Call for Paper - July 2022 Edition
IJCA solicits original research papers for the July 2022 Edition. Last date of manuscript submission is June 20, 2022. Read More

Stream Data Mining and Anomaly Detection

International Journal of Computer Applications
© 2011 by IJCA Journal
Volume 34 - Number 9
Year of Publication: 2011
Mohammadjafar Esmaeili
Arwa Almadan

Mohammadjafar Esmaeili and Arwa Almadan. Article: Stream Data Mining and Anomaly Detection. International Journal of Computer Applications 34(9):39-42, November 2011. Full text available. BibTeX

	author = {Mohammadjafar Esmaeili and Arwa Almadan},
	title = {Article: Stream Data Mining and Anomaly Detection},
	journal = {International Journal of Computer Applications},
	year = {2011},
	volume = {34},
	number = {9},
	pages = {39-42},
	month = {November},
	note = {Full text available}


Detecting anomaly behaviors is one of the most challenging tasks for Information Systems (IS) administrators. The anomaly behavior is defined as any behavior from either inside or outside of the organization’s information system that deviates from normal; this includes insider attacks as well as any behavior that threatens the confidentiality, integrity and availability of the organization's information systems. One of the strategies to detect an anomalous behavior is to create a clustering or classification model by utilizing data mining methodologies. The models could be generated from previous historical data or it could be based on current data. Although these models could identify normal and abnormal behavior, they couldn’t satisfy the growing demand for better information security. The primary drawback of using these methods are a high rate of false positive; the model becomes outdated and there is high demand to maintain the models’ integrity; and they have low response rate. This study attempts to overcome some of the disadvantages in the current data mining models, which have been used to detect anomaly behaviors. Moreover this research will attempt to introduce a model that utilizes stream data mining to actively monitor network traffic for anomaly detection.


  • Anderson, G. F., Selby, D. A., & Ramsey, M. (2007, May). Insider Attack and Real-time Data Mining of User behavior. IBM Journal of Research and Development, 3(4), 465-475.
  • Conorich, D. (2004, May). Monitoring Intrusion Detection Systems: From Data to Knowledge. Information Systems Security, 13(2), 19-30.
  • Gregory, P. (2009). CISSP Guid to Security
  • Essenstioals (, pp. 1-512). Course Technology.
  • Hyun Oh, S., & Suk Lee, W. (2003). An Anomaly Intrusion Detection Method by Clustering Normal User Behavior. Computers & Security, 22(7), 596-612.
  • Zhang, J., Liu, H., & Wang, P. P. (2006, July 22). Some current issues of streaming data mining. Information Science, 176(14).
  • Scarfone, K., & Mell, P. (2007, February). Guide to Intrusion Detection and Prevention Systems (IDPS). National Institute of Standards and Technology, 1-127.
  • Li, X., & Deng, Z. (2010, December). Mining frequent patterns from network flows for monitoring network. Expert Systems with Applications, 37(12).