Ensemble of feature chains for anomaly detection

Lena Tenenboim-Chekina; Lior Rokach; Bracha Shapira

doi:10.1007/978-3-642-38067-9_26

Ensemble of feature chains for anomaly detection

Lena Tenenboim-Chekina, Lior Rokach, Bracha Shapira

Department of Software and Information Systems Engineering

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

9 Scopus citations

Abstract

Along with recent technological advances more and more new threats and advanced cyber-attacks appear unexpectedly. Developing methods which allow for identification and defense against such unknown threats is of great importance. In this paper we propose new ensemble method (which improves over the known cross-feature analysis, CFA, technique) allowing solving anomaly detection problem in semi-supervised settings using well established supervised learning algorithms. Theoretical correctness of the proposed method is demonstrated. Empirical evaluation results on Android malware datasets demonstrate effectiveness of the proposed approach and its superiority against the original CFA detection method.

Original language	English
Title of host publication	Multiple Classifier Systems - 11th International Workshop, MCS 2013, Proceedings
Pages	295-306
Number of pages	12
DOIs	https://doi.org/10.1007/978-3-642-38067-9_26
State	Published - 1 Dec 2013
Event	11th International Workshop on Multiple Classifier Systems, MCS 2013 - Nanjing, China Duration: 15 May 2013 → 17 May 2013

Publication series

Name	Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume	7872 LNCS
ISSN (Print)	0302-9743
ISSN (Electronic)	1611-3349

Conference

Conference	11th International Workshop on Multiple Classifier Systems, MCS 2013
Country/Territory	China
City	Nanjing
Period	15/05/13 → 17/05/13

Keywords

Android
Anomaly detection
Ensemble methods
Machine learning
Malware
Network monitoring
Probabilistic methods

ASJC Scopus subject areas

Theoretical Computer Science
General Computer Science

Access to Document

10.1007/978-3-642-38067-9_26

Cite this

Tenenboim-Chekina, L., Rokach, L., & Shapira, B. (2013). Ensemble of feature chains for anomaly detection. In Multiple Classifier Systems - 11th International Workshop, MCS 2013, Proceedings (pp. 295-306). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 7872 LNCS). https://doi.org/10.1007/978-3-642-38067-9_26

@inproceedings{1fc22463aac5414aaa3e2a763800a13c,

title = "Ensemble of feature chains for anomaly detection",

abstract = "Along with recent technological advances more and more new threats and advanced cyber-attacks appear unexpectedly. Developing methods which allow for identification and defense against such unknown threats is of great importance. In this paper we propose new ensemble method (which improves over the known cross-feature analysis, CFA, technique) allowing solving anomaly detection problem in semi-supervised settings using well established supervised learning algorithms. Theoretical correctness of the proposed method is demonstrated. Empirical evaluation results on Android malware datasets demonstrate effectiveness of the proposed approach and its superiority against the original CFA detection method.",

keywords = "Android, Anomaly detection, Ensemble methods, Machine learning, Malware, Network monitoring, Probabilistic methods",

author = "Lena Tenenboim-Chekina and Lior Rokach and Bracha Shapira",

year = "2013",

month = dec,

day = "1",

doi = "10.1007/978-3-642-38067-9_26",

language = "English",

isbn = "9783642380662",

series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",

pages = "295--306",

booktitle = "Multiple Classifier Systems - 11th International Workshop, MCS 2013, Proceedings",

note = "11th International Workshop on Multiple Classifier Systems, MCS 2013 ; Conference date: 15-05-2013 Through 17-05-2013",

}

Tenenboim-Chekina, L, Rokach, L & Shapira, B 2013, Ensemble of feature chains for anomaly detection. in Multiple Classifier Systems - 11th International Workshop, MCS 2013, Proceedings. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 7872 LNCS, pp. 295-306, 11th International Workshop on Multiple Classifier Systems, MCS 2013, Nanjing, China, 15/05/13. https://doi.org/10.1007/978-3-642-38067-9_26

Ensemble of feature chains for anomaly detection. / Tenenboim-Chekina, Lena; Rokach, Lior ; Shapira, Bracha.
Multiple Classifier Systems - 11th International Workshop, MCS 2013, Proceedings. 2013. p. 295-306 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 7872 LNCS).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - Ensemble of feature chains for anomaly detection

AU - Tenenboim-Chekina, Lena

AU - Rokach, Lior

AU - Shapira, Bracha

PY - 2013/12/1

Y1 - 2013/12/1

N2 - Along with recent technological advances more and more new threats and advanced cyber-attacks appear unexpectedly. Developing methods which allow for identification and defense against such unknown threats is of great importance. In this paper we propose new ensemble method (which improves over the known cross-feature analysis, CFA, technique) allowing solving anomaly detection problem in semi-supervised settings using well established supervised learning algorithms. Theoretical correctness of the proposed method is demonstrated. Empirical evaluation results on Android malware datasets demonstrate effectiveness of the proposed approach and its superiority against the original CFA detection method.

AB - Along with recent technological advances more and more new threats and advanced cyber-attacks appear unexpectedly. Developing methods which allow for identification and defense against such unknown threats is of great importance. In this paper we propose new ensemble method (which improves over the known cross-feature analysis, CFA, technique) allowing solving anomaly detection problem in semi-supervised settings using well established supervised learning algorithms. Theoretical correctness of the proposed method is demonstrated. Empirical evaluation results on Android malware datasets demonstrate effectiveness of the proposed approach and its superiority against the original CFA detection method.

KW - Android

KW - Anomaly detection

KW - Ensemble methods

KW - Machine learning

KW - Malware

KW - Network monitoring

KW - Probabilistic methods

UR - http://www.scopus.com/inward/record.url?scp=84892908379&partnerID=8YFLogxK

U2 - 10.1007/978-3-642-38067-9_26

DO - 10.1007/978-3-642-38067-9_26

M3 - Conference contribution

AN - SCOPUS:84892908379

SN - 9783642380662

T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

SP - 295

EP - 306

BT - Multiple Classifier Systems - 11th International Workshop, MCS 2013, Proceedings

T2 - 11th International Workshop on Multiple Classifier Systems, MCS 2013

Y2 - 15 May 2013 through 17 May 2013

ER -

Ensemble of feature chains for anomaly detection

Abstract

Publication series

Conference

Keywords

ASJC Scopus subject areas

Access to Document

Other files and links

Fingerprint

Cite this