Outlier detection with double-sided control mechanism and different priority weight values for network security

Doğan Y., Dalkılıç G.

2010 2nd WRI World Congress on Software Engineering, WCSE 2010, Wuhan, Çin, 19 - 20 Aralık 2010, cilt.2, ss.130-133 identifier

  • Yayın Türü: Bildiri / Tam Metin Bildiri
  • Cilt numarası: 2
  • Doi Numarası: 10.1109/wcse.2010.142
  • Basıldığı Şehir: Wuhan
  • Basıldığı Ülke: Çin
  • Sayfa Sayıları: ss.130-133
  • Anahtar Kelimeler: K-nearest neighbor clustering and classification, Network security and similarity m easurement, Outlier detection
  • Dokuz Eylül Üniversitesi Adresli: Evet

Özet

A server needs strong security systems. For this goal, a new perspective to network security is won by using data mining paradigms like outlier detection, clustering and classification. This study uses K-Nearest Neighbor (KNN) algorithm for clustering and classification. KNN algorithm needs data warehouse which impersonates user profiles to cluster. Therefore, requested time intervals and requested IPs with text mining are used for user profiles. Users in the network are clustered by calculating optimum k and threshold parameters of KNN algorithm. Finally, over these clusters, new requests are separated as outlier or normal by different threshold values with different priority weight values and average similarities with different priority weight values. © 2010 IEEE.