Jianchao Han

Diabetes Data Analysis and Prediction Model Discovery Using RapidMiner

Data mining techniques have been extensively applied in bioinformatics to analyze biomedical data. In this paper, we choose the Rapid-I¿s RapidMiner as our tool to analyze a Pima Indians Diabetes Data Set, which collects the information of patients with and without developing diabetes. The discussion follows the data mining process. The focus will be on the data preprocessing, including attribute identification and selection, outlier removal, data normalization and numerical discretization, visual data analysis, hidden relationships discovery, and a diabetes prediction model construction.

Discovering Decision Tree Based Diabetes Prediction Model

Data mining techniques have been extensively applied in bioinformatics to analyze biomedical data. In this paper, we choose the Rapid-I’s RapidMiner as our tool to discover decision tree based diabetes prediction model from a Pima Indians Diabetes Data Set, which collects the information of patients with and without developing diabetes. Following the data mining process, our discussion will focus on the data preprocessing, including attribute identification and selection, outlier removal, data normalization and numerical discretization, visual data analysis, hidden relationships discovery, and a diabetes prediction model construction.

A Knowledge-Based System Implementation of Intrusion Detection Rules

This research determines the feasibility of using an Exsys Corvid based expert system to detect and respond to network threats and appropriately administrate a Linux-based iptables firewall in real-time. In our implementation, we attempt to replace the human domain expert required for creating the expert system knowledge base with intrusion detection rules created by data-mining on network traffic. Our expert system will be used in conjunction with intrusion detection classification rules provided by the See5 data-mining tool, which have, in turn, been created based on the data fusion of normal and malicious network traffic from multiple network sensors.

Facilitating Agile Software Development with Lean Architecture in the DCI Paradigm

Both agile software development and lean architecture have been studied in the software engineering field. Combining these two approaches has also been investigated. However, the existing research and practices only present the principles but fail to develop a framework of the software development for practitioners to follow. In this paper, a framework about how naïve agile practices could be fulfilled by introducing lean practices under the DCI (Data-Context-Interaction) paradigm is proposed. Lean practice is an end-user-focused and value-centric system design. In the proposed framework, lean architecture is complementary to agile principles and disciplines and supports agile development. This paper is exploring the possibilities of how agile methods can restore its lost insights and possibly be reinforced by lean thinking. Meanwhile, it is also examined what lean can do beyond agile. A new lean approach to building domain architecture comes from Data-Context-Interaction (DCI) paradigm which facilitates to represent the domain architecture intuitively. DCI approach allows us to successfully decouple between domain and business-logic features and provides an approach for lean practitioners to design system architecture much closer to the real-world domain. It is claimed that the investment into lean and agile methodologies go hand in hand from organizational to technical aspects by tying up with lean concepts as the backbone for agile methods. How lean makes it right and how agile makes it fast with the DCI paradigm will be demonstrated with an example. The main contribution to the software development will be presented.

Component-Based Software Architecture Design for Network Intrusion Detection and Prevention System

A computer network intrusion detection and prevention system consists of collecting network traffic data, discovering user behavior patterns as intrusion detection rules, and applying these rules to prevent malicious and misuse. Many commercial off-the-shelf (COTS) products have been developed to perform each of these tasks. In this paper, the component-based software engineering approach is exploited to integrate these COTS products as components into a computerized system to automatically detect intrusion rules from network traffic data and prevent future potential attacks. The component-based software architecture of this kind of system is designed, COTS components are analyzed, adaptor components to compose COTS products are developed, and the system implementation is illustrated.

Mining fuzzy association rules: interestingness measure and algorithm

Discovering association rules is an important task of data mining research. Mining traditional association rules is built upon transaction databases. This technique, however, has some limitations. Each transaction merely contains binary items with each item either present or absent in a transaction. Another limitation is that only positive association rules are discovered. Mining fuzzy association rules and discovering negative association rules have been developed to overcome these limitations, respectively. In this paper, we combine these two approaches to propose a novel approach for mining both positive and negative fuzzy association rules. The interestingness measure for both positive and negative fuzzy association rule is proposed, the algorithm for mining these rules is described.

DAO-R: Integrating Data Aggregation and Offloading in Sensor Networks via Data Replication

We study overall storage overflow problem in sensor networks, wherein data-collecting base station is not available while more data is generated than available storage spaces in the entire network. Existing research designs a two-stage solution to solve this problem. It first aggregates overflow data to the size that can be accommodated by the available storage capacity in the network, and then offloads the aggregated data into the network to be stored. We refer to this naive two-stage solution as DAO-N. In this paper, we demonstrate that this approach does not necessarily achieve good performance. We propose a more unified method that is based upon data replication techniques, referred to as DAO-R, in order to improve the performance of DAO-N. Specifically, we design two energy-efficient data replication algorithms to integrate data aggregation and data offloading in DAO-N. We show via extensive simulations that DAO-R outperforms DAO-N by around 30% in terms of energy consumption under different network parameters.

The Design and Implementation of an Antivirus Software Advising System

People use computers for all kind of activities: online gaming, shopping, entertainment, emails, face book, study, research, etc. At the same time, the risk of infection by malicious programs in these computers is rising. The main issue is that general users dont understand what a virus is and how computers get infected. On the other hand, many vendors produce antivirus software with different features to prevent or remove these viruses from peoples computers. General users dont understand the concept of each feature in these programs, nor is there a tool to advise users about what the features mean and help them select the right software for personal or business needs. The purpose of this paper is to create an advising system to assist general users to study about computer virus and antivirus, understand the various features of antivirus software products, and select right antivirus software to protect their computers.

Software Project Scheduling Using a Multi-Agent System

Multi-agent system can be implemented to exploit parallel processing of project scheduling. Since mathematical approaches cannot describe the complexity of real problems, and have difficulties to adapt the analysis to dynamics changes, therefore Monte Carlo simulation can be used to quantify the effects of risk and uncertainty in both project schedules and budgets. Also, genetic algorithms can be used to provide a prioritization of tasks. Within a multi-agent system, a broker Agent can assign project scheduling tasks to different worker Agents using different project scheduling algorithms.

Packet information collection and transformation for network intrusion detection and prevention

Data mining and machine learning technology has been extensively applied in network intrusion detection and prevention systems by discovering user behavior patterns from the network traffic data. Some commercial tools for collecting network traffic data exist, such as SNORT. The traffic data collected from the network using these tools, however, usually doesnpsilat fit the format requirement of the input data for data mining systems. Thus transforming the network traffic data into the required format is mandate for a data mining system to induce network intrusion detection rules. In this paper, collecting the network packet information using SNORT is introduced, storing the collected data into the MySql database is presented, and selecting the significant data in the database and transforming them to the format of input data for a data mining system See5 is discussed. The data collection, selection, and transformation approaches illustrated in this paper have been used in the Information Fusion in Sensor Based Intrusion Detection System that is being under development in our Computer Security Research Laboratory. The system framework is briefly introduced and the preliminary results for data collection from multiple resources are illustrated.