Data Mining for Email Worm Detection

This chapter applies data mining techniques to detect email worms. Email messages contain a number of different features such as the total number of words in message body/subject, presence/absence of binary attachments, type of attachments, and so on. The goal is to obtain an efficient classification model based on these features. The solution consists of several steps. First, the number of features is reduced using two different approaches: feature-selection and dimension-reduction. This step is necessary to reduce noise and redundancy from the data. The feature-selection technique is called Two-phase Selection (TPS), which is a novel combination of decision tree and greedy selection algorithm. The dimensionreduction is performed by Principal Component Analysis. Second, the reduced data is used to train a classifier. Different classification techniques have been used, such as Support Vector Machine (SVM), Naïve Bayes and their combination. Finally, the trained classifiers are tested on a dataset containing both known and unknown types of worms. These results have been compared with published results. It is found that the proposed TPS selection along with SVM classification achieves the best accuracy in detecting both known and unknown types of worms.

Download Full-text

E-Mail Worm Detection Using Data Mining

International Journal of Information Security and Privacy ◽

10.4018/jisp.2007100103 ◽

2007 ◽

Vol 1 (4) ◽

pp. 47-61 ◽

Cited By ~ 2

Author(s):

Mohammad M. Masud ◽

Latifur Khan ◽

Bhavani Thuraisingham

Keyword(s):

Data Mining ◽

Worm Detection ◽

Using Data ◽

E Mail

Download Full-text

Flow Level Data Mining of DNS Query Streams for Email Worm Detection

Proceedings of the International Workshop on Computational Intelligence in Security for Information Systems CISIS’08 - Advances in Soft Computing ◽

10.1007/978-3-540-88181-0_24 ◽

2008 ◽

pp. 186-194 ◽

Cited By ~ 2

Author(s):

Nikolaos Chatzis ◽

Radu Popescu-Zeletin

Keyword(s):

Data Mining ◽

Worm Detection ◽

Level Data ◽

Query Streams

Download Full-text

E-Mail Worm Detection Using Data Mining

Data Warehousing and Mining ◽

10.4018/978-1-59904-951-9.ch121 ◽

2008 ◽

pp. 2036-2050

Author(s):

Mohammad M. Masud ◽

Latifur Khan ◽

Bhavani Thuraisingham

Keyword(s):

Data Mining ◽

Feature Selection ◽

Dimension Reduction ◽

Principal Component ◽

Two Phase ◽

Feature Selection Technique ◽

Worm Detection ◽

Phase Selection ◽

Using Data ◽

E Mail

This work applies data mining techniques to detect e-mail worms. E-mail messages contain a number of different features such as the total number of words in message body/subject, presence/absence of binary attachments, type of attachments, and so on. The goal is to obtain an efficient classification model based on these features. The solution consists of several steps. First, the number of features is reduced using two different approaches: feature-selection and dimension-reduction. This step is necessary to reduce noise and redundancy from the data. The feature-selection technique is called Two-phase Selection (TPS), which is a novel combination of decision tree and greedy selection algorithm. The dimension-reduction is performed by Principal Component Analysis. Second, the reduced data is used to train a classifier. Different classification techniques have been used, such as Support Vector Machine (SVM), Naïve Bayes, and their combination. Finally, the trained classifiers are tested on a dataset containing both known and unknown types of worms. These results have been compared with published results. It is found that the proposed TPS selection along with SVM classification achieves the best accuracy in detecting both known and unknown types of worms.

Download Full-text

Data Mining and Machine Learning

10.1017/9781108564175 ◽

2020 ◽

Cited By ~ 2

Author(s):

Mohammed J. Zaki ◽

Wagner Meira, Jr

Keyword(s):

Machine Learning ◽

Data Mining

Download Full-text

The economics of selection of mail orders Drs. Zahavi and Levin are the masterminds behind the development of AMOS, a customized predictive modeling system for the Franklin Mint in Philadelphia, and GainSmarts, a general purpose data mining system that is the two-time winner of the KDD-CUP competition for the best data mining tools (1997 and 1998) sponsored by the American Association for Artificial Intelligence.

Journal of Interactive Marketing ◽

10.1002/dir.1016.abs ◽

2001 ◽

Vol 15 (3) ◽

pp. 53

Author(s):

Nissan Levin ◽

Jacob Zahavi

Keyword(s):

Artificial Intelligence ◽

Data Mining ◽

Predictive Modeling ◽

American Association ◽

General Purpose ◽

Mining System ◽

Data Mining System ◽

Mining Tools ◽

Selection Of

Download Full-text

Heart Rate Variability, Emotions, and Music

Journal of Psychophysiology ◽

10.1027/0269-8803/a000021 ◽

2010 ◽

Vol 24 (2) ◽

pp. 112-119 ◽

Cited By ~ 9

Author(s):

F. Riganello ◽

A. Candelieri ◽

M. Quintieri ◽

G. Dolce

Keyword(s):

Data Mining ◽

Heart Rate ◽

Heart Rate Variability ◽

Vegetative State ◽

Low Frequency ◽

Emotional Reactions ◽

Heart Beat ◽

Healthy Controls ◽

Frequency Spectra ◽

Emotional Value

The purpose of the study was to identify significant changes in heart rate variability (an emerging descriptor of emotional conditions; HRV) concomitant to complex auditory stimuli with emotional value (music). In healthy controls, traumatic brain injured (TBI) patients, and subjects in the vegetative state (VS) the heart beat was continuously recorded while the subjects were passively listening to each of four music samples of different authorship. The heart rate (parametric and nonparametric) frequency spectra were computed and the spectra descriptors were processed by data-mining procedures. Data-mining sorted the nu_lf (normalized parameter unit of the spectrum low frequency range) as the significant descriptor by which the healthy controls, TBI patients, and VS subjects’ HRV responses to music could be clustered in classes matching those defined by the controls and TBI patients’ subjective reports. These findings promote the potential for HRV to reflect complex emotional stimuli and suggest that residual emotional reactions continue to occur in VS. HRV descriptors and data-mining appear applicable in brain function research in the absence of consciousness.

Download Full-text