Detection Algorithms Based on Clustering and Weighted Ranks;138
6.2.2.1;7.2.1 NC-Clustering;139
6.2.2.2;7.2.2 Density and Rank Based Detection Algorithms;140
6.2.3;7.3 New Algorithms Based on Distance and Cluster Density;141
6.2.4;7.4 Results;144
6.2.4.1;7.4.1 RBDA Versus the Kernel Based Density Estimation Algorithm;144
6.2.4.2;7.4.2 Comparison of RBDA and Its Extensions with LOF, COF, and INFLO;145
6.2.4.3;7.4.3 Comparison for KDD99 and Packed Executables Datasets;147
6.2.5;7.5 Conclusions;148
6.3;8 Ensemble Methods;149
6.3.1;8.1 Independent Ensemble Methods;149
6.3.2;8.2 Sequential Application of Algorithms;153
6.3.3;8.3 Ensemble Anomaly Detection with Adaptive Sampling;154
6.3.3.1;8.3.1 AdaBoost;155
6.3.3.2;8.3.2 Adaptive Sampling;156
6.3.3.3;8.3.3 Minimum Margin Approach;156
6.3.4;8.4 Weighted Adaptive Sampling;157
6.3.4.1;8.4.1 Weighted Adaptive Sampling Algorithm;161
6.3.4.2;8.4.2 Comparative Results;161
6.3.4.3;8.4.3 Dataset Description;162
6.3.4.4;8.4.4 Performance Comparisons;162
6.3.4.5;8.4.5 Effect of Model Parameters;164
6.3.5;8.5 Conclusion;166
6.4;9 Algorithms for Time Series Data;167
6.4.1;9.1 Problem Definition;168
6.4.2;9.2 Identification of an Anomalous Time Series;171
6.4.2.1;9.2.1 Algorithm Categories;172
6.4.2.2;9.2.2 Distances and Transformations;173
6.4.3;9.3 Abnormal Subsequence Detection;181
6.4.4;9.4 Outlier Detection Based on Multiple Measures;183
6.4.4.1;9.4.1 Measure Selection;183
6.4.4.2;9.4.2 Identification of Anomalous Series;186
6.4.5;9.5 Online Anomaly Detection for Time Series;186
6.4.5.1;9.5.1 Online Updating of Distance Measures;187
6.4.5.2;9.5.2 Multiple Measure Based Abnormal Subsequence Detection Algorithm (MUASD);190
6.4.5.3;9.5.3 Finding Nearest Neighbor by Early Abandoning;192
6.4.5.4;9.5.4 Finding Abnormal Subsequence Based on Ratio of Frequencies (SAXFR);193
6.4.5.4.1;9.5.4.1 Effect of SAXFR Subsequence Length Parameter;194
6.4.5.5;9.5.5 MUASD Algorithm;195
6.4.6;9.6 Experimental Results;196
6.4.6.1;9.6.1 Detection of Anomalous Series in a Dataset;196
6.4.6.2;9.6.2 Online Anomaly Detection;197
6.4.6.3;9.6.3 Anomalous Subsequence Detection;200
6.4.6.4;9.6.4 Computational Effort;202
6.4.7;9.7 Conclusion;202
7;Appendix A Datasets for Evaluation;204
7.1;A.1 A Datasets for Evaluation;204
7.2;A.2 Real Datasets;204
7.3;A.3 KDD and PED;207
8;Appendix B Datasets for Time Series Experiments;208
8.1;B.1 Datasets;208
8.1.1;B.1.1 Synthetic Datasets;208
8.1.2;B.1.2 Brief Description of Datasets;208
8.1.2.1;B.1.2.1 Real Datasets;209
8.1.3;B.1.3 Datasets for Online Anomalous Time Series Detection;215
8.1.4;B.1.4 Data Sets for Abnormal Subsequence Detection in a Single Series;216
8.1.5;B.1.5 Results for Abnormal Subsequence Detection in a Single Series for Various Datasets;216
9;References;221
10;Index;227mehr