Searching for just a few words should be enough to get started. If you need to make more complex queries, use the tips below to guide you.
Article type: Research Article
Authors: Deshmeh, G.; * | Rahmati, M.
Affiliations: Computer Engineering Department, AmirKabir University of Technology, Tehran, Iran
Correspondence: [*] Corresponding author. Tel.: +98 2188712411; E-mail: [email protected].
Abstract: Anomaly detection is an important branch of the classification problem which has attracted much attention during the previous years. This, as well as the growing need for distributed data mining techniques, and concerns for privacy and security issues of gathering all distributed data in a central location, emphasizes the importance of the distributed anomaly detection problem, which has thus far received little attention. In this paper, we address the problem of detecting anomalies in horizontally distributed data, where only a limited ratio of the instances at each remote site are allowed to be shared, and no single entity is allowed to observe the whole dataset, neither at once nor incrementally. In our proposed method, local predictors are trained and association rules are extracted, using the difference between predicted and actual values on a context dataset. These association rules are used to represent normal and anomalous behaviors, while a final set of learners use these representations to detect anomalies. The contributions of our work are: 1) distributed anomaly detection, where (a) both data and process are distributed, (b) only a limited form of sharing is allowed and (c) no single entity is allowed to observe the whole data, in anyway, 2) solving the problem in cases where concept drifts might occur, 3) providing a solution which is able to handle potential dishonesty from participating entities, and 4) using association rules for anomaly detection, while maintaining the speed requirement in anomaly detection which is necessary in various applications. We have conducted a set of experiments, comparing our proposed method to other typical anomaly detection methods (oversampling, undersampling, SMOTE), which indicate the superiority of the proposed method, while preserving the privacy of participating datasets by avoiding the communication of all local samples to other local datasets.
Keywords: Distributed anomaly detection, credit card fraud detection, feature selection, association rule analysis
DOI: 10.3233/IDA-2008-12403
Journal: Intelligent Data Analysis, vol. 12, no. 4, pp. 339-357, 2008
IOS Press, Inc.
6751 Tepper Drive
Clifton, VA 20124
USA
Tel: +1 703 830 6300
Fax: +1 703 830 2300
[email protected]
For editorial issues, like the status of your submitted paper or proposals, write to [email protected]
IOS Press
Nieuwe Hemweg 6B
1013 BG Amsterdam
The Netherlands
Tel: +31 20 688 3355
Fax: +31 20 687 0091
[email protected]
For editorial issues, permissions, book requests, submissions and proceedings, contact the Amsterdam office [email protected]
Inspirees International (China Office)
Ciyunsi Beili 207(CapitaLand), Bld 1, 7-901
100025, Beijing
China
Free service line: 400 661 8717
Fax: +86 10 8446 7947
[email protected]
For editorial issues, like the status of your submitted paper or proposals, write to [email protected]
如果您在出版方面需要帮助或有任何建, 件至: [email protected]