Journal ArticleDOI
A Survey of Data Mining and Machine Learning Methods for Cyber Security Intrusion Detection
Anna L. Buczak,Erhan Guven +1 more
TLDR
The complexity of ML/DM algorithms is addressed, discussion of challenges for using ML/ DM for cyber security is presented, and some recommendations on when to use a given method are provided.Abstract:
This survey paper describes a focused literature survey of machine learning (ML) and data mining (DM) methods for cyber analytics in support of intrusion detection. Short tutorial descriptions of each ML/DM method are provided. Based on the number of citations or the relevance of an emerging method, papers representing each method were identified, read, and summarized. Because data are so important in ML/DM approaches, some well-known cyber data sets used in ML/DM are described. The complexity of ML/DM algorithms is addressed, discussion of challenges for using ML/DM for cyber security is presented, and some recommendations on when to use a given method are provided.read more
Citations
More filters
Journal ArticleDOI
Towards asynchronous federated learning based threat detection: A DC-Adam approach
TL;DR: A Taylor Expansion-based scheme to compensate for the inconsistency caused by asynchronous communication is developed and it is demonstrated that the proposed method can converge stably, and that it outperforms the barrier-free asynchronous federated learning by 12.8% (accuracy), 14% (precision), and 11.16% (F1 score) on average.
Proceedings ArticleDOI
Deep in the Dark - Deep Learning-Based Malware Traffic Detection Without Expert Knowledge
TL;DR: The results suggest that deep learning models can better capture the underlying statistics of malicious traffic as compared to classical, shallow-like models, even while operating in the dark, i.e., without any sort of expert handcrafted inputs.
Proceedings ArticleDOI
DEMISe: Interpretable Deep Extraction and Mutual Information Selection Techniques for IoT Intrusion Detection
TL;DR: Two novel models featuring a common Deep Extraction and Mutual Information Selection (DEMISe) element which extracts features using a deep-structured stacked autoencoder prior to feature selection based on the amount of mutual information shared between each feature and the class label are proposed.
Journal ArticleDOI
A Machine Learning-Based Intrusion Detection System for Securing Remote Desktop Connections to Electronic Flight Bag Servers
Ron Bitton,Asaf Shabtai +1 more
TL;DR: A network based intrusion detection system (NIDS) specifically designed for securing the remote desktop connections is proposed and utilizes an innovative anomaly detection technique based on machine learning for detecting malicious TCP packets, which can carry exploits aimed at the RDP server.
Journal ArticleDOI
A Review of Rule Learning-Based Intrusion Detection Systems and Their Prospects in Smart Grids
TL;DR: In this article, the authors provide a systematic and deep analysis of rule learning techniques and their suitability for IDS in smart grids, and conclude the most important criteria for learning intrusion detection rules and assess their quality.
References
More filters
Journal ArticleDOI
Random Forests
TL;DR: Internal estimates monitor error, strength, and correlation and these are used to show the response to increasing the number of features used in the forest, and are also applicable to regression.
Book
Fuzzy sets
TL;DR: A separation theorem for convex fuzzy sets is proved without requiring that the fuzzy sets be disjoint.
Journal ArticleDOI
Maximum likelihood from incomplete data via the EM algorithm
Book
The Nature of Statistical Learning Theory
TL;DR: Setting of the learning problem consistency of learning processes bounds on the rate of convergence ofLearning processes controlling the generalization ability of learning process constructing learning algorithms what is important in learning theory?
Journal ArticleDOI
Collective dynamics of small-world networks
TL;DR: Simple models of networks that can be tuned through this middle ground: regular networks ‘rewired’ to introduce increasing amounts of disorder are explored, finding that these systems can be highly clustered, like regular lattices, yet have small characteristic path lengths, like random graphs.
Related Papers (5)
Outside the Closed World: On Using Machine Learning for Network Intrusion Detection
Robin Sommer,Vern Paxson +1 more