| With the development of information technology, we have entered a period of big data; kinds of differentforms of data are produced every day with a variety of network security issues. Aiming at these problems,current research work focuses on security and defense aspects, but the cybercriminals progress as well, andtherefore defense alone is not a good method to combat computer crime, We need to rely on the power ofsocial and legal to combat computer crime, computer forensics technology thus emerges.Data mining techniques can dig out potential valuable knowledge from the mass of data. But it is a verychallenging subject to find out those few abnormal behavior from these massive data and find meaningfulknowledge. There are some data objects inconsistent with the general behavior or general model of the data setin real life, which are called outlier. Although the normal behavior is much more than abnormal behavior,abnormal behavior may contain very interesting knowledge. The study of outlier has some practicalsignificance based on related theory.In this paper, we have a more detailed study of outlier detection algorithms on K-nearest neighbor toenhance the efficiency and accuracy of the algorithm from improving it. While because there is a large amountof data of the network operation log to calculate, this paper gives us a method to detect outlier quickly inHadoop cluster based on a distributed algorithm thought of Map Reduce framework. The research andapplication of relevant domestic and international anomaly detection method is analyzed in detail. Anomalydetection model is designed based on outlier mining. Finally, outlier detection method is used in computerforensics technology. This paper studies the following:(1) There is a systematic study of the current domestic and international outlier mining algorithm researchstatus and application examples outlier mining algorithm, as well as the concepts and processes of outliermining algorithm. At the same time, we have a summary on the performance and implementation mechanismof outlier mining. A deep study of the relevant knowledge and skills of computer forensics and summarizes thekey technology of computer forensics is given, as well as computer forensics process.(2)A study of outlier detection algorithm of reverse K-nearest neighbor based on distance is proved toenhance the accuracy and efficiency. The adaptive mechanism is added after pruning operation for removingredundant data to avoid the data deviation caused by excessive human intervention. A method is given todetect outlier quickly in Hadoop cluster based on a distributed algorithm thought of Map Reduce framework.(3) A log analysis model based on outlier mining algorithm is constructed, and the improved outlierdetection algorithm is applied to the model after pretreatment of the log data. It proves that the model can bean effective algorithm to dig out the isolated point for analysis to get preliminary evidence, making forensicservices more efficient, intelligent. |
PDF Full Text Request