基于有效剪枝技术的检测器集成异常检测系统

2015 IEEE International Conference on Software Quality, Reliability and Security Pub Date : 2015-08-03 DOI:10.1109/QRS.2015.25

Amirreza Soudi, Wael Khreich, A. Hamou-Lhadj

{"title":"基于有效剪枝技术的检测器集成异常检测系统","authors":"Amirreza Soudi, Wael Khreich, A. Hamou-Lhadj","doi":"10.1109/QRS.2015.25","DOIUrl":null,"url":null,"abstract":"Anomaly detection systems rely on machine learning techniques to model the normal behavior of the system. This model is used during operation to detect anomalies due to attacks or design faults. Ensemble methods have been used to improve the overall detection accuracy by combining the outputs of several accurate and diverse models. Existing Boolean combination techniques either require an exponential number of combinations or sequential combinations that grow linearly with the number of iterations, which make them difficult to scale up and analyze. In this paper, we propose PBC (Pruning Boolean Combination), an efficient approach for selecting and combining anomaly detectors. PBC relies on two novel pruning techniques that we have developed to aggressively prune redundant and trivial detectors. Compared to existing work, PBC reduces significantly the number of detectors to combine, while keeping similar accuracy. We show the effectiveness of PBC when applying it to a large dataset.","PeriodicalId":361839,"journal":{"name":"2015 IEEE International Conference on Software Quality, Reliability and Security","volume":"16 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2015-08-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"9","resultStr":"{\"title\":\"An Anomaly Detection System Based on Ensemble of Detectors with Effective Pruning Techniques\",\"authors\":\"Amirreza Soudi, Wael Khreich, A. Hamou-Lhadj\",\"doi\":\"10.1109/QRS.2015.25\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Anomaly detection systems rely on machine learning techniques to model the normal behavior of the system. This model is used during operation to detect anomalies due to attacks or design faults. Ensemble methods have been used to improve the overall detection accuracy by combining the outputs of several accurate and diverse models. Existing Boolean combination techniques either require an exponential number of combinations or sequential combinations that grow linearly with the number of iterations, which make them difficult to scale up and analyze. In this paper, we propose PBC (Pruning Boolean Combination), an efficient approach for selecting and combining anomaly detectors. PBC relies on two novel pruning techniques that we have developed to aggressively prune redundant and trivial detectors. Compared to existing work, PBC reduces significantly the number of detectors to combine, while keeping similar accuracy. We show the effectiveness of PBC when applying it to a large dataset.\",\"PeriodicalId\":361839,\"journal\":{\"name\":\"2015 IEEE International Conference on Software Quality, Reliability and Security\",\"volume\":\"16 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2015-08-03\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"9\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2015 IEEE International Conference on Software Quality, Reliability and Security\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/QRS.2015.25\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2015 IEEE International Conference on Software Quality, Reliability and Security","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/QRS.2015.25","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 9

摘要

异常检测系统依靠机器学习技术来模拟系统的正常行为。该模型用于在运行过程中检测由于攻击或设计错误导致的异常情况。集成方法已被用于通过组合几个准确和多样化模型的输出来提高整体检测精度。现有的布尔组合技术要么需要指数数量的组合，要么需要随迭代次数线性增长的顺序组合，这使得它们难以扩展和分析。本文提出了一种选择和组合异常检测器的有效方法PBC(剪枝布尔组合)。PBC依赖于我们开发的两种新颖的修剪技术，以积极地修剪冗余和琐碎的检测器。与现有的工作相比，PBC大大减少了探测器组合的数量，同时保持了相似的精度。我们在将PBC应用于大型数据集时展示了它的有效性。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

An Anomaly Detection System Based on Ensemble of Detectors with Effective Pruning Techniques

Anomaly detection systems rely on machine learning techniques to model the normal behavior of the system. This model is used during operation to detect anomalies due to attacks or design faults. Ensemble methods have been used to improve the overall detection accuracy by combining the outputs of several accurate and diverse models. Existing Boolean combination techniques either require an exponential number of combinations or sequential combinations that grow linearly with the number of iterations, which make them difficult to scale up and analyze. In this paper, we propose PBC (Pruning Boolean Combination), an efficient approach for selecting and combining anomaly detectors. PBC relies on two novel pruning techniques that we have developed to aggressively prune redundant and trivial detectors. Compared to existing work, PBC reduces significantly the number of detectors to combine, while keeping similar accuracy. We show the effectiveness of PBC when applying it to a large dataset.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2015 IEEE International Conference on Software Quality, Reliability and Security

自引率

0.00%

发文量