Visual Analytics of Event Data using Multiple Mining Methods
Loading...
Date
2019
Journal Title
Journal ISSN
Volume Title
Publisher
The Eurographics Association
Abstract
Most researchers use a single method of mining to analyze event data. This paper uses case studies from two very different domains (electronic health records and cybersecurity) to investigate how researchers can gain breakthrough insights by combining multiple event mining methods in a visual analytics workflow. The aim of the health case study was to identify patterns of missing values, which was daunting because the 615 million missing values occurred in 43,219 combinations of fields. However, a workflow that involved exclusive set intersections (ESI), frequent itemset mining (FIM) and then two more ESI steps allowed us to identify that 82% of the missing values were from just 244 combinations. The cybersecurity case study's aim was to understand users' behavior from logs that contained 300 types of action, gathered from 15,000 sessions and 1,400 users. Sequential frequent pattern mining (SFPM) and ESI highlighted some patterns in common, and others that were not. For the latter, SFPM stood out for its ability to action sequences that were buried within otherwise different sessions, and ESI detected subtle signals that were missed by SFPM. In summary, this paper demonstrates the importance of using multiple perspectives, complementary set mining methods and a diverse workflow when using visual analytics to analyze complex event data.
Description
        @inproceedings{10.2312:eurova.20191126,
booktitle = {EuroVis Workshop on Visual Analytics (EuroVA)},
editor = {Landesberger, Tatiana von and Turkay, Cagatay},
title = {{Visual Analytics of Event Data using Multiple Mining Methods}},
author = {Adnan, Muhammad and Nguyen, Phong and Ruddle, Roy and Turkay, Cagatay},
year = {2019},
publisher = {The Eurographics Association},
ISBN = {978-3-03868-087-1},
DOI = {10.2312/eurova.20191126}
}