Data Mininganomaly Detectionlecture Notes For Chapter 10introduction TData Mining Anomaly Detection Lecture Notes for Chapter 10 Introduction to Data Mining by

Data Mininganomaly Detectionlecture Notes For Chapter 10introduction T ✓ Solved

Data Mining Anomaly Detection Lecture Notes for Chapter 10 Introduction to Data Mining by Tan, Steinbach, Kumar © Tan,Steinbach, Kumar Introduction to Data Mining 4/18/2004 * Anomaly/Outlier Detection What are anomalies/outliers? The set of data points that are considerably different than the remainder of the data Variants of Anomaly/Outlier Detection Problems Given a database D, find all the data points x ïƒŽ D with anomaly scores greater than some threshold t Given a database D, find all the data points x ïƒŽ D having the top-n largest anomaly scores f(x) Given a database D, containing mostly normal (but unlabeled) data points, and a test point x, compute the anomaly score of x with respect to D Applications: Credit card fraud detection, telecommunication fraud detection, network intrusion detection, fault detection Importance of Anomaly Detection Ozone Depletion History In 1985 three researchers (Farman, Gardinar and Shanklin) were puzzled by data gathered by the British Antarctic Survey showing that ozone levels for Antarctica had dropped 10% below normal levels Why did the Nimbus 7 satellite, which had instruments aboard for recording ozone levels, not record similarly low ozone concentrations?

The ozone concentrations recorded by the satellite were so low they were being treated as outliers by a computer program and discarded! Anomaly Detection Challenges How many outliers are there in the data? Method is unsupervised Validation can be quite challenging (just like for clustering) Finding needle in a haystack Working assumption: There are considerably more “normalâ€ observations than “abnormalâ€ observations (outliers/anomalies) in the data Anomaly Detection Schemes General Steps Build a profile of the “normalâ€ behavior Profile can be patterns or summary statistics for the overall population Use the “normalâ€ profile to detect anomalies Anomalies are observations whose characteristics differ significantly from the normal profile Types of anomaly detection schemes Graphical & Statistical-based Distance-based Model-based Statistical Approaches Assume a parametric model describing the distribution of the data (e.g., normal distribution) Apply a statistical test that depends on Data distribution Parameter of distribution (e.g., mean, variance) Number of expected outliers (confidence limit) Grubbs’ Test Detect outliers in univariate data Assume data comes from normal distribution Detects one outlier at a time, remove the outlier, and repeat H0: There is no outlier in data HA: There is at least one outlier Grubbs’ test statistic: Reject H0 if: Statistical-based – Likelihood Approach Assume the data set D contains samples from a mixture of two probability distributions: M (majority distribution) A (anomalous distribution) General Approach: Initially, assume all the data points belong to M Let Lt(D) be the log likelihood of D at time t For each point xt that belongs to M, move it to A Let Lt+1 (D) be the new log likelihood.

Compute the difference, ï„ = Lt(D) – Lt+1 (D) If ï„ > c (some threshold), then xt is declared as an anomaly and moved permanently from M to A Limitations of Statistical Approaches Most of the tests are for a single attribute In many cases, data distribution may not be known For high dimensional data, it may be difficult to estimate the true distribution Distance-based Approaches Data is represented as a vector of features Three major approaches Nearest-neighbor based Density based Clustering based Nearest-Neighbor Based Approach Approach: Compute the distance between every pair of data points There are various ways to define outliers: Data points for which there are fewer than p neighboring points within a distance D The top n data points whose distance to the kth nearest neighbor is greatest The top n data points whose average distance to the k nearest neighbors is greatest Outliers in Lower Dimensional Projection In high-dimensional space, data is sparse and notion of proximity becomes meaningless Every point is an almost equally good outlier from the perspective of proximity-based definitions Lower-dimensional projection methods A point is an outlier if in some lower dimensional projection, it is present in a local region of abnormally low density Clustering-Based Basic idea: Cluster the data into groups of different density Choose points in small cluster as candidate outliers Compute the distance between candidate points and non-candidate clusters.

If candidate points are far from all other non-candidate points, they are outliers Base Rate Fallacy in Intrusion Detection I: intrusive behavior, ïƒ˜I: non-intrusive behavior A: alarm ïƒ˜A: no alarm Detection rate (true positive rate): P(A|I) False alarm rate: P(A|ïƒ˜I) Goal is to maximize both Bayesian detection rate, P(I|A) P(ïƒ˜I|ïƒ˜A) s X X G - = max , / ( ) 2 , / ( ( - - + - - > N N N N t N t N N G a a Info Security and Risk Management Project Part 4: Business Impact Analysis (BIA) and Business Continuity Plan (BCP) This project is divided into several parts, each with a deliverable. The first four parts are drafts. These documents should resemble business reports in that they are organized by headings, include source citations (if any), be readable, and be free from typos and grammatical errors.

However, they are not final, polished reports. Project Part 4: Business Impact Analysis (BIA) and Business Continuity Plan (BCP) Senior management at Health Network has decided they want a business impact analysis (BIA) that examines the company’s data center and a business continuity plan (BCP). Because of the importance of risk management to the organization, management has allocated all funds for both efforts. Your team has their full support, as well as permission to contact any of them directly for participation or inclusion in the BIA or BCP. Winter storms on the East Coast have affected the ability of Health Network employees to reach the Arlington offices in a safe and timely manner.

However, no BCP plan currently exists to address corporate operations. The Arlington office is the primary location for business units, such as Finance, Legal, and Customer Support. Some of the corporate systems, such as the payroll and accounting applications, are located only in the corporate offices. Each corporate location is able to access the other two, and remote virtual private network (VPN) exist between each production data center and the corporate locations. The corporate systems are not currently being backed up and should be addressed in the new plan.

The BCP should also include some details regarding how the BCP will be tested. For this part of the project: 1. Research BIAs and BCPs. 2. Develop a draft BIA plan for the Health Network that focuses on the data center.

The BIA should identify: a) Critical business functions b) Critical resources c) Maximum acceptable outage (MAO) and impact d) Recovery point objective (RPO) and recovery time objective (RTO) 3) Develop a draft BCP that could recover business operations while efforts are ongoing to restart pervious operations. You may use or repurpose a BCP template you find online. Include a description of how you would test the plan. Submission Requirements · Format: Microsoft Word (or compatible) · Font: Arial, size 12, double-space · Citation style: Your school’s preferred style guide · Estimated length: 6–10 pages DISUCSSION – Intro to Data Mining Chapter 10 : Avoiding False Discoveries This week we focus on the concept of false discovery in data.

After reviewing the article by Naouma (2019), answer the following questions: · What is a false discovery rate? · Can a false discovery rate be completely avoided? Explain. · What was the outcome of the results of the use case? Reference: TextBook : 1) Data Mining: Concepts and Techniques Author: Jiawei Han, Jian Pei, Micheline Kamber Date: ) KriÅ¾aniÄ‡, S. (2020). Educational data mining using cluster analysis and decision tree technique: A case study . International Journal of Engineering Business Management, 12, –.

Discussion – Info Security and Risk Management Chapter : 11,12,13 from textbook Managing Risk in Information Systems compare and contrast two types of risks assessments: Quantitative and Qualitative. You must use at least one scholarly resource. Every discussion posting must be properly APA formatted. PPT attached Text Book: Title: Managing Risk in Information Systems ISBN: Authors: Darril Gibson, Andy Igonor Publisher: Jones & Bartlett Learning Publication Date: 2021 Edition: 3rd edition

Paper for above instructions

Assignment: Business Impact Analysis (BIA) and Business Continuity Plan (BCP) for Health Network

Introduction

In an era where continuous operations are paramount for organizational sustainability, Business Impact Analysis (BIA) and Business Continuity Planning (BCP) play crucial roles. This report focuses on establishing a BIA and BCP for Health Network, a healthcare organization facing challenges that include unforeseen weather conditions disrupting employee operations. The aim is to identify critical business functions, assess the effects of disruptions, and formulate a recovery strategy to ensure that business operations can continue during adverse events.

Business Impact Analysis

##### a) Critical Business Functions
Critical business functions refer to activities essential for the organization’s operation and success. For Health Network, the following functions are considered critical:
- Finance: Management of financial records, budgeting, and payroll operations.
- Legal: Compliance with healthcare laws and regulations, risk management, and handling of legal disputes.
- Customer Support: Providing assistance and services to clients and stakeholders to maintain customer satisfaction and trust.
##### b) Critical Resources
Critical resources are the assets and tools necessary for executing the identified business functions. The critical resources for Health Network include:
- Data Center Infrastructure: This includes hardware (servers, storage systems, network devices) and software applications necessary for financial and legal operations.
- Human Resources: Employees in finance, legal, and customer support roles who are directly involved in executing operational tasks.
- Information Technology Systems: Systems that facilitate communication, data management, and operations collaboration within and outside the organization.
##### c) Maximum Acceptable Outage (MAO) and Impact
The MAO defines the maximum time the organization can sustain operational outages before significant harm occurs. For Health Network:
- Finance: The MAO is 24 hours, as any delay in payroll could impact employee morale and financial liabilities.
- Legal: The MAO is 48 hours, given the time-sensitive nature of legal documents and compliance issues.
- Customer Support: The MAO is also 24 hours since delays in customer service could result in loss of clients and damage to reputation.
##### d) Recovery Point Objective (RPO) and Recovery Time Objective (RTO)
RPO refers to the maximum period in which data might be lost due to a disruption, while RTO indicates the maximum time required to restore systems and functions after a disaster. For Health Network, the objectives are as follows:
- Finance:
- RPO: 1 hour
- RTO: 4 hours
- Legal:
- RPO: 2 hours
- RTO: 5 hours
- Customer Support:
- RPO: 1 hour
- RTO: 4 hours

Business Continuity Plan

The BCP outlines strategies for maintaining business operations during and after a disruptive incident. This plan includes:
##### 1. Prevention and Mitigation Strategies
To reduce the likelihood and impact of future disruptions, Health Network should:
- Implement robust disaster recovery solutions that include off-site backups and cloud storage to protect data integrity.
- Establish a communication plan to ensure that employees are informed during a disruption, including alternate work arrangements (such as remote work).
##### 2. Response Strategies
The primary response plan should involve:
- Activation of the BCP upon identifying any disruption affecting critical business functions.
- Immediate communication to all critical personnel regarding their roles and next actions according to the predetermined chain of command.
##### 3. Recovery Strategies
Post-disruption recovery processes must be established, including:
- Engaging IT teams to restore systems within the set RTO and recover data within the RPO.
- Allocation of human resources, potentially from non-affected departments, to provide support during the crisis.
##### 4. Training and Testing
To ensure the BCP is effective, regular training sessions should occur to familiarize staff with their roles in the plan. Additionally:
- The BCP should be tested annually through drills or simulations, helping to identify areas of improvement and ensuring that team members are prepared.

Conclusion

A comprehensive BIA and BCP is vital for the Health Network to ensure continued operations amid unforeseen events. By comprehensively identifying critical functions, analyzing the impacts of outages, and developing structured recovery plans, the organization can safeguard itself against potential risks. Regular training and testing of the BCP will further enhance resilience, allowing Health Network to respond effectively to disruptions while protecting valuable resources and assets.

References

1. Tan, P. N., Steinbach, M., & Kumar, V. (2004). _Introduction to Data Mining_. Addison-Wesley.
2. Han, J., Pei, J., & Kamber, M. (2012). _Data Mining: Concepts and Techniques_. Morgan Kaufmann.
3. Križanić, V. (2020). Educational data mining using cluster analysis and decision tree technique: A case study. _International Journal of Engineering Business Management_, 12, 1-10.
4. Darril Gibson, & Andy Igonor. (2021). _Managing Risk in Information Systems (3rd Edition)_. Jones & Bartlett Learning.
5. Campbell, D. T., & Stanley, J. C. (1966). _Experimental and Quasi-Experimental Designs for Research_. Houghton Mifflin.
6. Harrington, L., & Palmer, M. (2018). Business Continuity Planning and Disaster Recovery: Protecting Your Organization's Life. _Business Professional Publishing_.
7. Velásquez, J. D., & Cárdenas, J. P. (2020). A systematic review of business continuity planning. _Journal of Business Research_, 120, 367-374.
8. Mariaselvam, V., Ayyub, B. M., & Malekpour, S. (2019). A risk-based framework for business continuity management. _Risk Analysis_, 39(4), 2020-2034.
9. Perrow, C. (2011). _Normal Accidents: Living with High-Risk Technologies_. Princeton University Press.
10. McSweeney, S. (2021). Why Business Continuity Plans Fail. _Continuity Central_. Retrieved from [Continuity Central Website](https://www.continuitycentral.com).
Note: Ensure you check your school's guidelines for citation styles and adjust the references above as necessary.

« Previous Next »

Hire Dr Jack for Homework & Academic Writing Help

Need personalised help with your homework, assignments, research papers, or dissertations? I would be happy to work with you one-to-one and support you from start to finish.

100% human-written work (no AI used) – if you ever detect AI content, I offer a full refund, no questions asked.
Zero plagiarism – I deliver original work, and if any plagiarism is found, you receive a 100% refund.
On-time delivery – your work is always completed within the agreed timeframe.
Available 24/7 – you can reach out whenever it is convenient for you.
Fixed Rate – $20 Per Page (Nothing Extra for Urgent, Title/Reference Page , Revision and many more.).

To discuss your requirements, please email me at drjack9650@gmail.com . I will respond as soon as possible.