Data Mining and Information Security
Analysis of information security monitoring data is based on detection of anomalies causalities in “normal” process of an information system operation.
In the paper the JSM-method of data mining in the solution of this task is considered. For this purpose in identical situations the objects generated by “normal” data and anomalies are built. Further these objects are researched by JSM-method as the positive and negative examples of anomalies appearance.
The causalities of anomalies appearance found by JSM-method can be used as signatures for fast determination of information security violations.
KeywordsData mining Information security Anomaly JSM-method
The research is supported by Russian Foundation for Basic Research (project 15-29-07981).
- 1.Legg, S., Hutter, M.: A collection of definitions of intelligence. Technical report, IDSIA-07-07, 15 June 2007Google Scholar
- 3.Grusho, A., Zabezhailo, M., Zatsarinnyi, A., Piskovskii, V., Borokhov, S.V.: On the potential applications of data mining for information security provision of cloud-based environments. J. Autom. Documentation Math. Linguist. 49(6), 193–201 (2015). doi: 10.3103/S0005105515060023 CrossRefGoogle Scholar
- 4.Grusho, A.A., Grusho, N.A., Timonina, E.E., Shorgin, S.Y.: Possibilities of secure architecture creation for dynamically changing information system. J. Syst. Means Inform. 25(3), 78–93 (2015)Google Scholar
- 6.Finn, V.K. (eds.) Automatic Hypothesis Generation in Intelligent Systems. KD “LIBROKOM”, Moscow (2009)Google Scholar
- 7.Anshakov, O.M.: About one interpretation of the DSM-method of automatic generation of hypotheses. In: Finn, V.K. (eds.) Automatic Hypothesis Generation in Intelligent Systems, pp. 78–91. KD “LIBROKOM”, Moscow (2009)Google Scholar
- 8.Finn, V.K., Mikheenkova, M.A.: About Situation-Dependent Extension of the DSM-method of Automatic Generation of Hypotheses. In: Finn, V.K. (eds.) Automatic Hypothesis Generation in Intelligent Systems, pp. 428–445. KD “LIBROKOM”, Moscow (2009)Google Scholar
- 12.Grusho, A., Grusho, N., Timonina, E.: Power functions of statistical criteria defined by bans. In: Proceeding of 29th European Conference on Modelling and Simulation ECMS 2015, pp. 617–621. Digitaldruck Pirrot GmbH, Germany (2016)Google Scholar
- 13.Grusho, A., Grusho, N., Timonina, E.: Statistical classification in monitoring systems. In: Proceeding of 30th European Conference on Modelling and Simulation ECMS 2016, pp. 658–662. Digitaldruck Pirrot GmbH, Germany (2015)Google Scholar