Visualization of anomaly detection using prediction sensitivity

Pavel Laskov; Konrad Rieck; Christin Schäfer; Klaus Robert Müller

Visualization of anomaly detection using prediction sensitivity

Pavel Laskov, Konrad Rieck, Christin Schäfer, Klaus Robert Müller

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Abstract

Visualization of learning-based intrusion detection methods is a challenging problem. In this paper we propose a novel method for visualization of anomaly detection and feature selection, based on prediction sensitivity. The method allows an expert to discover informative features for separation of normal and attack instances. Experiments performed on the KDD Cup dataset show that explanations provided by prediction sensitivity reveal the nature of attacks. Application of prediction sensitivity for feature selection yields a major improvement of detection accuracy.

Original language	English
Title of host publication	SICHERHEIT 2005 - Sicherheit - Schutz und Zuverlassigkeit, Beitrage der 2. Jahrestagung des Fachbereichs Sicherheit der Gesellschaft fur Informatik e.V. (GI)
Pages	197-208
Number of pages	12
Publication status	Published - 2005
Externally published	Yes
Event	SICHERHEIT 2005 - Sicherheit - Schutz und Zuverlassigkeit, Beitrage der 2. Jahrestagung des Fachbereichs Sicherheit der Gesellschaft fur Informatik e.V. (GI)- 2nd Annual Meeting of the Department of Security of the Society for Informatics - Security - Regensburg, Germany Duration: 2005 Apr 5 → 2005 Apr 8

Publication series

Name	Lecture Notes in Informatics (LNI), Proceedings - Series of the Gesellschaft fur Informatik (GI)
ISSN (Print)	1617-5468

Other

Other	SICHERHEIT 2005 - Sicherheit - Schutz und Zuverlassigkeit, Beitrage der 2. Jahrestagung des Fachbereichs Sicherheit der Gesellschaft fur Informatik e.V. (GI)- 2nd Annual Meeting of the Department of Security of the Society for Informatics - Security
Country/Territory	Germany
City	Regensburg
Period	05/4/5 → 05/4/8

ASJC Scopus subject areas

Computer Science Applications

Cite this

Laskov, P., Rieck, K., Schäfer, C., & Müller, K. R. (2005). Visualization of anomaly detection using prediction sensitivity. In SICHERHEIT 2005 - Sicherheit - Schutz und Zuverlassigkeit, Beitrage der 2. Jahrestagung des Fachbereichs Sicherheit der Gesellschaft fur Informatik e.V. (GI) (pp. 197-208). (Lecture Notes in Informatics (LNI), Proceedings - Series of the Gesellschaft fur Informatik (GI)).

Visualization of anomaly detection using prediction sensitivity. / Laskov, Pavel; Rieck, Konrad; Schäfer, Christin et al.

SICHERHEIT 2005 - Sicherheit - Schutz und Zuverlassigkeit, Beitrage der 2. Jahrestagung des Fachbereichs Sicherheit der Gesellschaft fur Informatik e.V. (GI). 2005. p. 197-208 (Lecture Notes in Informatics (LNI), Proceedings - Series of the Gesellschaft fur Informatik (GI)).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Laskov, P, Rieck, K, Schäfer, C & Müller, KR 2005, Visualization of anomaly detection using prediction sensitivity. in SICHERHEIT 2005 - Sicherheit - Schutz und Zuverlassigkeit, Beitrage der 2. Jahrestagung des Fachbereichs Sicherheit der Gesellschaft fur Informatik e.V. (GI). Lecture Notes in Informatics (LNI), Proceedings - Series of the Gesellschaft fur Informatik (GI), pp. 197-208, SICHERHEIT 2005 - Sicherheit - Schutz und Zuverlassigkeit, Beitrage der 2. Jahrestagung des Fachbereichs Sicherheit der Gesellschaft fur Informatik e.V. (GI)- 2nd Annual Meeting of the Department of Security of the Society for Informatics - Security, Regensburg, Germany, 05/4/5.

Laskov P, Rieck K, Schäfer C, Müller KR. Visualization of anomaly detection using prediction sensitivity. In SICHERHEIT 2005 - Sicherheit - Schutz und Zuverlassigkeit, Beitrage der 2. Jahrestagung des Fachbereichs Sicherheit der Gesellschaft fur Informatik e.V. (GI). 2005. p. 197-208. (Lecture Notes in Informatics (LNI), Proceedings - Series of the Gesellschaft fur Informatik (GI)).

Laskov, Pavel ; Rieck, Konrad ; Schäfer, Christin et al. / Visualization of anomaly detection using prediction sensitivity. SICHERHEIT 2005 - Sicherheit - Schutz und Zuverlassigkeit, Beitrage der 2. Jahrestagung des Fachbereichs Sicherheit der Gesellschaft fur Informatik e.V. (GI). 2005. pp. 197-208 (Lecture Notes in Informatics (LNI), Proceedings - Series of the Gesellschaft fur Informatik (GI)).

@inproceedings{c84415b219354ba788be10305b0e8ac1,

title = "Visualization of anomaly detection using prediction sensitivity",

abstract = "Visualization of learning-based intrusion detection methods is a challenging problem. In this paper we propose a novel method for visualization of anomaly detection and feature selection, based on prediction sensitivity. The method allows an expert to discover informative features for separation of normal and attack instances. Experiments performed on the KDD Cup dataset show that explanations provided by prediction sensitivity reveal the nature of attacks. Application of prediction sensitivity for feature selection yields a major improvement of detection accuracy.",

author = "Pavel Laskov and Konrad Rieck and Christin Sch{\"a}fer and M{\"u}ller, {Klaus Robert}",

year = "2005",

language = "English",

isbn = "3885793911",

series = "Lecture Notes in Informatics (LNI), Proceedings - Series of the Gesellschaft fur Informatik (GI)",

pages = "197--208",

booktitle = "SICHERHEIT 2005 - Sicherheit - Schutz und Zuverlassigkeit, Beitrage der 2. Jahrestagung des Fachbereichs Sicherheit der Gesellschaft fur Informatik e.V. (GI)",

note = "SICHERHEIT 2005 - Sicherheit - Schutz und Zuverlassigkeit, Beitrage der 2. Jahrestagung des Fachbereichs Sicherheit der Gesellschaft fur Informatik e.V. (GI)- 2nd Annual Meeting of the Department of Security of the Society for Informatics - Security ; Conference date: 05-04-2005 Through 08-04-2005",

}

TY - GEN

T1 - Visualization of anomaly detection using prediction sensitivity

AU - Laskov, Pavel

AU - Rieck, Konrad

AU - Schäfer, Christin

AU - Müller, Klaus Robert

PY - 2005

Y1 - 2005

N2 - Visualization of learning-based intrusion detection methods is a challenging problem. In this paper we propose a novel method for visualization of anomaly detection and feature selection, based on prediction sensitivity. The method allows an expert to discover informative features for separation of normal and attack instances. Experiments performed on the KDD Cup dataset show that explanations provided by prediction sensitivity reveal the nature of attacks. Application of prediction sensitivity for feature selection yields a major improvement of detection accuracy.

AB - Visualization of learning-based intrusion detection methods is a challenging problem. In this paper we propose a novel method for visualization of anomaly detection and feature selection, based on prediction sensitivity. The method allows an expert to discover informative features for separation of normal and attack instances. Experiments performed on the KDD Cup dataset show that explanations provided by prediction sensitivity reveal the nature of attacks. Application of prediction sensitivity for feature selection yields a major improvement of detection accuracy.

UR - http://www.scopus.com/inward/record.url?scp=84874124494&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84874124494&partnerID=8YFLogxK

M3 - Conference contribution

AN - SCOPUS:84874124494

SN - 3885793911

SN - 9783885793915

T3 - Lecture Notes in Informatics (LNI), Proceedings - Series of the Gesellschaft fur Informatik (GI)

SP - 197

EP - 208

BT - SICHERHEIT 2005 - Sicherheit - Schutz und Zuverlassigkeit, Beitrage der 2. Jahrestagung des Fachbereichs Sicherheit der Gesellschaft fur Informatik e.V. (GI)

T2 - SICHERHEIT 2005 - Sicherheit - Schutz und Zuverlassigkeit, Beitrage der 2. Jahrestagung des Fachbereichs Sicherheit der Gesellschaft fur Informatik e.V. (GI)- 2nd Annual Meeting of the Department of Security of the Society for Informatics - Security

Y2 - 5 April 2005 through 8 April 2005

ER -

Visualization of anomaly detection using prediction sensitivity

Abstract

Publication series

Other

ASJC Scopus subject areas

Other files and links

Fingerprint

Cite this