Artificial Intelligence and Data Mining Approaches in Security Frameworks. Группа авторов

Artificial Intelligence and Data Mining Approaches in Security Frameworks - Группа авторов


Скачать книгу
this type of clustering, a cluster is formed with the help of area with higher density as compared to the rest of the data.

      Following are three most frequently used Density-based Clustering techniques:

      1 i) Mean-Shift

      2 ii) OPTICS

      3 iii) DBSCAN

      c) Centroid-Based Clustering

      Clusters that are represented by a vector are a part of centroid-based clustering. It is not a mandate requirement that these clusters should be a part of the given dataset. The number of clusters is inadequate to size k in k means clustering algorithm; therefore, it is essential to find centres of k cluster and allocate objects to their nearest centres. By taking different values of k random initializations, this algorithm runs multiple times to select the best of multiple runs (Giannotti et al., 2013). In k medoid clustering, clusters are firmly limited to the members of the dataset, whereas in k medians clustering, median is taken to form a cluster; the foremost drawback of these techniques is that we have to select the number of clusters beforehand.

      d) Connection-Based (Hierarchical) clustering

      On the basis of the different ways with which distance is calculated, there are several types of connection-based clusters:

      1 i) Single-Linkage Clustering

      2 ii) Complete-Linkage

      3 iii) Average-Linkage Clustering

      e) Recent Clustering Techniques

      For high dimensional data, the above-mentioned standard clustering techniques are not fit, therefore some new techniques are being discovered. These new techniques can be classified into two major categories, namely: Subspace Clustering and Correlation Clustering.

      A small list of attributes that should be measured for the formation of a cluster is taken into consideration under subspace clustering. Correlation between the chosen attributes can also be performed with correlation clustering.

      To extract the pertinent knowledge from large volumes of data and to protect all sensitive information of that database, we use privacy preserving data mining (PPDM). These techniques are created with the aim to confirm the protection of sensitive data so that privacy can be reserved with the efficient performance of all data mining operations. There are two classes of privacy concerned data mining techniques:

      1 Data privacy

      2 Information privacyModification of database for the protection of sensitive data of the individuals, we use data privacy technique. If there is a requirement for the modification of sensitive knowledge that can be deduced from the database, information privacy technique is preferred. To provide privacy to input, data privacy is preferable, whereas for providing privacy to output, the technique of information privacy is used. To reserve personal information from exposure is the main focus of a PPDM algorithm. It relies on the analysis of those mining algorithms that are attained during data privacy. Main objective of Privacy Preserving Data Mining is building algorithms that convert the original data in some useful means, so that there is no visibility of private data and knowledge even after a successful mining process. Privacy laws would allow the access in the case that some related satisfactory benefit is found resulting from the access.

      1 i) Location

      2 ii) Type of Sensors

      3 iii)Technique used by the Central engine for generation of alerts.

      All the three components of an intrusion detection system can be integrated into a single device.

      2.5.1 Types of IDS

      Detection of an intrusion could be done either on a network or with an individual system and therefore we have three types of IDS, namely: Network Based, Host Based and Hybrid IDS.

       2.5.1.1 Network-Based IDS

      Advantages

      Following are the advantages of a Network-Based IDS:

      1 They can be made invisible to improve the security against attacks.

      2 Large size of networks can be monitored by network-based IDS.

      3 This IDS can give better output deprived of upsetting the usual working of a network.

      4 It is easy to fit in an IDS into an existing network.

      Limitations

      Limitations of Network-Based IDS are as follows:

      1 Virtual


Скачать книгу