Ramasamy Rajaram

Association Rule Mining for Suspicious Email Detection: A Data Mining Approach

Email has been an efficient and popular communication mechanism as the number of Internet users increase. In many security informatics applications it is important to detect deceptive communication in email. This paper proposes to apply Association Rule Mining for Suspected Email Detection. (Emails about Criminal activities).Deception theory suggests that deceptive writing is characterized by reduced frequency of first person pronouns and exclusive words and elevated frequency of negative emotion words and action verbs . We apply this model of deception to the set of Email dataset, then applied Apriori algorithm to generate the rules The rules generated are used to test the email as deceptive or not. In particular we are interested in detecting emails about criminal activities. After classification we must be able to differentiate the emails giving information about past criminal activities(Informative email) and those acting as alerts(warnings) for the future criminal activities. This differentiation is done using the features considering the tense used in the emails. Experimental results show that simple Associative classifier provides promising detection rates.

Short communication: Data mining based intelligent analysis of threatening e-mail

This paper proposed a decision tree based classification method to detect e-mails that contain terrorism information. The proposed classification method is an incremental and user-feedback based extension of a decision tree induction algorithm named Ad Infinitum. We show that Ad Infinitum algorithm is a good choice for threatening e-mail detection as it runs fast on large and high dimensional databases, is easy to tune and is highly accurate, outperforming popular algorithms such as Decision Trees, Support Vector Machines and Naive Bayes. In particular, we are interested in detecting fraudulent and possibly criminal activities from such e-mails.

A decentralized deadlock detection and resolution algorithm for generalized model in distributed systems

We propose a new distributed algorithm for detecting generalized deadlocks in distributed systems. It records the consistent snapshot of distributed Wait-For Graph (WFG) through propagating the probe messages along the edges of WFG. It then reduces the snapshot by eliminating the unblocked processes to determine the set of deadlocked processes. However, the reducibility of each blocked process is arbitrarily delayed until a node collects the replies in response to all probes, unlike the earlier algorithms. We also prove the correctness of the proposed algorithm. It has a worst-case time complexity of 2d time units and the message complexity of 2e, where d is the diameter and e is the number of edges of the WFG. The significant improvement of proposed algorithm over other algorithms is that it reduces the data traffic complexity into constant by using fixed sized messages. Furthermore, it minimizes additional messages to resolve deadlocks.

NB+: An improved Naïve Bayesian algorithm

A novel algorithm named NB^+ which is an extended version of the traditional Naive Bayesian algorithm has been presented in this paper. An exception occurs when there is an equal probability for the class label value in the Naive Bayesian algorithm. The approach aims to suggest a solution with the help of a partial matching method. Consequently, the classification accuracy has drastically improved. Experimental evaluation has been done on various databases to show that NB^+ algorithm outperforms the traditional Naive Bayesian algorithm.

Knowledge-based system for text classification using ID6NB algorithm

This paper presents a novel algorithm named ID6NB for extending decision tree induced by Quinlans non-incremental ID3 algorithm. The presented approach is aimed at suggesting the solutions for few unhandled exceptions of the Decision tree induction algorithms such as (i) the situation in which the majority voting makes incorrect decision (generating two different types of rules for same data), and (ii) in case of dimensionality reduction by decision tree induction algorithms, the determination of appropriate attribute at a node where two or more attributes have equal highest information gain. Exception due to majority voting is handled with the help of Naive Bayes algorithm and also novel solutions are given for dimensionality reduction. As a result, the classification accuracy has drastically improved. An extensive experimental evaluation on a number of real and synthetic databases shows that ID6NB is a state-of-the-art classification algorithm that outperforms well than other methods of decision tree learning.

Effective solution for unhandled exception in decision tree induction algorithms

This paper deals with some improvements to rule induction algorithms in order to resolve the tie that appear in special cases during the rule generation procedure for specific training data sets. These improvements are demonstrated by experimental results on various data sets. The tie occurs in decision tree induction algorithm when the class prediction at a leaf node cannot be determined by majority voting. When there is a conflict in the leaf node, we need to find the source and the solution to the problem. In this paper, we propose to calculate the Influence factor for each attribute and an update procedure to the decision tree has been suggested to deal with the problem and provide subsequent rectification steps.

Learning to classify threatening e-mail

In this paper we study supervised classification of e-mails. We consider the task of Threaten E-mail Detection (i.e., e-mail related to terrorism, fraud, etc.). In this supervised learning setting, we investigate the use of Data Mining classifiers for automatic threaten e-mail detection. We show that the Decision Tree (DT) is a good choice for this task as it runs fast on large and high dimensional databases, is easy to tune and is highly accurate, outperforming popular algorithms such as Support Vector Machines (SVM), Naive Bayes (NB). In particular we are interested in detecting fraudulent, and possibly criminal, activities from such e-mail.

An improved, centralised algorithm for detection and resolution of distributed deadlock in the generalised model

In this paper, we present a new centralised algorithm to detect and resolve generalised deadlock in distributed systems. The initiator of this algorithm induces a directed spanning tree by diffusing the probe messages among its dependent processes. It then collects replies that carry the dependency information of the dependent process to determine a deadlock. Moreover, the initiator of this algorithm performs reduction once it receives a reply from an active process unlike the existing algorithms. Hence, it terminates the execution when it detects a deadlock without waiting for termination detection. We have asserted the correctness of the algorithm formally. It has a worst-case time complexity of d+2 time units, message complexity of e+2n messages and message size of O(n), where n is the number of nodes, e is the number of edges and d is the diameter in the wait-for graph. The performance of the proposed algorithm is compared with that of the existing centralised algorithms in terms of deadlock duration, message traffic and message size using simulation. Numerical results reveal that the performance of the proposed algorithm is equal or better than that of the existing algorithms.

Bayes Theorem and Information Gain Based Feature Selection for Maximizing the Performance of Classifiers

Features play a very important role in the task of pattern classification. Consequently, the selection of suitable features is necessary as most of the raw data might be redundant or irrelevant to the recognition of patterns. In some cases, the classifier can not perform well because of the large number of redundant features. This paper presents a novel evolving feature selection algorithms taking the advantages of Bayes Theorem and Information Gain to improve the predictive accuracy.Bayes theorem is used to discover dependency information among features. In addition to that, feature selection has been improvised by Information Gain which selects features based on their importance. Different features play different roles in classifying datasets. Unwanted features will result in error information during classification which will reduce classification precision. The proposed feature selection can remove these distractions to improve classification performance. As shown in the experimental results, after feature selection using the Bayes theorem and Information gain to control false discovery rate, the classification performance of DT’s and NB classifiers were significantly improved.

Classification Methods in the Detection of New Suspicious Emails

Email has become one of the fastest and most economical forms of communication. However, the increase of email users has resulted in the dramatic increase of suspicious emails during the past few years. This paper proposes to apply classification data mining for the task of suspicious email detection based on deception theory. In this paper, email data was classified using four different classifiers (Neural Network, SVM, Naive Bayesian and Decision Tree). The experiment was performed using weka on the basis of different data size by which the suspicious emails are detected from the email corpus. Experimental results show that simple ID3 classifier which make a binary tree, will give a promising detection rates.