Computer Science Technical Reports
2008
-
CS-2008-01 (154 pages) (pdf)
Abstract
Anomaly detection techniques complement signature based methods for intrusion detection. Machine learning approaches are applied to anomaly detection for automated learning and detection. Traditional host-based anomaly detectors model system call sequences to detect novel attacks. This dissertation makes four key contributions to detect host anomalies. First, we present an unsupervised approach to clean training data using novel representations for system call sequences. Second, supervised learning with system call arguments and other attributes is proposed for enriched modeling. Third, techniques to increase model coverage for improved accuracy are presented. Fourth, we propose spatio-temporal modeling to detect suspicious behavior for mobile hosts. Experimental results on various data sets indicate that our techniques are more effective than traditional methods in capturing attack-based host anomalies. Additionally, our supervised methods create succinct models and the computational overhead incurred is reasonable for an online anomaly detection system.
-
CS-2008-02 (48 pages) (pdf)
Abstract
Search engines return results mainly based on the submitted query; however, the same query could be in different contexts because individual users have different interests. To improve the relevance of search results, we propose re-ranking results based on a learned user profile. In our previous work we introduced a scoring function for re-ranking search results based on a learned User Interest Hierarchy (UIH). Our results indicate that we can improve relevance at lower ranks, but not at the top 5 ranks. In this thesis, we improve the scoring function by incorporating new term characteristics, image characteristics and pivoted length normalization. Our experimental evaluation shows that the proposed scoring function can improve relevance in each of the top 10 ranks.
-
CS-2008-03 (10 pages) (pdf)
Title The Peer-Reviewing Game Authors M.Silaghi and M.Yokoo Contact Email Address Faculty Sponsor M.Silaghi TR number assignment date 2 November 2008 TR posted 8 November 2008 Abstract
We model a family of peer-reviewing processes as game-theoretic problems. The model helps to understand elements of existing peer-reviewing procedures, and to predict the impact of new mechanisms. The peer-reviewing for evaluation of scientific results submitted to conferences involves complex decision processes of independent participants. Significant tax-payer money is spent by governments for the advancement of science, and such governmental decisions are often based on outcomes of peer-reviewing in scientific conferences. Here we propose to analyze and design improved mechanisms for conference peer-reviewing, based on game-theoretic approaches. Real world conference peer-reviewing processes are overly complex and here we define and analyze a simplified (toy) version, called the Peer-Reviewing Game. While our toy version may have significant assumptions, it provides an interesting game and a first step towards formalizing and understanding the real world problem.
The players of this game are the researchers that participate as authors and reviewers. A funding agency tries to maximize the social value by providing rewards to researchers based on their publications. In this work the conference chair is assumed to be a trusted party, enforcing policies agreed by the funding agency and making publication decisions based on the recommendation of the reviewers. We uncover relations between Peer-Reviewing games and Prisoner's Dilemma games. Examples of mechanisms are described and analyzed both theoretically and experimentally.