Clustering the Distribution of COVID-19 in Aceh Province Using the Fuzzy C-Means Algorithm

COVID-19 is a virus that attacks the respiratory system in humans and spreads rapidly. The government has taken various ways to reduce the rate of transmission of COVID-19, including by providing a COVID-19 information center that can be accessed by anyone, but there is no grouping of regional zones with high to low COVID-19 cases. Therefore, a clustering process system for the spread of COVID-19 is needed so that it is able to provide information on clusters of COVID-19 distribution areas in Aceh with the highest case zone (red zone), medium case zone (yellow zone), and low case zone (green zone). The steps carried out in this study using the Fuzzy C-Means Algorithm are collecting data (input data), conducting the clustering process (determining the number of clusters, weighting rank, maximum iteration and epsilon), displaying clustering results. In this study, the authors collected COVID-19 data from 23 districts/cities in Aceh using 6 variables consisting of confirmed, in care, healed, died, suspected, and probable. The results of the clustering study on the spread of COVID-19 are as follows: One district/city in cluster 1 (red zone), the four districts/cities in cluster 2 (yellow zone), eighteen districts/cities in cluster 3 (green zone). Based on the results of this study, the Fuzzy C-Means Algorithm can be used and applied properly in clustering the spread of COVID-19 in the Province of Aceh

Cyberthreat Hunting - Part 2: Tracking Ransomware Threat Actors using Fuzzy Hashing and Fuzzy C-Means Clustering

Threat actors are constantly seeking new attack surfaces, with ransomeware being one the most successful attack vectors that have been used for financial gain. This has been achieved through the dispersion of unlimited polymorphic samples of ransomware whilst those responsible evade detection and hide their identity. Nonetheless, every ransomware threat actor adopts some similar style or uses some common patterns in their malicious code writing, which can be significant evidence contributing to their identification. The first step in attempting to identify the source of the attack is to cluster a large number of ransomware samples based on very little or no information about the samples, accordingly, their traits and signatures can be analysed and identified. Therefore, this paper proposes an efficient fuzzy analysis approach to cluster ransomware samples based on the combination of two fuzzy techniques fuzzy hashing and fuzzy c-means (FCM) clustering. Unlike other clustering techniques, FCM can directly utilise similarity scores generated by a fuzzy hashing method and cluster them into similar groups without requiring additional transformational steps to obtain distance among objects for clustering. Thus, it reduces the computational overheads by utilising fuzzy similarity scores obtained at the time of initial triaging of whether the sample is known or unknown ransomware. The performance of the proposed fuzzy method is compared against k-means clustering and the two fuzzy hashing methods SSDEEP and SDHASH which are evaluated based on their FCM clustering results to understand how the similarity score affects the clustering results