Xiuwen Liu,Jianming Fu,Yanjiao Chen

DOI: https://doi.org/10.1016/j.ins.2020.03.048

IF: 8.1

2020-01-01

Information Sciences

Abstract:The rich source of online reports and discussions on social media can be leveraged to investigate the widespread cyber-attacks. In this paper, we study the problem of cybersecurity event mining based on continuous tweet streams. In contrast to traditional static methods that do not consider event evolution, we explore relevance among historical and online events for cyber-attack event discovery and evolution detection. We propose CyberEM, a novel event evolution model with a special focus on cybersecurity events. A pattern clustering algorithm and an NMF-based (non-negative matrix factorization) event aggregation algorithm are devised for cyber-attack indicator extraction and event evolution detection. We leverage both the patterns that belong to the cybersecurity domain and the patterns of the semantic contexts of cybersecurity to refine evolutionary relevance of events across multiple time intervals. Furthermore, we design a dynamic event inference algorithm to discover cybersecurity events and update event aggregation in an online manner. Through extensive evaluations with a large-scale real-world tweet dataset, we demonstrate the superiority of the proposed CyberEM model over existing methods in identifying cybersecurity events and their evolutionary relevance.

REN Jia,SU Hong-ye,CHU Jian

DOI: https://doi.org/10.3969/j.issn.1002-0411.2006.01.017

2006-01-01

Information and Control

Abstract:PX absorption and separation process is studied and analyzed using data mining methods based on SOM model,and the SOM model plays a key role in the whole data mining process.On the one hand,SOM model is used as an effective exploratory data analysis tool and provides evidence for further data mining.On the other hand,SOM algorithm provides directions in parameter selection and offer data support for other data mining algorithms(such as clustering,rule extraction,etc).In conclusion,two aims are obtained with the data mining algorithms: the optimized zone of operating parameters in different loads is obtained,and a realtime visualized evaluation model is built to improve the operation performances.

胡敏,潘雪增,平玲娣

DOI: https://doi.org/10.3969/j.issn.1001-3695.2004.01.033

2004-01-01

Abstract:This paper focuses on issures related to deploying a data mining-based IDS (Intrusion Detection System) in a real time environment To overcome the limitations of traditional IDS, the corresponding solutions to accurracy, efficiency and usability is presented.These solutions impove efficiency of traditional DOS and maintain a desired accuracy level. This paper also proposed an architecture consisting of sensors, detectors, a data warehouse and model generation components. This architecture facilitates the sharing and storage of audit data and the distribution of new or updated models. Also, it improves the efficiency and scalability of the traditional IDS.

Yunliang Jiang,Jiangang Yang,Liang Tang,Yong Liu,Xiaoming Zhao,Xiulan Hao

DOI: https://doi.org/10.1007/978-3-662-48247-6_23

2015-01-01

Abstract:Because of the popularity of mobile phone and the development of mobile network, mobile data is growing explosively. Mobile data mining is more and more of attention. But single node-based data mining platform has been unable to store and analysis the massive data. According to cloud computing technology, we preset a distributed data mining framework based on Hadoop. Then, we present the implementation of this system framework and process mobile internet access log on the Hadoop cluster. Comparative tests will show that this distributed system framework is significantly efficient for processing huge scale dataset.

DONG De-min,HE Qin-ming

DOI: https://doi.org/10.3969/j.issn.1000-7024.2006.01.029

2006-01-01

Abstract:Enterprise and organize face a series of problems to capture information of web.Technique of solving these problems were summed up including web content mining,web structure mining and web usage mining.And some application of web mining was intro-duced,such as intelligent search engine,enterprise crisis management,client relation management and personalization service system.

Wu Xin,Qingni Shen,Yahui Yang,Zhonghai Wu

DOI: https://doi.org/10.1007/978-3-319-73697-6_17

2017-01-01

Abstract:In order to ensure data security and monitor data behavior, eBay has developed Eagle, which can detect anomalous user behavior based on user profiles and can intelligently protect data security of Hadoop ecosystem in real-time. By analyzing the kernel density estimation (KDE) algorithm and source code implemented in Eagle, we recognize that there are two security risks: One is that user profiles are models of operations, but the objects of operations are not analyzed; The other is that the owner of HDFS audit log files is not authenticated. Consequently, the attacker can bypass Eagle and form attack of APT combined with default permissions of Hadoop. In this paper, we analyze the two risks of Eagle, propose two kinds of attack methods that can bypass anomaly detection of Eagle: co-frequency operation attack and log injection attack, and establish threat model of which feasibility is verified experimentally. Finally, we present SeEagle, a semantic-enhanced anomaly detection for securing Eagle, including user authentication and file tagging modules. Our preliminary experimental evaluation shows that SeEagle works well and extra overhead is acceptable.

Zhang Quanling,Jin Xiaoming,Rong Gang,Su Hongye

DOI: https://doi.org/10.3969/j.issn.1001-4160.2008.07.001

2008-01-01

Abstract:The technical frame of data-mining system for chemical process is proposed.Based on algorithm of association rules with multiple minimum supports,the data-mining software ESP-Miner for chemical process is developed.The software can integrate process data from Distributed Control System(DCS),real-time database system,relational database system and other system by standard inter- face OPC Server,interface for mainstream real-time database,ODBC interface for relational database and standard text format inter face.Furthermore,process data can be input by man-machine conversion interface.The ESP-Miner software is successfully carried out in triazophos synthesis process.The production indicates that after data mining recipe and parameter are adopted,the product yield of triasophos is increased by 1.5% on average,and the average triazophos content increases from 80% to 83%.It brings about more eco- nomic benefits and social benefits for corporation.

LI Guang-shui,ZHENG Tao,SONG Ding-quan

2009-01-01

Abstract:According to the characteristic of remote sensor image and the open geospatial consortium Web Coverage Service(WCS) specification, this paper studies the model of data mining from remote sensor image and the architecture for integrating distributed SOA by work flow.Basing on the .Net framework and WSBPEL, an association rule mining system from the value of feature texture of remote sensor image is designed, which studies on aspects of accessing to a large data source, occupying the network resources, process scalability.It can provide the reference to the analysis for remote sensor image in Internet.

吕志军,袁卫忠,仲海骏,黄皓,曾庆凯,谢立

DOI: https://doi.org/10.3969/j.issn.1002-137x.2004.10.015

2004-01-01

Computer Science

Abstract:Intrusion detection system(IDS)must be capable of detecting new and unknown attacks. In this paper, we propose an Anomaly Detection System based on Data Mining(ADESDM). Firstly, ADESDM mine suspicious behaviors in the protocol header, ports and application data with strong association rules and weak association rules; then, it sends the suspicious behaviors to the Deciding Module based on Bayesian Belief Net (DMBBN). In real network communications, the attributes, such as time, direction, ports and IP addresses, are influencing each other. The DMBBN illustrates the conditional probabilities and relationship among the above attributes, and uses them to determine whether the suspicious behaviors are normal ones or attacks. Thus, system can reduce the false alarm rate.

Wenjun Yan

2006-01-01

Abstract:Data mining is a process to discover the patterns in which people are interested in quantities of raw data.It combines several of computer techniques.Using DM to evaluate suppliers is introduced.At first,the weight of each criterion is determined.Then data collected in production procedure are transformed into evaluation factors.They can also be used in finding latent useful patterns and sup-plier and forecasting to make supplier selection more reasonable and efficient.

Jia Zhanpei,Shen Chao,Yi Xiao,Chen Yufei,Yu Tianwen,Guan Xiaohong

DOI: https://doi.org/10.1109/coase.2017.8256257

2017-01-01

CASE

Abstract:Log data are important audit basis to record routine events occurring on computer or network system, which are also critical data source for detecting system anomalies. By analyzing the data from multi-source logs, it is helpful to detect abnormal system behaviors and discover intruder attacks in real time. In this paper, a Spark-based log data security platform is designed and built to analyze the large-scale log data and detect abnormal network behaviors. By integrating data mining, machine learning, and statistical analysis technologies, our proposed framework can quickly analyze large-scale multi-source log data and accurately discriminate the abnormal behaviors. Furthermore, the association analysis is applied to detect abnormal behaviors or potential threats in the system. Under a real-world network environment, extensive experiments are conducted to evaluate the system performance, which can achieve a fast and accurate detection for abnormal network behaviors, and significantly improve the accuracies under various types of network attack scenarios.

Jingquan Jin,Xin Lin

DOI: https://doi.org/10.1155/2022/8485014

IF: 3.12

2022-08-27

Computational Intelligence and Neuroscience

Abstract:Web content mining describes the classification, clustering, and attribute analysis of a large number of text documents and multimedia files on the web. Special tasks include retrieval of data from the Internet search engine tool W; structured processing and analysis of web data. Today's blog analysis has security concerns. We do experiments to investigate its safety. Through experiments, we draw the following conclusions: (1) Web log extraction can use efficient data mining algorithms to systematically extract logs from web servers, then determine the main access types or interests of users, and then to a certain extent, based on the discovered user patterns, analyze the user's access settings and behavior. (2) No matter in the test set or the mixed test set, the curve value of deep mining is very stable, the curve value has been kept at 0.95, and the curve value of fuzzy statistics method and quantitative statistics method is stable within the interval of 0.90–095. The results also show that the data mining method has the highest identification accuracy and the best security performance. (3) Web usage analysis requires data abstraction for pattern discovery. This data abstraction can be achieved through data preprocessing, which introduces different formats of web server log files and how web server log data is preprocessed for web usage analysis. One of the most critical parts of the web mining field is web log mining. Web log mining can use powerful data mining algorithms to systematically mine the logs in the web server and then learn the user's access or preferred interests and then conduct a certain degree of user preferences and behavior patterns according to the discovered user patterns. Based on the above analysis, the current web log analysis is faced with security problems. We conduct experiments to study to verify the security performance of web logs and draw conclusions through experiments.

mathematical & computational biology,neurosciences

Bernard McShea,Kevin Wright,Denley Lam,Steve Schmidt,Anna Choromanska,Devansh Bisla,Shihong Fang,Alireza Sarmadi,Prashanth Krishnamurthy,Farshad Khorrami

DOI: https://doi.org/10.48550/arXiv.2112.04114

2021-12-08

Cryptography and Security

Abstract:Securing enterprise networks presents challenges in terms of both their size and distributed structure. Data required to detect and characterize malicious activities may be diffused and may be located across network and endpoint devices. Further, cyber-relevant data routinely exceeds total available storage, bandwidth, and analysis capability, often by several orders of magnitude. Real-time detection of threats within or across very large enterprise networks is not simply an issue of scale, but also a challenge due to the variable nature of malicious activities and their presentations. The system seeks to develop a hierarchy of cyber reasoning layers to detect malicious behavior, characterize novel attack vectors and present an analyst with a contextualized human-readable output from a series of machine learning models. We developed machine learning algorithms for scalable throughput and improved recall for our Multi-Resolution Joint Optimization for Enterprise Security and Forensics (ESAFE) solution. This Paper will provide an overview of ESAFE's Machine Learning Modules, Attack Ontologies, and Automated Smart Alert generation which provide multi-layer reasoning over cross-correlated sensors for analyst consumption.

Qinjun Qiu,Jiandong Liu,Mengqi Hao,Weijie Li,Yang Wang,Zhong Xie,Liufeng Tao

DOI: https://doi.org/10.1016/j.envsoft.2024.106070

IF: 5.471

2024-05-12

Environmental Modelling & Software

Abstract:Multi-source heterogeneous, multi-modal, and multi-type open scientific data (e.g., thematic sharing sites, metadata, journal articles, etc.) on earth surface systems (EES) provide important data sources for knowledge mining, discovery, and accurate recommendations, and also pose increasing challenges, resulting in the need to develop appropriate tools to address these challenges and support decision-making. This paper constructs an interoperable software system to store, visualize, and publish open science data of ESS. Utilizing an open scientific data catalogue repository encompassing EES information as foundational input and employing an integrated modeling methodology, this system endeavors to synthesize heterogeneous surface data of diverse linguistic, sourced, and typological origins. The objective is to facilitate multidimensional data retrieval and precise data auto-recommendation, thereby fostering the dissemination of scientific data and facilitating value-added services within EES domain. The tool may be used by stakeholders including researchers, data analysts, policymakers and national authorities to support decision-making on questions ranging from locating the location of open data related to the topic, to discovering high-quality data, selecting the data with the better overall evaluation. Along with a description of the system/platform design process, its structure, and the constituent models, key results are presented relating to the user interface, and several application examples. Software systems can help modelers to use the best features of a single software tool to answer open scientific data-related questions that seek to discovery, use, comparison or synthesis within or across topics of ESS.

environmental sciences,engineering, environmental,water resources,computer science, interdisciplinary applications

LIANGLIANG LI,YANLIN LI,XISHAN WANG

DOI: https://doi.org/10.12783/iwshm-rs2021/36011

2021-11-04

Abstract:In view of the current situation and demand of enterprise quality management activities, this paper combines quality management and data mining technology, and makes full use of the large amount of quality data obtained by the enterprise to establish data model, and digs out the data that is conducive to improving product quality and reducing the rate of product disqualification. The model realizes regular and automatic analysis of existing quality data, and identifies opportunities for improvement, and automatically pushes the responsible department to improve. Finally, the improvement effect is verified and evaluated. The improved model is introduced into the production, and the improvement opportunities are found, and injected into the production process to provide data decision support for quality improvement. The quantity improvement model is based on machine learning algorithm to identify abnormal and send out early warning information. According to a large number of existing historical quality data of EMU, business objects are determined and business mining objectives are defined. All the data related to business objects are found, and selected the original data suitable for data mining applications. In this paper, a high generalization intelligent early warning quality improvement model is established by constructing quality improvement index features to complete automatic identification of quality problems and provide intelligent early warning and data decision support for quality improvement. Through the actual production data to verify the established early warning quality improvement model, the results are in good agreement with the experimental situation.

Wei Xu,Peter Bod ´ ik,David Patterson

2004-01-01

Abstract:Modern computer systems are instrumented to generate huge amounts of system log data. This data contains valu- able information for managing the system, localizing fail- ures, and recovery. However, the complexity of these sys- tems greatly surpasses what can be understood by human operators and thus automated analysis systems are begin- ning to be used. Due to preprocessing required by the statis- tical algorithms, the extremely high volume of data cannot be processed using ad-hoc scripts. We present a flexible, modular and scalable architecture for statistical learning from large data streams that can easily process lots of data. We built a prototype that is evaluated using system log data from a commercial on-line service. Moreover, the results of the analysis were genuinely useful for the on-line service operators.

Guihong Zhang

DOI: https://doi.org/10.1007/978-3-030-87903-7_6

2021-01-01

Abstract:In today’s era, the effective use of data technology can not only benefit the development of enterprises, but also help to promote the progress and development of society. This requires enterprise technical personnel to strengthen the understanding of data technology, in order to make better use of data technology and play the role of data mining technology. This paper expounds the data mining technology and discusses its application in e-commerce, hoping to provide reference for relevant enterprises.

LI Xing-li,DU Pei-jun,SUN Dun-xin,CHENG Da-yu

DOI: https://doi.org/10.3969/j.issn.1000-7024.2007.03.069

2007-01-01

Abstract:Oriented to the requirements of E-government,the necessity of developing the data mining(DM) system for E-government is proposed,and those characteristics of theDMS for E-government are analyzed from different aspects.Based on the analysis,requirement analysis is conducted.Then the structure of data mining system for E-government is established according to the main flow of general DM,and the system has such functions as data management,preprocessing,data mining and so on.Finally,the defects of traditional double-tier architecture for software are pointed out and an implementation scheme based on multi-tier architecture is researched further.

Chen Jian-hong,Ren Hao-ren,Sheng De-ren,Li Wei

DOI: https://doi.org/10.1631/jzus.2002.0538

2002-01-01

Journal of Zhejiang University SCIENCE A

Abstract:Nowadays, the scale of data normally stored in a database collected by Data Acquisition System (DAS) or Distributed Control System (DCS) in a power plant is becoming larger and larger. However there are abundant valuable knowledge hidden behind them. It will be beyond people's capacity to analyze and understand these data stored in such a scale database. Fortunately data-mining techniques are arising at the historic moment. In this paper, we explain the basic concept and general knowledge of data-mining; analyze the characteristics and research method of data-mining; give some typical applications of data-mining system based on power plant real-time database on intranct.

Shumin Meng

DOI: https://doi.org/10.1155/2022/1164807

2022-10-06

Abstract:The basic public service infrastructure in rural regions now has a lot of issues and flaws, which results in a low efficiency of basic public service delivery and substantially impedes the growth of the rural social economy and the enhancement of farmers' quality of life. Building a smart platform for monitoring the rural public service environment, realising the growth of rural areas, creating a new socialist countryside holistically, and ensuring the sustainable, stable, and healthy development of rural society are all of great strategic importance under the new circumstances. This essay explores ways to further encourage the development of rural public service platforms. In order to choose the best course of action for rural public services in the new era, this study studies the practical problem of rural public services and, using DM (Data Mining) technology, mines the user characteristics of public service platforms. The experimental findings demonstrate that the algorithm's accuracy is 94.38%. With the use of this technique, rural public services may efficiently mine user characteristics and offer specific technical support in the modern day. Decision-makers from all walks of life have an extraordinary desire for information concealed in huge amounts of data in the information age. The advantages of combining the two are becoming more widely recognised.