Tytuł artykułu
Wybrane pełne teksty z tego czasopisma
Identyfikatory
Warianty tytułu
Języki publikacji
Abstrakty
A new method of constructing classifiers from huge volume of temporal data is proposed in the paper. The novelty of introduced method finds expression in a multi-stage approach to build hierarchical classifiers that combines process mining, feature extraction based on temporal patterns and constructing classifiers based on a decision tree. Such an approach seems to be practical when dealing with huge volume of temporal data. As a proof of concept a system for packet-based network traffic anomaly detection was constructed, where anomalies are represented by spatio-temporal complex concepts and called by behavioral patterns. Hierarchical classifiers constructed with the new approach turned out to be better than “flat” classifiers based directly on captured network traffic data.
Wydawca
Czasopismo
Rocznik
Tom
Strony
19--34
Opis fizyczny
Bibliogr. 34 poz., rys., tab.
Twórcy
autor
- Interdisciplinary Centre for Computational Modelling, University of Rzeszów, Pigonia 1, 35-310 Rzeszów, Poland
autor
- Interdisciplinary Centre for Computational Modelling, University of Rzeszów, Pigonia 1, 35-310 Rzeszów, Poland
autor
- Interdisciplinary Centre for Computational Modelling, University of Rzeszów, Pigonia 1, 35-310 Rzeszów, Poland
autor
- Interdisciplinary Centre for Computational Modelling, University of Rzeszów, Pigonia 1, 35-310 Rzeszów, Poland
autor
- Department of Applied Computer Science, AGH University of Science and Technology, Mickiewicza 30, 30-059 Kraków, Poland
- Interdisciplinary Centre for Computational Modelling, University of Rzeszów, Pigonia 1, 35-310 Rzeszów, Poland
Bibliografia
- [1] A. Douzal-Chouakria, C. A.: Classification trees for time series, Pattern Recognition, 45, 2011, 1076–1091.
- [2] van der Aalst, W.: Process Mining: Discovery, Conformance and Enhancement of Business Processes, Springer Publishing Company, Incorporated, 2011.
- [3] Agrawal, R., Gunopulos, D., Leymann, F.: Mining Process Models from Workflow Logs, Proceedings of the 6th International Conference on Extending Database Technology: Advances in Database Technology (EDBT ’98), 1998.
- [4] Baier, C., Katoen, J.-P.: Principles of Model Checking, The MIT Press, London, UK, 2008.
- [5] Bazan, J., Bazan-Socha, S., Buregwa-Czuma, S., Pardel, P. W., Sokolowska, B.: Predicting the presence of serious coronary artery disease based on 24 hour Holter ECG monitoring, Proceedings of the Federated Conference on Computer Science and Information Systems (FedCSIS 2012), September 9-12, Wroclaw, Poland, 2012.
- [6] Bazan, J. G.: Behavioral Pattern Identification Through Rough Set Modeling, Fundamenta Informaticae, 72(1-3), 2006, 37–50.
- [7] Bazan, J. G.: Hierarchical classifiers for complex spatio-temporal concepts, Transactions on Rough Sets, 5390(IX), 2008, 474–750.
- [8] Bazan, J. G., Kruczek, P., Bazan-Socha, S., Skowron, A., Pietrzyk, J.: Automatic Planning of Treatment of Infants with Respiratory Failure Through Rough Set Modeling, Proceedings of the Fifth International Conference on Rough Sets and Current Trends in Computing (RSCTC’06), November 6-8, Kobe, Japan, 4259, Springer-Verlag, Berlin, Heidelberg, Germany, 2006.
- [9] Bazan, J. G., Nguyen, H. S., Nguyen, S. H., Synak, P., Wróblewski, J.: in: Rough Set Methods and Applications: New Developments in Knowledge Discovery in Information Systems (L. Polkowski, T. Y. Lin, S. Tsumoto, Eds.), vol. 56 of Studies in Fuzziness and Soft Computing, Springer-Verlag/Physica-Verlag, Heidelberg, Germany, 2000, 49–88.
- [10] Bazan, J. G., Skowron, A.: On-line elimination of non-relevant parts of complex objects in behavioral pattern identification, Proceedings of the First International Conference on Pattern Recognition and Machine Intelligence (PReMI’05), December 18-22, Kolkata, India (S. K. Pal, et al., Eds.), 3776, Springer-Verlag, Berlin, 2005.
- [11] Bazan, J. G., Szczuka, M.: The Rough Set Exploration System, Transactions on Rough Sets, 3400(3), 2005, 37–56.
- [12] Bereziński, P., Jasiul, B., Szpyrka: An Entropy-Based Network Anomaly Detection Method, Entropy, 17, 2015, 2367–2408.
- [13] Bereziński, P., Szpyrka, M., Jasiul, B., Mazur, M.: Network Anomaly Detection Using Parameterized Entropy, in: Computer Information Systems and Industrial Management Proceedings of the 13th IFIP TC8 International Conference CISIM 2014, vol. 8838 of LNCS, Springer-Verlag, 2014, 465–478.
- [14] Borrett, S., Bridewell,W., Langley, P., Arrigo, K.: A method for representing and developing process models, Ecological Complexity, 4(1–2), 2007, 1–12.
- [15] Breiman, L., Friedman, J., Stone, C. J., Olshen, R.: Classification and Regression Trees, Chapman And Hall/CRC Press, Boca Raton, FL, 1984.
- [16] Clarke, E., Grumberg, O., Peled, D.: Model Checking, The MIT Press, Cambridge, Massachusetts, 1999.
- [17] Hastie, T., Tibshirani, R., Friedman, J.: The elements of statistical learning: data mining, inference and prediction, 2 edition, Springer, 2008.
- [18] Healy, L.: A model to study cyber attack mechanics and denial-of-service exploits over the Internet’s router infrastructure using colored Petri nets, Technical report, http://commons.emich.edu/theses/218, 2009, Masters Theses and Doctoral Dissertations.
- [19] Jasiul, B., Śliwa, J., Gleba, K., Szpyrka, M.: Identification of malware activities with rules, in: Proceedings of the Federated Conference on Computer Science and Information Systems, vol. 2 of Annals of Computer Science and Information Systems, IEEE, Warsaw, Poland, 2014, 101–110.
- [20] Jasiul, B., Szpyrka, M., Śliwa, J.: Detection and Modeling of Cyber Attacks with Petri Nets, Entropy, 16, 2014, 6602–6623.
- [21] Jasiul, B., Szpyrka, M., Śliwa, J.: Malware behavior modelling with colored Petri nets, in: Computer Information Systems and Industrial Management Proceedings of the 13th IFIP TC8 International Conference CISIM 2014, vol. 8838 of LNCS, Springer-Verlag, 2014, 667–679.
- [22] Langley, P.: Cognitive architectures and general intelligent systems, AI Magazine, 27, 2006, 33–44.
- [23] Li, Z., Das, A., Zhou, J.: USAID: Unifying Signature-Based and Anomaly-Based Intrusion Detection, in: Advances in Knowledge Discovery and Data Mining (T. Ho, D. Cheung, H. Liu, Eds.), vol. 3518 of LNCS, Springer Berlin Heidelberg, 2005, 702–712.
- [24] Maimon, O., Rokach, L.: Data Mining and Knowledge Discovery Handbook, Springer-Verlag, Secaucus, NJ, USA, 2005.
- [25] Michalski, R., et al., Eds.: Machine Learning, vol. I-IV, Morgan Kaufmann, Los Altos, 1983, 1986, 1990, 1994.
- [26] Michie, D., Spiegelhalter, D. J., Taylor, C. C.: Machine learning, neural and statistical classification, Ellis Horwood Limited, England, 1994.
- [27] Mitchel, T. M.: Machine Learning, McGraw-Hill, Boston, MA, 1997.
- [28] Nalepa, G. J., Lig˛eza, A.: The HeKatE methodology. Hybrid engineering of intelligent systems, Applied Mathematics and Computer Science, 20(1), 2010, 35–53.
- [29] Nguyen, H. S.: Approximate Boolean Reasoning: Foundations and Applications in Data Mining, LNCS Transactions on Rough Sets V, 4100, 2006, 334–506.
- [30] Pancerz, K., Suraj, Z.: Discovery of Asynchronous Concurrent Models from Experimental Tables, Fundamenta Informaticae, 61(2), 2003, 97–116.
- [31] Pawlak, Z., Skowron, A.: Rough sets and Boolean reasoning, Information Sciences, 177, 2007, 41–73.
- [32] Pawlak, Z., Skowron, A.: Rudiments of rough sets, Information Sciences, 177, 2007, 3–27.
- [33] Quinlan, J. R.: C4.5: Programs for Machine Learning, Morgan Kaufmann Publishers, San Francisco, CA, 1992.
- [34] Tellenbach, B., Burkhart, M., Schatzmann, D., Gugelmann, D., Sornette, D.: Accurate Network Anomaly Classification with Generalized Entropy Metrics, Computer Networks, 55(15), 2011, 3485–3502.
Typ dokumentu
Bibliografia
Identyfikator YADDA
bwmeta1.element.baztech-397bf4b8-809f-4a9d-b1fb-aa0d49d31b19