Dissertations / Theses on the topic 'Data detection'
Create a spot-on reference in APA, MLA, Chicago, Harvard, and other styles
Consult the top 50 dissertations / theses for your research on the topic 'Data detection.'
Next to every source in the list of references, there is an 'Add to bibliography' button. Press on it, and we will generate automatically the bibliographic reference to the chosen work in the citation style you need: APA, MLA, Harvard, Chicago, Vancouver, etc.
You can also download the full text of the academic publication as pdf and read online its abstract whenever available in the metadata.
Browse dissertations / theses on a wide variety of disciplines and organise your bibliography correctly.
Weis, Melanie. "Duplicate detection in XML data." Duisburg Köln WiKu, 2007. http://d-nb.info/987676849/04.
Full textCao, Lei. "Outlier Detection In Big Data." Digital WPI, 2016. https://digitalcommons.wpi.edu/etd-dissertations/82.
Full textAbghari, Shahrooz. "Data Modeling for Outlier Detection." Licentiate thesis, Blekinge Tekniska Högskola, Institutionen för datalogi och datorsystemteknik, 2018. http://urn.kb.se/resolve?urn=urn:nbn:se:bth-16580.
Full textScalable resource-efficient systems for big data analytics
Payne, Timothy Myles. "Remote detection using fused data /." Title page, abstract and table of contents only, 1994. http://web4.library.adelaide.edu.au/theses/09PH/09php3465.pdf.
Full textForstén, Andreas. "Unsupervised Anomaly Detection in Receipt Data." Thesis, KTH, Skolan för datavetenskap och kommunikation (CSC), 2017. http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-215161.
Full textMed de framsteg inom datahantering och datorkraft som gjorts så kommer också möjligheten att automatisera uppgifter som ej nödvändigtvis utförs av människor. Denna studie gjordes i samarbete med ett företag som digitaliserar företags kvitton. Vi undersöker möjligheten att automatisera sökandet av avvikande kvittodata, vilket kan avlasta revisorer. Vti studerar både avvikande användarbeteenden och individuella kvitton. Resultaten indikerar att automatisering är möjligt, vilket kan reducera behovet av mänsklig inspektion av kvitton
Tian, Xuwen, and 田旭文. "Data-driven textile flaw detection methods." Thesis, The University of Hong Kong (Pokfulam, Hong Kong), 2012. http://hdl.handle.net/10722/196091.
Full textpublished_or_final_version
Industrial and Manufacturing Systems Engineering
Doctoral
Doctor of Philosophy
Siddiqui, Muazzam. "DATA MINING METHODS FOR MALWARE DETECTION." Doctoral diss., University of Central Florida, 2008. http://digital.library.ucf.edu/cdm/ref/collection/ETD/id/2783.
Full textPh.D.
Other
Sciences
Modeling and Simulation PhD
Mohd, Ali Azliza. "Anomalous behaviour detection using heterogeneous data." Thesis, Lancaster University, 2018. http://eprints.lancs.ac.uk/125026/.
Full textPellissier, Muriel. "Anomaly detection technique for sequential data." Thesis, Grenoble, 2013. http://www.theses.fr/2013GRENM078/document.
Full textNowadays, huge quantities of data can be easily accessible, but all these data are not useful if we do not know how to process them efficiently and how to extract easily relevant information from a large quantity of data. The anomaly detection techniques are used in many domains in order to help to process the data in an automated way. The anomaly detection techniques depend on the application domain, on the type of data, and on the type of anomaly.For this study we are interested only in sequential data. A sequence is an ordered list of items, also called events. Identifying irregularities in sequential data is essential for many application domains like DNA sequences, system calls, user commands, banking transactions etc.This thesis presents a new approach for identifying and analyzing irregularities in sequential data. This anomaly detection technique can detect anomalies in sequential data where the order of the items in the sequences is important. Moreover, our technique does not consider only the order of the events, but also the position of the events within the sequences. The sequences are spotted as anomalous if a sequence is quasi-identical to a usual behavior which means if the sequence is slightly different from a frequent (common) sequence. The differences between two sequences are based on the order of the events and their position in the sequence.In this thesis we applied this technique to the maritime surveillance, but this technique can be used by any other domains that use sequential data. For the maritime surveillance, some automated tools are needed in order to facilitate the targeting of suspicious containers that is performed by the customs. Indeed, nowadays 90% of the world trade is transported by containers and only 1-2% of the containers can be physically checked because of the high financial cost and the high human resources needed to control a container. As the number of containers travelling every day all around the world is really important, it is necessary to control the containers in order to avoid illegal activities like fraud, quota-related, illegal products, hidden activities, drug smuggling or arm smuggling. For the maritime domain, we can use this technique to identify suspicious containers by comparing the container trips from the data set with itineraries that are known to be normal (common). A container trip, also called itinerary, is an ordered list of actions that are done on containers at specific geographical positions. The different actions are: loading, transshipment, and discharging. For each action that is done on a container, we know the container ID and its geographical position (port ID).This technique is divided into two parts. The first part is to detect the common (most frequent) sequences of the data set. The second part is to identify those sequences that are slightly different from the common sequences using a distance-based method in order to classify a given sequence as normal or suspicious. The distance is calculated using a method that combines quantitative and qualitative differences between two sequences
Al-Bataineh, Hussien Suleiman. "Islanding Detection Using Data Mining Techniques." Thesis, North Dakota State University, 2015. https://hdl.handle.net/10365/27634.
Full textHuang, Yuzhou. "Duplicate detection in XML Web data /." View abstract or full-text, 2009. http://library.ust.hk/cgi/db/thesis.pl?CSED%202009%20HUANG.
Full textGHORBANI, SONIYA. "Anomaly Detection in Electricity Consumption Data." Thesis, Högskolan i Halmstad, Akademin för informationsteknologi, 2017. http://urn.kb.se/resolve?urn=urn:nbn:se:hh:diva-35011.
Full textAlkharboush, Nawaf Abdullah H. "A data mining approach to improve the automated quality of data." Thesis, Queensland University of Technology, 2014. https://eprints.qut.edu.au/65641/1/Nawaf%20Abdullah%20H_Alkharboush_Thesis.pdf.
Full textThomas, Kim. "Incident detection on arterials using neural network data fusion of simulated probe vehicle and loop detector data /." [St. Lucia, Qld.], 2005. http://www.library.uq.edu.au/pdfserve.php?image=thesisabs/absthe18433.pdf.
Full textFrascarelli, Antonio Ezio. "Object Detection." Thesis, Mälardalens högskola, Inbyggda system, 2015. http://urn.kb.se/resolve?urn=urn:nbn:se:mdh:diva-28259.
Full textZhang, Ji. "Towards outlier detection for high-dimensional data streams using projected outlier analysis strategy." University of Southern Queensland, Faculty of Sciences, 2008. http://eprints.usq.edu.au/archive/00005645/.
Full textLi, Lishuai. "Anomaly detection in airline routine operations using flight data recorder data." Thesis, Massachusetts Institute of Technology, 2013. http://hdl.handle.net/1721.1/82498.
Full textThis thesis was scanned as part of an electronic thesis pilot project.
Cataloged from PDF version of thesis.
Includes bibliographical references (p. 141-145).
In order to improve safety in current air carrier operations, there is a growing emphasis on proactive safety management systems. These systems identify and mitigate risks before accidents occur. This thesis develops a new anomaly detection approach using routine operational data to support proactive safety management. The research applies cluster analysis to detect abnormal flights based on Flight Data Recorder (FDR) data. Results from cluster analysis are provided to domain experts to verify operational significance of such anomalies and associated safety hazards. Compared with existing methods, the cluster-based approach is capable of identifying new types of anomalies that were previously unaccounted for. It can help airlines detect early signs of performance deviation, identify safety degradation, deploy predictive maintenance, and train staff accordingly. The first part of the detection approach employs data-mining algorithms to identify flights of interest from FDR data. These data are transformed into a high-dimensional space for cluster analysis, where normal patterns are identified in clusters while anomalies are detected as outliers. Two cluster-based anomaly detection algorithms were developed to explore different transformation techniques: ClusterAD-Flight and ClusterAD-Data Sample. The second part of the detection approach is domain expert review. The review process is to determine whether detected anomalies are operationally significant and whether they represent safety risks. Several data visualization tools were developed to support the review process which can be otherwise labor-intensive: the Flight Parameter Plots can present raw FDR data in informative graphics; The Flight Abnormality Visualization can help domain experts quickly locate the source of such anomalies. A number of evaluation studies were conducted using airline FDR data. ClusterAD-Flight and ClusterAD-Data Sample were compared with Exceedance Detection, the current method in use by airlines, and MKAD, another anomaly detection algorithm developed at NASA, using a dataset of 25519 A320 flights. An evaluation of the entire detection approach was conducted with domain experts using a dataset of 10,528 A320 flights. Results showed that both cluster-based detection algorithms were able to identify operationally significant anomalies that beyond the capacities of current methods. Also, domain experts confirmed that the data visualization tools were effective in supporting the review process.
by Lishuai Li.
Ph.D.
Draisbach, Uwe, Felix Naumann, Sascha Szott, and Oliver Wonneberg. "Adaptive windows for duplicate detection." Universität Potsdam, 2012. http://opus.kobv.de/ubp/volltexte/2012/5300/.
Full textDuplikaterkennung beschreibt das Auffinden von mehreren Datensätzen, die das gleiche Realwelt-Objekt repräsentieren. Diese Aufgabe ist nicht trivial, da sich (i) die Datensätze geringfügig unterscheiden können, so dass Ähnlichkeitsmaße für einen paarweisen Vergleich benötigt werden, und (ii) aufgrund der Datenmenge ein vollständiger, paarweiser Vergleich nicht möglich ist. Zur Lösung des zweiten Problems existieren verschiedene Algorithmen, die die Datenmenge partitionieren und nur noch innerhalb der Partitionen Vergleiche durchführen. Einer dieser Algorithmen ist die Sorted-Neighborhood-Methode (SNM), welche Daten anhand eines Schlüssels sortiert und dann ein Fenster über die sortierten Daten schiebt. Vergleiche werden nur innerhalb dieses Fensters durchgeführt. Wir beschreiben verschiedene Variationen der Sorted-Neighborhood-Methode, die auf variierenden Fenstergrößen basieren. Diese Ansätze basieren auf der Intuition, dass Bereiche mit größerer und geringerer Ähnlichkeiten innerhalb der sortierten Datensätze existieren, für die entsprechend größere bzw. kleinere Fenstergrößen sinnvoll sind. Wir beschreiben und evaluieren verschiedene Adaptierungs-Strategien, von denen nachweislich einige bezüglich Effizienz besser sind als die originale Sorted-Neighborhood-Methode (gleiches Ergebnis bei weniger Vergleichen).
Hajimohammadi, Hamid Reza. "Classification of Data Series at Vehicle Detection." Thesis, Uppsala University, Department of Information Technology, 2009. http://urn.kb.se/resolve?urn=urn:nbn:se:uu:diva-111163.
Full textThis paper purposes a new, simple and lightweight approach of previously studied algorithms that can be used for extracting of feature vectors that in turn enables one to classify a vehicle based on its magnetic signature shape.This algorithm is called ASWA that stands for Adaptive Spectral and Wavelet Analysis and it is a combination of features of a signal extracted by both of the spectral and wavelet analysis algorithms. The performance of classifiers using this feature vectors is compared to another feature vectors consisting of features extracted by Fourier transform and pattern information of the signal extracted by Hill-Pattern algorithm (CFTHP). By using ASWA-based feature vectors, there have been improvements in all of classification algorithms results such as K-Nearest Neighbors (KNN), Support Vector Machine (SVM) and Probabilistic Neural Networks (PNN). However, the best improvement rate achieved using an ASWA-Based feature vectors in K-NN algorithm. The correct rate of the classifier using CFTHP-based feature vectors was 39.82 %, which have improved to 69.93 % by using ASWA. This is corresponding an overall improvement by 76 % in correct classification rates.
Mackie, Shona. "Exploiting weather forecast data for cloud detection." Thesis, University of Edinburgh, 2009. http://hdl.handle.net/1842/4350.
Full textPenny, Kay Isabella. "Multivariate outlier detection in laboratory safety data." Thesis, University of Aberdeen, 1995. http://ethos.bl.uk/OrderDetails.do?uin=uk.bl.ethos.282687.
Full textGrover, Vikas. "Crime prediction and detection with data mining." Thesis, University of Portsmouth, 2009. https://researchportal.port.ac.uk/portal/en/theses/crime-prediction-and-detection-with-data-mining(51a8e1ce-3841-4288-adb2-a4e9bc6748e3).html.
Full textWong, Kuo-Hsiung Hanson 1977. "Artifact detection in physiological parameter trend data." Thesis, Massachusetts Institute of Technology, 2003. http://hdl.handle.net/1721.1/87874.
Full textIncludes bibliographical references (leaves 94-95).
by Kuo-Hsiung Hanson Wong.
M.Eng.
Jin, Jiakun. "A Multivariate Data Stream Anomaly Detection Framework." Thesis, KTH, Skolan för elektro- och systemteknik (EES), 2016. http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-194202.
Full textHöghastighet ström anomali detektion är en viktig teknik som används i många industriella tillämpningar såsom övervakningssystem för hälsa, upptäckande av ekonomiska bedrägerier, övervakning av kundernas ovanliga beteende och så vidare. I dessa scenarier kommer multivariat data i hög hastighet, och måste beräknas i realtid. Eftersom lösningar för höghastighet multivariat ström anomali detektion är fortfarande under utveckling, är syftet med denna avhandling att införa en ramverk för att testa olika anomali algoritmer. Multivariat anomali detektion har oftast två viktiga steg: att upptäcka punkt-avvikelser och att upptäcka ström-avvikelser. Punkt- anomali detektorer används för att överföra multivariat data i anomali poäng enligt den senaste tidens dataström. Ström anomali detektorer används för att detektera ström avvikelser baserade på den senaste tidens anomali poäng genererade från föregående punkt anomali detektoren. Denna avhandling presenterar ett flexibelt ramverk som möjlig gör enkel integration och utvärdering av olika datakällor, punkt och ström anomali detektorer. För att demonstrera ramverkets kapabiliteteter, betraktar vi olika scenarier med datageneratorer av konstgjorda data, verkliga industri data och tidsseriedata; punkt anomali detektorer PYISC, SVM och Löf, och ström anomali detektorer DDM, CUSUM och FCWM. Utvärderingsresultaten visar att för punkt anomali detektor har PYISC och LOF bra prestanda när datafördelningen är kända, men SVM fungerar bra även när fördelningarna inte är kända. För ström anomali detektor har DDM vissa sannolikhet att få falskt upptäcka avvikelser, och CUSUM vissa sannolikhet att misslycka när avvikelser ökar långsamt. FCWM fungerar bäst med mycket låga sannolikhet för misslyckande.
Cheng, Long. "Program Anomaly Detection Against Data-Oriented Attacks." Diss., Virginia Tech, 2018. http://hdl.handle.net/10919/84937.
Full textPh. D.
Yan, Yizhou. "Contextual Outlier Detection from Heterogeneous Data Sources." Digital WPI, 2020. https://digitalcommons.wpi.edu/etd-dissertations/598.
Full textMartignano, Anna. "Real-time Anomaly Detection on Financial Data." Thesis, KTH, Skolan för elektroteknik och datavetenskap (EECS), 2020. http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-281832.
Full textDetta arbete presenterar en undersökning av tillämpningar av Network Representation Learning (NRL) inom den finansiella industrin. Metoder inom NRL möjliggör datadriven kondensering av grafstrukturer till lågdimensionella och lätthanterliga vektorer.Dessa vektorer kan sedan användas i andra maskininlärningsuppgifter. Närmare bestämt, kan metoder inom NRL underlätta hantering av och informantionsutvinning ur beräkningsintensiva och storskaliga grafer inom den finansiella sektorn, till exempel avvikelsehantering bland finansiella transaktioner. Arbetet med data av denna typ försvåras av det faktum att transaktionsgrafer är dynamiska och i konstant förändring. Utöver detta kan noderna, dvs transaktionspunkterna, vara vitt skilda eller med andra ord härstamma från olika fördelningar.I detta arbete har Graph Convolutional Network (ConvGNN) ansetts till den mest lämpliga lösningen för nämnda tillämpningar riktade mot upptäckt av avvikelser i transaktioner. GraphSAGE har använts som utgångspunkt för experimenten i två olika varianter: en dynamisk version där vikterna uppdateras allteftersom nya transaktionssekvenser matas in, och en variant avsedd särskilt för bipartita (tvådelade) grafer. Dessa varianter har utvärderats genom användning av faktiska datamängder med avvikelsehantering som slutmål.
Patcha, Animesh. "Network Anomaly Detection with Incomplete Audit Data." Diss., Virginia Tech, 2006. http://hdl.handle.net/10919/28334.
Full textPh. D.
Salzwedel, Jason Paul. "Anomaly detection in a mobile data network." Master's thesis, Faculty of Science, 2019. http://hdl.handle.net/11427/31202.
Full textPyon, Yoon Soo. "Variant Detection Using Next Generation Sequencing Data." Case Western Reserve University School of Graduate Studies / OhioLINK, 2013. http://rave.ohiolink.edu/etdc/view?acc_num=case1347053645.
Full textSperl, Ryan E. "Hierarchical Anomaly Detection for Time Series Data." Wright State University / OhioLINK, 2020. http://rave.ohiolink.edu/etdc/view?acc_num=wright1590709752916657.
Full textZANONI, MARCO. "Data mining techniques for design pattern detection." Doctoral thesis, Università degli Studi di Milano-Bicocca, 2012. http://hdl.handle.net/10281/31515.
Full text曾偉明 and Wai-ming Peter Tsang. "Computer aided ultrasonic flaw detection and characterization." Thesis, The University of Hong Kong (Pokfulam, Hong Kong), 1987. http://hub.hku.hk/bib/B31231007.
Full textPeng, Qinmu. "Visual attention: saliency detection and gaze estimation." HKBU Institutional Repository, 2015. https://repository.hkbu.edu.hk/etd_oa/207.
Full textShtarkalev, Bogomil Iliev. "Single data set detection for multistatic Doppler radar." Thesis, University of Edinburgh, 2015. http://hdl.handle.net/1842/10556.
Full textKutzner, Kendy. "Processing MODIS Data for Fire Detection in Australia." Thesis, Universitätsbibliothek Chemnitz, 2002. http://nbn-resolving.de/urn:nbn:de:bsz:ch1-200200831.
Full textDas Ziel dieser Arbeit war die Nutzung von Fernerkundungsdaten des MODIS Instruments an Bord des Satelliten Terra zur Erkennung von Buschfeuern in Australien. Das schloss die Vorverarbeitung der Daten vom Demodulator, die Bitsynchronisation und die Umpacketierung der Daten ein. IMAPP wurde genutzt um die Daten zu kalibrieren und zu geolokalisieren. Die Feuererkennung bedient sich einer Kombination von absoluten Schwellwerttests, Differenztests und Vergleichen mit dem Hintergrund. Die Ergebnisse wurden in eine rechteckige Laengen/Breitengradkarte projiziert um dem BowTie Effekt entgegenzuwirken. Die benutzten Algrorithmen wurden in C und Matlab implementiert. Es zeigte sich, dass es moeglich ist in den verfuegbaren Daten Feuer zu erkennen. Die Ergebnisse wurden mit Feuererkennungen der NASA und Feuererkennung die auf anderen Sensoren basieren verglichen und fuer sehr aehnlich befunden
Svedberg, Oskar. "Automatic detection of ULF waves in Cluster data." Thesis, KTH, Rymd- och plasmafysik, 2007. http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-91550.
Full textAlmutairi, Abdulrazaq Z. "Improving intrusion detection systems using data mining techniques." Thesis, Loughborough University, 2016. https://dspace.lboro.ac.uk/2134/21313.
Full textYing, Yeqiu. "Synchronization and data detection in wireless sensor networks." Thesis, University of Leeds, 2007. http://ethos.bl.uk/OrderDetails.do?uin=uk.bl.ethos.485187.
Full textPrestberg, Lars. "Automatisk sammanställning av mätbara data : Intrusion detection system." Thesis, Mittuniversitetet, Avdelningen för informations- och kommunikationssystem, 2016. http://urn.kb.se/resolve?urn=urn:nbn:se:miun:diva-28254.
Full textSZEKÉR, MÁTÉ. "Spatio-temporal outlier detection in streaming trajectory data." Thesis, KTH, Skolan för datavetenskap och kommunikation (CSC), 2014. http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-155739.
Full textPurwar, Yashasvi. "Data based abnormality detection." Master's thesis, 2011. http://hdl.handle.net/10048/1858.
Full textProcess Control
"Detection statistics for multichannel data." Research Laboratory of Electronics, Massachusetts Institute of Technology, 1989. http://hdl.handle.net/1721.1/4202.
Full textAlso issued as Thesis (Ph. D.)--Massachusetts Institute of Technology, Dept. of Electrical Engineering and Computer Science, 1989.
Includes bibliographical references (p. 109-113).
Research supported by the Advanced Research Projects Agency monitored by the Office of Naval Research, the National Science Foundation, Sanders Associates, Inc., and the Amoco Foundation.
Kurt, Mehmet Necip. "Data-Driven Quickest Change Detection." Thesis, 2020. https://doi.org/10.7916/d8-yz99-3e67.
Full textPienaar, Abel Jacobus. "Fraud detection using data mining." Thesis, 2014. http://hdl.handle.net/10210/9112.
Full textFraud is a major problem in South Africa and the world and organisations lose millions each year to fraud not being detected. Organisations can deal with the fraud that is known to them, but undetected fraud is a problem. There is a need for management, external- and internal auditors to detect fraud within an organisation. There is a further need for an integrated fraud detection model to assist managers and auditors to detect fraud. A literature study was done of authoritative textbooks and other literature on fraud detection and data mining, including the Knowledge Discovery Process in databases and a model was developed that will assist the manager and auditor to detect fraud in an organisation by using a technology called data mining which makes the process of fraud detection more efficient and effective.
Sharma, Khushboo. "Outlier Detection for Categorical Data." Thesis, 2017. http://ethesis.nitrkl.ac.in/8836/1/2017_MT_KSharma.pdf.
Full textSousa, Maria Inês Neves de. "Data mining for anomaly detection in maritime traffic data." Master's thesis, 2018. http://hdl.handle.net/10400.26/25059.
Full textNos últimos anos, os oceanos tornaram-se, mais uma vez, um importante meio de comunicação e transporte. De facto, a densidade de tráfego global sofreu um crescimento substancial, o que levantou algumas preocupações. Com esta expansão, a necessidade de atingir um elevado Conhecimento Situacional Marítimo (CSM) é imperativa. Hoje em dia, esta necessidade pode ser satisfeita mais facilmente graças à vasta quantidade de dados disponíveis de tráfego marítimo. No entanto, isso leva a outra questão: sobrecarga de dados. Atualmente existem tantas fontes de dados, tantos dados dos quais extrair informação, que os operadores não conseguem acompanhar. Existe uma necessidade premente para sistemas que ajudem a escrutinar todos os dados, analisando e correlacionando, contribuindo desta maneira ao processo de tomada de decisão. Nesta dissertação, o principal objetivo é usar diferentes fontes de dados para detetar anomalias e contribuir para uma clara Recognised Maritime Picture (RMP). Para tal, é necessário saber que tipos de dados existem e quais é que se encontram disponíveis para análise posterior. Os dados escolhidos para esta dissertação foram dados Automatic Identification System (AIS) e dados de Monitorização Contínua das Atividades da Pesca (MONICAP), também conhecidos como dados de Vessel Monitoring System (VMS). De forma a armazenar dados correspondentes a um ano de AIS e MONICAP, foi criada uma base de dados em PostgreSQL. Para analisar e retirar conclusões, foi utilizada uma ferramenta de data mining, nomeadamente, o Orange. De modo a que pudesse ser avaliada a correlação entre fontes de dados e serem detetadas anomalias foram realizados vários testes. A correlação de dados nunca foi tão importante e pretende-se com esta dissertação mostrar que existe uma forma simples e eficaz de obter respostas de grandes quantidades de dados
Chen, Kai-Wei, and 陳凱威. "Data Visualization Applied for Anomaly Detection in Intrusion Detection Systems." Thesis, 2018. http://ndltd.ncl.edu.tw/handle/bf3996.
Full text國立臺灣大學
電信工程學研究所
106
An intrusion detection system (IDS) is a device or software application that detects attacks by the features extract from network traffic, packets, security logs, etc, to monitor malicious activities or policy violations. IDS could fall into two categories: signature-based and anomaly-based. Signature-based IDS extracts features from past anomaly behaviors to build a database for further analysis and detection. Anomaly-based IDS build the malicious behavior model from the relationship between features and labels of dataset by machine learning algorithm, to identify the content is anomaly or not. Anomaly-base IDS can detect unknown behavior, but the accuracy and false positive performs worse than signatured-based IDS. In this paper, we combine the concept of Data Visualization and Convolutional Neural Network to build a model for anomaly-based IDS by transform the dataset into images by data visualization algorithm to train the convolutional neural network model. The detection accuracy for NSL-KDD TEST+ dataset contained unknown attacks can reach 81.84%. The minimum false positive rate of the models could be reduce to 17.83%, and the hardware computation requirements of the training and testing procedure are compared with the well-known EM clustering method. Finally, besides of the information security field, other research fields could apply this method as long as the contents of the dataset are complete enough, which demonstrates the versatility and future development.
Jayannavar, Prashant A. "Community Detection in Networks." Thesis, 2013. http://ethesis.nitrkl.ac.in/4755/1/109CS0148.pdf.
Full textMa, Li-Yu, and 馬莉芋. "Data Mining For Network Intrusion Detection." Thesis, 2005. http://ndltd.ncl.edu.tw/handle/a98a4f.
Full text銘傳大學
資訊管理學系碩士班
93
According to survey of CERT, the rate of cyber attacks has been more than doubling every year in recent times. It has become increasingly important to make our information systems safely. The huge and variable information of network couldn’t be determined by human. And the hacker always can find new way of attack. How could we find this connect is attack or not? And stop it before being attacked. We use DARPA data set and data mining technology training kind of attack model. In the testing data set head, it includes new attack behaviors which never appear in the training data set to ensure our network intrusion model effective making information systems of corporation safely.