🙋♀️K-MEANS CLUSTER AND IT’S USE CASE IN CYBER SECURITY…✌
🙋♀️🙋♀️Hello connections!!!
🙌😍Today I am here with the new task of my summer internship…
Task 10 👨🏻💻
Task Description 📄
📌 Create a blog/article/video about explaining k-mean clustering and its real usecase in the security domain
🔰What is mean by Cluster ?
Cluster analysis or clustering is the task of grouping a set of objects in such a way that objects in the same group are more similar to each other than to those in other groups.
To create a clustering model :-
- Add this module to your pipeline.
- Connect a dataset.
- Set parameters, such as the number of clusters you expect, the distance metric to use in creating the clusters, and so forth.
🔰What is mean by K-Means ?
K-Means clustering is an unsupervised learning algorithm. There is no labeled data for this clustering, unlike in supervised learning. K-Means performs the division of objects into clusters that share similarities and are dissimilar to the objects belonging to another cluster.
The term ‘K’ is a number. You need to tell the system how many clusters you need to create. For example, K = 2 refers to two clusters.
k-means can typically be applied to data that has a smaller number of dimensions, is numeric, and is continuous. think of a scenario in which you want to make groups of similar things from a randomly distributed collection of things; k-means is very suitable for such scenarios.
🔰Some of the use cases of K-Means cluster :
💢Document classification
💢Delivery store optimization
💢Identifying crime localities
💢customer segmentation
💢fantasy league stat analysis
💢Insurance fraud detection
💢Rideshare data analysis
💢Cyber profiling criminals
💢Call record detail analysis
💢Automatic clustering of IT alerts.
🔰Let’s see… The K-Means cluster use cases in Cyber profiling
The idea of cyber profiling is derived from criminal profiles, which provide information on the investigation division to classify the types of criminals who were at the crime scene. Profiling is more specifically based on what is known and not known about the criminal.
Profiling is information about an individual or group of individuals that are accumulated, stored, and used for various purposes, such as by monitoring their behavior through their internet activity.
Difficulties in implementing cyber profiling is on the diversity of user data and behavior when online is sometimes different from actual behavior.For investigation, the cyber-profiling process gives a good, contributing to the field of forensic computer science.
🔰Cyber Profiling process can be directed to the benefit of:
Identification of users of computers that have been used previously.
Mapping the subject of family, social life, work, or network-based organizations, including those for whom he/she worked.
Provision of information about the user regarding his ability, level of threat, and how vulnerable to threats.
Identify the suspected abuser.
The new approach to cyber profiling is to use clustering techniques to classify the Web-based content through data user preferences. This preference can be interpreted as an initial grouping of the data so that the resulting cluster will show user profiles. User profiling can be seen as the conclusion of the interests of users, intentions, characteristics, behavior and preferences User profiles are created for a description of the background knowledge of the user. User profile represents a concept model which is owned by the user when searching for information web
🔰Conclusion
The results of log analysis datasets using the K-Means algorithm to cyber profiling process show that the algorithm has to group activity based on the data of internet users visited the website.The results of this study indicate that Internet users in higher educational institutions are more accessible to website for searching information. The results also show that social media has a high-level visit after website search engine.
This study has limitations in the source of data for the profiling process. For the perfection of the profiling, the process should contain the data of any computer activities. Therefore, further research is expected to perform better cyber profiling with the more complete data source.