0000000000604991
AUTHOR
Vegard Haugland
A two-armed bandit collective for hierarchical examplar based mining of frequent itemsets with applications to intrusion detection
Published version of a chapter in the book: Transactions on Computational Collective Intelligence XIV. Also available from the publisher at: http://dx.doi.org/10.1007/978-3-662-44509-9_1 In this paper we address the above problem by posing frequent item-set mining as a collection of interrelated two-armed bandit problems. We seek to find itemsets that frequently appear as subsets in a stream of itemsets, with the frequency being constrained to support granularity requirements. Starting from a randomly or manually selected examplar itemset, a collective of Tsetlin automata based two-armed bandit players - one automaton for each item in the examplar - learns which items should be included in …
A two-armed bandit collective for examplar based mining of frequent itemsets with applications to intrusion detection
Chapter from the book: Computational Collective Intelligence. Technologies and Applications. Also available from the publisher at SpringerLink: http://dx.doi.org/10.1007/978-3-642-23935-9_7 Over the last decades, frequent itemset mining has become a major area of research, with applications including indexing and similarity search, as well as mining of data streams, web, and software bugs. Although several efficient techniques for generating frequent itemsets with a minimum support (frequency) have been proposed, the number of itemsets produced is in many cases too large for effective usage in real-life applications. Indeed, the problem of deriving frequent itemsets that are both compact an…
Anomaly detection in computer networks using hierarchically organized teams of learning automata
Masteroppgave i informasjons- og kommunikasjonsteknologi 2011 – Universitetet i Agder, Grimstad With the increasing number of computer systems connected to the Internet, security becomes a critical issue. To combat this problem, several attack detection methods have emerged in the past years, such as the rule based Intrusion Detection System (IDS) Snort - or anomaly based alternatives that are able to detect novel attacks without any prior knowledge about them. Most current anomaly based IDS require labeled attacks or extensively filtered training data, such that certain attack types, which generate large amounts of noise in terms of false positives, are effectively removed. This thesis des…