Andrew Emmott

TL;DR: In this paper, the authors introduce a methodology for transforming existing classification data sets into ground-truthed benchmark data sets for anomaly detection, which produces data sets that vary along three important dimensions: (a) point difficulty, (b) relative frequency of anomalies, and (c) clusteredness.

TL;DR: This paper describes an Active Anomaly Discovery method for incorporating expert feedback to adjust the anomaly detector so that the outliers it discovers are more in tune with the expert user's semantic understanding of the anomalies.

TL;DR: This paper reports on methods and results of an applied research project by a team consisting of SAIC and four universities to develop, integrate, and evaluate new approaches to detect the weak signals characteristic of insider threats on organizations' information systems.

TL;DR: A thorough meta-analysis of the anomaly detection problem is provided, providing an ontology for describing anomaly detection contexts, a methodology for controlling various aspects of benchmark creation, guidelines for future experimental design and a discussion of the many potential pitfalls of trying to measure success in this field.

TL;DR: A methodology for transforming existing classification data sets into ground-truthed benchmark data sets for anomaly detection, which produces data sets that vary along three important dimensions: point difficulty, relative frequency of anomalies, and clusteredness.