A Comparative Study of Machine Learning Methods for Generation of Digital Forensic Validated Data

A number of machine learning algorithms are avail-able for detection of different types of network anomalies. How-ever, network anomalies vary in their requirement for detection and there is no general method or algorithm that is applicable to all types of anomalies which may occur in a network. The paper divulges the application of different available methods in comparison mode and analyses the rationale of the algorithms. Freely available databases are used for study and used as a benchmark for testing different methods of network anomalies. The benchmarks are used for testing accuracy. Such accuracy threshold indicates the required data validation. Validated data may be used forensic purpose. The data for Digital forensic must pass a threshold value from the test data. Determination of efficiency of methods is additional analytical aspect of the paper that is achieved in Python coding and in well formulated steps. The paper gives an overview of the process for finding network anomalies and data accuracy for digital forensic use.

[1]  Nei Kato,et al.  State-of-the-Art Deep Learning: Evolving Machine Intelligence Toward Tomorrow’s Intelligent Network Traffic Control Systems , 2017, IEEE Communications Surveys & Tutorials.

[2]  Regina Lamedica,et al.  A neural network based technique for short-term forecasting of anomalous load periods , 1996 .

[3]  Paul Helman,et al.  An immunological approach to change detection: algorithms, analysis and implications , 1996, Proceedings 1996 IEEE Symposium on Security and Privacy.

[4]  Sam Yuan Sung,et al.  Detecting pattern-based outliers , 2003, Pattern Recognit. Lett..

[5]  Diane J. Cook,et al.  Graph-based anomaly detection , 2003, KDD '03.

[6]  Pasi Fränti,et al.  Outlier Detection Using k-Nearest Neighbour Graph , 2004, ICPR.

[7]  VARUN CHANDOLA,et al.  Anomaly detection: A survey , 2009, CSUR.

[8]  D.S. Yeung,et al.  Denial of service detection by support vector machines and radial-basis function neural network , 2004, Proceedings of 2004 International Conference on Machine Learning and Cybernetics (IEEE Cat. No.04EX826).

[9]  Wenjie Hu,et al.  Robust Anomaly Detection Using Support Vector Machines , 2003 .

[10]  Andrew H. Sung,et al.  Intrusion detection using neural networks and support vector machines , 2002, Proceedings of the 2002 International Joint Conference on Neural Networks. IJCNN'02 (Cat. No.02CH37290).

[11]  Sanjay Chawla,et al.  Mining for Outliers in Sequential Databases , 2006, SDM.

[12]  Hongxing He,et al.  Outlier Detection Using Replicator Neural Networks , 2002, DaWaK.

[13]  Stephen D. Bay,et al.  Mining distance-based outliers in near linear time with randomization and a simple pruning rule , 2003, KDD '03.

[14]  Wenjie Hu,et al.  Robust support vector machine with bullet hole image classification , 2002 .

[15]  Julija Asmuss,et al.  Network traffic classification for anomaly detection fuzzy clustering based approach , 2015, 2015 12th International Conference on Fuzzy Systems and Knowledge Discovery (FSKD).

[16]  P. Marrack,et al.  T cell tolerance by clonal elimination in the thymus , 1987, Cell.

[17]  Anthony K. H. Tung,et al.  Mining top-n local outliers in large databases , 2001, KDD '01.

[18]  Andrew H. Sung,et al.  Monitoring System Security Using Neural Networks and Support Vector Machines , 2001, HIS.

[19]  M. F. Augusteijn,et al.  Neural network classification and novelty detection , 2002 .

[20]  Geert Wets,et al.  Traffic accident segmentation by means of latent class clustering. , 2008, Accident; analysis and prevention.

[21]  Mikhail Petrovskiy,et al.  Outlier Detection Algorithms in Data Mining Systems , 2003, Programming and Computer Software.