ABSTRACT
Section 4.4 contains an explanation of techniques for developing representative machine-learning classiƒers and the applications of those classiƒers in anomaly detection. —e section contains a discussion on supervised machine-learning methods, including rule-based learning, ANN, SVM, KNN, HMM, and Kalman ƒlter, a description of the unsupervised machine-learning methods, including the clustering-based method, random forest, one class SVM, KNN, PCA, and subspace, and a description of other machine-learning methods, including EM, clustering based on probability and information-theoretic learning. —is section also includes a discussion on the limitations and di¢culties that encumber machine-learning methods in anomaly detection systems. Such problems include an inadequate ability to maintain a high detection rate and a low false-alarm rate (FAR). Finally, Section 4.5 consists of a summary of the achievements and limitations of the present research in anomaly detection, and a guide of emerging research.
