Discovering behaviour patterns in security applications

Publication Type:
Issue Date:
Full metadata record
Files in This Item:
Filename Description Size
Thumbnail01front.pdf4.58 MB
Adobe PDF
Thumbnail02whole.pdf75.33 MB
Adobe PDF
NO FULL TEXT AVAILABLE. Access is restricted indefinitely. ----- The collection of historical or real-time behaviour data is a ubiquitous task. The importance of behavioural study from the informatics perspective (especially for many security applications, eg, intrusion detection, market surveillance, performance management) is gaining increasing recognition. However, traditional behavioural sciences mainly focus on empirical and qualitative studies of behaviours of animals and organisms. In most modern behaviours, it is important to develop methodologies, techniques and practical tools for ever-increasing behaviour data. Multidisciplinary techniques contribute to the discovery of behaviour intelligence. However, even with the recent attention, there are still many unexplored areas in behaviour analysis for security domains. Specifically, time interval is barely explicitly considered in the sequential pattern mining process. Itemset imbalance issue (for example, some items are of particular interest in business but would be difficult to handle via traditional sequential pattern mining) needs further investigation. In stock market surveillance, the withdraw action may be of particular interest compared with the dominant buy and sell behaviour. To this end, we present our studies in this thesis. With regards to temporal sequence mining, we present a framework to mine the informative temporal patterns. On the other hand, we propose a method to address itemset imbalance and privacy-preserving problems during a data mining process. In practice, we explore our work on real-life security applications: web services and stock market surveillance. Furthermore, a software system for stock market surveillance is developed and a data mining case study for public services is conducted, substantially increasing protection of service integrity.
Please use this identifier to cite or link to this item: