This paper focuses on the problem of prioritizing information. More specifically, it deals with applying the
concept of detectors to help detect anomalies within a collection of individual items. The motivation for this work
is the development of a real-world application to prioritize a log of transactions. The application should aid
system administrators in detecting unusual behavior patterns that may indicate potential security risks. We discuss
information management concepts such as information retrieval, filtering and categorization, to distinguish them
from information prioritizing. Then, we delve into information prioritization concepts, application development
details and the analysis of experimental results. After analysis, it is concluded that equivalence classing and the
independence surrogate are critical for the naïve detector to become ideally suited for identifying abnormal
behavior patterns within a set of transactions.
|