Anomaly Detection Using Data Mining Methods in IT Systems: A Decision Support Application
Uloženo v:
| Název: | Anomaly Detection Using Data Mining Methods in IT Systems: A Decision Support Application |
|---|---|
| Autoři: | Ferdi Sönmez, Metin Zontul, Oğuz Kaynar, Hayati Tutar |
| Zdroj: | Sakarya Üniversitesi Fen Bilimleri Enstitüsü Dergisi, Vol 22, Iss 4, Pp 1109-1123 (2018) |
| Informace o vydavateli: | Sakarya University, 2018. |
| Rok vydání: | 2018 |
| Sbírka: | LCC:Engineering (General). Civil engineering (General) LCC:Chemistry |
| Témata: | veri analizi, anomali tespiti, yapay sinir ağları, som, bellek i̇çi veritabanı sistemleri, data analysis, anomaly detection, artificial neural networks, self-organizing maps, in-memory database systems, Engineering (General). Civil engineering (General), TA1-2040, Chemistry, QD1-999 |
| Popis: | Although there are variousstudies on anomaly detection, simple and effective anomaly detection approachesare still necessary due to the lack of appropriate approaches for large-scalenetwork environments. In the existing analysis methods, it is seen that themethods of preliminary analysis are generally used, the extrapolations and probabilitiesare not taken into account and the unsupervised neural network (NN) methods arenot used enough. As an alternative, the use of the Self-Organizing Maps hasbeen preferred in the study. In other studies, analysis of data obtained fromnetwork traffic is analyzed, here, analysis of other information systems dataand suggestions for alternative solutions are given, too. In addition,in-memory database systems have been used in practice in order to enable fasterprocessing in analysis studies, due to the large size of data to be analyzed inlarge-scale network environments. An analysis of the application log dataobtained from the management tools in the information systems was carried out.After anomaly detection results obtained and the verification test results arecompared, it is found out that anomaly detection process is successful by 96%.The advantage offered for the company and users at IT and security monitoringprocesses is to eliminate the need for pre-qualification and to reduce the heavyworkload. By this way, it is thought that a significant cost item iseliminated. It is also contemplated that the security vulnerabilities andproblems associated with unpredictable issues will be detected through practiceand thus many attacks and problems will be prevented in advance. |
| Druh dokumentu: | article |
| Popis souboru: | electronic resource |
| Jazyk: | English |
| ISSN: | 2147-835X |
| Relation: | https://dergipark.org.tr/tr/download/article-file/412331; https://doaj.org/toc/2147-835X |
| DOI: | 10.16984/saufenbilder.365931 |
| Přístupová URL adresa: | https://doaj.org/article/6b94e293cf9f47e6968af11736eb06bc |
| Přístupové číslo: | edsdoj.6b94e293cf9f47e6968af11736eb06bc |
| Databáze: | Directory of Open Access Journals |
Nájsť tento článok vo Web of Science Buďte první, kdo okomentuje tento záznam!