Open AccessJournal Article
A Survey of Data Mining and Machine Learning Methods for Cyber Security Intrusion Detection
TLDR
A targeted literature survey of machine learning (ML) and data processing (DM) strategies for cyber analytics in support of intrusion detection as it applies to wired networks.Abstract:
Cyber security is that the body of technologies, processes and practices designed to safeguard networks, computers, programs and knowledge from attack, harm or unauthorized access. During a computing context, the term security implies cyber security. This survey paper describes a targeted literature survey of machine learning (ML) and data processing (DM) strategies for cyber analytics in support of intrusion detection. This paper focuses totally on cyber intrusion detection as it applies to wired networks. With a wired network, associate oppose must experience many layers of defense at firewalls and operative systems, or gain physical access to the network. The quality of ML/DM algorithms is addressed, discussion of challenges for victimization ML/DM for cyber security is conferred, and some recommendations on once to use a given methodology area unit provided.read more
Citations
More filters
Journal ArticleDOI
Survey of intrusion detection systems: techniques, datasets and challenges
TL;DR: A taxonomy of contemporary IDS is presented, a comprehensive review of notable recent works, and an overview of the datasets commonly used for evaluation purposes are presented, and evasion techniques used by attackers to avoid detection are presented.
Journal ArticleDOI
Machine Learning and Deep Learning Methods for Cybersecurity
Yang Xin,Lingshuang Kong,Liu Zhi,Yuling Chen,Yanmiao Li,Hongliang Zhu,Mingcheng Gao,Haixia Hou,Chunhua Wang +8 more
TL;DR: This survey report describes key literature surveys on machine learning (ML) and deep learning (DL) methods for network analysis of intrusion detection and provides a brief tutorial description of each ML/DL method.
Proceedings ArticleDOI
Kitsune: An Ensemble of Autoencoders for Online Network Intrusion Detection.
TL;DR: Kitsune is presented: a plug and play NIDS which can learn to detect attacks on the local network, without supervision, and in an efficient online manner, and demonstrates that Kitsune can be a practical and economic NIDS.
Journal ArticleDOI
A Survey on the Internet of Things (IoT) Forensics: Challenges, Approaches, and Open Issues
Maria Stoyanova,Yannis Nikoloudakis,Spyridon Panagiotakis,Evangelos Pallis,Evangelos K. Markakis +4 more
TL;DR: The purpose of this paper is to identify and discuss the main issues involved in the complex process of IoT-based investigations, particularly all legal, privacy and cloud security challenges, as well as some promising cross-cutting data reduction and forensics intelligence techniques.
Journal ArticleDOI
An Overview on Application of Machine Learning Techniques in Optical Networks
Francesco Musumeci,Cristina Rottondi,Avishek Nag,Irene Macaluso,Darko Zibar,Marco Ruffini,Massimo Tornatore +6 more
TL;DR: An overview of the application of ML to optical communications and networking is provided, relevant literature is classified and surveyed, and an introductory tutorial on ML is provided for researchers and practitioners interested in this field.
References
More filters
Journal ArticleDOI
The future of computer forensics: a needs analysis survey
Marcus K. Rogers,Kate Seigfried +1 more
TL;DR: The results indicated that education/training and certification were the most reported issue and lack of funding was the least reported, which further support the criticism that there is a disproportional focus on the applied aspects of computer forensics, at the expense of the development of fundamental theories.
Journal ArticleDOI
BogusBiter: A transparent protection against phishing attacks
Chuan Yue,Haining Wang +1 more
TL;DR: BogusBiter is a unique client-side anti-phishing tool, which transparently feeds a relatively large number of bogus credentials into a suspected phishing site, and enables a legitimate Web site to identify stolen credentials in a timely manner.
Detecting Web based DDoS Attack using MapReduce operations in Cloud Computing Environment.
TL;DR: The proposed method of integration between HTTP GET flooding among DDOS attacks and MapReduce processing for a fast attack detection in cloud computing environment is better than Snort detection method in experiment results because processing time of proposed method is shorter with increasing congestion.
Proceedings ArticleDOI
Compartmented Security for Browsers - Or How to Thwart a Phisher with Trusted Computing
TL;DR: The approach is based on the ideas of compartmentalization for isolating applications of different trust level, and a trusted wallet for storing credentials and authenticating sensitive services, and requires no special care from users for identifying the right Web sites while the disclosure of credentials is strictly controlled.
Journal ArticleDOI
Pattern recognition for detecting distributed node exhaustion attacks in wireless sensor networks
TL;DR: A model is proposed for detecting distributed node exhaustion attacks based on network traffic flow, and specific network topology-based patterns are defined to model normal network trafficflow, and to facilitate differentiation between legitimate traffic packets and anomalous attack traffic packets.