Web User Session Characterization via Clustering Techniques

We focus on the identification and definition of "Web user-sessions", an aggregation of several TCP connections generated by the same source host on the basis of TCP connection opening time. The identification of a user session is non trivial; traditional approaches rely on threshold based mechanisms, which are very sensitive to the value assumed for the threshold and may be difficult to correctly set. By applying clustering techniques, we define a novel methodology to identify Web user-sessions without requiring an a priori definition of threshold values. We analyze the characteristics of user sessions extracted from real traces, studying the statistical properties of the identified sessions. From the study it emerges that Web user-sessions tend to be Poisson, but correlation may arise during periods of network/hosts anomalous functioning

Web User-session Inference by Means of Clustering Techniques

This paper focuses on the definition and identification of “Web user-sessions”, aggregations of several TCP connections generated by the same source host. The identification of a user-session is non trivial. Traditional approaches rely on threshold based mechanisms. However, these techniques are very sensitive to the value chosen for the threshold, which may be difficult to set correctly. By applying clustering techniques, we define a novel methodology to identify Web user-sessions without requiring an a priori definition of threshold values. We define a clustering based approach, we discuss pros and cons of this approach, and we apply it to real traffic traces. The proposed methodology is applied to artificially generated traces to evaluate its benefits against traditional threshold based approaches. We also analyze the characteristics of user-sessions extracted by the clustering methodology from real traces and study their statistical properties. Web user-sessions tend to be Poisson, but correlation may arise during periods of network/hosts anomalous behavior

A comparative study of the AHP and TOPSIS methods for implementing load shedding scheme in a pulp mill system

The advancement of technology had encouraged mankind to design and create useful equipment and devices. These equipment enable users to fully utilize them in various applications. Pulp mill is one of the heavy industries that consumes large amount of electricity in its production. Due to this, any malfunction of the equipment might cause mass losses to the company. In particular, the breakdown of the generator would cause other generators to be overloaded. In the meantime, the subsequence loads will be shed until the generators are sufficient to provide the power to other loads. Once the fault had been fixed, the load shedding scheme can be deactivated. Thus, load shedding scheme is the best way in handling such condition. Selected load will be shed under this scheme in order to protect the generators from being damaged. Multi Criteria Decision Making (MCDM) can be applied in determination of the load shedding scheme in the electric power system. In this thesis two methods which are Analytic Hierarchy Process (AHP) and Technique for Order Preference by Similarity to Ideal Solution (TOPSIS) were introduced and applied. From this thesis, a series of analyses are conducted and the results are determined. Among these two methods which are AHP and TOPSIS, the results shown that TOPSIS is the best Multi criteria Decision Making (MCDM) for load shedding scheme in the pulp mill system. TOPSIS is the most effective solution because of the highest percentage effectiveness of load shedding between these two methods. The results of the AHP and TOPSIS analysis to the pulp mill system are very promising

The role of human factors in stereotyping behavior and perception of digital library users: A robust clustering approach

To deliver effective personalization for digital library users, it is necessary to identify which human factors are most relevant in determining the behavior and perception of these users. This paper examines three key human factors: cognitive styles, levels of expertise and gender differences, and utilizes three individual clustering techniques: k-means, hierarchical clustering and fuzzy clustering to understand user behavior and perception. Moreover, robust clustering, capable of correcting the bias of individual clustering techniques, is used to obtain a deeper understanding. The robust clustering approach produced results that highlighted the relevance of cognitive style for user behavior, i.e., cognitive style dominates and justifies each of the robust clusters created. We also found that perception was mainly determined by the level of expertise of a user. We conclude that robust clustering is an effective technique to analyze user behavior and perception

Survey of data mining approaches to user modeling for adaptive hypermedia

The ability of an adaptive hypermedia system to create tailored environments depends mainly on the amount and accuracy of information stored in each user model. Some of the difficulties that user modeling faces are the amount of data available to create user models, the adequacy of the data, the noise within that data, and the necessity of capturing the imprecise nature of human behavior. Data mining and machine learning techniques have the ability to handle large amounts of data and to process uncertainty. These characteristics make these techniques suitable for automatic generation of user models that simulate human decision making. This paper surveys different data mining techniques that can be used to efficiently and accurately capture user behavior. The paper also presents guidelines that show which techniques may be used more efficiently according to the task implemented by the applicatio

Augmented Session Similarity Based Framework for Measuring Web User Concern from Web Server Logs

In this paper, an augmented sessions similarity based framework is proposed to measure web user concern from web server logs. This proposed framework will consider the best usage similarity between two web sessions based on accessed page relevance and URL based syntactic structure of website within the session. The proposed framework is implemented using K-medoids clustering algorithms with independent and combined similarity measures. The clusters qualities are evaluated by measuring average intra-cluster and inter-cluster distances. The experimental results show that combined augmented session dissimilarity metric outperformed the independent augmented session dissimilarity measures in terms of cluster validity measures

Discovery and Analysis of Usage Patterns for Web Personalization

In this paper, we present a community discovery method based on information extraction from user sessions in order to find usage patterns. We have characterized the overall access from each page in the web site and have detected the pertinent users within communities using the potentially useful information available in different user sessions. Then we compare the proposed method with the random walk method which is one of the most popular graph clustering methods that gives a good partition of weighted and overlapped graphs. As a result, the proposed method helps us understand the behavior of the user in the web and improve access modes to information. DOI: 10.17762/ijritcc2321-8169.15023

Clustering extension of MOVICAB-IDS to distinguish intrusions in flow-based data

Much effort has been devoted to research on intrusion detection (ID) in recent years because intrusion strategies and technologies are constantly and quickly evolving. As an innovative solution based on visualization, MObile VIsualisation Connectionist Agent-Based IDS was previously proposed, conceived as a hybrid-intelligent ID System. It was designed to analyse continuous network data at a packet level and is extended in present paper for the analysis of flow-based traffic data. By incorporating clustering techniques to the original proposal, network flows are investigated trying to identify different types of attacks. The analysed real-life data (the well-known dataset from the University of Twente) come from a honeypot directly connected to the Internet (thus ensuring attack-exposure) and is analysed by means of clustering and neural techniques, individually and in conjunction. Promising results are obtained, proving the validity of the proposed extension for the analysis of network flow dat