基于时序和兴趣度约束的加权关联规则挖掘算法研究

为了解决关联规则挖掘算法中频繁集信息挖掘不完善和时序周期对事务集频繁项挖掘的影响问题,提出了一种基于时序和兴趣度约束的加权关系规则挖掘算法。该算法首先利用时序滑动函数对时序事务集进行发生概率估算和权值赋值,依据兴趣度约束函数和剪枝定理进行事务集化简,然后根据支持度和寿支持期望进行加权频繁事务集抽取,最后依据置信度进行加权关联规则导出。实验结果证明,该算法能够快速有效地挖掘出符合用户兴趣度的关联规则。     

多段支持度数据频繁模式关联规则挖掘仿真

针对传统数据关联挖掘过程只适用于单段数据集,导致内存负担重、挖掘频繁项集效率不高等问题,提出一种多段支持度数据频繁模式关联规则挖掘方法.运用多支持度算法对数据集逐步搜索,数据集按照数据项的MIS大小有序排列,采用最小值作为最小支持度,确保该算法的地推性.构建FP_ tree树,利用FP_tree算法对待选项实施剪枝,从而准确挖掘出频繁模式的关联规则.仿真结果证明,多段支持度数据频繁模式关联规则挖掘具有较好的性能,有效提高了关联规则的挖掘效率.     

基于分段函数的多支持度关联规则挖掘算法

在多支持度关联规则挖掘算法中,针对最小支持度的选取问题,提出一种基于分段函数的多支持度关联规则挖掘算法.在多支持度算法中挖掘频繁集的时候,最小支持度由项集最小项支持度的最小值、最大值和给定的参考值所决定,这样避免了采用最小值作为最小支持度算法的时间复杂度高和存在无效规则的问题,以及采用最大值致使剪枝程度过大而造成规则遗漏的问题.通过实验结果表明了该算法的有效性.     

基于图的关联规则改进算法

关联规则挖掘是数据挖掘研究的最重要课题之一。基于图的关联规则挖掘DLG算法通过一次扫描数据库构建关联图,然后遍历该关联图产生频繁项集,有效地提高了关联规则挖掘的性能。在分析该算法基本原理基础上,提出了一种改进的算法—DLG#。改进算法在关联图构造同时构造项集关联矩阵,在候选项集生成时结合关联图和Apriori性质对冗余项集进行剪枝,减少了候选项集数,简化了候选项集的验证。比较实验结果表明,在不同数据集和不同支持度阈值下,改进算法都能更快速的发现频繁项集,当频繁项集平均长度较大时性能提高明显。     

基于图和双向搜索的频繁项集挖掘算法

基于图的关联规则挖掘算法会产生大量候选项集。针对该问题,提出一种结合双向搜索策略的改进算法。按照支持度对频繁 1-项集排序,对频繁k-项集的最长超集进行验证,利用Apriori算法进行剪枝。实验结果表明,在支持度阈值较小时,改进算法能有效减少候选项集的数量,提高挖掘效率。     

一种改进的Apriori算法

数据挖掘中的关联规则挖掘能够发现大量数据中项集之间有趣的关联或相关联系,特别是随着大量数据不停地收集和存储,从数据库中挖掘关联规则就越来越有其必要性.通过对关联规则挖掘技术及其相关算法Apaod进行分析,发现该技术存在的问题.Apriori算法是关联规则挖掘中的经典算法.对Apriori算法做了改进.借助0-1矩阵给出了计算项集的支持度计数的更快方法,同时还简化了Apriori算法中的连接和剪枝操作,从而在时间和空间上提高了Apriori算法的效率.     

向量内积策略的多支持度正负关联规则挖掘

在研究负关联规则相关特性的基础上,将向量内积引入到该领域,提出了一种基于向量内积的多最小支持度正负关联规则挖掘算法。考虑到事务数据库中各项集分布不均而导致的单一最小支持度难以设定的问题,采用了多最小支持度策略,设计了一种能同时挖掘出频繁与非频繁项集,以及从这些项集中挖掘出正负关联规则的算法。实验结果表明,该算法仅需扫描一次数据库,且具有动态剪枝,不保留中间候选项和节省大量内存等优点,对事务数据库中负关联规则的挖掘具有重要意义。     

一种基于向量的概率加权关联规则挖掘算法

关联规则挖掘是数据挖掘领域中最活跃的一个分支。目前提出的许多关联规则挖掘算法需要多次扫描数据库并产生大量候选项集,影响了挖掘效率。针对加权关联规则挖掘算法中多次扫描数据库影响算法性能的问题,对其进行了优化,采取了以空间换时间的思路,提出一种基于向量的概率加权关联规则挖掘算法。以求概率的方式设置项目属性的权值,通过矩阵向量存储结构保存事务记录,只需扫描一次数据库,并且采用不同的剪枝策略及加权支持度和置信度的计算方式。使用数据实例进行模拟实验,结果表明此算法明显提高了挖掘效率。     

一种有效的完全加权正负关联模式挖掘算法AWAPM_SPRMI

完全加权正负关联模式在文本挖掘、信息检索等方面具有重要的理论和应用价值.针对现有挖掘算法的不足,构建完全加权正负关联模式评价框架SPRMII(support-probability ratio-mutual information-interest),提出完全加权项集双兴趣度阈值剪枝策略,然后基于该剪枝策略提出一种新的基于SPRMII框架的完全加权正负关联模式挖掘算法AWAPM_SPRMII(all-weighted association patterns mining based on SPRMII).该算法克服了传统挖掘算法缺陷并采用新剪枝方法从完全加权数据库中挖掘有趣的频繁项集和负项集,通过项集权重维数比的简单计算和SPRMII评价框架,从这些项集中挖掘有效的完全加权正负关联规则.理论分析和实验表明,该算法有效,具有良好的扩展性,与现有经典挖掘算法比较,获得了良好的挖掘性能.     

有效的矩阵加权正负关联规则挖掘算法——MWARM-SRCCCI

针对现有加权关联规则挖掘算法不能适用于矩阵加权数据的缺陷,给出一种新的矩阵加权项集剪枝策略,构建矩阵加权正负关联模式评价框架SRCCCI,提出一种新的基于SRCCCI评价框架的矩阵加权正负关联规则挖掘算法MWARM-SRCCCI。该算法克服了现有挖掘技术的缺陷,采用新的剪枝技术和模式评价方法,挖掘有效的矩阵加权正负关联规则,避免一些无效和无趣的模式产生。以中文Web测试集CWT200g为实验数据,与现有无加权正负关联规则挖掘算法比较,MWARM-SRCCCI算法的挖掘时间减幅最大可达74.74%。理论分析和实验结果表明,MWARM-SRCCCI算法具有较好的剪枝效果,候选项集数量和挖掘时间明显减少,挖掘效率得到极大提高,其关联模式可为信息检索提供可靠的查询扩展词来源。     

Risk Analysis and Risk Management

Abstract

Risk management is the process that allows business managers to balance operational and economic costs of protective measures and achieve gains in mission capability by protecting business processes that support the business objectives or mission of the enterprise. Senior management must ensure that the enterprise has the capabilities needed to accomplish its mission. Most organizations have tight budgets for security. To get the best bang for the security buck, management needs a process to determine spending.     

Understanding Risk

Abstract

Over an extremely short period of our history, computer systems and the Internet have become a critical element in our social and economic infrastructure. Most would agree that information systems and, dare I say, information security, have evolved into the most critical elements of our economic infrastructure. Security has been charged with a simple task: to plan, implement, and manage an integrated, heterogeneous security environment across hardware, operating systems, middleware, network protocols, applications, and databases. There is just one small problem. Security technology is relatively immature. Security tools are weak or lacking. The tools that are available are product based — not enterprisewide, which leads to many uncommon and unworkable solutions.     

Revisiting Risk

Networks dominate today’s computing landscape and commercial technical protection is lagging behind attack technology. As a result, protection program success depends more on prudent management decisions than on the selection of technical safeguards. Managing Network Security takes a management view of protection and seeks to reconcile the need for security with the limitations of technology.     

Risk Conductors

Abstract

Akin to sound resonating through a piano wire, impacts from both physical (flood, vandalism/sabotage, explosions, pandemics, etc.) and logical (network/software/data) incidents resonate between and through enterprises and business hierarchies via “risk conductors.” There are two orders of risk conductor: Critical Infrastructure (CI) as the industrial risk conductors, and intra-organizational operational risk conductors in the form of Human Factors (HF) and Information and Communication Technology (ICT). Risk conductors, either industrial or operational, are the dispersal agents of geographically centered, physical, or logical impacts.

Critical infrastructures may transmit an impact from one enterprise to another throughout an economy. Operational risk conductors—HF and ICT—transmit horizontally within an enterprise from one business unit to another, potentially amplifying internal incidents from manageable to crisis/disaster proportions. Operational risk conductors may also transmit vertically, away from the enterprise up to the client base and downwards into the supply chain, transmitting impacts to both customers and partners/suppliers. Operational risk conductors are not necessarily a new phenomena, but they have taken on considerably greater significance under the rapid convergence of information and communication assets to Internet Protocol (IP), which has catalyzed a feedback-loop between HF and ICT. As an incident typically possesses both HF and ICT impacts, HF and ICT in turn impact each other, multiplying the scope and scale of the impact.

In addition to presenting a framework for understanding and managing operational risks and resiliency, this paper proposes a cause-and-effect relationship between IP convergence and the materialization of operational risk conductors.     

Risk Assessment

Before selecting a solution for any sort of problem, first identify the problem to solve. It sounds obvious but the process of problem discovery — or, in the case of security, risk assessment — is even more critical. Yet it’s surprising how often this simple concept isn’t rigorously adhered to, especially when it comes to security. It all comes down to your view of the scale and importance of security in the first place.     

Risk Concentration

Nature takes a variety of approaches regarding risk concentration. Stationary life tends to bend but not break, whereas mobile life tends toward risk concentration with stout border protection. Client and network devices tend to follow the latter model.     

Arguments for Qualitative Risk Assessment: The StAR Risk Adviser

Calculating risk is relatively straightforward when there is reliable statistical evidence on which to base a judgment. However, novel technologies are often characterised by a lack of such historical data, which creates a problem for risk assessment. In fact, numerical risk assessments can be positively misleading in such situations. We describe a decision support system – StAR – that gives quantitative assessments where appropriate, but which is also able to provide qualitative risk assessments based on arguments for and against the presence of risk. The user is presented with a summary statement of risk, together with the arguments that underlie this assessment. Furthermore, the user is able to search beyond these top-level arguments in order to discover more about the available evidence. Here we suggest that this approach is well-suited to the way in which people naturally make decisions, and we show how the StAR approach has been implemented in the domain of toxicological risk assessment.     

软件项目风险管理中风险分析方法的研究

对软件项目风险分析中的定性分析方法和定量分析方法进行了讨论，提出了定性分析与定量分析相结合的方式对软件项目中已识别的风险进行分析的方法，并且在分析过程中考虑了风险偏好性的影响。     

Vendor Risk Assessment

This article seeks to draw the attention of the executive management of enterprises to the growing importance of vendor risk assessments. Given that modern enterprises outsource non-core processes and operations to business partners and vendors, it is immensely important that a thorough risk assessment is performed of all control aspects and at all times—before the outsourcing and continuing risk assessments. Regulators hold enterprises responsible for data leakages by business partners and vendors. Therefore, enterprises need to ensure that appropriate metrics for measurement of vendor and business partner performance is well laid out in the agreements with the vendors and business partners. Indicative reference framework such as COBIT 5 framework for vendor management, how we manage a cloud service provider and key risk assessment processes have been provided to assist the executive management. Third party audits of businesses and operations of key vendor and business partners need to be conducted.