Automatic feature selection for anomaly detection

Research output: Contributions to collected editions/worksArticle in conference proceedingsResearchpeer-review

Authors

  • Marius Kloft
  • Ulf Brefeld
  • Patrick Düssel
  • Christian Gehl
  • Pavel Laskov

A frequent problem in anomaly detection is to decide among different feature sets to be used. For example, various features are known in network intrusion detection based on packet headers, content byte streams or application level protocol parsing. A method for automatic feature selection in anomaly detection is proposed which determines optimal mixture coeffcients for various sets of features. The method generalizes the support vector data description (SVDD) and can be expressed as a semi-innite linear program that can be solved with standard techniques. The case of a single feature set can be handled as a particular case of the proposed method. The experimental evaluation of the new method on unsanitized HTTP data demonstrates that detectors using automatically selected features attain competitive performance, while sparing practitioners from a priori decisions on feature sets to be used.

Original languageEnglish
Title of host publicationProceedings of the 1st ACM workshop on Workshop on AISec
EditorsDirk Balfanz, Jessica Staddon
Number of pages6
Place of PublicationNew York
PublisherAssociation for Computing Machinery, Inc
Publication date27.10.2008
Pages71-76
ISBN (print)978-1-60558-291-7
DOIs
Publication statusPublished - 27.10.2008
Externally publishedYes
EventAISec '08 - Alexandria, United States
Duration: 27.10.200831.10.2008
Conference number: 1

    Research areas

  • Informatics - Anomaly detection, Feature selection, Intrusion detection, Machine learning, Multiple kernel learning, Network security, Support vector data description
  • Business informatics

DOI

Recently viewed

Publications

  1. Performance incentives in activity-based management
  2. Comparison of Bio-Inspired Algorithms in a Case Study for Optimizing Capacitor Bank Allocation in Electrical Power Distribution
  3. Tuning kalman filter in linear systems
  4. How mobile app design impacts user responses to mixed self-tracking outcomes
  5. Implementation of formative assessment
  6. A Comparative Study for Fisheye Image Classification
  7. The role of task meaning on output in groups
  8. Optimal scheduling of AGVs in a reentrant blocking job-shop
  9. General Patterns and Conclusions
  10. Model-based nonlinear filter design for tower load reduction of wind power plants with active power control capability
  11. Self-perceived quality of life predicts mortality risk better than a multi-biomarker panel, but the combination of both does best
  12. Comparison of Supervised versus Self-Administered Stretching on Bench Press Maximal Strength and Force Development
  13. Putting adaptive planning into practice: A meta-analysis of current applications
  14. Almost-invariant and finite-time coherent sets
  15. A common European asylum system? How variation in Member States’ administrative capacity undermines EU asylum harmonisation
  16. Studying properties of water data using manifold-aware anomaly detectors
  17. Algorithmisches Management
  18. Quantification of amino acids in fermentation media by isocratic HPLC analysis of their
  19. A Stacked Planar Sensor Concept for Minimally Invasive Plasma Monitoring
  20. How to move the transition to sustainable food consumption towards a societal tipping point
  21. A review of mobile language learning applications
  22. Microsimulation - A survey of principles, developments and applications