Plagiarism Checker X Originality

Report
Similarity Found: 15%

Date: Wednesday, August 23, 2017

Statistics: 1167 words Plagiarized / 7607 Total words
Remarks: Low Plagiarism Detected - Your Document needs Optional
Improvement.
------------------------------------------------------------------------------------------
-

Chapter 1 INTRODUCTION Internet users have been increasing in the course of

recent years. With increase in users volume of multi-media traffic transmitted
over the web has increased significantly. Hence, the necessitate to analysis and
classify multimedia traffic has turned out to be more necessary.

Internet traffic classification is essential to various activities, from providing

Quality of Service(Qos) to security monitoring. Due to the assortment of data
formats, and the enormous flow of data flows through the Internet security
vulnerability initiative that need to be solved. However, research on widely-used
security applications is still open to investigations because adapting malware
generators to overcoming countermeasures.

In addition, kits have been formed advanced tools that can alter the malware so
that it won't be recognized. This leads to an augmentation of new malware cases.
Therefore, the database used in malware detection in large data fields. 1.1
Malware Detection and Its Importance Malware, short for malicious software, is
any software used to stop computer operations, collect sensitive information,
access personal computer systems, or show unnecessary advertising.

Prior to the preamble of term malware by Yisrael Radai during 90s, malicious
software then was called as computer viruses. The primary type of mal- ware
propagation involves parasitic fragments of software that gets attached
themselves to some executable data. The fragment might be a machine code
which affects normal working of some existing applications, system program, or
utility, or even the Master Boot Record(MBR) partition used to boot up a
computer system which hinders start up of the computer.

Malware is defined by its intent for malicious activities, such as performing

against the required outcomes of the PC user. Malware can be stealthy, which is
intended for stealing information or spying on the PC over a comprehensive
period exclusive of user knowledge, or on the other hand it can be composed for
causing damage, or to divert payment.

Malware term is used to allude to a various forms of intrusive or hostile software

including computer viruses, worms, spyware, Trojans, ransom ware, adware and
other malevolent programs. It can acquire the executable code form, active
content, scripts, and other software. Malware is very often embedded or
disguised in non-malicious formats/files. From 2011, the bulk of dynamic
malwares were trojans or worms instead of viruses.

Malicious hackers, data-destroying viruses and spam email are few of several
conceivable threats to personal safety. Without being protected properly, hackers
are able to access virtually any information stored or any file to get on to the
computer through malicious programs. One may possibly lost all data or no
longer ready to use it. Hence, the malware detection is crucial. 1.2

Malware Symptoms While these sorts of malware contrast extraordinarily by the

way they spread and taint PCs, they all can deliver comparative indications. PCs
that are contaminated with malware can display any of the accompanying side
effects: Increased CPU usage Slow PC or web program speeds Problems
interfacing with systems Freezing or smashing Modified or erased documents
Appearance of unusual documents, projects, or desktop symbols Programs
running, killing, or reconfiguring themselves (malware will frequently re-arrange
or kill antivirus and firewall programs) E-mails / messages that are mechanically
sent to the user's knowledge (a friend receives a strange e-mail that he did not
send) 1.3

Malware Prevention and Removal There are a few decent broad practices that
associations and individual clients need to take after to forestall malware
diseases. Some malware cases require unique techniques for avoidance and
treatment, yet these following proposals will enormously improve the insurance
of a client against a broad variety of pernicious projects : Install and run adverse
to malware and firewall programming.

When you select the software, select a program that provides tools for detecting,
segregating, and removing various types of malware. As a minimum, anti-
malware software for protection against viruses, spyware, adware, trojans and
worms. The combination of anti-malware and firewall software ensures that
incoming and existing data is scanned for malware, and malware can be securely
detached once detected.

Maintain updated software and OS with the present susceptibility patches. These
patches are commonly released to correct errors or other safety concerns that
could be exploited by aggressors. Be watchful while downloading records,
programs, connections, and so on. Downloads that look interesting or originate
from obscure sources regularly contain malware.
 1.4 Ensemble Methods for Malware Detection Malware threat scenarios are
changing so fast, so it is vital to find an approach that is fit for breaking down
immense measures of information/parcels to perceive and evacuate malware.
Solitary classifier based approach doesn't demonstrate satisfactory precision and
perceptible execution.

As of late, ensembling based methodologies acquired prominence in malware

location. A set is building a base group to group up with classifiers for
collaborative decisions on the prescribed task. When there are multiple classifiers
to make category decisions, the system is called ensemble of classifiers.

Ensemble of classifiers are notorious to accomplish superior than individual

classifiers when they are accurate and diverse. Terms accuracy and diversity can
be well understood by the following example. Classification of malware is
considered for this example, where malware includes detection of worms, harmful
scripts, etc.

Classifier A is proficient of classifying worms accurately for example and classifier

B is accomplished of classifying scripts accurately. Classifier A cannot classify
scripts accurately and classify B cannot classify worms accurately. But in real time
accurate detection of both types is needed. To achieve this both classifier
decisions can be combined called as an ensemble. So, ensemble should be
capable of processing diverse or unusual kinds of data accurately.

In categorization ensemble methods are proved to perform enhanced results at

times [1]. Ensemble methods are the majority development in data mining and
machine learning over the previous years. They Combine different models into a
more acoustic than the best frequency components.

Ensembles can proffer a fundamental enhance to challenges facing by the

industries from malware detection and detection of fraud to the recommendation
systems, where prognostic accurateness is more essential than the model's
interpretation. Malware detection methods that use auto-learning have been
comprehensively explored to allow quick detection of newly released malware.

In order to benefit from multiple different classifiers, and exploit their strengths
using an ensemble method is suggested so that will combine the results of the
individual classifiers into solitary final result to achieve overall higher detection
accuracy. Although sets are productive tools cannot be used directly in the
network environment for the high cost in question for data transfer and training
and difficult to build. In addition, existing sets are large and requires lots of
computation and memory consumption cost.

Many researchers were forced to reduce their dataset for size [2]. Hence, to make
ensembles suitable for processing huge datasets size should be reduced. This
reduction of size is called selective ensemble. Selective ensemble methods are
used in removing as many classifiers as possible from ensemble of classifiers. The
intend of selective ensemble in classification of internet traffic is to construct
ensembles which contains diversified classifiers which are capable of classifying
internet traffic accu- rately. Since, ensemble is combining of many learners its size
is very large.

Porting this ensemble to internet applications requires high memory and

computational powers and therefore time for processing traffic also increases.
Selective ensemble focuses on reduction of the ensemble size keeping the
capabilities of ensemble constant removing unnecessary weak learners which
contribute very less or nothing to final ensemble. 1.5 Motivation Ensemble
learning is acknowledged to increase effectiveness and accuracy of classification.

It is also used for reducing errors occurred by noises in data [3]. Collection of
classifiers are not efficient due to the computational workload. Construction of
base classifiers, training them, and getting predictions from each of them require
too much time in internet traffic classification when there are huge numbers of
instances in malware dataset. For instance, in network, it is a burden to train a
new ensemble model or test new incoming huge data traffic.

There is a necessitate for pruning as many base classifiers as possible. Parallel

computing strategies can be useful to lower the computational workload set of
learning [4]. But it is not the underlying principle of this study because it requires
a high cost of infrastructure.

Various ensemble selection methods are proposed to succeed over this problem
[5]. The focal theme is to get the efficiency by reducing the size of ensemble
without disturbing the effectiveness. Besides, it can increase the effectiveness if
selected classifiers are more accurate and diverse than base classifiers.

By using ensemble methods intend is to maximize the correctness of malware

classification in internet influx data and by selective ensemble endeavor is to
decrease the time cost of this effort. This thesis focal point is examining selective
ensemble in internet influx by applying different data Partitioning methods for
construction of base classifiers and popular classification algorithms like J48,
Random Forest to train them.

Simple ranked-based and optimization based selective ensemble methods are

united where base classifiers are ranked (ordered) according to accuracy
performance in a isolated validation set and then large ensemble pruned. 1.6
Organisation of the Thesis The outline of the thesis is as follows. Chapter 1
presents introduction about necessity of malware detection and use of ensemble
and selective ensemble in internet traffic classification.

Chapter 2 presents literature survey on various pruning strategies. Production ho-

mogenous and heterogenous ensembles. Chapter 3 explains about multi-stage
pruning mixture of two pruning categories. Chapter 4 provides information about
metric to survey the execution of ensembles and selective ensemble.

It also describes about data mining tools, limitations of weka to process big data.
Results and analysis of selective ensemble has been done in chapter 5. Finally,
chapter 6 gives conclusion to the thesis and provides the directions for the future
research work. Chapter 2 LITERATURE SURVEY This chapter provides literature
survey about existing ensemble methods and creation of various ensembles
using different techniques.

It also elaborates pruning methodologies employed in reduction of ensemble

size and how execution and correctness of the final ensemble is affected. 2.1
Ensembles This section provides background material on ensemble methods.
More specifically, data about the diverse methods for creating models are
exhibited and in addition distinctive strategies for bringing the decisions of the
models together. 2.1.1 Producing Models An ensemble may be either
homogeneous or heterogeneous models.

Homogeneous models are from different versions of the same learning

algorithm. Such models can be produced by injecting different values for the
specifications of the learning algorithm arbitrarily in the learning algorithm or by
the training instances manipulation, the input characteristics, and model outputs
[7]. Popular methods for generating homogeneous models are Bagging in [8] and
the boosting [9].

Heterogeneous models are produced in which different learning algorithms are

on the identical data set. Such models have distinctive perspectives on the data,
like different assumptions. For example, a neural network is robust to noise as
compared to a K-nearest neighbor classifier. 2.1.2

Combining Models General strategies for forming an ensemble of predictive

models include the stacked generalization, assortment of experts and voting. In
the voting, every model carries a class value (or probability distribution, or
ranking) and the class with the most votes is the one proposed by the ensemble.
When the class with the most number of votes is a winner, such rule is called
plurality and when the class with more than half of the votes is a winner, the rule
is known as a majority voting.

Stacked generalization [10], otherwise called stacking is a strategy which joins

models by taking in a meta-level (or level-1) demonstrate which predicts the right
class in light of the choices of the base level (or level-0) models. The outcomes of
the base-learners for every instance with the actual class of that instance forms a
meta-instance. On these meta-instances a meta-classifier is trained.

When a new instance is given for classification, the output of the all base-learners
is calculated initially and then proliferate to the meta-classifier, which furnishes
the final result. The architecture of mixture of experts[11] is same as weighted
voting method except that the weights are not consistent over the input space.
Instead gating network is used that takes as input an instance and the weights
are outputs that will be used in the weighted voting method for that specific
instance.

Each professional makes a decision and the output is averaged as in the method
of voting. 2.2 Taxonomy of Selective ensemble Methods This section elaborates
the organisation of the various selective ensemble methods into four different
categories. This categorization of pruning methods is made based upon the
technique that is leveraged in the pruning algorithm.

Any selective ensemble method falls into any one of the following categories:
Ranking based: Methods of this category are simple conceptually. The models of
the ensemble are ordered once according to an evaluation function and models
are selected in this fixed order. Clustering based: This category methods comprise
two stages. Firstly, clustering algorithm is tend to find groups of models that
make similar predictions.

Secondly, every cluster is separately pruned to augment the overall assortment of

the ensemble.
Optimization based: Selective ensemble can be viewed as a problem of
optimization as follows: discover the subpart of the novel ensemble that
optimizes a measure which indicates performance of generalization. It is
infeasible for thorough search of the entire space of ensemble subsets for a
moderate ensemble size.

Other: This category includes methods that dont fall into either of the previous
categories. Before going to the description of the main characteristics of each
category, com- mon notation is introduced. The original ensemble is denoted as
H = (ht, t = 1, 2, ....T ).

All methods employ a function that calculates the single model suitability, model
ensembles or pairs of two or more models for enclosure in the final ensemble.
Evaluation is usually made in view of the expectations of the models on a dataset,
which will be known as the pruning set. The pruning set part can be performed
by the preparation set, a different approval set, or even an arrangement of
normally existing or falsely delivered occurrences with obscure an incentive for
the objective variable. The pruning set will be meant as D = ((xi, yi), i = 1, 2, ...,

N ), where xi is a vector with highlight esteems and yi is the assessment of the

objective variable, which might be obscure. 2.2.1 Ranking-based Methods The
point of difference in the midst of the methods of this type is the ranking
heuristic and evaluation measure used for ranking model. Use of the prognostic
performance of individual models is too simple and results achieved are not
satisfying [12, 13].

Diversity measure is employed in Kappa pruning [14] for evaluation. All pairs of
classifiers are ranked in H based on the statistic of agreement evaluated on the
training set. Its time complexity is O(T 2N ). Kappa pruning could be generalized
by accepting a parameter to mention any pair wise diversity measures for either
regression or classification models, instead of the statistic.

However, there would be still beg for one theoretical fundamental question that
Do two diverse pairs of models, lead to one diverse ensemble of four models?
The induced answer is no, and even classifier ensembles which are pruned are
produced via Bagging [15] through kappa pruning are proven to be non-
competitive. An effective and efficient ranking-based pruning method for
ensembles is orientation ordering [16].

An important notion in orientation ordering is the signature vector of classifier ht;

an N-dimensional vector with elements taking the value +1 if ht(xi) = yi and -1 if
ht(xi) j= yi. The ensemble signature vector is average signature vector of all
classifiers in an ensemble. It indicates of the ability of the ensemble to accurately
classify each example in the pruning dataset (the training set in this method) by
using majority voting for grouping of classifiers. 2.2.2 Clustering-based Methods
A first issue in this category of methods is the selection of clustering algorithm.

Past approaches have used stratified agglomerative clustering [9], k-means [8, 15]
and deterministic annealing [1]. Clustering algorithms are made taking the notion
of distance into consideration. Therefore, a second issue for clustering based
methods is the selection of an appropriate distance measure.

The chance that classifiers dont make coincident errors in a separate validation
set was used as a distance measure in [18]. This measure is actually equal to one
minus the double fault diversity measure [19]. The Euclidean distance in the
training set is used in [20, 21]. A final issue worth specifying is the decision of the
quantity of bunches. This could be resolved in outlook of the execution strategy
on an approval set [20].

In [21], the quantity of groups was bit by bit expanded until the point that the
negation among the bunch centroids began to fall apart. 2.2.3 Optimization-
based Methods In the subsequent subsections focus has been made on selective
ensemble methods that are based on three different optimization approaches:
genetic algorithms, semi-definite programming and hill climbing.

The last approach is examined at a greater level of detail, as a bulk of this kind of
selective ensemble methods have been proposed in recent times. 2.2.3.1 Genetic
Algorithms The Gasen-b method [22] performs stochastic search in the space of
model subsets using a genetic algorithm. The ensemble is illustrated as a bit
string, using one bit for each model.

Models are included or excluded from the ensemble considering the value of the
equivalent bit. 2.2.3.2 Hill Climbing Hill climbing strategy avariciously chooses the
following state to visit from the area of the present state. States, for this situation,
are the distinctive subsets of models and the area of a subset S ? H comprises of
those subsets that can be developed by including or expelling one model from S.

Concentrate is on the coordinated adaptation of slope climbing that navigates

the inquiry space from one end (discharge set) to the subsequent (entire
gathering). Similarly to ranking-based methods, the crucial part that separates hill
climbing selective ensemble methods is the assessment measure. Assessment
measures can be gathered into two noteworthy classifications: execution based
and assorted variety based.

The goal of performance based measures is to discover the model ht that

ensemble efficiency produced by adding (removing) ht to (from) the existing
ensemble. Accuracy was used as an evaluation measure in [25, 26, 13], while [28]
experimented with quite a few metrics, including accuracy, root-mean-squared-
error, mean cross-entropy, lift, precision/recall break-even point, precision/recall
F-score, average precision and ROC area.

In general it is accepted that an ensemble should contain diverse models to

accomplish high predictive performance. However, there is no exact definition of
diversity, neither a single measure to calculate it. Four diversity measures
composed particularly for hill climbing selective ensemble are introduced in [32,
29, 30]. Next common notation of these measures are presented.

An approach like boosting was utilized for pruning a group of classifiers

produced by means of Bagging in [33]. The calculation iteratively chooses the
classifier with the most minimal weighted mistake on the preparation set. Case
weights are instated and refreshed by the Ada Boost calculation.

The only difference is that instead of terminating the process when the weighted
error is greater than 0.5, the algorithm resets all instance weights and continues
selecting models. The intricacy of this approach is O(T 2N ). This approach ranks
individual classifiers, but it does so based on their weighted error on the training
set.

Since at each progression of the calculation the in-position weights entrust upon
the classifiers chose up to that progression, are abstained from classifying this
way to deal with ranking-based methods, where each model can be freely
assessed and positioned autonomously of the currently selected models.
Chapter 3 SELECTIVE ENSEMBLE In selective ensemble, construction and
combination parts are same as traditional en- sembling that is explained in the
previous section.

However, there is an additional pruning part in selective ensemble. There are

various selective ensemble approaches [60]. In general, they search for an most
favorable subset of ensemble members. Searching evaluation is done with a
validation (hill-climbing or hold-out) set, which is either the whole or a separate
part of training set. Tsoumakas et al.

[60] divides selective ensemble strategies into four categories: search-based,

clustering-based, ranked-based, and other. Search-based methods are usually
based on greedy search algorithms. The main perspective is to find an optimal
subset of existing ensemble members by searching according to a validation
measure.

Forward and backward search are most popular ones. Forward selection starts
with one member chosen randomly or according to validation measure and adds
new members by searching optimal ensemble based on validation measure such
that one expects to get better validation measure after each step. Backward
selection is the opposite of forward selection.

It initiates with the entire ensemble and removes members based on validation
measure. The handicap of these search methods is to get stuck into local optima.
The solution is to apply back fitting in which previously chosen classifiers are
replaced in a greedy way. Clustering-based methods are based on two steps.
Firstly clusters are produced by a clustering algorithm. A selection strategy is
applied to each cluster and representative cluster members are obtained
accordingly.

These members are then utilized for ensemble learning. Ranked-based methods
are based on ranking ensemble members according to a validation measure.
Then it is possible to prune particular percentage of members from this ranking.
Lastly, there are some other methods that are not in any of the previous topics.
For instance, genetic algorithms and statistical approaches are inside this topic.
3.1

Combining Pruning Strategies Pruning strategies can be categorized into three

namely 1) ranking based 2) clustering based 3) optimization based. Any pruning
strategy falls under aforementioned categories. Combining heterogeneous
classifiers or homogenous classifiers is an ensemble and it out- performs
individual classifiers in terms of prediction capabilities and accuracy.

Likewise the idea in combining pruning strategies is to deduct ensemble size

prior to keeping the prediction capabilities and accuracy constant or better than
large ensemble. Combining pruning strategies can be will explained with the
following example where all three types of pruning strategies are clubbed into
stages and stand as single pruning strategy. Large ensemble is constructed using
iterative multitier ensemble classifier method as described in chapter 3.

Now ensemble have 200 meta classifiers and more. All classifiers are generated
using malware dataset which has 10,500 instances and 500 attributes. The data
set is multi class dataset. Random instances and random features are taken using
sampling to construct J48 decision tree models. To decrement the size of
ensemble initially lets say stage 1 all the meta classifiers or models are ranked.

Ranking can be done based on various ranking heuristics like accuracy, averaging,
concurrency, weighted voting, majority voting,.. etc. Ranking filters the weak
classifiers which yield very less to prediction reducing the ensemble size to some
extent. Ranking sorts the classifiers in descending order of the metric. Second
stage introduces clustering based pruning strategy.

The resulting classifiers from stage 1 are clustered to groups based on

similarities/dissimilarities. Clustering aims to select diverse classifiers among the
base classifiers. Diverse classifiers enhances the categorization of wide range of
instances that are to be classification.

Instances that are tough to classify also can be handled by diverse classifiers.
Third stage of the pruning is applying of optimization strategy to the resulting
ensemble in second stage. The aim of optimization strategy is to select best sub-
ensemble from the given ensemble whose accuracy is improved.

Sub ensemble is selected by using hill climbing metrics through forward selection
strategy or backward elimination strategy. This combining of pruning strategies
reduces the ensemble size by removing the classifiers which provide weak
prediction capabilities which can be observed in all the stages mentioned above.
Final ensemble resulting after all stages is optimized as far as possible. 3.2

Multi-stage Pruning Multi-stage pruning is one such algorithm described in

above section which is aimed at reduction of ensemble created for internet traffic
classification. Given the ensemble of classifiers it outputs the optimized sub
ensemble which have greater accuracy over initial large ensemble. The processing
time essential to classify the instances is way less than the larger ensemble.

Hence, it provides opportune to port the whole system to network so that

internet traffic is monitored for the existence of the malware. / Given a dataset
the algorithm considers percentage of data set (p), Pruning set (D), Ensemble (E),
ci are taken as parameters. First stage of the algorithm is ranking all base
classifiers using proposed heuristics present in ensemble.
 Following ranking heuristics are used in first stage of multi-stage Pruning to
ensure diversified classifiers: Complementariness: The complementariness of a
model as for an ensemble is really the quantity of cases of D that are
characterized effectively by the model and mistakenly by the group. Weighted
complementariness: Weighted complementariness has associated weights to the
predictions of instances.

Instances hard to classify has more weight and instances which are easy to
classify have less weight. Concurrency: This measure is same as that of
complementariness with the difference that it takes into account two extra cases.
The engaged ensemble selection method proposes a measure that uses every
one of the occasions and furthermore considers the quality of the current
ensemble's choice.

Averaging: Averaging is aggregation of all predictions from every meta classifier

in an ensemble and the greater part will be given the classified value. Margin
Distance: The margin distance minimization method is relied on the same
concepts as the orientation ordering ranking-based method). It scans for the
ensemble S with the base separation between its signature vector S and a
predefined vector O put in the primary quadrant of the N-dimensional hyper
plane. Second stage includes applying optimization algorithm on every classifier
in the ensemble.

Every classifier is added to check whether it adds to increment in prescient

precision if not expelled else added to ensemble by utilizing voracious inquiry
procedure to locate the best sub outfit. Test assessment has indicated multistage
pruning performs well than single classifier based calculation and substantial
outputs.
3.3

Command Line Arguments for Ensemble Pruning Dataset : Dataset argument

takes dataset only in Attribute Relation File Format (ARFF) file format since Java
code for this experiment is designed such a manner that it imports necessary
classes from weka source for convenience. Location of dataset : This argument
takes the location of dataset on pc.

Location to dump results: This argument takes the location of the PC to dump
results and log files. Selection Strategy: There are two selection strategies to
select optimal sub- ensemble from the large ensemble : Forward selection
strategy: Starting from single classifier sub ensemble is selected in such a way
that it should improve the accuracy else it will be dropped.

Backward selection strategy: This strategy starts with whole ensemble and
eliminates the weak classifiers if presence of that classifier decreases the
performance of ensemble. Prune/Train: Train is to train the classifier on the given
dataset. Whereas the prune is to prune the trained model on test dataset.
Ranking Heuristics : Five ranking heuristics are used to obtain the diverse clas-
sifiers in optimized ensemble.

SUMMARY This chapter explains the multistage pruning algorithm. The

arguments that has to supplied to the multistage pruning module. Ranking
heuristics used for ranking meta classifiers, optimization strategy which finds
optimal sub-ensemble.
 Chapter 4 EXPERIMENTAL SETUP This chapter explains about the metrics which
estimate the performance of the ensembles.

It also briefly describes about the different data mining tools that are available.
4.1 Metrics Performance metrics ensures that pruning model built is robust to
detect malware effectively. Area Under Curve (AUC) common metric is used for
eva1uating the effectiveness of the classifiers.

AUC considers plot of rates of true positives vs false positive rates as the
threshold value for classifying an instance as 0 or increased from 0 to 1. Classifier
is treated as very good of true positive rate increases quickly and area under the
curve approaches 1. If the true positive rate increments straightly with false
positive rate then classifier is no better than random guessing and area under
curve will be near 0.5.

AUC is one of the optimal way to outline the performance in single number. AUC
metric takes values from 0.5 to 1 where as value around 0.5 is considered as
worst classifier, value close to 1 corresponds perfect classifier. Other standard
metrics are: accuracy precision recall F-measure. RMSE ROC area FP rate TP rate
 4.2 Dataset Dataset malware n-grams has been considered as a contribution
from information vaults all through the investigation.

The dataset constitutes of 10,500 instances( rows) that indicates a malware

object. 500 attributes (columns) which indicate characteristics of malware
instance n-grams malware dataset obtained from an data files that has to be
classified Static features are produced by n-grams that aims in malware
detection.

N-gram model is a sort of probabilistic dialect display for foreseeing the

following item in such a succession as a (n-1) order Markov model. Two benefits
of n-gram models (and algorithms that use them) are simplicity and scalability
that aims in malware detection. Dataset is divided into three subsets for training,
testing and pruning. 4.3 Data mining Tools It is legitimately said that information
is cash in this day and age.

Alongside the change to an application based world comes the exponential

development of information. In any case, an extensive bit of the information is
unstructured and consequently it takes a procedure and strategy to remove
valuable data from the information and change it into reasonable and usable
shape. This is the place information mining comes into picture.

Several instruments are accessible for information mining errands utilizing

computerized reasoning, machine learning and different strategies to remove
information. There are six intense open source information mining tools available:
4.3.1 Rapid Miner YALE written in the Java Programming dialect, this device offers
progressed examination through layout based systems.

A reward to clients that they require not need to compose any code. YALE is
offered as an administration, rather a bit of neighborhood programming, this
instrument holds top position on the rundown of information mining devices. In
accumulation to data mining, Rapid Miner likewise gives usefulness like
information preprocessing and perception, prescient examination and factual
demonstrating, assessment, and sending. What makes it significantly more
powerful is that it gives learning plans, models and calculations from WEKA and R
scripts.

Rapid Miner is conveyed under the AGPL open source permit and can be
downloaded from Source Forge where it is appraised the main business analytics
software. 4.3.2 WEKA The first non-Java adaptation of WEKA essentially was
created for dissecting information from the farming space. With the Java based
variant, the device is exceptionally complex and used as a piece of an extensive
variety of utilizations including representation and calculations for information
investigation and prescient demonstrating.

Its free under the GNU General Public License, which is a noteworthy in relation
to Rapid Miner, in light of the fact that customers can modify it in any way they
want. WEKA bolsters a few standard information mining assignments, including
information preprocessing, grouping, arrangement, relapse, representation and
highlight determination.

WEKA would be all more effective with the extension of sequence modeling,
which at present is excluded. 4.3.2 R-Programming Project R, a GNU extend, is
not composed in R itself. It's essentially composed in C and Fortran. What's more,
a significant measure of its modules are composed in R itself. It's a free
programming dialect and programming condition for factual figuring and
illustrations.

The R language is generally utilized among information diggers for creating

measurable programming and information investigation. Convenience and
extensibility has brought R's ubiquity significantly up as of late. Other than data
mining it gives factual and graphical methods, including direct and nonlinear
displaying, traditional measurable tests, time arrangement examination, order,
grouping, and others. 4.3.3

Comparative Study Weka is preferred over other data mining tools for
classification and research oriented tasks because weka is simple to learn and
operate. There is no necessitate for extra time to be spent on using this tool as
gui provides complete information regarding operations. Table 4.1: Comparison
of various data mining tools Characteristic Yale R Weka Developer Germany
World wide Development New Zealand Programming Lang Java C, Fortran, R
Java License Openv.5, closed v.6 free software Open source Current version 6
3.02 3.6.10 Gui or CMD Gui both both Main purpose General data mining
mining sci.computational statistics general data mining community support
large very large large It is open source and provides scope for researchers to
build their own classifiers and ported. Table 5.1 shows that weka is handy tool for
general data mining purposes. Additionally weka provides database connection
using jdbc with any rdbms package.

WEKA has many features like filters to filter the datasets, preprocessors which
preprocess the given dataset for classifying ease, various classification methods, a
range of ensemble meta classifiers, clustering algorithms, and portraying of
graphs for analyzing the results, depiction of various metrics etc. 4.4 WEKA The
Waikato Environment for Knowledge Analysis (WEKA) came to fruition through
the apparent requirement for a brought together workbench that would permit
scientists simple access to best in class methods in machine learning.

At the season of the venture's commencement in 1992, learning calculations were

accessible in different dialects, for use on various stages, and worked on an
assortment of information groups. The errand of gathering together learning
plans for a near report on an accumulation of informational indexes was
overwhelming, best case scenario.

It was imagined that WEKA would give a tool stash of learning algorithms, as well
as a system inside which scientists could actualize new algorithms without being
worried about supporting infrastructure for data manipulation and scheme
evaluation. Now-a-days, WEKA is perceived as a point of interest framework in
data mining and machine learning [22].

It has accomplished far reaching acknowledgment inside scholarly community

and business circles, and has evolved into a generally utilized device for
information mining research. The book that goes with it [35] is a well known
course book for data mining and is as often as possible referred to in machine
learning distributions. Little, assuming any, of this achievement would have been
conceivable if the framework had not been discharged as open source
programming.

Giving clients free access to the source code has empowered a flourishing group
to create and encouraged the formation of many activities that join or extend
WEKA.
4.4.1 New Features Since WEKA 3.4 Numerous new components have been
added to WEKA since version 3.4 not just as
new learning algorithms, yet in addition preprocessing filters, convenience enhan
cement and support for norms. As of composing, the 3.4

code line involves 690 Java class records with an aggregate of 271,447 lines of
code2, the 3.6 code line contains 1,081 class documents with a sum of 509,903
lines of code. In this section, the absolute most remarkable new components in
WEKA 3.6 are discussed. The biggest change to WEKA's core classes is the
expansion of relation valued attributes keeping in mind the end goal to
straightforwardly bolster multi occurrence learning issues [6]. A relation valued
attribute enables each of its values to reference another arrangement of
examples.

Other embellishments to WEKAs data format incorporate a XML design for ARFF
documents and support for determining instance weights in standard ARFF
records. Another expansion profoundly of WEKA is the "Abilities" meta-data
facility. This structure permits singular learning algorithms and filters to proclaim
what data characteristics they can deal with.

This, in turn, empowers WEKA's UIs to show this data and give input to the client
about the relevance of a plan for the current information. In a comparative vein,
the "Specialized Information" classes enable plans to supply reference subtle
elements for the calculation that they execute. Once more, this data is organized
and uncovered naturally by the UI. Logging has additionally been enhanced in
WEKA 3.6 with the option of a focal log record.

This record catches all data kept in touch with any graphical logging board in
WEKA, alongside any yield to standard out and standard error. 4.5 Programming
Using WEKA API Weka is implemented in Java. Hence, it requires JVM (Java
Virtual Machine) to run. JVM heap size can be allocated by user by the following
commands Java -Xmx1024M Xms1024M -jar weka.jar where Xmx is max heap size
and Xms is minimum heap size.

Main requirement of weka explorer to run is that entire dataset should be loaded
into memory prior to processing further operations. Weka package has some in
built data sets in ARFF format with every one of the data set not surpassing more
than 1000 occurrences and not surpassing 50 properties. / Figure 4.1: Runtime
error of WEKA running large datasets These data sets can be utilized for
arrangement purposes with no issue for single classifier based algorithms.
For extensive datasets and multi-level ensembles development and furthermore
coming about expectations for each occurrence is put away in primary memory
itself to calculate final result which requires larger main memory for WEKA
graphical user interface to run. Unfortunately 32 bit JVM can designate greatest
load size to 4GB which is inadequate for huge datasets and a 64 bit JVM can
assign up to 64 GB yet PCs don't bolster 64GB memory cards with present
technology. Figure 4.1 delineates the special case tossed by wekagui when tried
different things with extensive dataset.

Variant of weka that is Simple CLI. Command line version of weka need not
require whole dataset to be in primary memory to run classification. It considers
dataset in a increasing manner and stores the forecasts on secondary storage. At
long last choices are collected utilizing forecasts stored on secondary storage.

Simple CLI takes commands for conjuring classification algorithms on given

dataset with Java as prefix for any command. Simple CLI of weka has been shown
in figure 4.1. However, the immense ensemble construction methods includes
rehashed operations because of thought of variety in parameters for identical
grouping algorithm, haphazardness in taking subset of dataset.

In this test think about various changes of 3 level ensemble with multi boost,
decorate, Bagging at each level has been considered which gives six conceivable
outcomes and to get steady value every stage is worked ten times on dataset
Hence, utilizing Simple CLI for rehashed operations is repetitive approach.
SUMMARY This chapter furnishes the details about the metrics used to measure
the performance of ensembles/classifiers, various data mining tools and why
weka is preferred among them. It also states the limitations of the weka to handle
big data and reasons for the limitations.
 Chapter 5 RESULTS This chapter analyses and furnishes the outcomes i.e.,
prediction accuracy and processing time of iterative multitier ensemble in
contrast to base classifiers. The outcomes of multi-stage pruning vs meta
ensemble classifiers available in weka is depicted. 5.1

Ensemble creation Due to technical difficulties mentioned in chapter 5 for using

Simple CLI for big datasets. A new Java code is generated by importing core
functionalities from weka source code like arff loader, tree models, base classifier
algorithms, instance prediction etc. Java code is programmed for ensemble
creation and multi-stage pruning separately.

Ensemble creation takes training and testing data percentages, pruning data
percentage, dataset in arff file format, location of the dataset, location to dump
tree models. Where as multi-stage pruning takes pruning dataset, location to
take tree models, location to dump predictions and lopg files, ranking heuristics,
selection strategy, train/prune. 5.2 Performance of Ensemble For creation of
iterative multitier ensemble J48 classifier which is readily available in weka is used
as base classifier.

For generation of meta classifiers the following ensemble meta classifiers are
used at various tiers, Bagging at second tier, Adaboost at third tier and Multi-
boost at 4th tier. Recent researches show that this permutation has achieved best
results. Figure 5.1 shows the performance of base classifiers.
 / Figure 5.1: Accuracy of base classifiers Both ensemble creation and multi-stage
pruning Java APIs require run time arguments to process the dataset and output
results.

For ease of user interaction these APIs are interfaced with Perl script. And for
aesthetics windows batch scripting is used. Both APIs are united using Perl script
though they are designed separately. 5.3 Execution Sequence This section gives
information about how to use APIs to process large datasets and obtain results.
5.3.1

Creation of Homogenous Tree Models Figure 5.2 shows the start up of

application interface. Prior to the pruning to be executed ensemble should be
created. If ensemble is already created one can skip this part by pressing no else
if ensemble has to be created press yes in the dialog box. The dataset
percentage, pruning ratio, and training percentage are kept constant throughout
experiment to make all outcomes uniform.

User can make simple modification in Perl script to interface these 3 attributes
manually.
 / Figure 5.2: Ensemble creation 5.3.2 Dataset Figure 5.3 shows the dialog box to
select the dataset. Only ARFF file format is sup- ported as of now. API can be
modified with extensions to support other formats like CSV or other alternative is
use of the Java code which converts CSV to ARFF.

For this experiment malware dataset is only used. If one wants to add more
datasets new datasets can be included in the string array in Perl script. / Figure
5.3: Dataset selection 5.3.3 Selection of Ranking Heuristic Figure 5.4 shows the
dialog box for selection of ranking heuristic. Ranking heuristic is used to rank the
models in ensemble with respective ranking strategy.

The interface is designed in a such a way that user can select ranking heuristic
recursively one after another to find best model.
 / Figure 5.4: Heuristic selection 5.3.4 Optimization Strategy Figure 5.5 shows the
dialog box to select the optimization strategy to find best sub ensemble from
large ensemble. Two optimization strategies are implemented in the code.

First one is forward selection strategy which starts with zero classifiers and ends
with sub ensemble and the second on is backward elimination starts with whole
ensemble removes weak ones ends with sub ensemble. / Figure 6.5: Optimization
strategy selection
 5.3.5 Training/Pruning Figure 5.6 shows the dialog box to train the models or
test the models on prune dataset. / Figure 5.6: Training/pruning 5.3.6 Pruning
Java Executable / Figure 5.7: Triggering of Java executable After furnishing the
interface with the arguments Java api is triggered to process the pruning. Figure
5.7 and 5.8

shows the triggering of pruning Java executable window popping out of

command prompt.
 / Figure 5.8: Pruning executable window 5.3.7 Pruning Results / Figure 5.9:
Accuracy of base classifiers After the triggering has been started one has to wait
for couple of minutes to get the outcomes since 200 models have to be
processed. Figure 5.9 shows the pruning outcomes. Accuracy and time are the
results which are more concerned about. Figure 5.10 shows the performance of
multistage pruning among other ensemble meta classifiers.
 / Figure 5.10: Accuracy of ensemble SUMMARY This chapter provides the
execution sequence to process big data for classification and guides to use
proposed API to create ensembles and prune them. Comparative study among
the multistage pruning and meta ensemble classifiers is portrayed through
graphs.
 Chapter 6 CONCLUSION & FUTURE DIRECTIONS This chapter provides summary
and conclusions of the research work carried out and presented in this thesis. It
also furnishes the future directions of the work that can be carried out further as
extensions to this work. 6.1 Conclusions In this thesis use of ensembles instead of
base classifiers to improve the predictive per- formance and productivity has
been elaborated.

Single base classifier based classification can only predict homogenous data
instances. Where as grouping of classifiers called as ensemble can handle diverse
data instances. Any classification requirements would be prediction accuracy and
the diversity of the model to tackle the input data to categorize.

With multitier ensemble using meta ensemble classifiers at each tier it is possible
to handle even the instances which are tough to categorize. If one tier fails to
categorize the decision is forwarded to upper tier and if the accuracy is low upper
tier meta ensemble classifiers like adaboost boosts the weak learners.

Though use of multitier ensembles offer diversity and good predictive

performance they cannot be ported to real time systems like internet where there
is acute need for cate- gorization of data transmitted to avoid unnecessary data
which are harmful like malware. Since these multitier ensembles require high
memory cost and time overhead for process- ing, reduction of ensemble size is
needed.

To achieve this multi-stage pruning a two stage pruning algorithm has been
discussed. Experimental results have shown that multi-stage pruning outperforms
the meta ensemble classifiers. 6.2 Future Work Handling big data for classification
problems for research purposes has been a challenge over the recent years.

Though weka Simple CLI can handle large datasets to some extent. JVM memory
limitation restricts weka data mining tool to operate larger datasets. As of now a
32-bit JVM can provide only 4GB of memory for running an executable. But real
time requirement is far more than that. To overcome this there are tutorials in
wiki spaces to use weka source and design ones own interfaces to handle big
data.

This can be extended to use of scripting in this field. Groovy scripting is powerful
tool which drastically reduces time to code. Use of scripting in classification of big
data would be one such future direction.
INTERNET SOURCES:
------------------------------------------------------------------------------------------
-
0% - http://shodhganga.inflibnet.ac.in/bitstr
0% - http://docs.fortinet.com/uploaded/files/
0% - http://www.123helpme.com/search.asp?text
0% - https://www.researchgate.net/publication
0% - https://www.slideshare.net/MerveKara/mon
0% - Empty
0% - https://46015695.r.bat.bing.com/?ld=d3Vm
0% - http://broom02.revolvy.com/topic/Malicio
0% - https://en.wikipedia.org/wiki/Computer_v
0% - http://cs.nyu.edu/~gottlieb/courses/os20
0% - https://www.engineersgarage.com/tutorial
0% - http://broom01.revolvy.com/topic/Kaspers
0% - https://en.wikipedia.org/wiki/Malware
0% - https://cyberparse.co.uk/tag/malware/pag
0% - http://acms.ucsd.edu/students/resnet/mal
0% - https://www.google.ca/patents/US20030046
0% - https://33002119.r.bat.bing.com/?ld=d3ak
0% - https://www.scribd.com/document/32442900
0% - https://askleo.com/someones-sendin/
0% - https://www.theregister.co.uk/2004/10/22
0% - http://www.veracode.com/blog/2012/10/com
0% - https://33002119.r.bat.bing.com/?ld=d34h
0% - https://www.safer-networking.org/faq/
0% - https://en.wikipedia.org/wiki/Computer_s
0% - http://www.cisco.com/c/en/us/td/docs/sol
0% - http://psrcentre.org/images/extraimages/
0% - http://www.sciencedirect.com/science/art
0% - http://integralleadershipreview.com/7046
0% - http://research.ijcaonline.org/volume67/
0% - https://www.researchgate.net/journal/095
0% - http://www.morganclaypool.com/doi/pdf/10
0% - https://33002119.r.bat.bing.com/?ld=d3s4
0% - http://www.sciencedirect.com/science/art
0% - http://www.barringer1.com/nov07prb.htm
0% - http://explainingcomputers.com/hardware.
0% - http://dl.acm.org/citation.cfm?id=267793
0% - http://www.sciencedirect.com/science/art
0% - http://www.inderscience.com/info/ingener
0% - https://support.quest.com/technical-docu
0% - http://archive.ics.uci.edu/ml/datasets.h
0% - http://www.sciencedirect.com/science/art
0% - http://liu.diva-portal.org/smash/get/div
0% - https://quizlet.com/12354271/systems-ana
0% - https://en.wikipedia.org/wiki/Feature_se
0% - https://www.cognizant.com/InsightsWhitep
0% - https://www.hindawi.com/journals/cin/201
0% - http://doi.acm.org/10.1145/2598394.26056
0% - https://www.quora.com/Are-patents-worth-
0% - https://www.ukessays.com/essays/educatio
0% - http://www.sciencedirect.com/science/art
0% - http://www.sciencedirect.com/science/art
0% - https://www.nap.edu/read/21789/chapter/5
0% - http://www.thearling.com/text/dmwhite/dm
0% - http://lib.dr.iastate.edu/cgi/viewconten
0% - http://www.essay.uk.com/essays/computer-
0% - https://www.scribd.com/document/24290082
0% - https://link.springer.com/referenceworke
0% - https://www.r-project.org/doc/bib/R-book
0% - https://link.springer.com/chapter/10.100
0% - https://support.office.com/en-us/article
0% - https://link.springer.com/content/pdf/10
0% - https://link.springer.com/referenceworke
0% - http://www-personal.umd.umich.edu/~delit
0% - http://www.ijetae.com/files/Volume5Issue
0% - http://dl.acm.org/citation.cfm?id=224721
0% - https://link.springer.com/chapter/10.100
0% - https://quizlet.com/2729495/ap-gov-unit-
0% - https://quizlet.com/28136071/voting-flas
0% - https://www.edmunds.com/mercedes-benz/c-
0% - http://www.sciencedirect.com/science/art
0% - http://www.sciencedirect.com/science/art
0% - https://support.quest.com/technical-docu
0% - http://www.sciencedirect.com/science/art
0% - http://www.sciencedirect.com/science/art
0% - http://www-users.cs.umn.edu/~kumar/dmboo
0% - http://journals.ametsoc.org/doi/full/10.
0% - http://www.sciencedirect.com/science/art
0% - http://downloads.hindawi.com/journals/mp
0% - http://dl.acm.org/citation.cfm?id=148352
0% - http://www.tulane.edu/~sanelson/Natural_
0% - http://wac.colostate.edu/books/genre/cha
0% - https://arxiv.org/pdf/1703.02051.pdf
0% - https://www.mathworks.com/help/stats/ste
0% - https://en.wikipedia.org/wiki/Consumer_b
0% - https://patents.google.com/patent/US2013
0% - http://www.sciencedirect.com/science/art
0% - http://www.google.com/patents/US20080161
0% - http://www.sciencedirect.com/science/art
0% - https://en.wikipedia.org/wiki/Non-parame
0% - http://www.sciencedirect.com/science/art
0% - https://www.researchgate.net/publication
0% - http://www.academia.edu/940880/An_ensemb
0% - http://www.academia.edu/940879/A_taxonom
0% - https://www.researchgate.net/publication
0% - http://www.ijera.com/papers/vol%201%20is
0% - https://www.researchgate.net/publication
0% - https://bmcbioinformatics.biomedcentral.
0% - http://www.pymvpa.org/tutorial_classifie
0% - https://en.wikipedia.org/wiki/List_of_La
0% - https://www.scribd.com/document/23905052
0% - http://www.sciencedirect.com/science/art
0% - https://sourceforge.net/directory/?q=gen
0% - http://consumerpsychologist.com/marketin
0% - http://www.sciencedirect.com/science/art
0% - https://en.wikipedia.org/wiki/Computer_n
0% - https://www.unifr.ch/appecon/assets/file
0% - http://www.nature.com/nri/journal/v14/n6
0% - http://www.sciencedirect.com/science/art
0% - http://www.kellen.net/bpm.htm
0% - http://dl.acm.org/citation.cfm?id=163691
0% - https://www.researchgate.net/publication
0% - https://163019259.r.bat.bing.com/?ld=d3_
0% - http://www.itl.nist.gov/div898/handbook/
0% - https://www.researchgate.net/publication
0% - http://www.sciencedirect.com/science/art
0% - https://link.springer.com/article/10.100
0% - https://en.wikipedia.org/wiki/Weighted_m
0% - https://www.hindawi.com/journals/tswj/20
0% - https://icsc.un.org/resources/pdfs/ar/AR
0% - https://0.r.bat.bing.com/?ld=d3mUzY-NKWG
0% - https://www.scribd.com/doc/297764151/Sem
0% - http://www.academia.edu/940879/A_taxonom
0% - http://doctorslounge.com/oncology/diseas
0% - http://www.sciencedirect.com/science/art
0% - http://www.sciencedirect.com/science/art
0% - http://dl.acm.org/citation.cfm?id=204290
0% - https://www.researchgate.net/publication
0% - http://lifehacker.com/how-to-awaken-in-y
0% - http://www.enggjournals.com/ijcse/doc/IJ
0% - http://www.inderscience.com/info/ingener
0% - http://nassau.ifas.ufl.edu/horticulture/
0% - https://1512100.r.bat.bing.com/?ld=d3P_H
0% - http://www.sciencedirect.com/science/art
0% - http://docs.oracle.com/cd/E11882_01/serv
0% - http://files.spogel.com/projectsqa-cse/p
0% - https://www.computer.org/web/csdl/index/
0% - http://www.hi.is/~benedikt/Courses/DataM
0% - http://doi.acm.org/10.1145/1631272.16312
0% - https://link.springer.com/chapter/10.100
0% - https://link.springer.com/article/10.100
0% - https://dzone.com/articles/cluster-analy
0% - https://rd.springer.com/content/pdf/10.1
0% - http://www.iosrjournals.org/iosr-jce/pap
0% - http://ijarcet.org/wp-content/uploads/IJ
0% - http://www.sciencedirect.com/science/art
0% - http://www.sciencedirect.com/science/art
0% - https://www.researchgate.net/publication
0% - http://www.sciencedirect.com/science/art
0% - http://www.un.org/documents/ga/res/40/a4
0% - http://www.definitions.net/serp.php?st=d
0% - https://www.researchgate.net/publication
0% - https://www.isixsigma.com/tools-template
0% - http://www.sciencedirect.com/science/art
1% - http://www.ishitvtech.in/pdf/sajet-vol-2
1% - http://www.ishitvtech.in/pdf/sajet-vol-2
1% - http://www.ishitvtech.in/pdf/sajet-vol-2
0% - https://link.springer.com/article/10.100
0% - https://www.coursehero.com/file/p9l2sv/S
0% - http://dl.acm.org/citation.cfm?doid=3018
0% - https://en.wikipedia.org/wiki/Trombone
0% - http://dl.acm.org/citation.cfm?id=179511
0% - http://www.sciencedirect.com/science/art
0% - http://wikivisually.com/wiki/Decompose
0% - http://dl.acm.org/citation.cfm?id=128840
0% - http://www.cse.unt.edu/~nielsen/classes/
0% - http://library.columbia.edu/locations/ds
0% - http://www.networkworld.com/article/2320
0% - http://dl.acm.org/citation.cfm?id=243682
0% - http://www.google.it/patents/WO201312267
0% - https://link.springer.com/article/10.100
0% - http://www.sciencedirect.com/science/art
0% - http://www.sciencedirect.com/science/art
0% - http://scholar.lib.vt.edu/theses/availab
0% - http://www.dbjournal.ro/archive/2/6_Andr
0% - https://www.google.ca/patents/WO20071175
0% - http://dl.acm.org/citation.cfm?id=142166
0% - https://docs.rapidminer.com/studio/opera
0% - http://www.sciencedirect.com/science/art
0% - http://www.sciencedirect.com/science/art
0% - https://roamanalytics.com/2016/10/28/are
0% - https://bmcbioinformatics.biomedcentral.
0% - https://www.researchgate.net/profile/P_V
0% - https://www.scribd.com/document/34978404
0% - http://broomo2.revolvy.com/topic/Skip-gr
0% - https://www.iare.ac.in/sites/default/fil
0% - http://arvindguptatoys.com/arvindgupta/h
0% - https://www.revolvy.com/main/index.php?s
0% - http://www.marriott.com/help/rewards-faq
0% - https://www.computer.org/web/computingno
0% - https://issuu.com/agii6/docs/business_co
0% - https://issuu.com/bestjournals/docs/1_-_
0% - https://en.wikipedia.org/wiki/Wikipedia:
0% - https://pluto.revolvy.com/topic/GNU%20Ge
0% - http://www.academia.edu/1749179/Manageme
0% - http://dl.acm.org/citation.cfm?doid=2701
0% - https://investigation.com/2014/06/19/vol
0% - http://docplayer.net/13344826-Parametric
0% - https://bib.irb.hr/datoteka/699127.MIPRO
0% - https://bib.irb.hr/datoteka/699127.MIPRO
0% - https://journalofbigdata.springeropen.co
0% - https://en.wikipedia.org/wiki/Machine_le
0% - https://issuu.com/monowarkamal/docs/wile
0% - http://machinelearningmastery.com/start-
0% - http://www.cms.waikato.ac.nz/~ml/publica
0% - https://www.researchgate.net/publication
0% - http://scholar.lib.vt.edu/ejournals/JOTS
0% - http://searchbusinessanalytics.techtarge
0% - https://www.ssc.govt.nz/spirit-of-reform
0% - http://refractory.unimelb.edu.au/categor
0% - https://www.slideshare.net/Tommy96/the-w
0% - http://www.academia.edu/14700579/The_WEK
0% - https://www.scribd.com/document/22579232
0% - https://www.scribd.com/document/33677685
0% - https://www.researchgate.net/publication
0% - https://www.scribd.com/document/34070417
0% - http://www.15minutenews.com/technology/2
0% - https://www.docme.ru/doc/225572/instant-
0% - https://answers.microsoft.com/en-us/wind
0% - http://www.informatik.uni-ulm.de/ni/Lehr
0% - http://www.inderscienceonline.com/doi/fu
0% - http://www.cms.waikato.ac.nz/~ml/publica
0% - http://www.senturus.com/resources/
0% - https://issuu.com/mimimi959/docs/be-t-t-
0% - http://www.iasri.res.in/ebook/win_school
0% - https://stackoverflow.com/questions/2593
0% - http://docs.oracle.com/cd/B28359_01/data
0% - http://www.ijsrp.org/research-paper-1014
0% - http://www.csdp.org/research/chap5.pdf
0% - https://www.computer.org/web/csdl/index/
0% - http://business.uc.edu/academics/centers
0% - https://www.computer.org/web/csdl/index/
0% - http://www.academia.edu/22580107/Large_I
0% - https://microbiomejournal.biomedcentral.
0% - https://cran.rstudio.com/web/packages/av
0% - https://en.wikipedia.org/wiki/PHP_script
0% - https://aws.amazon.com/about-aws/whats-n
0% - http://www2.sas.com/proceedings/sugi30/2
0% - http://www.askvg.com/tip-how-to-copy-tex
0% - https://www.scribd.com/document/34952951
0% - http://www.iasri.res.in/ebook/win_school
0% - https://docs.oracle.com/cd/B28359_01/app
0% - https://wiki.emulab.net/wiki/EmulabStora
0% - https://link.springer.com/article/10.100
0% - https://www.google.ca/patents/US20140046
0% - https://www.coursehero.com/file/14109526
0% - http://www.academia.edu/787570/A_Literat
0% - http://www.cs.cmu.edu/~motionplanning/pa
0% - http://bmcbioinformatics.biomedcentral.c
0% - http://dl.acm.org/citation.cfm?id=261649
0% - https://link.springer.com/chapter/10.100
0% - http://shodhganga.inflibnet.ac.in/bitstr
0% - https://dspace.lboro.ac.uk/dspace-jspui/
0% - http://www.sciencedirect.com/science/art
0% - http://ijarcet.org/wp-content/uploads/IJ
0% - https://link.springer.com/article/10.118
0% - http://dl.acm.org/citation.cfm?doid=3055
0% - http://ipasj.org/Justsub.php
0% - https://www.researchgate.net/publication
0% - http://www.inderscience.com/info/ingener
0% - https://en.wikipedia.org/wiki/Big_data
0% - https://issuu.com/marvinsunderground/doc
0% - http://javarevisited.blogspot.sg/2011/05
0% - https://en.wikipedia.org/wiki/Scala_(pro
0% - http://www.sciencedirect.com/science/art