Abstract
Anomaly detection is an important problem that has been researched within diverse research areas and application domains. Many anomaly detection techniques have been specifically developed for certain application domains, while others are more generic. This survey tries to provide a structured and comprehensive overview of the research on anomaly detection. We have grouped existing techniques into different categories based on the underlying approach adopted by each technique. For each category we have identified key assumptions, which are used by the techniques to differentiate between normal and anomalous behavior. When applying a given technique to a particular domain, these assumptions can be used as guidelines to assess the effectiveness of the technique in that domain. For each category, we provide a basic anomaly detection technique, and then show how the different existing techniques in that category are variants of the basic technique. This template provides an easier and more succinct understanding of the techniques belonging to each category. Further, for each category, we identify the advantages and disadvantages of the techniques in that category. We also provide a discussion on the computational complexity of the techniques since it is an important issue in real application domains. We hope that this survey will provide a better understanding of the different directions in which research has been done on this topic, and how techniques developed in one area can be applied in domains for which they were not intended to begin with.
- Abe, N., Zadrozny, B., and Langford, J. 2006. Outlier detection by active learning. In Proceedings of the 12th ACM SIGKDD International Conference on Knowledge Discovery and Data Mining. ACM Press, New York, 504--509. Google ScholarDigital Library
- Abraham, B. and Box, G. E. P. 1979. Bayesian analysis of some outlier problems in time series. Biometrika 66, 2, 229--236.Google ScholarCross Ref
- Abraham, B. and Chuang, A. 1989. Outlier detection and time series modeling. Technometrics 31, 2, 241--248. Google ScholarDigital Library
- Addison, J., Wermter, S., and MacIntyre, J. 1999. Effectiveness of feature extraction in neural network architectures for novelty detection. In Proceedings of the 9th International Conference on Artificial Neural Networks. vol. 2. 976--981.Google ScholarCross Ref
- Aeyels, D. 1991. On the dynamic behaviour of the novelty detector and the novelty filter. In Analysis of Controlled Dynamical Systems: Progress in Systems and Control Theory, B. Bonnard, B. Bride, J. Gauthier, and I. Kupka, Eds. vol. 8. Springer, Berlin, 1--10.Google Scholar
- Agarwal, D. 2005. An empirical Bayes approach to detect anomalies in dynamic multidimensional arrays. In Proceedings of the 5th IEEE International Conference on Data Mining. IEEE Computer Society, 26--33. Google ScholarDigital Library
- Agarwal, D. 2006. Detecting anomalies in cross-classified streams: A Bayesian approach. Knowl. Inform. Syst. 11, 1, 29--44. Google ScholarDigital Library
- Aggarwal, C. 2005. On abnormality detection in spuriously populated data streams. In Proceedings of the 5th SIAM Data Min. Conference. 80--91.Google ScholarCross Ref
- Aggarwal, C. and Yu, P. 2001. Outlier detection for high dimensional data. In Proceedings of the ACM SIGMOD International Conference on Management of Data. ACM Press, 37--46. Google ScholarDigital Library
- Aggarwal, C. C. and Yu, P. S. 2008. Outlier detection with uncertain data. In Proceedings of the International Conference on Data Mining (SDM). 483--493.Google Scholar
- Agovic, A., Banerjee, A., Ganguly, A. R., and Protopopescu, V. 2007. Anomaly detection in transportation corridors using manifold embedding. In Proceedings of the 1st International Workshop on Knowledge Discovery from Sensor Data. ACM Press.Google Scholar
- Agrawal, R. and Srikant, R. 1995. Mining sequential patterns. In Proceedings of the 11th International Conference on Data Engineering. IEEE Computer Society, 3--14. Google ScholarDigital Library
- Agyemang, M., Barker, K., and Alhajj, R. 2006. A comprehensive survey of numeric and symbolic outlier mining techniques. Intel. Data Anal. 10, 6, 521--538. Google ScholarDigital Library
- Albrecht, S., Busch, J., Kloppenburg, M., Metze, F., and Tavan, P. 2000. Generalized radial basis function networks for classification and novelty detection: Self-organization of optional Bayesian decision. Neural Netw. 13, 10, 1075--1093. Google ScholarDigital Library
- Aleskerov, E., Freisleben, B., and Rao, B. 1997. Cardwatch: A neural network based database mining system for credit card fraud detection. In Proceedings of the IEEE Conference on Computational Intelligence for Financial Engineering. 220--226.Google Scholar
- Allan, J., Carbonell, J., Doddington, G., Yamron, J., and Yang, Y. 1998. Topic detection and tracking pilot study. In Proceedings of the DARPA Broadcast News Transcription and Understanding Workshop. 194--218.Google Scholar
- Anderson, D. Lunt, T. F., Javitz, H., Tamaru, A., and Valdes, A. 1995. Detecting unusual program behavior using the statistical components of NIDES. Tech. rep. SRI--CSL--95--06, Computer Science Laboratory, SRI International.Google Scholar
- Anderson, D., Frivold, T., Tamaru, A., and Valdes, A. 1994. Next-generation intrusion detection expert system (NIDES), software users manual, beta-update release. Tech. rep. SRI--CSL--95--07, Computer Science Laboratory, SRI International.Google Scholar
- Ando, S. 2007. Clustering needles in a haystack: An information theoretic analysis of minority and outlier detection. In Proceedings of the 7th International Conference on Data Mining. 13--22. Google ScholarDigital Library
- Angiulli, F. and Pizzuti, C. 2002. Fast outlier detection in high dimensional spaces. In Proceedings of the 6th European Conference on Principles of Data Mining and Knowledge Discovery. Springer-Verlag, 15--26. Google ScholarDigital Library
- Anscombe, F. J. and Guttman, I. 1960. Rejection of outliers. Technometrics 2, 2, 123--147.Google ScholarCross Ref
- Arning, A., Agrawal, R., and Raghavan, P. 1996. A linear method for deviation detection in large databases. In Proceedings of the 2nd International Conference of Knowledge Discovery and Data Mining. 164--169.Google Scholar
- Augusteijn, M. and Folkert, B. 2002. Neural network classification and novelty detection. Int. J. Rem. Sens. 23, 14, 2891--2902.Google ScholarCross Ref
- Bakar, Z., Mohemad, R., Ahmad, A., and Deris, M. 2006. A comparative study for outlier detection techniques in data mining. Proceedings of the IEEE Conference on Cybernetics and Intelligent Systems. 1--6.Google Scholar
- Baker, D., Hofmann, T., McCallum, A., and Yang, Y. 1999. A hierarchical probabilistic model for novelty detection in text. In Proceedings of the International Conference on Machine Learning.Google Scholar
- Barbara, D., Couto, J., Jajodia, S., and Wu, N. 2001a. Adam: A testbed for exploring the use of data mining in intrusion detection. SIGMOD Rec. 30, 4, 15--24. Google ScholarDigital Library
- Barbara, D., Couto, J., Jajodia, S., and Wu, N. 2001b. Detecting novel network intrusions using Bayes estimators. In Proceedings of the 1st SIAM International Conference on Data Mining.Google Scholar
- Barbara, D., Li, Y., Couto, J., Lin, J.-L., and Jajodia, S. 2003. Bootstrapping a data mining intrusion detection system. In Proceedings of the ACM Symposium on Applied Computing. ACM Press, 421--425. Google ScholarDigital Library
- Barnett, V. 1976. The ordering of multivariate data (with discussion). J. Royal Statis. Soc. Series A 139, 318--354.Google ScholarCross Ref
- Barnett, V. and Lewis, T. 1994. Outliers in Statistical Data. John Wiley.Google Scholar
- Barson, P., Davey, N., Field, S. D. H., Frank, R. J., and McAskie, G. 1996. The detection of fraud in mobile phone networks. Neural Netw. World 6, 4.Google Scholar
- Basu, S., Bilenko, M., and Mooney, R. J. 2004. A probabilistic framework for semi-supervised clustering. In Proceedings of the 10th ACM SIGKDD International Conference on Knowledge Discovery and Data Mining. ACM Press, 59--68. Google ScholarDigital Library
- Basu, S. and Meckesheimer, M. 2007. Automatic outlier detection for time series: an application to sensor data. Know. Inform. Syst. 11, 2, 137--154. Google ScholarDigital Library
- Bay, S. D. and Schwabacher, M. 2003. Mining distance-based outliers in near linear time with randomization and a simple pruning rule. In Proceedings of the 9th ACM SIGKDD International Conference on Knowledge Discovery and Data Mining. ACM Press, 29--38. Google ScholarDigital Library
- Beckman, R. J. and Cook, R. D. 1983. Outlier...s. Technometrics 25, 2, 119--149.Google Scholar
- Bejerano, G. and Yona, G. 2001. Variations on probabilistic suffix trees: statistical modeling and prediction of protein families. Bioinformatics 17, 1, 23--43.Google ScholarCross Ref
- Bentley, J. L. 1975. Multi-dimensional binary search trees used for associative searching. Comm. ACM 18, 9, 509--517. Google ScholarDigital Library
- Bianco, A. M., Ben, M. G., Martinez, E. J., and Yohai, V. J. 2001. Outlier detection in regression models with arima errors using robust estimates. J. Forecast. 20, 8, 565--579.Google ScholarCross Ref
- Bishop, C. 1994. Novelty detection and neural network validation. In Proceedings of the IEEE Conference on Vision, Image and Signal Processing. vol. 141. 217--222.Google ScholarCross Ref
- Blender, R., Fraedrich, K., and Lunkeit, F. 1997. Identification of cyclone-track regimes in the north atlantic. Quart. J. Royal Meteor. Soc. 123, 539, 727--741.Google ScholarCross Ref
- Bolton, R. and Hand, D. 1999. Unsupervised profiling methods for fraud detection. In Proceedings of the Conference on Credit Scoring and Credit Control VII.Google Scholar
- Boriah, S., Chandola, V., and Kumar, V. 2008. Similarity measures for categorical data: A comparative evaluation. In Proceedings of the 8th SIAM International Conference on Data Mining. 243--254.Google Scholar
- Borisyuk, R., Denham, M., Hoppensteadt, F., Kazanovich, Y., and Vinogradova, O. 2000. An oscillatory neural network model of sparse distributed memory and novelty detection. Biosystems 58, 265--272.Google ScholarCross Ref
- Box, G. E. P. and Tiao, G. C. 1968. Bayesian analysis of some outlier problems. Biometrika 55, 1, 119--129.Google ScholarCross Ref
- Branch, J., Szymanski, B., Giannella, C., Wolff, R., and Kargupta, H. 2006. In-network outlier detection in wireless sensor networks. In Proceedings of the 26th IEEE International Conference on Distributed Computing Systems. Google ScholarDigital Library
- Brause, R., Langsdorf, T., and Hepp, M. 1999. Neural data mining for credit card fraud detection. In Proceedings of the IEEE International Conference on Tools with Artificial Intelligence. 103--106. Google ScholarDigital Library
- Breunig, M. M., Kriegel, H.-P., Ng, R. T., and Sander, J. 1999. Optics-of: Identifying local outliers. In Proceedings of the 3rd European Conference on Principles of Data Mining and Knowledge Discovery. Springer-Verlag, 262--270. Google ScholarDigital Library
- Breunig, M. M., Kriegel, H.-P., Ng, R. T., and Sander, J. 2000. LOF: Identifying density-based local outliers. In Proceedings of the ACM SIGMOD International Conference on Management of Data. ACM Press, 93--104. Google ScholarDigital Library
- Brito, M. R., Chavez, E. L., Quiroz, A. J., and Yukich, J. E. 1997. Connectivity of the mutual k-nearest-neighbor graph in clustering and outlier detection. Statis. Prob. Lett. 35, 1, 33--42.Google ScholarCross Ref
- Brockett, P. L., Xia, X., and Derrig, R. A. 1998. Using Kohonen's self-organizing feature map to uncover automobile bodily injury claims fraud. J. Risk Insur. 65, 2, 245--274.Google ScholarCross Ref
- Bronstein, A., Das, J., Duro, M., Friedrich, R., Kleyner, G., Mueller, M., Singhal, S., and Cohen, I. 2001. Bayesian networks for detecting anomalies in Internet-based services. In Proceedings of the International Symposium on Integrated Network Management.Google Scholar
- Brotherton, T. and Johnson, T. 2001. Anomaly detection for advanced military aircraft using neural networks. In Proceedings of the IEEE Aerospace Conference.Google Scholar
- Brotherton, T., Johnson, T., and Chadderdon, G. 1998. Classification and novelty detection using linear models and a class dependent-elliptical basis function neural network. In Proceedings of the IJCNN Conference.Google Scholar
- Budalakoti, S., Srivastava, A., Akella, R., and Turkov, E. 2006. Anomaly detection in large sets of high-dimensional symbol sequences. Tech. rep. NASA TM-2006-214553, NASA Ames Research Center.Google Scholar
- Byers, S. D. and Raftery, A. E. 1998. Nearest neighbor clutter removal for estimating features in spatial point processes. J. Amer. Statis. Assoc. 93, 577--584.Google ScholarCross Ref
- Byungho, H. and Sungzoon, C. 1999. Characteristics of autoassociative MLP as a novelty detector. In Proceedings of the IEEE International Joint Conference on Neural Networks. Vol. 5. 3086--3091.Google Scholar
- Cabrera, J. B. D., Lewis, L., and Mehra, R. K. 2001. Detection and classification of intrusions and faults using sequences of system calls. SIGMOD Rec. 30, 4, 25--34. Google ScholarDigital Library
- Campbell, C. and Bennett, K. 2001. A linear programming approach to novelty detection. In Proceedings of the Conference on Advances in Neural Information Processing. vol. 14. Cambridge Press.Google Scholar
- Caudell, T. and Newman, D. 1993. An adaptive resonance architecture to define normality and detect novelties in time series and databases. In Proceedings of the IEEE World Congress on Neural Networks. IEEE, 166--176.Google Scholar
- Chakrabarti, S., Sarawagi, S., and Dom, B. 1998. Mining surprising patterns using temporal description length. In Proceedings of the 24rd International Conference on Very Large Data Bases. Morgan Kaufmann Publishers Inc., 606--617. Google ScholarDigital Library
- Chandola, V., Banerjee, A., and Kumar, V. 2007. Anomaly detection: A survey. Tech. rep. 07-017, Computer Science Department, University of Minnesota.Google Scholar
- Chandola, V., Boriah, S., and Kumar, V. 2008. Understanding categorical similarity measures for outlier detection. Tech. rep. 08-008, University of Minnesota.Google Scholar
- Chandola, V., Eilertson, E., Ertoz, L., Simon, G., and Kumar, V. 2006. Data mining for cyber security. In Data Warehousing and Data Mining Techniques for Computer Security, A. Singhal, Ed. Springer.Google Scholar
- Chatzigiannakis, V., Papavassiliou, S., Grammatikou, M., and Maglaris, B. 2006. Hierarchical anomaly detection in distributed large-scale sensor networks. In Proceedings of the 11th IEEE Symposium on Computers and Communications (ISCC). IEEE Computer Society, 761--767. Google ScholarDigital Library
- Chaudhary, A., Szalay, A. S., and Moore, A. W. 2002. Very fast outlier detection in large multidimensional data sets. In Proceedings of the ACM SIGMOD Workshop in Research Issues in Data Mining and Knowledge Discovery (DMKD). ACM Press.Google Scholar
- Chawla, N. V., Japkowicz, N., and Kotcz, A. 2004. Editorial: special issue on learning from imbalanced data sets. SIGKDD Explor. 6, 1, 1--6. Google ScholarDigital Library
- Chen, D., Shao, X., Hu, B., and Su, Q. 2005. Simultaneous wavelength selection and outlier detection in multivariate regression of near-infrared spectra. Anal. Sci. 21, 2, 161--167.Google ScholarCross Ref
- Chiu, A. and Chee Fu, A. W. 2003. Enhancements on local outlier detection. In Proceedings of the 7th International Database Engineering and Applications Symposium. 298--307.Google Scholar
- Chow, C. and Yeung, D.-Y. 2002. Parzen-window network intrusion detectors. In Proceedings of the 16th International Conference on Pattern Recognition. vol. 4. IEEE Computer Society, 40385. Google ScholarDigital Library
- Cox, K. C., Eick, S. G., Wills, G. J., and Brachman, R. J. 1997. Visual data mining: Recognizing telephone calling fraud. J. Data Min. Knowl. Disc. 1, 2, 225--231. Google ScholarDigital Library
- Crook, P. and Hayes, G. 2001. A robot implementation of a biologically inspired method for novelty detection. In Proceedings of the Towards Intelligent Mobile Robots Conference.Google Scholar
- Crook, P. A., Marsland, S., Hayes, G., and Nehmzow, U. 2002. A tale of two filters: Online novelty detection. In Proceedings of the International Conference on Robotics and Automation. 3894--3899.Google Scholar
- Cun, Y. L., Boser, B., Denker, J. S., Howard, R. E., Hubbard, W., Jackel, L. D., and Henderson, D. 1990. Handwritten digit recognition with a back-propagation network. In Advances in Neural Information Processing Systems. 396--404. Morgan Koufamann. Google ScholarDigital Library
- Das, K. and Schneider, J. 2007. Detecting anomalous records in categorical datasets. In Proceedings of the 13th ACM SIGKDD International Conference on Knowledge Discovery and Data Mining. ACM Press. Google ScholarDigital Library
- Dasgupta, D. and Majumdar, N. 2002. Anomaly detection in multidimensional data using negative selection algorithm. In Proceedings of the IEEE Conference on Evolutionary Computation. 1039--1044. Google ScholarDigital Library
- Dasgupta, D. and Nino, F. 2000. A comparison of negative and positive selection algorithms in novel pattern detection. In Proceedings of the IEEE International Conference on Systems, Man, and Cybernetics. vol. 1. 125--130.Google Scholar
- Davy, M. and Godsill, S. 2002. Detection of abrupt spectral changes using support vector machines, an application to audio signal segmentation. In Proceedings of the IEEE International Conference on Acoustics, Speech, and Signal Processing.Google Scholar
- Debar, H., Dacier, M., Nassehi, M., and Wespi, A. 1998. Fixed vs. variable-length patterns for detecting suspicious process behavior. In Proceedings of the 5th European Symposium on Research in Computer Security. Springer-Verlag, 1--15. Google ScholarDigital Library
- Denning, D. E. 1987. An intrusion detection model. IEEE Trans. Softw. Eng. 13, 2, 222--232. Google ScholarDigital Library
- Desforges, M., Jacob, P., and Cooper, J. 1998. Applications of probability density estimation to the detection of abnormal conditions in engineering. In Proceedings of the Institute of the Mechanical Engineers. vol. 212. 687--703.Google Scholar
- Diaz, I. and Hollmen, J. 2002. Residual generation and visualization for understanding novel process conditions. In Proceedings of the IEEE International Joint Conference on Neural Networks. IEEE, 2070--2075.Google Scholar
- Diehl, C. and Hampshire, J. 2002. Real-time object classification and novelty detection for collaborative video surveillance. In Proceedings of the IEEE International Joint Conference on Neural Networks. IEEE.Google Scholar
- Donoho, S. 2004. Early detection of insider trading in option markets. In Proceedings of the 10th ACM SIGKDD International Conference on Knowledge Discovery and Data Mining. ACM Press, 420--429. Google ScholarDigital Library
- Dorronsoro, J. R., Ginel, F., Sanchez, C., and Cruz, C. S. 1997. Neural fraud detection in credit card operations. IEEE Trans. Neural Netw. 8, 4, 827--834. Google ScholarDigital Library
- Du, W., Fang, L., and Peng, N. 2006. Lad: Localization anomaly detection for wireless sensor networks. J. Paral. Distrib. Comput. 66, 7, 874--886. Google ScholarDigital Library
- Duda, R. O., Hart, P. E., and Stork, D. G. 2000. Pattern Classification 2nd Ed. Wiley-Interscience. Google ScholarDigital Library
- Dutta, H., Giannella, C., Borne, K., and Kargupta, H. 2007. Distributed top-k outlier detection in astronomy catalogs using the DEMAC system. In Proceedings of the 7th SIAM International Conference on Data Mining.Google Scholar
- Edgeworth, F. Y. 1887. On discordant observations. Philosoph. Mag. 23, 5, 364--375.Google ScholarCross Ref
- Emamian, V., Kaveh, M., and Tewfik, A. 2000. Robust clustering of acoustic emission signals using the Kohonen network. In Proceedings of the IEEE International Conference of Acoustics, Speech and Signal Processing. IEEE Computer Society. Google ScholarDigital Library
- Endler, D. 1998. Intrusion detection: Applying machine learning to solaris audit data. In Proceedings of the 14th Annual Computer Security Applications Conference. IEEE Computer Society, 268. Google ScholarDigital Library
- Ertoz, L., Eilertson, E., Lazarevic, A., Tan, P.-N., Kumar, V., Srivastava, J., and Dokas, P. 2004. MINDS—Minnesota Intrusion Detection System. In Data Mining—Next Generation Challenges and Future Directions. MIT Press.Google Scholar
- Ertöz, L., Steinbach, M., and Kumar, V. 2003. Finding topics in collections of documents: A shared nearest neighbor approach. In Clustering and Information Retrieval. 83--104.Google Scholar
- Escalante, H. J. 2005. A comparison of outlier detection algorithms for machine learning. In Proceedings of the International Conference on Communications in Computing.Google Scholar
- Eskin, E. 2000. Anomaly detection over noisy data using learned probability distributions. In Proceedings of the 17th International Conference on Machine Learning. Morgan Kaufmann Publishers Inc., 255--262. Google ScholarDigital Library
- Eskin, E., Arnold, A., Prerau, M., Portnoy, L., and Stolfo, S. 2002. A geometric framework for unsupervised anomaly detection. In Proceedings of the Conference on Applications of Data Mining in Computer Security. Kluwer Academics, 78--100.Google Scholar
- Eskin, E., Lee, W., and Stolfo, S. 2001. Modeling system call for intrusion detection using dynamic window sizes. In Proceedings of DARPA Information Survivability Conference and Exposition (DISCEX).Google Scholar
- Ester, M., Kriegel, H.-P., Sander, J., and Xu, X. 1996. A density-based algorithm for discovering clusters in large spatial databases with noise. In Proceedings of the 2nd International Conference on Knowledge Discovery and Data Mining, E. Simoudis, J. Han, and U. Fayyad, Eds. AAAI Press, 226--231.Google Scholar
- Fan, W., Miller, M., Stolfo, S. J., Lee, W., and Chan, P. K. 2001. Using artificial anomalies to detect unknown and known network intrusions. In Proceedings of the IEEE International Conference on Data Mining. IEEE Computer Society, 123--130. Google ScholarDigital Library
- Fawcett, T. and Provost, F. 1999. Activity monitoring: noticing interesting changes in behavior. In Proceedings of the 5th ACM SIGKDD International Conference on Knowledge Discovery and Data Mining. ACM Press, 53--62. Google ScholarDigital Library
- Forrest, S., D'haeseleer, P., and Helman, P. 1996a. An immunological approach to change detection: Algorithms, analysis and implications. In Proceedings of the IEEE Symposium on Security and Privacy. IEEE Computer Society, 110. Google ScholarDigital Library
- Forrest, S., Esponda, F., and Helman, P. 2004. A formal framework for positive and negative detection schemes. In IEEE Trans. Syst. Man Cybernetics, Part B. IEEE, 357--373. Google ScholarDigital Library
- Forrest, S., Hofmeyr, S. A., Somayaji, A., and Longstaff, T. A. 1996b. A sense of self for unix processes. In Proceedings of the IEEE ISRSP. 120--128. Google ScholarDigital Library
- Forrest, S., Perelson, A. S., Allen, L., and Cherukuri, R. 1994. Self-nonself discrimination in a computer. In Proceedings of the IEEE Symposium on Security and Privacy. IEEE Computer Society, 202. Google ScholarDigital Library
- Forrest, S., Warrender, C., and Pearlmutter, B. 1999. Detecting intrusions using system calls: Alternate data models. In Proceedings of the IEEE ISRSP. IEEE Computer Society, 133--145.Google Scholar
- Fox, A. J. 1972. Outliers in time series. J. Royal Statis. Soc. Series B 34, 3, 350--363.Google ScholarCross Ref
- Fujimaki, R., Yairi, T., and Machida, K. 2005. An approach to spacecraft anomaly detection problem using kernel feature space. In Proceedings of the 11th ACM SIGKDD International Conference on Knowledge Discovery in Data Mining. ACM Press, 401--410. Google ScholarDigital Library
- Galeano, P., Pea, D., and Tsay, R. S. 2004. Outlier detection in multivariate time series via projection pursuit. Statistics and econometrics working articles ws044211, Departamento de Estadïstica y Econometrïca, Universidad Carlos III.Google Scholar
- Ghosh, A. K., Schwartzbard, A., and Schatz, M. 1999a. Learning program behavior profiles for intrusion detection. In Proceedings of the 1st USENIX Workshop on Intrusion Detection and Network Monitoring. 51--62. Google ScholarDigital Library
- Ghosh, A. K., Schwartzbard, A., and Schatz, M. 1999b. Using program behavior profiles for intrusion detection. In Proceedings of the SANS 3rd Conference and Workshop on Intrusion Detection and Response. Google ScholarDigital Library
- Ghosh, A. K., Wanken, J., and Charron, F. 1998. Detecting anomalous and unknown intrusions against programs. In Proceedings of the 14th Annual Computer Security Applications Conference. IEEE Computer Society, 259. Google ScholarDigital Library
- Ghosh, S. and Reilly, D. L. 1994. Credit card fraud detection with a neural-network. In Proceedings of the 27th Annual Hawaii International Conference on System Science. vol. 3.Google Scholar
- Ghoting, A., Parthasarathy, S., and Otey, M. 2006. Fast mining of distance-based outliers in high dimensional datasets. In Proceedings of the SIAM International Conference on Data Mining.Google Scholar
- Gibbons, R. D. 1994. Statistical Methods for Groundwater Monitoring. John Wiley & Sons, Inc.Google Scholar
- Goldberger, A. L., Amaral, L. A. N., Glass, L., Hausdorff, J. M., Ivanov, P. C., Mark, R. G., Mietus, J. E., Moody, G. B., Peng, C.-K., and Stanley, H. E. 2000. PhysioBank, PhysioToolkit, and PhysioNet: Components of a new research resource for complex physiologic signals. Circulation 101, 23, e215--e220. Circulation Electronic Pages: http://circ.ahajournals.org/cgi/content/full/101/23/e215.Google ScholarCross Ref
- Gonzalez, F. A. and Dasgupta, D. 2003. Anomaly detection using real-valued negative selection. Genetic Program. Evolv. Mach. 4, 4, 383--403. Google ScholarDigital Library
- Grubbs, F. 1969. Procedures for detecting outlying observations in samples. Technometrics 11, 1, 1--21.Google ScholarCross Ref
- Guha, S., Rastogi, R., and Shim, K. 2000. ROCK: A robust clustering algorithm for categorical attributes. Inform. Syst. 25, 5, 345--366. Google ScholarDigital Library
- Gunter, S., Schraudolph, N. N., and Vishwanathan, S. V. N. 2007. Fast iterative kernel principal component analysis. J. Mach. Learn. Res. 8, 1893--1918. Google ScholarDigital Library
- Guttormsson, S. E, Marks R. J. II, El-Sharkawi, M. A., and Kerszenbaum, I. 1999. Elliptical novelty grouping for online short-turn detection of excited running rotors. IEEE Trans. Energy Conv. 14, 1.Google ScholarCross Ref
- Gwadera, R., Atallah, M. J., and Szpankowski, W. 2004. Detection of significant sets of episodes in event sequences. In Proceedings of the 4th IEEE International Conference on Data Mining. IEEE Computer Society, 3--10. Google ScholarDigital Library
- Gwadera, R., Atallah, M. J., and Szpankowski, W. 2005a. Markov models for identification of significant episodes. In Proceedings of the 5th SIAM International Conference on Data Mining.Google Scholar
- Gwadera, R., Atallah, M. J., and Szpankowski, W. 2005b. Reliable detection of episodes in event sequences. Knowl. Inform. Syst. 7, 4, 415--437.Google ScholarDigital Library
- Harris, T. 1993. Neural network in machine health monitoring. Professional Engin.Google Scholar
- Hartigan, J. A. and Wong, M. A. 1979. A k-means clustering algorithm. Appl. Stat. 28, 100--108.Google ScholarCross Ref
- Hautamaki, V., Karkkainen, I., and Franti, P. 2004. Outlier detection using k-nearest neighbour graph. In Proceedings of the 17th International Conference on Pattern Recognition. vol. 3. IEEE Computer Society, 430--433. Google ScholarDigital Library
- Hawkins, D. 1980. Identification of Outliers. Chapman and Hall, London and New York.Google Scholar
- Hawkins, D. M. 1974. The detection of errors in multivariate data using principal components. J. Amer. Statis. Assoc. 69, 346, 340--344.Google ScholarCross Ref
- Hawkins, S., He, H., Williams, G. J., and Baxter, R. A. 2002. Outlier detection using replicator neural networks. In Proceedings of the 4th International Conference on Data Warehousing and Knowledge Discovery. Springer-Verlag, 170--180. Google ScholarDigital Library
- Hazel, G. G. 2000. Multivariate Gaussian MRF for multi-spectral scene segmentation and anomaly detection. GeoRS 38, 3, 1199--1211.Google Scholar
- He, H., Wang, J., Graco, W., and Hawkins, S. 1997. Application of neural networks to detection of medical fraud. Expert Syst. Appl. 13, 4, 329--336.Google ScholarCross Ref
- He, Z., Deng, S., and Xu, X. 2002. Outlier detection integrating semantic knowledge. In Proceedings of the 3rd International Conference on Advances in Web-Age Information Management. Springer-Verlag, 126--131. Google ScholarDigital Library
- He, Z., Deng, S., Xu, X., and Huang, J. Z. 2006. A fast greedy algorithm for outlier mining. In Proceedings of the 10th Pacific-Asia Conference on Knowledge and Data Discovery. 567--576. Google ScholarDigital Library
- He, Z., Xu, X., and Deng, S. 2003. Discovering cluster-based local outliers. Pattern Recog. Lett. 24, 9--10, 1641--1650. Google ScholarDigital Library
- He, Z., Xu, X., and Deng, S. 2005. An optimization model for outlier detection in categorical data. In Proceedings of the International Conference on Intelligent Computing. Lecture Notes in Computer Science, vol. 3644. Springer. Google ScholarDigital Library
- He, Z., Xu, X., Huang, J. Z., and Deng, S. 2004a. A Frequent Pattern Discovery Method for Outlier Detection. Springer, 726--732.Google Scholar
- He, Z., Xu, X., Huang, J. Z., and Deng, S. 2004b. Mining Class Outliers: Concepts, Algorithms and Applications. Springer, 588--589.Google Scholar
- Heller, K. A., Svore, K. M., Keromytis, A. D., and Stolfo, S. J. 2003. One class support vector machines for detecting anomalous windows registry accesses. In Proceedings of the Workshop on Data Mining for Computer Security.Google Scholar
- Helman, P. and Bhangoo, J. 1997. A statistically-based system for prioritizing information exploration under uncertainty. In Proceedings of the IEEE International Conference on Systems, Man, and Cybernetics. vol. 27. IEEE, 449--466.Google Scholar
- Helmer, G., Wong, J., Honavar, V., and Miller, L. 1998. Intelligent agents for intrusion detection. In Proceedings of the IEEE Information Technology Conference. 121--124.Google Scholar
- Hickinbotham, S. J. and Austin, J. 2000a. Novelty detection in airframe strain data. In Proceedings of the 15th International Conference on Pattern Recognition. Vol. 2. 536--539.Google Scholar
- Hickinbotham, S. J. and Austin, J. 2000b. Novelty detection in airframe strain data. In Proceedings of the IEEE-INNS-ENNS International Joint Conference on Neural Networks. vol. 6. 24--27.Google Scholar
- Ho, L. L., Macey, C. J., and Hiller, R. 1999. A distributed and reliable platform for adaptive anomaly detection in IP networks. In Proceedings of the 10th IFIP/IEEE International Workshop on Distributed Systems: Operations and Management. Springer-Verlag, 33--46. Google ScholarDigital Library
- Ho, T. V. and Rouat, J. 1997. A novelty detector using a network of integrate and fire neurons. Lecture Notes in Computer Science, vol. 1327. 103--108. Google ScholarDigital Library
- Ho, T. V. and Rouat, J. 1998. Novelty detection based on relaxation time of a network of integrate-and-fire neurons. In Proceedings of the 2nd IEEE World Congress on Computational Intelligence. 1524--1529.Google Scholar
- Hodge, V. and Austin, J. 2004. A survey of outlier detection methodologies. Artif. Intel. Rev. 22, 2, 85--126. Google ScholarDigital Library
- Hofmeyr, S. A., Forrest, S., and Somayaji, A. 1998. Intrusion detection using sequences of system calls. J. Comput. Secur. 6, 3, 151--180. Google ScholarDigital Library
- Hollier, G. and Austin, J. 2002. Novelty detection for strain-gauge degradation using maximally correlated components. In Proceedings of the European Symposium on Artificial Neural Networks. 257--262--539.Google Scholar
- Hollmen, J. and Tresp, V. 1999. Call-based fraud detection in mobile communication networks using a hierarchical regime-switching model. In Proceedings of the Conference on Advances in Neural Information Processing Systems II. MIT Press, 889--895. Google ScholarDigital Library
- Horn, P. S., Feng, L., Li, Y., and Pesce, A. J. 2001. Effect of outliers and nonhealthy individuals on reference interval estimation. Clinical Chem. 47, 12, 2137--2145.Google ScholarCross Ref
- Hu, W., Liao, Y., and Vemuri, V. R. 2003. Robust anomaly detection using support vector machines. In Proceedings of the International Conference on Machine Learning. Morgan Kaufmann Publishers Inc., 282--289.Google Scholar
- Huber, P. 1974. Robust Statistics. Wiley, New York.Google Scholar
- Huber, P. J. 1985. Projection pursuit (with discussions). Ann. Stat. 13, 2, 435--475.Google ScholarCross Ref
- Ide, T. and Kashima, H. 2004. Eigenspace-based anomaly detection in computer systems. In Proceedings of the 10th ACM SIGKDD International Conference on Knowledge Discovery and Data Mining. ACM Press, 440--449. Google ScholarDigital Library
- Idé, T., Papadimitriou, S., and Vlachos, M. 2007. Computing correlation anomaly scores using stochastic nearest neighbors. In Proceedings of the International Conference Data Mining. 523--528. Google ScholarDigital Library
- Ihler, A., Hutchins, J., and Smyth, P. 2006. Adaptive event detection with time-varying Poisson processes. In Proceedings of the 12th ACM SIGKDD International Conference on Knowledge Discovery and Data Mining. ACM Press, 207--216. Google ScholarDigital Library
- Ilgun, K., Kemmerer, R. A., and Porras, P. A. 1995. State transition analysis: A rule-based intrusion detection approach. IEEE Trans. Softw. Eng. 21, 3, 181--199. Google ScholarDigital Library
- Jagadish, H. V., Koudas, N., and Muthukrishnan, S. 1999. Mining deviants in a time series database. In Proceedings of the 25th International Conference on Very Large Data Bases. Morgan Kaufmann Publishers Inc., 102--113. Google ScholarDigital Library
- Jagota, A. 1991. Novelty detection on a very large number of memories stored in a hopfield-style network. In Proceedings of the International Joint Conference on Neural Networks. vol. 2. 905.Google ScholarCross Ref
- Jain, A. K. and Dubes, R. C. 1988. Algorithms for Clustering Data. Prentice-Hall, Inc. Google ScholarDigital Library
- Jakubek, S. and Strasser, T. 2002. Fault-diagnosis using neural networks with ellipsoidal basis functions. In Proceedings of the American Control Conference. vol. 5. 3846--3851.Google Scholar
- Janakiram, D., Reddy, V., and Kumar, A. 2006. Outlier detection in wireless sensor networks using Bayesian belief networks. In Proceedings of the 1st International Conference on Communication System Software and Middleware. 1--6.Google Scholar
- Japkowicz, N., Myers, C., and Gluck, M. A. 1995. A novelty detection approach to classification. In Proceedings of the International Joint Conference on Artificial Intelligence. 518--523. Google ScholarDigital Library
- Javitz, H. S. and Valdes, A. 1991. The SRI IDES statistical anomaly detector. In Proceedings of the IEEE Symposium on Research in Security and Privacy. IEEE Computer Society.Google Scholar
- Jiang, M. F., Tseng, S. S., and Su, C. M. 2001. Two-phase clustering process for outliers detection. Patt. Recog. Lett. 22, 6-7, 691--700. Google ScholarDigital Library
- Jin, W., Tung, A. K. H., and Han, J. 2001. Mining top-n local outliers in large databases. In Proceedings of the 7th ACM SIGKDD International Conference on Knowledge Discovery and Data Mining. ACM Press, 293--298. Google ScholarDigital Library
- Joachims, T. 2006. Training linear SVMS in linear time. In Proceedings of the 12th ACM SIGKDD International Conference on Knowledge Discovery and Data Mining. ACM, 217--226. Google ScholarDigital Library
- Jolliffe, I. T. 2002. Principal Component Analysis, 2nd Ed. Springer.Google Scholar
- Joshi, M. V., Agarwal, R. C., and Kumar, V. 2001. Mining needle in a haystack: classifying rare classes via two-phase rule induction. In Proceedings of the ACM SIGMOD International Conference on Management of Data. ACM Press, 91--102. Google ScholarDigital Library
- Joshi, M. V., Agarwal, R. C., and Kumar, V. 2002. Predicting rare classes: can boosting make any weak learner strong? In Proceedings of the 8th ACM SIGKDD International Conference on Knowledge Discovery and Data Mining. ACM, 297--306. Google ScholarDigital Library
- Kadota, K., Tominaga, D., Akiyama, Y., and Takahashi, K. 2003. Detecting outlying samples in micro-array data: A critical assessment of the effect of outliers on sample classification. Chem-Bio Informatics 3, 1, 30--45.Google ScholarCross Ref
- Karypis, G. and Kumar, V. 1998. Multi-level k-way partitioning scheme for irregular graphs. J. Paral. Distrib. Comput. 48, 1, 96--129. Google ScholarDigital Library
- Kearns, M. J. 1990. Computational Complexity of Machine Learning. MIT Press. Google ScholarDigital Library
- Keogh, E., Lin, J., Lee, S.-H., and Herle, H. V. 2006. Finding the most unusual time series subsequence: Algorithms and applications. Knowl. Inform. Syst. 11, 1, 1--27. Google ScholarDigital Library
- Keogh, E., Lonardi, S., and chi' Chiu, B. Y. 2002. Finding surprising patterns in a time series database in linear time and space. In Proceedings of the 8th ACM SIGKDD International Conference on Knowledge Discovery and Data Mining. ACM Press, 550--556. Google ScholarDigital Library
- Keogh, E., Lonardi, S., and Ratanamahatana, C. A. 2004. Towards parameter-free data mining. In Proceedings of the 10th ACM SIGKDD International Conference on Knowledge Discovery and Data Mining. ACM Press, 206--215. Google ScholarDigital Library
- Keogh, E. and Smyth, P. 1997. A probabilistic approach to fast pattern matching in time series databases. In Proceedings of the 3rd International Conference on Knowledge Discovery and Data Mining, D. Heckerman, H. Mannila, D. Pregibon, and R. Uthurusamy, Eds. AAAI Press, 24--30.Google Scholar
- King, S., King, D., P. Anuzis, K. A., Tarassenko, L., Hayton, P., and Utete, S. 2002. The use of novelty detection techniques for monitoring high-integrity plant. In Proceedings of the International Conference on Control Applications. vol. 1., 221--226.Google Scholar
- Kitagawa, G. 1979. On the use of AIC for the detection of outliers. Technometrics 21, 2, 193--199.Google ScholarCross Ref
- Knorr, E. M. and Ng, R. T. 1997. A unified approach for mining outliers. In Proceedings of the Conference of the Centre for Advanced Studies on Collaborative Research. IBM Press, 11. Google ScholarDigital Library
- Knorr, E. M. and Ng, R. T. 1998. Algorithms for mining distance-based outliers in large datasets. In Proceedings of the 24rd International Conference on Very Large Data Bases. Morgan Kaufmann Publishers Inc., 392--403. Google ScholarDigital Library
- Knorr, E. M. and Ng, R. T. 1999. Finding intensional knowledge of distance-based outliers. VLDB J. 211--222. Google ScholarDigital Library
- Knorr, E. M., Ng, R. T., and Tucakov, V. 2000. Distance-based outliers: Algorithms and applications. VLDB J. 8, 3-4, 237--253. Google ScholarDigital Library
- Ko, H. and Jacyna, G. 2000. Dynamical behavior of autoassociative memory performing novelty filtering. In IEEE Trans. Neural Netw. Vol. 11. 1152--1161. Google ScholarDigital Library
- Kohonen, T., Ed. 1997. Self-Organizing Maps. Springer-Verlag. Google ScholarDigital Library
- Kojima, K. and Ito, K. 1999. Autonomous learning of novel patterns by utilizing chaotic dynamics. In Proceedings of the IEEE International Conference on Systems, Man, and Cybernetics. Vol. 1. IEEE, 284--289.Google Scholar
- Kosoresow, A. P. and Hofmeyr, S. A. 1997. Intrusion detection via system call traces. IEEE Softw. 14, 5, 35--42. Google ScholarDigital Library
- Kou, Y., Lu, C.-T., and Chen, D. 2006. Spatial weighted outlier detection. In Proceedings of the SIAM Conference on Data Mining.Google Scholar
- Kruegel, C., Mutz, D., Robertson, W., and Valeur, F. 2003. Bayesian event classification for intrusion detection. In Proceedings of the 19th Annual Computer Security Applications Conference. IEEE Computer Society, 14. Google ScholarDigital Library
- Kruegel, C., Toth, T., and Kirda, E. 2002. Service specific anomaly detection for network intrusion detection. In Proceedings of the ACM symposium on Applied Computing. ACM Press, 201--208. Google ScholarDigital Library
- Kruegel, C. and Vigna, G. 2003. Anomaly detection of Web-based attacks. In Proceedings of the 10th ACM Conference on Computer and Communications Security. ACM Press, 251--261. Google ScholarDigital Library
- Kumar, V. 2005. Parallel and distributed computing for cybersecurity. IEEE Distrib. Syst. Online 6, 10. Google ScholarDigital Library
- Labib, K. and Vemuri, R. 2002. NSOM: A real-time network-based intrusion detection using self-organizing maps. Netw. Security.Google Scholar
- Lakhina, A., Crovella, M., and Diot, C. 2005. Mining anomalies using traffic feature distributions. In Proceedings of the Conference on Applications, Technologies, Architectures, and Protocols for Computer Communications. ACM Press, 217--228. Google ScholarDigital Library
- Lane, T. and Brodley, C. E. 1997a. An application of machine learning to anomaly detection. In Proceedings of the Conference on 20th NIST-NCSC National Information Systems Security Conference. 366--380.Google Scholar
- Lane, T. and Brodley, C. E. 1997b. Sequence matching and learning in anomaly detection for computer security. In Proceedings of the Conference on AI Approaches to Fraud Detection and Risk Management, Fawcett, Haimowitz, Provost, and Stolfo, Eds. AAAI Press, 43--49.Google Scholar
- Lane, T. and Brodley, C. E. 1999. Temporal sequence learning and data reduction for anomaly detection. ACM Trans. Inform. Syst. Secur. 2, 3, 295--331. Google ScholarDigital Library
- Lauer, M. 2001. A mixture approach to novelty detection using training data with outliers. In Proceedings of the 12th European Conference on Machine Learning. Springer-Verlag, 300--311. Google ScholarDigital Library
- Laurikkala, J., Juhola, M., and Kentala., E. 2000. Informal identification of outliers in medical data. In Proceedings of the 5<sup>th</sup> International Workshop on Intelligent Data Analysis in Medicine and Pharmacology. 20--24.Google Scholar
- Lazarevic, A., Ertoz, L., Kumar, V., Ozgur, A., and Srivastava, J. 2003. A comparative study of anomaly detection schemes in network intrusion detection. In Proceedings of the SIAM International Conference on Data Mining. (SIAM).Google Scholar
- Lee, W. and Stolfo, S. 1998. Data mining approaches for intrusion detection. In Proceedings of the 7th USENIX Security Symposium. Google ScholarDigital Library
- Lee, W., Stolfo, S., and Chan, P. 1997. Learning patterns from UNIX process execution traces for intrusion detection. In Proceedings of the AAAI Workshop on AI Methods in Fraud and Risk Management.Google Scholar
- Lee, W., Stolfo, S. J., and Mok, K. W. 2000. Adaptive intrusion detection: A data mining approach. Artif. Intell. Rev. 14, 6, 533--567. Google ScholarDigital Library
- Lee, W. and Xiang, D. 2001. Information-theoretic measures for anomaly detection. In Proceedings of the IEEE Symposium on Security and Privacy. IEEE Computer Society, 130. Google ScholarDigital Library
- Li, M. and Vitanyi, P. M. B. 1993. An Introduction to Kolmogorov Complexity and Its Applications. Springer-Verlag. Google ScholarDigital Library
- Li, Y., Pont, M. J., and Jones, N. B. 2002. Improving the performance of radial basis function classifiers in condition monitoring and fault diagnosis applications where unknown faults may occur. Patt. Recog. Lett. 23, 5, 569--577. Google ScholarDigital Library
- Lin, J., Keogh, E., Fu, A., and Herle, H. V. 2005. Approximations to magic: Finding unusual medical time series. In Proceedings of the 18th IEEE Symposium on Computer-Based Medical Systems. IEEE Computer Society, 329--334. Google ScholarDigital Library
- Lin, S. and Brown, D. E. 2003. An outlier-based data association method for linking criminal incidents. In Proceedings of the 3rd SIAM Data Mining Conference.Google Scholar
- Liu, J. P. and Weng, C. S. 1991. Detection of outlying data in bioavailability/bioequivalence studies. Stat. Med. 10, 9, 1375--89.Google ScholarCross Ref
- Lu, C.-T., Chen, D., and Kou, Y. 2003. Algorithms for spatial outlier detection. In Proceedings of the 3rd International Conference on Data Mining. 597--600. Google ScholarDigital Library
- Ma, J. and Perkins, S. 2003a. Online novelty detection on temporal sequences. In Proceedings of the 9th ACM SIGKDD International Conference on Knowledge Discovery and Data Mining. ACM Press, 613--618. Google ScholarDigital Library
- Ma, J. and Perkins, S. 2003b. Time-series novelty detection using one-class support vector machines. In Proceedings of the International Joint Conference on Neural Networks. Vol. 3. 1741--1745.Google Scholar
- MacDonald, J. W. and Ghosh, D. 2007. Copa--cancer outlier profile analysis. Bioinformatics 22, 23, 2950--2951. Google ScholarDigital Library
- Mahoney, M. V. and Chan, P. K. 2002. Learning nonstationary models of normal network traffic for detecting novel attacks. In Proceedings of the 8th ACM SIGKDD International Conference on Knowledge Discovery and Data Mining. ACM Press, 376--385. Google ScholarDigital Library
- Mahoney, M. V. and Chan, P. K. 2003. Learning rules for anomaly detection of hostile network traffic. In Proceedings of the 3rd IEEE International Conference on Data Mining. IEEE Computer Society, 601. Google ScholarDigital Library
- Mahoney, M. V., Chan, P. K., and Arshad, M. H. 2003. A machine learning approach to anomaly detection. Tech. rep. CS--2003--06, Department of Computer Science, Florida Institute of Technology Melbourne.Google Scholar
- Manevitz, L. M. and Yousef, M. 2000. Learning from positive data for document classification using neural networks. In Proceedings of the 2nd Bar-Ilan Workshop on Knowledge Discovery and Learning.Google Scholar
- Manevitz, L. M. and Yousef, M. 2002. One-class SVMS for document classification. J. Mach. Learn. Res. 2, 139--154. Google ScholarDigital Library
- Manikopoulos, C. and Papavassiliou, S. 2002. Network intrusion and fault detection: A statistical anomaly approach. IEEE Comm. Mag. 40. Google ScholarDigital Library
- Manson, G. 2002. Identifying damage sensitive, environment insensitive features for damage detection. In Proceedings of IES Conference.Google Scholar
- Manson, G., Pierce, G., and Worden, K. 2001. On the long-term stability of normal conditions for damage detection in a composite panel. In Proceedings of the 4th International Conference on Damage Assessment of Structures. Cardiff, UK.Google Scholar
- Manson, G., Pierce, S. G., Worden, K., Monnier, T., Guy, P., and Atherton, K. 2000. Long-term stability of normal condition data for novelty detection. In Proceedings of the Conference on Smart Structures and Integrated Systems. 323--334.Google Scholar
- Marceau, C. 2000. Characterizing the behavior of a program using multiple-length n-grams. In Proceedings of the Workshop on New Security Paradigms. ACM Press, 101--110. Google ScholarDigital Library
- Marchette, D. 1999. A statistical method for profiling network traffic. In Proceedings of the 1st USENIX Workshop on Intrusion Detection and Network Monitoring. 119--128. Google ScholarDigital Library
- Markou, M. and Singh, S. 2003a. Novelty detection: A review-part 1: Statistical approaches. Sig. Proc. 83, 12, 2481--2497. Google ScholarDigital Library
- Markou, M. and Singh, S. 2003b. Novelty detection: A review-part 2: Neural network based approaches. Sig. Proc. 83, 12, 2499--2521. Google ScholarDigital Library
- Marsland, S., Nehmzow, U., and Shapiro, J. 1999. A model of habituation applied to mobile robots. In Proceedings of Towards Intelligent Mobile Robots Conference. Department of Computer Science, Manchester University, Technical rep. UMCS-99-3-1.Google Scholar
- Marsland, S., Nehmzow, U., and Shapiro, J. 2000a. Novelty detection for robot neotaxis. In Proceedings of the 2nd International Symposium on Neural Compuatation. 554--559.Google Scholar
- Marsland, S., Nehmzow, U., and Shapiro, J. 2000b. A real-time novelty detector for a mobile robot. In Proceedings of the EUREL Conference on Advanced Robotics Systems.Google Scholar
- Martinelli, G. and Perfetti, R. 1994. Generalized cellular neural network for novelty detection. IEEE Trans. Circ. Syst. I: Fundamental Theory Application 41, 2, 187--190.Google ScholarCross Ref
- Martinez, D. 1998. Neural tree density estimation for novelty detection. IEEE Trans. Neural Netw. 9, 2, 330--338. Google ScholarDigital Library
- McCallum, A., Nigam, K., and Ungar, L. H. 2000. Efficient clustering of high-dimensional data sets with application to reference matching. In Proceedings of the 6th ACM SIGKDD International Conference on Knowledge Discovery and Data Mining. ACM Press, 169--178. Google ScholarDigital Library
- McNeil, A. 1999. Extreme value theory for risk managers. In Internal Modelling and CAD II, 93--113.Google Scholar
- Mingming, N. Y. 2000. Probabilistic networks with undirected links for anomaly detection. In Proceedings of the IEEE Systems, Man, and Cybernetics Information Assurance and Security Workshop. 175--179.Google Scholar
- Motulsky, H. 1995. Intuitive Biostatistics: Choosing a Statistical Test. Oxford University Press, Chapter 37.Google Scholar
- Moya, M., Koch, M., and Hostetler, L. 1993. One-class classifier networks for target recognition applications. In Proceedings of the World Congress on Neural Networks, International Neural Network Society. 797--801.Google Scholar
- Murray, A. F. 2001. Novelty detection using products of simple experts: A potential architecture for embedded systems. Neural Netw. 14, 9, 1257--1264. Google ScholarDigital Library
- Nairac, A., Corbett-Clark, T., Ripley, R., Townsend, N., and Tarassenko, L. 1997. Choosing an appropriate model for novelty detection. In Proceedings of the 5th IEEE International Conference on Artificial Neural Networks. 227--232.Google Scholar
- Nairac, A., Townsend, N., Carr, R., King, S., Cowley, P., and Tarassenko, L. 1999. A system for the analysis of jet engine vibration data. Integ. Comput.-Aided Eng. 6, 1, 53--56. Google ScholarDigital Library
- Ng, R. T. and Han, J. 1994. Efficient and effective clustering methods for spatial data mining. In Proceedings of the 20th International Conference on Very Large Data Bases. Morgan Kaufmann Publishers Inc., 144--155. Google ScholarDigital Library
- Noble, C. C. and Cook, D. J. 2003. Graph-based anomaly detection. In Proceedings of the 9th ACM SIGKDD International Conference on Knowledge Discovery and Data Mining. ACM Press, 631--636. Google ScholarDigital Library
- Odin, T. and Addison, D. 2000. Novelty detection using neural network technology. In Proceedings of the COMADEN Conference.Google Scholar
- Otey, M., Parthasarathy, S., Ghoting, A., Li, G., Narravula, S., and Panda, D. 2003. Towards NIC-based intrusion detection. In Proceedings of the 9th ACM SIGKDD International Conference on Knowledge Discovery and Data Mining. ACM Press, 723--728. Google ScholarDigital Library
- Otey, M. E., Ghoting, A., and Parthasarathy, S. 2006. Fast distributed outlier detection in mixed-attribute data sets. Data Min. Knowl. Disc. 12, 2-3, 203--228. Google ScholarDigital Library
- Palshikar, G. K. 2005. Distance-based outliers in sequences. Lecture Notes in Computer Science, vol. 3816, 547--552. Google ScholarDigital Library
- Papadimitriou, S., Kitagawa, H., Gibbons, P. B., and Faloutsos, C. 2002. Loci: Fast outlier detection using the local correlation integral. Tech. rep. IRP-TR-02-09, Intel Research Laboratory.Google Scholar
- Parra, L., Deco, G., and Miesbach, S. 1996. Statistical independence and novelty detection with information preserving nonlinear maps. Neural Comput. 8, 2, 260--269. Google ScholarDigital Library
- Parzen, E. 1962. On the estimation of a probability density function and mode. Annals Math. Stat. 33, 1065--1076.Google ScholarCross Ref
- Patcha, A. and Park, J.-M. 2007. An overview of anomaly detection techniques: Existing solutions and latest technological trends. Comput. Netw. 51, 12, 3448--3470. Google ScholarDigital Library
- Petsche, T., Marcantonio, A., Darken, C., Hanson, S., Kuhn, G., and Santoso, I. 1996. A neural network autoassociator for induction motor failure prediction. In Proceedings of the Conference on Advances in Neural Information Processing. vol. 8. 924--930.Google Scholar
- Phoha, V. V. 2002. The Springer Internet Security Dictionary. Springer-Verlag. Google ScholarDigital Library
- Phua, C., Alahakoon, D., and Lee, V. 2004. Minority report in fraud detection: Classification of skewed data. SIGKDD Explorer Newsletter 6, 1, 50--59. Google ScholarDigital Library
- Phuong, T. V., Hung, L. X., Cho, S. J., Lee, Y., and Lee, S. 2006. An anomaly detection algorithm for detecting attacks in wireless sensor networks. Intel. Secur. Inform. 3975, 735--736. Google ScholarDigital Library
- Pickands, J. 1975. Statistical inference using extreme order statistics. Annals Stat. 3, 1, 119--131.Google ScholarCross Ref
- Pires, A. and Santos-Pereira, C. 2005. Using clustering and robust estimators to detect outliers in multivariate data. In Proceedings of the International Conference on Robust Statistics.Google Scholar
- Platt, J. 2000. Probabilistic Outputs for Support Vector Machines and Comparison to Regularized Likelihood Methods. In Advances in Large Margin Classifiers, A. Smola, P. Bartlett, B. Schoelkopf, and D. Schuurmans, Eds. MIT Press, 61--74.Google Scholar
- Pokrajac, D., Lazarevic, A., and Latecki, L. J. 2007. Incremental local outlier detection for data streams. In Proceedings of the IEEE Symposium on Computational Intelligence and Data Mining.Google Scholar
- Porras, P. A. and Neumann, P. G. 1997. EMERALD: Event monitoring enabling responses to anomalous live disturbances. In Proceedings of the 20th NIST-NCSC National Information Systems Security Conference. 353--365.Google Scholar
- Portnoy, L., Eskin, E., and Stolfo, S. 2001. Intrusion detection with unlabeled data using clustering. In Proceedings of the ACM Workshop on Data Mining Applied to Security.Google Scholar
- Protopapas, P., Giammarco, J. M., Faccioli, L., Struble, M. F., Dave, R., and Alcock, C. 2006. Finding outlier light curves in catalogues of periodic variable stars. Monthly Notices Royal Astronomical Soc. 369, 2, 677--696.Google ScholarCross Ref
- Qin, M. and Hwang, K. 2004. Frequent episode rules for Internet anomaly detection. In Proceedings of the 3rd IEEE International Symposium on Network Computing and Applications. IEEE Computer Society. Google ScholarDigital Library
- Ramadas, M., Ostermann, S., and Tjaden, B. C. 2003. Detecting anomalous network traffic with self-organizing maps. In Proceedings of the Conference on Recent Advances in Intrusion Detection. 36--54.Google Scholar
- Ramaswamy, S., Rastogi, R., and Shim, K. 2000. Efficient algorithms for mining outliers from large data sets. In Proceedings of the ACM SIGMOD International Conference on Management of Data. ACM Press, 427--438. Google ScholarDigital Library
- Ratsch, G., Mika, S., Scholkopf, B., and Muller, K.-R. 2002. Constructing boosting algorithms from SVMS: An application to one-class classification. IEEE Trans. Patt. Anal. Mach. Intel. 24, 9, 1184--1199. Google ScholarDigital Library
- Roberts, S. 1999. Novelty detection using extreme value statistics. In Proceedings of the IEEE Vision, Image and Signal Processing Conference Vol. 146. 124--129.Google ScholarCross Ref
- Roberts, S. 2002. Extreme value statistics for novelty detection in biomedical signal processing. In Proceedings of the 1st International Conference on Advances in Medical Signal and Information Processing. 166--172.Google Scholar
- Roberts, S. and Tarassenko, L. 1994. A probabilistic resource allocating network for novelty detection. Neural Comput. 6, 2, 270--284. Google ScholarDigital Library
- Rosner, B. 1983. Percentage points for a generalized ESD many-outlier procedure. Technometrics 25, 2, 165--172.Google ScholarCross Ref
- Roth, V. 2004. Outlier detection with one-class kernel Fisher discriminants. In Proceedings of the Conference on Advances in Neural Information Processing Systems (NIPS).Google Scholar
- Roth, V. 2006. Kernel fisher discriminants for outlier detection. Neural Comput. 18, 4, 942--960. Google ScholarDigital Library
- Rousseeuw, P. J. and Leroy, A. M. 1987. Robust Regression and Outlier Detection. John Wiley & Sons, Inc. Google ScholarDigital Library
- Roussopoulos, N., Kelley, S., and Vincent, F. 1995. Nearest neighbor queries. In Proceedings of the ACM-SIGMOD International Conference on Management of Data. Google ScholarDigital Library
- Ruotolo, R. and Surace, C. 1997. A statistical approach to damage detection through vibration monitoring. In Proceedings of the 5th Pan-American Congress of Applied Mechanics.Google Scholar
- Salvador, S. and Chan, P. 2003. Learning states and rules for time-series anomaly detection. Tech. rep. CS--2003--05, Department of Computer Science, Florida Institute of Technology Melbourne.Google Scholar
- Sarawagi, S., Agrawal, R., and Megiddo, N. 1998. Discovery-driven exploration of OLAP data cubes. In Proceedings of the 6th International Conference on Extending Database Technology. Springer-Verlag, 168--182. Google ScholarDigital Library
- Sargor, C. 1998. Statistical anomaly detection for link-state routing protocols. In Proceedings of the 6th International Conference on Network Protocols. IEEE Computer Society, 62. Google ScholarDigital Library
- Saunders, R. and Gero, J. 2000. The importance of being emergent. In Proceedings of the Conference on Artificial Intelligence in Design.Google Scholar
- Scarth, G., McIntyre, M., Wowk, B., and Somorjai, R. 1995. Detection of novelty in functional images using fuzzy clustering. In Proceedings of the 3rd Meeting of the International Society for Magnetic Resonance in Medicine. 238.Google Scholar
- Sch&#246;lkopf, B., Platt, J. C., Shawe-Taylor, J. C., Smola, A. J., and Williamson, R. C. 2001. Estimating the support of a high-dimensional distribution. Neural Comput. 13, 7, 1443--1471. Google ScholarDigital Library
- Scott, S. L. 2001. Detecting network intrusion using a Markov modulated nonhomogeneous Poisson Process. Journal of the American Statistical Association.Google Scholar
- Sebyala, A. A., Olukemi, T., and Sacks, L. 2002. Active platform security through intrusion detection using naive Bayesian network for anomaly detection. In Proceedings of the London Communications Symposium.Google Scholar
- Sequeira, K. and Zaki, M. 2002. Admit: Anomaly-based data mining for intrusions. In Proceedings of the 8th ACM SIGKDD International Conference on Knowledge Discovery and Data Mining. ACM Press, 386--395. Google ScholarDigital Library
- Sheikholeslami, G., Chatterjee, S., and Zhang, A. 1998. Wavecluster: A multi-resolution clustering approach for very large spatial databases. In Proceedings of the 24rd International Conference on Very Large Databases. Morgan Kaufmann Publishers Inc., 428--439. Google ScholarDigital Library
- Shekhar, S., Lu, C.-T., and Zhang, P. 2001. Detecting graph-based spatial outliers: Algorithms and applications (a summary of results). In Proceedings of the 7th ACM SIGKDD International Conference on Knowledge Discovery and Data Mining. ACM Press, 371--376. Google ScholarDigital Library
- Shewhart, W. A. 1931. Economic Control of Quality of Manufactured Product. D. Van Nostrand Company.Google Scholar
- Shyu, M.-L., Chen, S.-C., Sarinnapakorn, K., and Chang, L. 2003. A novel anomaly detection scheme-based on principal component classifier. In Proceedings of the 3rd IEEE International Conference on Data Mining. 353--365.Google Scholar
- Siaterlis, C. and Maglaris, B. 2004. Towards multi-sensor data fusion for dos detection. In Proceedings of the ACM Symposium on Applied Computing. ACM Press, 439--446. Google ScholarDigital Library
- Singh, S. and Markou, M. 2004. An approach to novelty detection applied to the classification of image regions. IEEE Trans. Knowl. Data Eng. 16, 4, 396--407. Google ScholarDigital Library
- Smith, R., Bivens, A., Embrechts, M., Palagiri, C., and Szymanski, B. 2002. Clustering approaches for anomaly-based intrusion detection. In Proceedings of the Intelligent Engineering Systems through Artificial Neural Networks. ASME Press, 579--584.Google Scholar
- Smyth, P. 1994. Markov monitoring with unknown states. IEEE J. Select. Areas Comm. (Special Issue on Intelligent Signal Processing for Communications) 12, 9, 1600--1612.Google ScholarDigital Library
- Snyder, D. 2001. Online intrusion detection using sequences of system calls. M.S. thesis, Department of Computer Science, Florida State University.Google Scholar
- Sohn, H., Worden, K., and Farrar, C. 2001. Novelty detection under changing environmental conditions. In Proceedings of the 8th Annual SPIE International Symposium on Smart Structures and Materials.Google Scholar
- Solberg, H. E. and Lahti, A. 2005. Detection of outliers in reference distributions: Performance of Horn's algorithm. Clinical Chem. 51, 12, 2326--2332.Google ScholarCross Ref
- Song, Q., Hu, W., and Xie, W. 2002. Robust support vector machine with bullet hole image classification. IEEE Trans. Syst. Man Cyber.&#8212;Part C: Applications and Reviews 32, 4. Google ScholarDigital Library
- Song, S., Shin, D., and Yoon, E. 2001. Analysis of novelty detection properties of auto-associators. In Proceedings of the Conference on Condition Monitoring and Diagnostic Engineering Management. 577--584.Google Scholar
- Song, X., Wu, M., Jermaine, C., and Ranka, S. 2007. Conditional anomaly detection. IEEE Trans. Knowl. Data Eng. 19, 5, 631--645. Google ScholarDigital Library
- Soule, A., Salamatian, K., and Taft, N. 2005. Combining filtering and statistical methods for anomaly detection. In Proceedings of the 5th ACM SIGCOMM Conference on Internet Measurement. ACM, 1--14. Google ScholarDigital Library
- Spence, C., Parra, L., and Sajda, P. 2001. Detection, synthesis and compression in mammographic image analysis with a hierarchical image probability model. In Proceedings of the IEEE Workshop on Mathematical Methods in Biomedical Image Analysis. IEEE Computer Society, 3. Google ScholarDigital Library
- Srivastava, A. 2006. Enabling the discovery of recurring anomalies in aerospace problem reports using high-dimensional clustering techniques. In Proceedings of the IEEE Aerospace Conference, 17--34.Google ScholarCross Ref
- Srivastava, A. and Zane-Ulman, B. 2005. Discovering recurring anomalies in text reports regarding complex space systems. In Proceedings of the IEEE Aerospace Conference, 3853--3862.Google Scholar
- Stefano, C., Sansone, C., and Vento, M. 2000. To reject or not to reject: that is the question: An answer in the case of neural classifiers. IEEE Trans. Syst. Manag. Cyber. 30, 1, 84--94. Google ScholarDigital Library
- Stefansky, W. 1972. Rejecting outliers in factorial designs. Technometrics 14, 2, 469--479.Google ScholarCross Ref
- Steinwart, I., Hush, D., and Scovel, C. 2005. A classification framework for anomaly detection. J. Mach. Learn. Res. 6, 211--232. Google ScholarDigital Library
- Streifel, R., Maks, R., and El-Sharkawi, M. 1996. Detection of shorted-turns in the field of turbine-generator rotors using novelty detectors--development and field tests. IEEE Trans. Energy Conv. 11, 2, 312--317.Google ScholarCross Ref
- Subramaniam, S., Palpanas, T., Papadopoulos, D., Kalogeraki, V., and Gunopulos, D. 2006. Online outlier detection in sensor data using non-parametric models. In Proceedings of the 32nd International Conference on Very Large Data Bases (VLDB). VLDB Endowment, 187--198. Google ScholarDigital Library
- Sun, H., Bao, Y., Zhao, F., Yu, G., and Wang, D. 2004. CD-trees: An efficient index structure for outlier detection. In Proceedings of the 5th International Conference on Web-Age Information Management (WAIM). 600--609.Google Scholar
- Sun, J., Qu, H., Chakrabarti, D., and Faloutsos, C. 2005. Neighborhood formation and anomaly detection in bipartite graphs. In Proceedings of the 5th IEEE International Conference on Data Mining. IEEE Computer Society, 418--425. Google ScholarDigital Library
- Sun, J., Xie, Y., Zhang, H., and Faloutsos, C. 2007. Less is more: Compact matrix representation of large sparse graphs. In Proceedings of the 7th SIAM International Conference on Data Mining.Google Scholar
- Sun, P. and Chawla, S. 2004. On local spatial outliers. In Proceedings of the 4th IEEE International Conference on Data Mining. 209--216. Google ScholarDigital Library
- Sun, P. and Chawla, S. 2006. SLOM: A new measure for local spatial outliers. Knowl. Inform. Syst. 9, 4, 412--429.Google ScholarCross Ref
- Sun, P., Chawla, S., and Arunasalam, B. 2006. Mining for outliers in sequential databases. In Proceedings of the SIAM International Conference on Data Mining.Google Scholar
- Surace, C. and Worden, K. 1998. A novelty detection method to diagnose damage in structures: An application to an offshore platform. In Proceedings of the 8th International Conference of Off-Shore and Polar Engineering. vol. 4. Colorado, 64--70.Google Scholar
- Surace, C., Worden, K., and Tomlinson, G. 1997. A novelty detection approach to diagnose damage in a cracked beam. In Proceedings of the SPIE. vol. 3089. 947--953.Google Scholar
- Suzuki, E., Watanabe, T., Yokoi, H., and Takabayashi, K. 2003. Detecting interesting exceptions from medical test data with visual summarization. In Proceedings of the 3rd IEEE International Conference on Data Mining. 315--322. Google ScholarDigital Library
- Sykacek, P. 1997. Equivalent error bars for neural network classifiers trained by Bayesian inference. In Proceedings of the European Symposium on Artificial Neural Networks. 121--126.Google Scholar
- Tan, P.-N., Steinbach, M., and Kumar, V. 2005. Introduction to Data Mining. Addison-Wesley. Google ScholarDigital Library
- Tandon, G. and Chan, P. 2007. Weighting versus pruning in rule validation for detecting network and host anomalies. In Proceedings of the 13th ACM SIGKDD International Conference on Knowledge Discovery and Data Mining. ACM Press. Google ScholarDigital Library
- Tang, J., Chen, Z., chee Fu, A. W., and W. Cheung, D. 2002. Enhancing effectiveness of outlier detections for low density patterns. In Proceedings of the Pacific-Asia Conference on Knowledge Discovery and Data Mining. 535--548. Google ScholarDigital Library
- Taniguchi, M., Haft, M., Hollmn, J., and Tresp, V. 1998. Fraud detection in communications networks using neural and probabilistic methods. In Proceedings of the IEEE International Conference on Acoustics, Speech and Signal Processing. vol. 2. IEEE Computer Society, 1241--1244.Google Scholar
- Tao, Y., Xiao, X., and Zhou, S. 2006. Mining distance-based outliers from large databases in any metric space. In Proceedings of the 12th ACM SIGKDD International Conference on Knowledge Discovery and Data Mining. ACM Press, 394--403. Google ScholarDigital Library
- Tarassenko, L. 1995. Novelty detection for the identification of masses in mammograms. In Proceedings of the 4th IEEE International Conference on Artificial Neural Networks. vol. 4. 442--447.Google ScholarCross Ref
- Tax, D. and Duin, R. 1999a. Data domain description using support vectors. In Proceedings of the European Symposium on Artificial Neural Networks, M. Verleysen, Ed., 251--256.Google Scholar
- Tax, D. and Duin, R. 1999b. Support vector data description. Patt. Recog. Lett. 20, 11-13, 1191--1199. Google ScholarDigital Library
- Tax, D. M. J. 2001. One-class classification; concept-learning in the absence of counter-examples. Ph.D. thesis, Delft University of Technology.Google Scholar
- Teng, H., Chen, K., and Lu, S. 1990. Adaptive real-time anomaly detection using inductively generated sequential patterns. In Proceedings of the IEEE Computer Society Symposium on Research in Security and Privacy. IEEE Computer Society Press, 278--284.Google Scholar
- Theiler, J. and Cai, D. M. 2003. Resampling approach for anomaly detection in multispectral images. In Proceedings of the SPIE. vol. 5093, 230--240.Google Scholar
- Thompson, B., II, R. M., Choi, J., El-Sharkawi, M., Huang, M., and Bunje, C. 2002. Implicit learning in auto-encoder novelty assessment. In Proceedings of the International Joint Conference on Neural Networks. 2878--2883.Google Scholar
- Thottan, M. and Ji, C. 2003. Anomaly detection in IP networks. IEEE Trans. Sig. Proc. 51, 8, 2191--2204. Google ScholarDigital Library
- Tibshirani, R. and Hastie, T. 2007. Outlier sums for differential gene expression analysis. Biostatistics 8, 1, 2--8.Google ScholarCross Ref
- Tomlins, S. A., Rhodes, D. R., Perner, S., Dhanasekaran, S. M., Mehra, R., Sun, X. W., Varambally, S., Cao, X., Tchinda, J., Kuefer, R., Lee, C., Montie, J. E., Shah, R., Pienta, K. J., Rubin, M., and Chinnaiyan, A. M. 2005. Recurrent fusion of tmprss2 and ets transcription factor genes in prostate cancer. Science 310, 5748, 603--611.Google Scholar
- Torr, P. and Murray, D. 1993. Outlier detection and motion segmentation. In Proceedings of the SPIE. Sensor Fusion VI, S. Schenker, Ed. vol. 2059. 432--443.Google Scholar
- Tsay, R. S., Pea, D., and Pankratz, A. E. 2000. Outliers in multi-variate time series. Biometrika 87, 4, 789--804.Google ScholarCross Ref
- Vaidya, J. and Clifton, C. 2004. Privacy-preserving outlier detection. In Proceedings of the 4th IEEE International Conference on Data Mining. 233--240. Google ScholarDigital Library
- Valdes, A. and Skinner, K. 2000. Adaptive, model-based monitoring for cyber attack detection. In Proceedings of the 3rd International Workshop on Recent Advances in Intrusion Detection. Springer-Verlag, 80--92. Google ScholarDigital Library
- Vapnik, V. N. 1995. The Nature of Statistical Learning Theory. Springer-Verlag. Google ScholarDigital Library
- Vasconcelos, G., Fairhurst, M., and Bisset, D. 1994. Recognizing novelty in classification tasks. In Proceedings of the Neural Information Processing Systems Workshop on Novelty Detection and Adaptive Systems Monitoring.Google Scholar
- Vasconcelos, G. C., Fairhurst, M. C., and Bisset, D. L. 1995. Investigating feed-forward neural networks with respect to the rejection of spurious patterns. Patt. Recog. Lett. 16, 2, 207--212. Google ScholarDigital Library
- Vilalta, R. and Ma, S. 2002. Predicting rare events in temporal domains. In Proceedings of the IEEE International Conference on Data Mining. IEEE Computer Society, 474. Google ScholarDigital Library
- Vinueza, A. and Grudic, G. 2004. Unsupervised outlier detection and semi-supervised learning. Tech. rep. CU-CS-976-04, University of Colorado at Boulder.Google Scholar
- Wei, L., Qian, W., Zhou, A., and Jin, W. 2003. Hot: Hypergraph-based outlier test for categorical data. In Proceedings of the 7th Pacific-Asia Conference on Knowledge and Data Discovery. 399--410. Google ScholarDigital Library
- Weigend, A. S., Mangeas, M., and Srivastava, A. N. 1995. Nonlinear gated experts for time-series: Discovering regimes and avoiding overfitting. Int. J. Neural Syst. 6, 4, 373--399.Google ScholarCross Ref
- Weiss, G. M. and Hirsh, H. 1998. Learning to predict rare events in event sequences. In Proceedings of the 4th International Conference on Knowledge Discovery and Data Mining, R. Agrawal, P. Stolorz, and G. Piatetsky-Shapiro, Eds. AAAI Press, 359--363.Google Scholar
- Whitehead, B. and Hoyt, W. 1993. A function approximation approach to anomaly detection in propulsion system test data. In Proceedings of the 29th AIAA/SAE/ASME/ASEE Joint Propulsion Conference. IEEE Computer Society.Google Scholar
- Williams, G., Baxter, R., He, H., Hawkins, S., and Gu, L. 2002. A comparative study of RNN for outlier detection in data mining. In Proceedings of the IEEE International Conference on Data Mining. IEEE Computer Society, 709. Google ScholarDigital Library
- Wong, W.-K., Moore, A., Cooper, G., and Wagner, M. 2002. Rule-based anomaly pattern detection for detecting disease outbreaks. In Proceedings of the 18th National Conference on Artificial Intelligence. MIT Press. http://www.cs.cmu.edu/~awm/antiterror. Google ScholarDigital Library
- Wong, W.-K., Moore, A., Cooper, G., and Wagner, M. 2003. Bayesian network anomaly pattern detection for disease outbreaks. In Proceedings of the 20th International Conference on Machine Learning. AAAI Press, 808--815.Google Scholar
- Worden, K. 1997. Structural fault detection using a novelty measure. J. Sound Vibr. 201, 1, 85--101.Google ScholarCross Ref
- Wu, M. and Jermaine, C. 2006. Outlier detection by sampling with accuracy guarantees. In Proceedings of the 12th ACM SIGKDD International Conference on Knowledge Discovery and Data Mining. ACM, 767--772. Google ScholarDigital Library
- Wu, N. and Zhang, J. 2003. Factor analysis based anomaly detection. In Proceedings of the IEEE Workshop on Information Assurance. United States Military Academy.Google Scholar
- Yairi, T., Kato, Y., and Hori, K. 2001. Fault detection by mining association rules from housekeeping data. In Proceedings of the International Symposium on Artificial Intelligence, Robotics and Automation in Space.Google Scholar
- Yamanishi, K. and ichi Takeuchi, J. 2001. Discovering outlier filtering rules from unlabeled data: Combining a supervised learner with an unsupervised learner. In Proceedings of the 7th ACM SIGKDD International Conference on Knowledge Discovery and Data Mining. ACM Press, 389--394. Google ScholarDigital Library
- Yamanishi, K., Takeuchi, J.-I., Williams, G., and Milne, P. 2004. Online unsupervised outlier detection using finite mixtures with discounting learning algorithms. Data Min. Knowl. Disc. 8, 275--300. Google ScholarDigital Library
- Ye, N. and Chen, Q. 2001. An anomaly detection technique based on a chi-square statistic for detecting intrusions into information systems. Quality Reliability Engin. Int. 17, 105--112.Google ScholarCross Ref
- Yi, B.-K., Sidiropoulos, N., Johnson, T., Jagadish, H. V., Faloutsos, C., and Biliris, A. 2000. Online data mining for co-evolving time sequences. In Proceedings of the 16th International Conference on Data Engineering. IEEE Computer Society, 13. Google ScholarDigital Library
- Ypma, A. and Duin, R. 1998. Novelty detection using self-organizing maps. In Progress in Connectionist Based Information Systems. vol. 2. Springer, 1322--1325.Google Scholar
- Yu, D., Sheikholeslami, G., and Zhang, A. 2002. Findout: Finding outliers in very large datasets. Knowl. Inform. Syst. 4, 4, 387--412. Google ScholarDigital Library
- Yu, J. X., Qian, W., Lu, H., and Zhou, A. 2006. Finding centric local outliers in categorical/numerical spaces. Knowl. Inform. Syst. 9, 3, 309--338.Google ScholarDigital Library
- Zeevi, A. J., Meir, R., and Adler, R. 1997. Time series prediction using mixtures of experts. In Advances in Neural Information Processing. vol. 9. MIT Press.Google Scholar
- Zhang, J. and Wang, H. 2006. Detecting outlying subspaces for high-dimensional data: The new task, algorithms, and performance. Knowl. Inform. Syst. 10, 3, 333--355. Google ScholarDigital Library
- Zhang, K., Shi S., Gao, H., and Li, J. 2007. Unsupervised outlier detection in sensor networks using aggregation tree. In Advanced Data Mining and Applications 4632, 158--169. Google ScholarDigital Library
- Zhang, Z., Li, J., Manikopoulos, C., Jorgenson, J., and Ucles, J. 2001. Hide: A hierarchical network intrusion detection system using statistical preprocessing and neural network classification. In Proceedings of the IEEE Workshop on Information Assurance and Security. West Point, 85--90.Google Scholar
- Zimmermann, J. and Mohay, G. 2006. Distributed intrusion detection in clusters based on non-interference. In Proceedings of the Australasian Workshops on Grid Computing and E-Research (ACSW Frontiers). Australian Computer Society, Inc., 89--95. Google ScholarDigital Library
Index Terms
- Anomaly detection: A survey
Recommendations
A Survey on Explainable Anomaly Detection
In the past two decades, most research on anomaly detection has focused on improving the accuracy of the detection, while largely ignoring the explainability of the corresponding methods and thus leaving the explanation of outcomes to practitioners. As ...
Explainable contextual anomaly detection using quantile regression forests
AbstractTraditional anomaly detection methods aim to identify objects that deviate from most other objects by treating all features equally. In contrast, contextual anomaly detection methods aim to detect objects that deviate from other objects within a ...
Deep Learning for Anomaly Detection: A Review
Anomaly detection, a.k.a. outlier detection or novelty detection, has been a lasting yet active research area in various research communities for several decades. There are still some unique problem complexities and challenges that require advanced ...
Comments