Unsupervised learning algorithm(K mean clustering) use-case in Security World
What is unsupervised learning?
Unsupervised learning uses machine learning algorithms to analyze and cluster unlabeled datasets. These algorithms discover hidden patterns or data groupings without the need for human intervention. This algorithms used to find solution for exploratory data analysis, cross-selling strategies, customer segmentation, and image recognition.
Common unsupervised learning approach
Clustering
Clustering algorithms are used to process raw, unclassified data objects into groups represented by structures or patterns in the information. This clustering is also categorized into a few types; Exclusive, Overlapping, hierarchical and probabilistic.
K-means clustering, where data points are assigned into K groups, where K represents the number of clusters based on the distance from each group’s centroid. Smaller K value will have larger groupings and less granularity. K-means clustering is commonly used in market segmentation, document clustering, image segmentation, and cyber world.
Application of K-means clustering
Medical Area: Unsupervised machine learning provides essential features to medical field such as image detection, classification used in radiology and pathology to diagnose patients quickly and accurately.
Customer personas: Unsupervised learning allows businesses to build better buyer personal profiles, enabling organizations to align their product managing more appropriately.
Security Domain:
Cluster analysis is a common method in data mining analysis, which can be used to show unsupervised anomaly detection, and can solve problems existing in traditional data mining methods. Cluster analysis creates a good environment for the establishment of intrusion detection system.
Intrusion detection system is mainly to distinguish normal behavior and abnormal behavior and then make corresponding measures. By clustering algorithm, one group can not distinguish between normal and abnormal data processing, can summarize and find common ground, and then make a distinction.
Therefore, the application of unsupervised clustering algorithm (K-mean)in the field of abnormal detection can improve the detection efficiency of intrusion detection system and the practical application value is higher.
