Anamoly detection

This is based on the technical report consisting of a survey conducted by Varun Chandola, Arindam Banerjee and Vipin Kumar from University of Minnessota.

They talk in detail on what anamolies are and how they could be identified by using different techniques.

They discuss about anomaly detection in terms of intrusions from the following perspective

1. Host based intrusion detection systems
2. Network intrusion detection systems

Apart from the intrusion detection systems, they also delve into fraud detections like credit card, mobile, insurance claim frauds and insider trading detections.

The different techniques that they discuss on to detect anomaly include the following

1. Neural network based
2. Bayesian network based
3. Support vector machine based
4. rule based

The authors also talk about the additional anomaly detection techniques from a mathematical perspective as well.

Among the research objectives that we have in place, one of them is to identify the testing technique that could be adopted to detect anomaly based intrusions.

Thus the technical report defined by the authors could act as an input to the way test data is being prepared for identifying intrusions. Effort needs to be added in order to achieve this. At the same time, this does sound to be a source to be taken into consideration.

The authors process of writing down the advantages and disadvantages of each technique they describe which could be used for anomaly detection could also add into the understanding.

One drawback which the authors quote is that, they believe the data considered for describing the various techniques in the report is not standard. It seems to be varying across. So the results that they have achieved might not give us a consistent understanding. Hence one of their future work would be to unify all the assumptions that they have considered.