Academic & Scientific Articles

Permanent URI for this communityhttp://dl.cerist.dz/handle/CERIST/3

Browse

Has files: YesSubject: search.filters.subject.Data mining

Search Results

Now showing 1 - 3 of 3
  • Thumbnail Image
    Item
    Intrusion Detection Systems using Data Mining Techniques: A comparative study
    (IEEE, 2022-01-20) Haddadi, Mohamed; Khiat, Abdelhamid; Bahnes, Nacera
    Data mining tools are widely used in computer networks. The well-known and mostly used tools to secure computers and network systems are WEKA and TANAGRA. The purpose of this study is to compare these two tools in terms of detection accuracy and computation time. This comparison was conducted using a well-known NSL-KDD dataset. Experiments show that TANAGRA achieves better results than WEKA in detection accuracy. But, TANAGRA is competitive with WEKA in terms of computation time.
  • Thumbnail Image
    Item
    TriDroid: a triage and classification framework for fast detection of mobile threats in android markets
    (Springer-Verlag, 2021) Amira, Abdelouahab; Derhab, Abdelouahid; Karbab, ElMouatez Billah; Nouali, Omar; Aslam Khan , Farrukh
    The Android platform is highly targeted by malware developers, which aim to infect the maximum number of mobile devices by uploading their malicious applications to different app markets. In order to keep a healthy Android ecosystem, app-markets check the maliciousness of newly submitted apps. These markets need to (a) correctly detect malicious app, and (b) speed up the detection process of the most likely dangerous applications among an overwhelming flow of submitted apps, to quickly mitigate their potential damages. To address these challenges, we propose TriDroid, a market-scale triage and classification system for Android apps. TriDroid prioritizes apps analysis according to their risk likelihood. To this end, we categorize the submitted apps as: botnet, general malware, and benign. TriDroid starts by performing a (1) Triage process, which applies a fast coarse-grained and less-accurate analysis on a continuous stream of the submitted apps to identify their corresponding queue in a three-class priority queuing system. Then, (2) the Classification process extracts fine-grained static features from the apps in the priority queue, and applies three-class machine learning classifiers to confirm with high accuracy the classification decisions of the triage process. In addition to the priority queuing model, we also propose a multi-server queuing model where the classification of each app category is run on a different server. Experiments on a dataset with more than 24K malicious and 3K benign applications show that the priority model offers a trade-off between waiting time and processing overhead, as it requires only one server compared to the multi-server model. Also it successfully prioritizes malicious apps analysis, which allows a short waiting time for dangerous applications compared to the FIFO policy.
  • Thumbnail Image
    Item
    Pruning Irrelevant Association Rules Using Knowledge Mining
    (2014) Djenouri, Youcef; Derias, Habiba; Bendjoudi, Ahcène
    The efficiency of existing association rules mining algorithms afford large number of delivered rules that the user can not exploit them easily. Consequently, thinking about another mining of these generated rules becomes essential task. For this, the present paper explores metarules extraction in order to prune the irrelevant rules. It first focuses on clustering association rules for large datasets. This allows the user better organising and interpreting the rules. To more go down in our mining, different dependencies between rules of the same cluster are extracted using meta-rules algorithm. Then, pruning algorithm uses these dependencies to delete the deductive rules and keep just the representative rules for each cluster. The proposed approach is tested on different experiments including clustering, meta-rules and pruning steps. The result is very promising in terms of the number of returned rules and their quality.