Md Rakibul Islam – Doctoral Defense
Zoom meeting information
https://wsu.zoom.us/j/92240297680?pwd=U0RZcTJLZFFQTmdubmZ3UzQ2ZGlMdz09
Meeting ID: 922 4029 7680 Passcode: 955900 Date & Time: Apr 19, 2021 02:00 PM Pacific Time (US and Canada)
About the event
Student: Md Rakibul Islam
Committee Chair: Dr. Jana Doppa
Dissertation Title: Human-in-the-loop learning for anomaly detection: Novel Insights, Algorithms, and Applications
Abstract: Anomaly detection (AD) task corresponds to identifying the true anomalies among a given set of data instances. AD algorithms score the data instances and produce a ranked list of candidate anomalies. The ranked list of anomalies is then analyzed by a human to discover the true anomalies. However, AD systems are not practical when the number of false-positives is very high resulting in lot of wasted human effort. Therefore, in many real-world AD applications including computer security and fraud prevention, the anomaly detector must be configurable by the human analyst to minimize the effort on false positives. One important way to configure the detector is by providing true labels (nominal or anomaly) for a few instances by the analyst.
This dissertation builds on the recent work on human-in-the-loop methods for anomaly detection and makes the following contributions. First, we provide an important insight that explains the practical successes of unsupervised tree-based local AD ensembles and active learning based on greedy querying for anomaly discovery. Second, we exploit the inherent strengths of tree-based ensembles to discover diverse anomalies and for generating interpretations of discovered anomalies to improve the usability of human-in-the-loop anomaly detection systems. Third, we develop a novel active learning algorithm to handle the streaming data setting. We present a novel data drift detection algorithm that not only detects the drift robustly, but also allows us to take corrective actions to adapt the anomaly detector in a principled manner. Fourth, to support human analysts that use AD systems based on simple and explainable global anomaly detectors, we propose a novel human-in-the-loop learning algorithm that automatically learns their local relevance to specific data instances using label feedback. Finally, we apply the principles and algorithms from our active anomaly detection work to a challenging real-world application, namely, accurate detection of malware on Android over time.