Exploration and visualization approach for outlier detection on log files
I. Louhi, L. Boudjeloud-Assala, and T. Tamisier
in New Trends in Intelligent Information and Database Systems, vol. 598, D. Barbucha, N. T. Nguyen, and J. Batubara (Eds), Springer International Publishing, pp. 3-12, 2015
We propose a novel clustering-based outlier detection approach for data streams. To deal with the data streams, we propose splitting the data into several windows. In each window, the data is divided into subspaces. First, a clustering algorithm is applied on one subspace. Based on the existing relations between the different subspaces, the obtained clusters can represent partitions on another subspace. Then the same clustering algorithm is applied on each partition separately in this second subspace. The process can be iterated on n subspaces. We perform tests on firewall logs data sets, we choose to test our approach with two subspaces and to visualize the results with neighborhood graphs in each window. A comparison is provided between the obtained results and the MCOD algorithm results. We can identify visually the outliers events and observe the evolution of the stream.