Scribd
Upload
53 views9 pages

Data Mining

The document discusses using data mining techniques for cyber security applications such as intrusion detection. It describes how anomaly detection, classification, and prediction can help identify unusual patterns and behaviors to detect attacks. Data mining of historical audit data and intrusion alarms can reduce future false alarms and help automate the investigation process. The document also briefly mentions using data mining for counterterrorism and surveillance by analyzing large amounts of video data to help human analysts identify unusual activity.

Uploaded by

Lokendra Kumar Tiwari
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPT, PDF, TXT or read online on Scribd
53 views9 pages

Data Mining

The document discusses using data mining techniques for cyber security applications such as intrusion detection. It describes how anomaly detection, classification, and prediction can help identify unusual patterns and behaviors to detect attacks. Data mining of historical audit data and intrusion alarms can reduce future false alarms and help automate the investigation process. The document also briefly mentions using data mining for counterterrorism and surveillance by analyzing large amounts of video data to help human analysts identify unusual activity.

Uploaded by

Lokendra Kumar Tiwari
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPT, PDF, TXT or read online on Scribd
You are on page 1/ 9

Data Mining for Security

Applications

1
August 20, 2018
C Contents of the Presentation
S
E
D
Intrusion Detection
1. Over View of Data Mining
M
N 2. Cyber Security and Data Mining
N
I 3. Intrusion Detection
T
4. Data Mining For Information Security / Digital Forensics
A
L 5. Conclusion
L
A
H
A
B
A
D
August 20, 2018 2
C Data Mining
S
E
D
• Data Mining - Extraction of interesting information or
M patterns from data in large databases [Han and Kamber
N 2005].
N
I
T • Data mining is used to sort through the tremendous
amounts of data stored by automated data collection tools.
A
L • Extracts rules, regularities, patterns, and constraints from
L databases.
A
H
A
B
A
D
August 20, 2018 3
C Threats
S
E
D

M
N
N
I
T

A
L
L
A
H
A
B
A
D
August 20, 2018 4
C Data Mining For Cyber Security
S
E
D
I
Data mining is being applied to problems such as intrusion detection
M
N and auditing. For example
N
I 1. Anomaly detection techniques could be used to detect unusual
T patterns and behaviors.
A 2. Classification may be used to group various cyber attacks and
L
L then use the profiles to detect an attack when it occurs.
A
H 3. Prediction may be used to determine potential future attacks
A depending in a way on information learnt about terrorists
B
A through email and phone conversations
D
August 20, 2018 5
C Intrusion Detection
S
E
D
I
Data mining can help automate the process of investigating intrusion
M
N detection alarms.
N
I
T Data mining on historical audit data and intrusion detection alarms can

A reduce future false alarms.


L
L
A
H
A
B
A
D
August 20, 2018 6
C Data Mining for Counter
S
E
Terriorism
D

M
N
N
I
T

A
L
L
A
H
A
B
A
D
August 20, 2018 7
Data Mining for Surveillance

Huge amounts of surveillance


and video data available in the
security domain

Analysis is being done off-line


usually using “Human Eyes”

Need for tools to aid human


analyst ( pointing out areas in
video where unusual activity
occurs)

8
August 20, 2018
C
S
E
D

M
N
N
I
T

A
Thanks
L
L
A
H
A
B
A
D 9

August 20, 2018

You might also like