Data-mining Based Anomaly Detection in Document Management System

장현성

Data-mining Based Anomaly Detection in Document Management System

Journal of Knowledge Information Technology and Systems
Abbr : JKITS
2015, 10(4), pp.465-473
Publisher : Korea Knowledge Information Technology Society
Research Area : Interdisciplinary Studies > Interdisciplinary Research
Published : August 31, 2015

장현성 ¹

¹서울과학종합대학교

Accredited

ABSTRACT

The problem of security management in document management system is that it is even harder to detect an authenticator who uses the system anomalously, although it is as much as possible to prevent and detect the movement of exposing information or destroying the system as a malicious purpose by means of passing through physical and logical protective devices of the system. To solve this problem, an usage status of a contents has been collected within a certain period of time, which is actually used at a specific site and the behavior patterns of a user based on data mining technique which has been analyzed. The main variable deciding a user's pattern has been analyzed and the user has been clustering according to the result. A single-host based on anomaly detection model was designed by techniques of K-Means and Self-Organizing Maps being used for clustering. This model detects a case where a specific user deviates the existing result of clustering in comparison of the result of experiment as anomaly. The content usage pattern of a user was utilized for the designed detection model while the existing detection model of anomaly was established through analysis of usage pattern of command or data packet. In this study, it is to discuss data mining-based anomaly detection model in which couldn't be solved out by the existing method, detection of a user’s intentional exposure of information, and the result of the experiment.

KEYWORDS

Data mining, Anormaly detection, Security management, Document management

Citation status

* References for papers published after 2023 are currently being built.

[book] S. Noel / 2002 / Modern intrusion detection, data mining, and degrees of attack guilt, in applications of data mining / In Computer Security Kluwer Academic Publisher

[book] Klaus Julisch / 2002 / In Applications of Data Mining in Computer Security / Kluwer Academic Publisher

[book] J. F. Roddick / 2001 / Paradigms for spatial and spatio-temporal data mining, geographic data mining and knowledge discovery / Taylor and Francis

[report] J.P Anderson / 1980 / Computer security threat monitoring and surveillance, Technical report / James P Anderson

[confproc] Steven E Smaha / 1988 / Haystack: An intrusion detection system / In Fourth Aerospace Computer Security Applications Conference : 37~44

[thesis] Kumar, Sandeep / 1995 / Classification and detection of computer intrusions / Purdue University

[book] R. Schalfoff / 1992 / Pattern recognition-statistical, structural and neural approach / John Wiley & Sons

[journal] R. Agrawal / 1993 / Database mining: A performance perspective / IEEE Transactions on Knowledge and Data Engineering 9(6) : 914~925

[book] J. Han / 2000 / Data mining:concepts and techniques / Morgan Kaufmann

[journal] J. F. Roddick / 1999 / A bibliography of temporal, spatial and spatio-temporal data mining research / SIGKDD Explorations 1 : 34~38

KJCKorea
Journal Central

Journal of Knowledge Information Technology and Systems 2023 KCI Impact Factor : 0.89