OUTLIER ANALYSIS. Data Mining 1



Similar documents
Data Mining Cluster Analysis: Basic Concepts and Algorithms. Lecture Notes for Chapter 8. Introduction to Data Mining

Data Mining Clustering (2) Sheets are based on the those provided by Tan, Steinbach, and Kumar. Introduction to Data Mining

Facebook Friend Suggestion Eytan Daniyalzade and Tim Lipus

OUTLIER ANALYSIS. Authored by CHARU C. AGGARWAL IBM T. J. Watson Research Center, Yorktown Heights, NY, USA

Data Mining Cluster Analysis: Basic Concepts and Algorithms. Lecture Notes for Chapter 8. Introduction to Data Mining

2) The three categories of forecasting models are time series, quantitative, and qualitative. 2)

Robust Outlier Detection Technique in Data Mining: A Univariate Approach

Azure Machine Learning, SQL Data Mining and R

Clustering. Adrian Groza. Department of Computer Science Technical University of Cluj-Napoca

CHAPTER 11 FORECASTING AND DEMAND PLANNING

Histogram-based Outlier Score (HBOS): A fast Unsupervised Anomaly Detection Algorithm

Detection. Perspective. Network Anomaly. Bhattacharyya. Jugal. A Machine Learning »C) Dhruba Kumar. Kumar KaKta. CRC Press J Taylor & Francis Croup

Chapter 10. Key Ideas Correlation, Correlation Coefficient (r),

Cluster Analysis: Advanced Concepts

Practical Data Science with Azure Machine Learning, SQL Data Mining, and R

Social Media Mining. Data Mining Essentials

DATA MINING CLUSTER ANALYSIS: BASIC CONCEPTS

Introduction to time series analysis

How To Perform An Ensemble Analysis

Conclusions and Future Directions

Introduction to Data Mining

Cluster Analysis. Alison Merikangas Data Analysis Seminar 18 November 2009

How To Cluster

Supervised and unsupervised learning - 1

Data, Measurements, Features

International Journal of Computer Science Trends and Technology (IJCST) Volume 2 Issue 3, May-Jun 2014

Introduction to Data Mining

Using multiple models: Bagging, Boosting, Ensembles, Forests

Linköpings Universitet - ITN TNM DBSCAN. A Density-Based Spatial Clustering of Application with Noise

Intrusion Detection System using Log Files and Reinforcement Learning

Reflections on Probability vs Nonprobability Sampling

Learning Example. Machine learning and our focus. Another Example. An example: data (loan application) The data and the goal

Introduction to nonparametric regression: Least squares vs. Nearest neighbors

Outline: Demand Forecasting

ANALYTICS IN BIG DATA ERA

Intro to GIS Winter Data Visualization Part I

Principles of Data Mining by Hand&Mannila&Smyth

A Survey on Outlier Detection Techniques for Credit Card Fraud Detection

K-Means Cluster Analysis. Tan,Steinbach, Kumar Introduction to Data Mining 4/18/2004 1

Random Forest Based Imbalanced Data Cleaning and Classification

STOCK MARKET TRENDS USING CLUSTER ANALYSIS AND ARIMA MODEL

Data Mining and Knowledge Discovery in Databases (KDD) State of the Art. Prof. Dr. T. Nouri Computer Science Department FHNW Switzerland

Joseph Twagilimana, University of Louisville, Louisville, KY

Environmental Remote Sensing GEOG 2021

Simple Methods and Procedures Used in Forecasting

: Introduction to Machine Learning Dr. Rita Osadchy

Fairfield Public Schools

CALCULATIONS & STATISTICS

CS 2750 Machine Learning. Lecture 1. Machine Learning. CS 2750 Machine Learning.

Utility-Based Fraud Detection

CAB TRAVEL TIME PREDICTI - BASED ON HISTORICAL TRIP OBSERVATION

1.1 Difficulty in Fault Localization in Large-Scale Computing Systems

II. DISTRIBUTIONS distribution normal distribution. standard scores

Introduction. A. Bellaachia Page: 1

DATA MINING TECHNIQUES AND APPLICATIONS

Clustering. Danilo Croce Web Mining & Retrieval a.a. 2015/201 16/03/2016

Predictive Modeling Techniques in Insurance

KATE GLEASON COLLEGE OF ENGINEERING. John D. Hromi Center for Quality and Applied Statistics

Simple linear regression

Data Mining: An Overview. David Madigan

Telecommunication Fraud Detection Using Data Mining techniques

Leveraging Ensemble Models in SAS Enterprise Miner

Time series forecasting

99.37, 99.38, 99.38, 99.39, 99.39, 99.39, 99.39, 99.40, 99.41, cm

Beating the MLB Moneyline

Chapter ML:XI (continued)

International Journal of Computer Trends and Technology (IJCTT) volume 4 Issue 8 August 2013

Data Mining Cluster Analysis: Basic Concepts and Algorithms. Lecture Notes for Chapter 8. Introduction to Data Mining

430 Statistics and Financial Mathematics for Business

Data Mining. Cluster Analysis: Advanced Concepts and Algorithms

Ch.3 Demand Forecasting.

The Data Mining Process

Identification of Demand through Statistical Distribution Modeling for Improved Demand Forecasting

E-commerce Transaction Anomaly Classification

Unit 9 Describing Relationships in Scatter Plots and Line Graphs

Marginal Costing and Absorption Costing

A Study Of Bagging And Boosting Approaches To Develop Meta-Classifier

EXPLORING SPATIAL PATTERNS IN YOUR DATA

Long-term Stock Market Forecasting using Gaussian Processes

Physics Lab Report Guidelines

Mimicking human fake review detection on Trustpilot

Understanding the market

Financial Time Series Analysis (FTSA) Lecture 1: Introduction

Data Mining: An Introduction

Clustering. Data Mining. Abraham Otero. Data Mining. Agenda

Using kernel methods to visualise crime data

Time series Forecasting using Holt-Winters Exponential Smoothing

STATISTICA. Financial Institutions. Case Study: Credit Scoring. and

Data Mining for Knowledge Management. Classification

South Carolina College- and Career-Ready (SCCCR) Probability and Statistics

Index Contents Page No. Introduction . Data Mining & Knowledge Discovery

Predict the Popularity of YouTube Videos Using Early View Data

Outline. Definitions Descriptive vs. Inferential Statistics The t-test - One-sample t-test

Data Mining Cluster Analysis: Advanced Concepts and Algorithms. Lecture Notes for Chapter 9. Introduction to Data Mining

Chapter 2 Literature Review

COMBINING THE METHODS OF FORECASTING AND DECISION-MAKING TO OPTIMISE THE FINANCIAL PERFORMANCE OF SMALL ENTERPRISES

Descriptive statistics Statistical inference statistical inference, statistical induction and inferential statistics

Transcription:

OUTLIER ANALYSIS Data Mining 1

What Are Outliers? Outlier: A data object that deviates significantly from the normal objects as if it were generated by a different mechanism Ex.: Unusual credit card purchase, sports: Michael Jordon,... Outliers are different from the noise data Noise is random error or variance in a measured variable Noise should be removed before outlier detection Outliers are interesting: It violates the mechanism that generates the normal data Outlier detection vs. novelty detection: early stage, outlier; but later merged into the model Applications: Credit card fraud detection Telecom fraud detection Customer segmentation Medical analysis Data Mining 2

Types of Outliers Global outlier (or point anomaly) Object is O g if it significantly deviates from the rest of the data set Ex. Intrusion detection in computer networks Issue: Find an appropriate measurement of deviation Contextual outlier (or conditional outlier) Object is O c if it deviates significantly based on a selected context Ex. 80 o F in Urbana: outlier? (depending on summer or winter?) Attributes of data objects should be divided into two groups Contextual attributes: defines the context, e.g., time & location Behavioral attributes: characteristics of the object, used in outlier evaluation, e.g., temperature Can be viewed as a generalization of local outliers whose density significantly deviates from its local area Issue: How to define or formulate meaningful context? Data Mining 3

Types of Outliers Collective Outliers A subset of data objects collectively deviate significantly from the whole data set, even if the individual data objects may not be outliers Applications: E.g., intrusion detection: When a number of computers keep sending denial-of-service packages to each other Detection of collective outliers Consider not only behavior of individual objects, but also that of groups of objects Need to have the background knowledge on the relationship among data objects, such as a distance or similarity measure on objects. A data set may have multiple types of outlier One object may belong to more than one type of outlier Data Mining 4

Outlier Detection: Supervised Methods Two ways to categorize outlier detection methods: Based on whether user-labeled examples of outliers can be obtained: Supervised, semi-supervised vs. unsupervised methods Based on assumptions about normal data and outliers: Statistical, proximity-based, and clustering-based methods Outlier Detection: Supervised Methods Modeling outlier detection as a classification problem Samples examined by domain experts used for training & testing Methods for Learning a classifier for outlier detection effectively: Model normal objects & report those not matching the model as outliers, or Model outliers and treat those not matching the model as normal Challenges Imbalanced classes, i.e., outliers are rare: Boost the outlier class and make up some artificial outliers Catch as many outliers as possible, i.e., recall is more important than accuracy (i.e., not mislabeling normal objects as outliers) Data Mining 5

Outlier Detection: Unsupervised Methods Assume the normal objects are somewhat ``clustered' into multiple groups, each having some distinct features An outlier is expected to be far away from any groups of normal objects Weakness: Cannot detect collective outlier effectively Normal objects may not share any strong patterns, but the collective outliers may share high similarity in a small area Ex. In some intrusion or virus detection, normal activities are diverse Unsupervised methods may have a high false positive rate but still miss many real outliers. Supervised methods can be more effective, e.g., identify attacking some key resources Many clustering methods can be adapted for unsupervised methods Find clusters, then outliers: not belonging to any cluster Problem 1: Hard to distinguish noise from outliers Problem 2: Costly since first clustering: but far less outliers than normal objects Newer methods: tackle outliers directly Data Mining 6

Outlier Detection: Semi-Supervised Methods Statistical methods (also known as model-based methods) assume that the normal data follow some statistical model (a stochastic model) The data not following the model are outliers. Example (right figure): First use Gaussian distribution to model the normal data For each object y in region R, estimate g D (y), the probability of y fits the Gaussian distribution If g D (y) is very low, y is unlikely generated by the Gaussian model, thus an outlier Effectiveness of statistical methods: highly depends on whether the assumption of statistical model holds in the real data There are rich alternatives to use various statistical models E.g., parametric vs. non-parametric Data Mining 7

Outlier Detection: Proximity-Based Methods An object is an outlier if the nearest neighbors of the object are far away, i.e., the proximity of the object is significantly deviates from the proximity of most of the other objects in the same data set Example (right figure): Model the proximity of an object using its 3 nearest neighbors Objects in region R are substantially different from other objects in the data set. Thus the objects in R are outliers The effectiveness of proximity-based methods highly relies on the proximity measure. In some applications, proximity or distance measures cannot be obtained easily. Often have a difficulty in finding a group of outliers which stay close to each other Two major types of proximity-based outlier detection Distance-based vs. density-based Data Mining 8

Outlier Detection: Clustering-Based Methods Normal data belong to large and dense clusters, whereas outliers belong to small or sparse clusters, or do not belong to any clusters Example two clusters All points not in R form a large cluster The two points in R form a tiny cluster, thus are outliers Since there are many clustering methods, there are many clusteringbased outlier detection methods as well Clustering is expensive: straightforward adaption of a clustering method for outlier detection can be costly and does not scale up well for large data sets Data Mining 9

Mining Time-Series Data A time-series database consists of sequences of values or events obtained over repeated measurements of time. The values are typically measured at equal time intervals (e.g., hourly, daily, weekly). Time-series databases are popular in many applications, such as stock market analysis, economic and sales forecasting, budgetary analysis, utility studies Data Mining 10

Trend Analysis A time series involving a variable Y, representing, say, the daily closing price of a share in a stock market, can be viewed as a function of time t, that is, Y = F(t). Such a function can be illustrated as a time-series graph, which describes a point moving with the passage of time. Data Mining 11

Trend Analysis Trend analysis consists of the following four major components or movements for characterizing time-series data: Trend or long-term movements: These indicate the general direction in which a time series graph is moving over a long interval of time. This movement is displayed by a trend curve, or a trend line. Typical methods for determining a trend curve or trend line include the weighted moving average method Cyclic movements or cyclic variations: These refer to the cycles, that is, the longterm oscillations about a trend line or curve, which may or may not be periodic. Seasonal movements or seasonal variations: These are systematic or calendar related Irregular or random movements: These characterize the sporadic motion of time series due to random or chance events, such as labor disputes, floods, or announced personnel changes within companies. regression analysis has been a popular tool for modeling time series, finding trends and outliers in such data sets. Data Mining 12

moving average A common method for determining trend is to calculate a moving average of order n A moving average tends to reduce the amount of variation present in the data set. Thus the process of replacing the time series by its moving average eliminates unwanted fluctuations and is therefore also referred to as the smoothing of time series. If weighted arithmetic means are used, the resulting sequence is called a weighted moving average of order n. Data Mining 13

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information