본문 바로가기
  • Home

Data-mining Based Anomaly Detection in Document Management System

  • Journal of Knowledge Information Technology and Systems
  • Abbr : JKITS
  • 2015, 10(4), pp.465-473
  • Publisher : Korea Knowledge Information Technology Society
  • Research Area : Interdisciplinary Studies > Interdisciplinary Research
  • Published : August 31, 2015

장현성 1

1서울과학종합대학교

Accredited

ABSTRACT

The problem of security management in document management system is that it is even harder to detect an authenticator who uses the system anomalously, although it is as much as possible to prevent and detect the movement of exposing information or destroying the system as a malicious purpose by means of passing through physical and logical protective devices of the system. To solve this problem, an usage status of a contents has been collected within a certain period of time, which is actually used at a specific site and the behavior patterns of a user based on data mining technique which has been analyzed. The main variable deciding a user's pattern has been analyzed and the user has been clustering according to the result. A single-host based on anomaly detection model was designed by techniques of K-Means and Self-Organizing Maps being used for clustering. This model detects a case where a specific user deviates the existing result of clustering in comparison of the result of experiment as anomaly. The content usage pattern of a user was utilized for the designed detection model while the existing detection model of anomaly was established through analysis of usage pattern of command or data packet. In this study, it is to discuss data mining-based anomaly detection model in which couldn't be solved out by the existing method, detection of a user’s intentional exposure of information, and the result of the experiment.

Citation status

* References for papers published after 2023 are currently being built.