An Information Theory Subspace Analysis Approach with Application to Anomaly Detection Ensembles

Marcelo Bacher, Irad Ben-Gal, Erez Shmueli

Abstract

Identifying anomalies in multi-dimensional datasets is an important task in many real-world applications. A special case arises when anomalies are occluded in a small set of attributes (i.e., subspaces) of the data and not necessarily over the entire data space. In this paper, we propose a new subspace analysis approach named Agglomerative Attribute Grouping (AAG) that aims to address this challenge by searching for subspaces that comprise highly correlative attributes. Such correlations among attributes represent a systematic interaction among the attributes that can better reflect the behavior of normal observations and hence can be used to improve the identification of future abnormal data samples. AAG relies on a novel multi-attribute metric derived from information theory measures of partitions to evaluate the ”information distance” between groups of data attributes. The empirical evaluation demonstrates that AAG outperforms state-of-the-art subspace analysis methods, when they are used in anomaly detection ensembles, both in cases where anomalies are occluded in relatively small subsets of the available attributes and in cases where anomalies represent a new class (i.e., novelties). Finally, and in contrast to existing methods, AAG does not require any tuning of parameters.

Download


Paper Citation


in Harvard Style

Bacher M., Ben-Gal I. and Shmueli E. (2017). An Information Theory Subspace Analysis Approach with Application to Anomaly Detection Ensembles.In Proceedings of the 9th International Joint Conference on Knowledge Discovery, Knowledge Engineering and Knowledge Management - Volume 1: KDIR, ISBN 978-989-758-271-4, pages 27-39. DOI: 10.5220/0006479000270039


in Bibtex Style

@conference{kdir17,
author={Marcelo Bacher and Irad Ben-Gal and Erez Shmueli},
title={An Information Theory Subspace Analysis Approach with Application to Anomaly Detection Ensembles},
booktitle={Proceedings of the 9th International Joint Conference on Knowledge Discovery, Knowledge Engineering and Knowledge Management - Volume 1: KDIR,},
year={2017},
pages={27-39},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0006479000270039},
isbn={978-989-758-271-4},
}


in EndNote Style

TY - CONF

JO - Proceedings of the 9th International Joint Conference on Knowledge Discovery, Knowledge Engineering and Knowledge Management - Volume 1: KDIR,
TI - An Information Theory Subspace Analysis Approach with Application to Anomaly Detection Ensembles
SN - 978-989-758-271-4
AU - Bacher M.
AU - Ben-Gal I.
AU - Shmueli E.
PY - 2017
SP - 27
EP - 39
DO - 10.5220/0006479000270039