Notes - MCS
Machine Learning Applied to Security
Notes - MCS
Machine Learning Applied to Security
  • Machine Learning Applied to Security
  • Machine Learning
    • AI and ML
    • Taxonomy
    • Limitations
    • Terminology
  • SPAM
    • SPAM
    • SPAM Detection
    • Classification Model
    • Naive Bayes (Discrete)
    • SPAM or HAM
    • Blind Optimization
    • Gradient descent
    • Linear Regression
    • Logistic Regression
    • Binary Classification
  • Anomaly Detection
    • Context
    • Anomaly Detection
      • Examples
      • Detection
      • Techniques
    • Detecting anomalies just by seeing
    • Unsupervised Learning
    • Autoencoders
    • Isolation Forest
    • Local Outlier Factor
    • One-Class SVM
    • Tips
  • Malware Detection
    • Context
    • Creeper virus
    • ILOVEYOU worm
    • CryptoLocker ransomware
    • Mirai botnet
    • Clop ransomware
    • How To Recognize Malware
    • Malware Detection
    • Machine Learning Approaches
    • Requirements
    • Multi-Class Classification
Powered by GitBook
On this page
  1. Anomaly Detection

Isolation Forest

Last updated 1 year ago

Isolation Forest isolates observations by randomly selecting a feature and then randomly selecting a split value between the maximum and minimum values of the selected feature.

Since recursive partitioning can be represented by a tree structure, the number of splittings required to isolate a sample is equivalent to the path length from the root node to the terminating node.

This path length averaged over a forest of such random trees, is a measure of normality and our decision function.

Random partitioning produces noticeably shorter paths for anomalies. Hence, when a forest of random trees collectively produces shorter path lengths for particular samples, they are highly likely to be anomalies.