Comments on: K-means clustering in Java code found! http://www.vankouteren.eu/blog/2009/09/k-means-clustering-in-java-code-found/ Random thoughts, problems and solutions Mon, 06 Feb 2012 10:12:49 +0000 hourly 1 http://wordpress.org/?v=3.3.1 By: Patrick van Kouteren http://www.vankouteren.eu/blog/2009/09/k-means-clustering-in-java-code-found/#comment-2103 Patrick van Kouteren Mon, 06 Feb 2012 10:12:49 +0000 http://www.vankouteren.eu/blog/?p=144#comment-2103 Hi Akash, this is pretty straightforward. At some point in the image histogram you put the 'splitting point'. Pixelvalues on the one side will become white and on the other side will become black. This is called thresholding. This is also implemented in the ISPE code which is available on my downloads page. Cheers, Patrick Hi Akash, this is pretty straightforward. At some point in the image histogram you put the ‘splitting point’. Pixelvalues on the one side will become white and on the other side will become black. This is called thresholding. This is also implemented in the ISPE code which is available on my downloads page.

Cheers,

Patrick

]]> By: Akash http://www.vankouteren.eu/blog/2009/09/k-means-clustering-in-java-code-found/#comment-2100 Akash Thu, 02 Feb 2012 07:13:38 +0000 http://www.vankouteren.eu/blog/?p=144#comment-2100 I want to convert grayescale image into binary image ..so can u suggest any solution..! I want to convert grayescale image into binary image ..so can u suggest any solution..!

]]> By: Patrick van Kouteren http://www.vankouteren.eu/blog/2009/09/k-means-clustering-in-java-code-found/#comment-2099 Patrick van Kouteren Tue, 31 Jan 2012 14:22:38 +0000 http://www.vankouteren.eu/blog/?p=144#comment-2099 Hi Harry, Just saw that you'd posted a reply a while ago, my bad! Regarding the syslog file: it's a CSV. Which columns does it have? K-means clustering would in your case just mean that you need to extract a the messages from the CSV file and classify them in two groups. Based on those two groups the real-time detection algorithm would decide whether a detection occurs based on the message. And how would you do this real-time? Would you capture the incoming package and check for particular words? Hi Harry,

Just saw that you’d posted a reply a while ago, my bad!
Regarding the syslog file: it’s a CSV. Which columns does it have?

K-means clustering would in your case just mean that you need to extract a the messages from the CSV file and classify them in two groups. Based on those two groups the real-time detection algorithm would decide whether a detection occurs based on the message.

And how would you do this real-time? Would you capture the incoming package and check for particular words?

]]> By: Patrick van Kouteren http://www.vankouteren.eu/blog/2009/09/k-means-clustering-in-java-code-found/#comment-2097 Patrick van Kouteren Tue, 31 Jan 2012 07:16:40 +0000 http://www.vankouteren.eu/blog/?p=144#comment-2097 Hi Nicky, I don't know if I still have the images, but they were just 8-bit greyscale images. Any such type image would do. The rest of the source code can be found on the downloads page. It's in the 'Ispe development source code' zipfile. Cheers, Patrick Hi Nicky,

I don’t know if I still have the images, but they were just 8-bit greyscale images. Any such type image would do.
The rest of the source code can be found on the downloads page. It’s in the ‘Ispe development source code’ zipfile.

Cheers,

Patrick

]]> By: nicky http://www.vankouteren.eu/blog/2009/09/k-means-clustering-in-java-code-found/#comment-2096 nicky Mon, 30 Jan 2012 23:28:36 +0000 http://www.vankouteren.eu/blog/?p=144#comment-2096 hi Patrick, If you don't mind, could you also provide the images example and main class for testing? thanks anyway for the code :) hi Patrick,
If you don’t mind, could you also provide the images example and main class for testing?

thanks anyway for the code :)

]]> By: Harry potter http://www.vankouteren.eu/blog/2009/09/k-means-clustering-in-java-code-found/#comment-2081 Harry potter Tue, 10 Jan 2012 12:02:54 +0000 http://www.vankouteren.eu/blog/?p=144#comment-2081 Based on the criticality of the message we want to raise an alarm.(i.e)., we need to analyze all the logs and say whether any intrusion has occurred or not? Based on the criticality of the message we want to raise an alarm.(i.e)., we need to analyze all the logs and say whether any intrusion has occurred or not?

]]> By: Patrick van Kouteren http://www.vankouteren.eu/blog/2009/09/k-means-clustering-in-java-code-found/#comment-2080 Patrick van Kouteren Tue, 10 Jan 2012 07:47:09 +0000 http://www.vankouteren.eu/blog/?p=144#comment-2080 Hmm.. that's a good one. Clustering is mostly done on a group of data. What exactly do you want to establish with intrusion detection? Would you like to review every request and directly alarm in case of an intrusion? What does the intrusion detection flow look like? Hmm.. that’s a good one. Clustering is mostly done on a group of data. What exactly do you want to establish with intrusion detection? Would you like to review every request and directly alarm in case of an intrusion? What does the intrusion detection flow look like?

]]> By: Harry potter http://www.vankouteren.eu/blog/2009/09/k-means-clustering-in-java-code-found/#comment-2079 Harry potter Mon, 09 Jan 2012 09:52:22 +0000 http://www.vankouteren.eu/blog/?p=144#comment-2079 Which algorithm will best suit this intrusion detection sir ? Currently I want to cluster into 2 groups based on simple keyword matching as I said above. How can the code be modified for real time network packets rather than log files?Can you give some useful links sir? Which algorithm will best suit this intrusion detection sir ? Currently I want to cluster into 2 groups based on simple keyword matching as I said above. How can the code be modified for real time network packets rather than log files?Can you give some useful links sir?

]]> By: Patrick van Kouteren http://www.vankouteren.eu/blog/2009/09/k-means-clustering-in-java-code-found/#comment-2078 Patrick van Kouteren Mon, 09 Jan 2012 07:23:14 +0000 http://www.vankouteren.eu/blog/?p=144#comment-2078 Hi Harry potter (wow! THE Harry? ;-)) Your problem is quite an easy one at first sight, and I don't know whether K-Means clustering is the best option for this. K-Means clustering clusters data in an iterative fashion. If you have a predefined set of words which are characteristic for network intrusion, you're basically counting / separating. Can you explain what your method would look like? How would you do network intrusion detection step by step? Cheers, Patrick Hi Harry potter (wow! THE Harry? ;-) )

Your problem is quite an easy one at first sight, and I don’t know whether K-Means clustering is the best option for this. K-Means clustering clusters data in an iterative fashion. If you have a predefined set of words which are characteristic for network intrusion, you’re basically counting / separating.
Can you explain what your method would look like? How would you do network intrusion detection step by step?

Cheers,

Patrick

]]> By: Patrick van Kouteren http://www.vankouteren.eu/blog/2009/09/k-means-clustering-in-java-code-found/#comment-2077 Patrick van Kouteren Mon, 09 Jan 2012 07:18:37 +0000 http://www.vankouteren.eu/blog/?p=144#comment-2077 Hi darsha, First things first: you've got to think on which attributes you are going to cluster. As diseases may have many attributes, think of a good one which can really separate the diseases (clusters). The problem is actually not on the code. The theory is the most important part here. Cheers, Patrick Hi darsha,

First things first: you’ve got to think on which attributes you are going to cluster. As diseases may have many attributes, think of a good one which can really separate the diseases (clusters).
The problem is actually not on the code. The theory is the most important part here.

Cheers,

Patrick

]]>