The Data Mining Forum                             open-source data mining software open-source data mining software data science journal data mining conferences
This forum is about data mining, data science and big data: algorithms, source code, datasets, implementations, optimizations, etc. You are welcome to post call for papers, data mining job ads, link to source code of data mining algorithms or anything else related to data mining. The forum is hosted by P. Fournier-Viger. No registration is required to use this forum!.  
Implemented algorithm for timestamped web logs?
Posted by: Jamalidal75
Date: February 03, 2020 07:42AM

Hi everyone,

I need to know if I can use an algorithm that can be used for timestamped data.

I have web logs in the format :

time; ip source; ip destination; protocol; source port; source destination; label

Actually, I want to detect if there is a DDoS attack or not. I've been able to use my data in a sequential way, but I really want to extract the most frequent TIMESTAMPED chronicles (not sequenced).

For example, I want the result to show me that this event happened between 1.3 and 2.6 seconds after this event, and is the most frequent in the database. The labels are here to say if a log is an attack or not (based on the short time interval between 2 logs coming from the same IP).

I would really appreciate your help !

Options: ReplyQuote
Re: Implemented algorithm for timestamped web logs?
Date: February 07, 2020 08:55PM

Hi,

That is an interesting problem. In SPMF, there are some algorithms that deals with timestamps like Hirate and Yamana but it is very strict with how it handles the timestamp and it is likely not what you want.

I will soon release a new version of SPMF with episode mining algorithms (in perhaps 1 week) that can deal with timestamps. Maybe it could be used.

Otherwise, in SPMF, there are a few other algorithms maybe but not many for timestamps.

Maybe there are some more appropriate algorithms in the literature.

Best regards,

Options: ReplyQuote
Re: Implemented algorithm for timestamped web logs?
Posted by: Jamalidal75
Date: April 22, 2020 04:48AM

You may check here what I've used, it could be great if you manage to make it in SPMF ^^ : https://sites.google.com/view/frequent-chronicle-mining/accueil

Options: ReplyQuote
Re: Implemented algorithm for timestamped web logs?
Date: April 22, 2020 06:56AM

Very interesting. Are you the author of that code?

Maybe we could integrate it in SPMF. If you are the author, I would like to ask you some question about it ;-)

Options: ReplyQuote
Re: Implemented algorithm for timestamped web logs?
Posted by: Jamalidal75
Date: April 22, 2020 05:28PM

Actually, I am not the author of this, just a user (for a school project).

I'll let you contact the author of the CPM algorithm (Chronicle Pattern Mining) here : ahmed.samet@insa-strasbourg.fr, http://ahmed.samet.free.fr/
And Chayma Sellami.

Also, a knowledgable user of CMPM is a PHD Student (Cao Qiushi, the author, but h
With quite knowlewge woth chronical mining issues) : caoqsh1992@gmail.com



Edited 1 time(s). Last edit at 04/23/2020 05:10AM by Jamalidal75.

Options: ReplyQuote
Re: Implemented algorithm for timestamped web logs?
Date: April 28, 2020 09:18AM

I see. Thanks!

Maybe I will contact with them later. Recently, I have been so busy. But it is a great suggestion. I will keep in mind and when I find some free time maybe I will do that.

Best regards,

Options: ReplyQuote


This forum is powered by Phorum and provided by P. Fournier-Viger (© 2012).
Terms of use.