Anomaly detection aims at identifying patterns in data that do not conform to the expected behavior. Despite anomaly detection has been arising as one of the most powerful techniques to suspect attacks or failures, dedicated support for the experimental evaluation is actually scarce. In fact, existing frameworks are mostly intended for the broad purposes of data mining and machine learning. Intuitive tools tailored for evaluating anomaly detection algorithms for failure and attack detection with an intuitive support to sliding windows are currently missing. This paper presents RELOAD, a flexible and intuitive tool for the Rapid EvaLuation Of Anomaly Detection algorithms. RELOAD is able to automatically i) fetch data from an existing data set, ii) identify the most informative features of the data set, iii) run anomaly detection algorithms, including those based on sliding windows, iv) apply multiple strategies to features and decide on anomalies, and v) provide conclusive results following an extensive set of metrics, along with plots of algorithms scores. Finally, RELOAD includes a simple GUI to set up the experiments and examine results. After describing the structure of the tool and detailing inputs and outputs of RELOAD, we exercise RELOAD to analyze an intrusion detection dataset available on a public platform, showing its setup, metric scores and plots.

Evaluation of Anomaly Detection algorithms made easy with RELOAD / Tommaso Zoppi, Andrea Ceccarelli, Andrea Bondavalli. - ELETTRONICO. - (2019), pp. 0-0. (Intervento presentato al convegno INTERNATIONAL SYMPOSIUM ON SOFTWARE RELIABILITY ENGINEERING) [10.1109/ISSRE.2019.00051].

Evaluation of Anomaly Detection algorithms made easy with RELOAD

Tommaso Zoppi
;
Andrea Ceccarelli;Andrea Bondavalli
2019

Abstract

Anomaly detection aims at identifying patterns in data that do not conform to the expected behavior. Despite anomaly detection has been arising as one of the most powerful techniques to suspect attacks or failures, dedicated support for the experimental evaluation is actually scarce. In fact, existing frameworks are mostly intended for the broad purposes of data mining and machine learning. Intuitive tools tailored for evaluating anomaly detection algorithms for failure and attack detection with an intuitive support to sliding windows are currently missing. This paper presents RELOAD, a flexible and intuitive tool for the Rapid EvaLuation Of Anomaly Detection algorithms. RELOAD is able to automatically i) fetch data from an existing data set, ii) identify the most informative features of the data set, iii) run anomaly detection algorithms, including those based on sliding windows, iv) apply multiple strategies to features and decide on anomalies, and v) provide conclusive results following an extensive set of metrics, along with plots of algorithms scores. Finally, RELOAD includes a simple GUI to set up the experiments and examine results. After describing the structure of the tool and detailing inputs and outputs of RELOAD, we exercise RELOAD to analyze an intrusion detection dataset available on a public platform, showing its setup, metric scores and plots.
2019
Proceedings of the 30th International Symposium on Software Reliability Engineering (ISSRE 2019)
INTERNATIONAL SYMPOSIUM ON SOFTWARE RELIABILITY ENGINEERING
Tommaso Zoppi, Andrea Ceccarelli, Andrea Bondavalli
File in questo prodotto:
File Dimensione Formato  
RELOAD_ISSRE_V7_CameraReady.pdf

accesso aperto

Descrizione: Pre-Print Open Access
Tipologia: Pdf editoriale (Version of record)
Licenza: Tutti i diritti riservati
Dimensione 1.71 MB
Formato Adobe PDF
1.71 MB Adobe PDF
efefefe.pdf

Accesso chiuso

Descrizione: File Editore accesso privato
Tipologia: Pdf editoriale (Version of record)
Licenza: Tutti i diritti riservati
Dimensione 904.54 kB
Formato Adobe PDF
904.54 kB Adobe PDF   Richiedi una copia

I documenti in FLORE sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificatore per citare o creare un link a questa risorsa: https://hdl.handle.net/2158/1169185
Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 17
  • ???jsp.display-item.citation.isi??? 14
social impact