Data Mining and Information Security

  • Alexander Grusho
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 10446)


Analysis of information security monitoring data is based on detection of anomalies causalities in “normal” process of an information system operation.

In the paper the JSM-method of data mining in the solution of this task is considered. For this purpose in identical situations the objects generated by “normal” data and anomalies are built. Further these objects are researched by JSM-method as the positive and negative examples of anomalies appearance.

The causalities of anomalies appearance found by JSM-method can be used as signatures for fast determination of information security violations.


Data mining Information security Anomaly JSM-method 



The research is supported by Russian Foundation for Basic Research (project 15-29-07981).


  1. 1.
    Legg, S., Hutter, M.: A collection of definitions of intelligence. Technical report, IDSIA-07-07, 15 June 2007Google Scholar
  2. 2.
    Legg, S., Hutter, M.: Universal intelligence: a definition of machine intelligence. J. Minds Mach. 17(4), 391–444 (2007). arXiv:0712.3329v1 [cs.AI]CrossRefGoogle Scholar
  3. 3.
    Grusho, A., Zabezhailo, M., Zatsarinnyi, A., Piskovskii, V., Borokhov, S.V.: On the potential applications of data mining for information security provision of cloud-based environments. J. Autom. Documentation Math. Linguist. 49(6), 193–201 (2015). doi: 10.3103/S0005105515060023 CrossRefGoogle Scholar
  4. 4.
    Grusho, A.A., Grusho, N.A., Timonina, E.E., Shorgin, S.Y.: Possibilities of secure architecture creation for dynamically changing information system. J. Syst. Means Inform. 25(3), 78–93 (2015)Google Scholar
  5. 5.
    Tukey, J.W.: Exploratory Data Analysis. Addison-Wesley Pub. Co., Reading (1977)zbMATHGoogle Scholar
  6. 6.
    Finn, V.K. (eds.) Automatic Hypothesis Generation in Intelligent Systems. KD “LIBROKOM”, Moscow (2009)Google Scholar
  7. 7.
    Anshakov, O.M.: About one interpretation of the DSM-method of automatic generation of hypotheses. In: Finn, V.K. (eds.) Automatic Hypothesis Generation in Intelligent Systems, pp. 78–91. KD “LIBROKOM”, Moscow (2009)Google Scholar
  8. 8.
    Finn, V.K., Mikheenkova, M.A.: About Situation-Dependent Extension of the DSM-method of Automatic Generation of Hypotheses. In: Finn, V.K. (eds.) Automatic Hypothesis Generation in Intelligent Systems, pp. 428–445. KD “LIBROKOM”, Moscow (2009)Google Scholar
  9. 9.
    Grusho, A.A., Zabezhailo, M.I., Zatsarinny, A.A.: On the advanced procedure to reduce calculation of galois closures. J. Inform. Appl. 10(4), 97–106 (2016). doi: 10.14357/19922264160410 Google Scholar
  10. 10.
    Grusho, A., Timonina, E.: Prohibitions in discrete probabilistic statistical problems. J. Discrete Math. Appl. 21(3), 275–281 (2011). doi: 10.4213/dm1140 MathSciNetzbMATHGoogle Scholar
  11. 11.
    Grusho, A., Timonina, E.: Consistent sequences of tests defined by bans. Optimization Theory, Decision Making, and Operation Research Applications. Springer Proceedings in Mathematics and Statistics, pp. 281–291. Springer, Heidelberg (2013). doi: 10.1007/978-1-4614-5134-1_20 CrossRefGoogle Scholar
  12. 12.
    Grusho, A., Grusho, N., Timonina, E.: Power functions of statistical criteria defined by bans. In: Proceeding of 29th European Conference on Modelling and Simulation ECMS 2015, pp. 617–621. Digitaldruck Pirrot GmbH, Germany (2016)Google Scholar
  13. 13.
    Grusho, A., Grusho, N., Timonina, E.: Statistical classification in monitoring systems. In: Proceeding of 30th European Conference on Modelling and Simulation ECMS 2016, pp. 658–662. Digitaldruck Pirrot GmbH, Germany (2015)Google Scholar
  14. 14.
    Grusho, A.A., Zabezhailo, M.I., Zatsarinny, A.A., Nikolaeb, A.V., Piskovski, V.O., Timonina, E.E.: Erroneous states classifications in dictributed computing systems and sources of their occurences. J. Syst. Means Inform. 27(2), 30–41 (2017). doi: 10.14357/08696527170203 Google Scholar

Copyright information

© Springer International Publishing AG 2017

Authors and Affiliations

  1. 1.Institute of Informatics Problems of Federal Research Center“Informatics and Control” of the Russian Academy of SciencesMoscowRussia

Personalised recommendations