CFP last date
22 April 2024
Reseach Article

Stream Data Mining and Anomaly Detection

by Mohammadjafar Esmaeili, Arwa Almadan
International Journal of Computer Applications
Foundation of Computer Science (FCS), NY, USA
Volume 34 - Number 9
Year of Publication: 2011
Authors: Mohammadjafar Esmaeili, Arwa Almadan
10.5120/4130-5984

Mohammadjafar Esmaeili, Arwa Almadan . Stream Data Mining and Anomaly Detection. International Journal of Computer Applications. 34, 9 ( November 2011), 39-42. DOI=10.5120/4130-5984

@article{ 10.5120/4130-5984,
author = { Mohammadjafar Esmaeili, Arwa Almadan },
title = { Stream Data Mining and Anomaly Detection },
journal = { International Journal of Computer Applications },
issue_date = { November 2011 },
volume = { 34 },
number = { 9 },
month = { November },
year = { 2011 },
issn = { 0975-8887 },
pages = { 39-42 },
numpages = {9},
url = { https://ijcaonline.org/archives/volume34/number9/4130-5984/ },
doi = { 10.5120/4130-5984 },
publisher = {Foundation of Computer Science (FCS), NY, USA},
address = {New York, USA}
}
%0 Journal Article
%1 2024-02-06T20:20:38.891868+05:30
%A Mohammadjafar Esmaeili
%A Arwa Almadan
%T Stream Data Mining and Anomaly Detection
%J International Journal of Computer Applications
%@ 0975-8887
%V 34
%N 9
%P 39-42
%D 2011
%I Foundation of Computer Science (FCS), NY, USA
Abstract

Detecting anomaly behaviors is one of the most challenging tasks for Information Systems (IS) administrators. The anomaly behavior is defined as any behavior from either inside or outside of the organization’s information system that deviates from normal; this includes insider attacks as well as any behavior that threatens the confidentiality, integrity and availability of the organization's information systems. One of the strategies to detect an anomalous behavior is to create a clustering or classification model by utilizing data mining methodologies. The models could be generated from previous historical data or it could be based on current data. Although these models could identify normal and abnormal behavior, they couldn’t satisfy the growing demand for better information security. The primary drawback of using these methods are a high rate of false positive; the model becomes outdated and there is high demand to maintain the models’ integrity; and they have low response rate. This study attempts to overcome some of the disadvantages in the current data mining models, which have been used to detect anomaly behaviors. Moreover this research will attempt to introduce a model that utilizes stream data mining to actively monitor network traffic for anomaly detection.

References
  1. Anderson, G. F., Selby, D. A., & Ramsey, M. (2007, May). Insider Attack and Real-time Data Mining of User behavior. IBM Journal of Research and Development, 3(4), 465-475.
  2. Conorich, D. (2004, May). Monitoring Intrusion Detection Systems: From Data to Knowledge. Information Systems Security, 13(2), 19-30.
  3. Gregory, P. (2009). CISSP Guid to Security
  4. Essenstioals (, pp. 1-512). Course Technology.
  5. Hyun Oh, S., & Suk Lee, W. (2003). An Anomaly Intrusion Detection Method by Clustering Normal User Behavior. Computers & Security, 22(7), 596-612.
  6. Zhang, J., Liu, H., & Wang, P. P. (2006, July 22). Some current issues of streaming data mining. Information Science, 176(14).
  7. Scarfone, K., & Mell, P. (2007, February). Guide to Intrusion Detection and Prevention Systems (IDPS). National Institute of Standards and Technology, 1-127.
  8. Li, X., & Deng, Z. (2010, December). Mining frequent patterns from network flows for monitoring network. Expert Systems with Applications, 37(12).
Index Terms

Computer Science
Information Sciences

Keywords

Stream Data Mining Anomaly Detection Data Mining Supervised Data Mining and Unsupervised Data Mining