K-means Clustering and its real use-case in the Security Domain

Clustering

K-means Algorithm

  1. Specify number of clusters K.
  2. Initialize centroids by first shuffling the dataset and then randomly selecting K data points for the centroids without replacement.
  3. Keep iterating until there is no change to the centroids. i.e assignment of data points to clusters isn’t changing.
  • Compute the sum of the squared distance between data points and all centroids.
  • Assign each data point to the closest cluster (centroid).
  • Compute the centroids for the clusters by taking the average of the all data points that belong to each cluster.

Use-Cases in the Security Domain

Analyzing Logs from Proxy Server and Captive Portal Using K-Means Clustering Algorithm

1. Operational Framework

1.1. Data Collection

1.2. Data Preprocessing

1.3. Data Transformation

1.4. Pattern Discovery

3.5. Pattern Analysis

4. Conclusion

Cyber Profiling

Use-Cases in the Security Domain

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store