Journal ArticleDOI
A Survey of Data Mining and Machine Learning Methods for Cyber Security Intrusion Detection
Anna L. Buczak,Erhan Guven +1 more
TLDR
The complexity of ML/DM algorithms is addressed, discussion of challenges for using ML/ DM for cyber security is presented, and some recommendations on when to use a given method are provided.Abstract:
This survey paper describes a focused literature survey of machine learning (ML) and data mining (DM) methods for cyber analytics in support of intrusion detection. Short tutorial descriptions of each ML/DM method are provided. Based on the number of citations or the relevance of an emerging method, papers representing each method were identified, read, and summarized. Because data are so important in ML/DM approaches, some well-known cyber data sets used in ML/DM are described. The complexity of ML/DM algorithms is addressed, discussion of challenges for using ML/DM for cyber security is presented, and some recommendations on when to use a given method are provided.read more
Citations
More filters
Posted Content
Machine Learning for Detecting Data Exfiltration
TL;DR: There is a need of developing high quality and large size evaluation datasets, and incremental ML model training should be incorporated in countermeasures, and resilience to adversarial learning should be considered during the development of countermeasures to avoid poisoning attacks.
Proceedings ArticleDOI
Network Intrusion Detection Using Wrapper-based Decision Tree for Feature Selection
TL;DR: This work proposes a hybrid IDS modeling approach with an algorithm for feature selection (FS) and another for building the IDS, and achieves the best DR of 97.95% and proved to be quite effective in comparison to state-of-the-art works.
Posted Content
Threat Detection and Investigation with System-level Provenance Graphs: A Survey
TL;DR: A comprehensive provenance graph-based threat detection system can be divided into three modules, namely, "data collection module", "data management module", and "threat detection modules" as discussed by the authors.
Journal ArticleDOI
Group-Wise Principal Component Analysis for Exploratory Intrusion Detection
José Camacho,Roberto Therón,Jose Manuel García-Giménez,Gabriel Maciá-Fernández,Pedro García-Teodoro +4 more
TL;DR: An exploratory intrusion detection that replaces PCA with Group-wise PCA (GPCA), a recently proposed data analysis technique with additional exploratory characteristics, which yields simple models, easy to understand by security professionals not trained in multivariate tools.
Journal ArticleDOI
Low-Complexity Adaptive Chromatic Dispersion Estimation Scheme Using Machine Learning for Coherent Long-Reach Passive Optical Networks
Jin Li,Danshi Wang,Min Zhang +2 more
TL;DR: Compared with classical methods using the CD scanning and frequent domain equalizers, the computation complexity of the proposed CD estimation scheme based on the DNN-EVM has been respectively reduced by 72.3 times, 86.7 times and 2.8 times about the amount of multipliers, adders and comparators.
References
More filters
Journal ArticleDOI
Random Forests
TL;DR: Internal estimates monitor error, strength, and correlation and these are used to show the response to increasing the number of features used in the forest, and are also applicable to regression.
Book
Fuzzy sets
TL;DR: A separation theorem for convex fuzzy sets is proved without requiring that the fuzzy sets be disjoint.
Journal ArticleDOI
Maximum likelihood from incomplete data via the EM algorithm
Book
The Nature of Statistical Learning Theory
TL;DR: Setting of the learning problem consistency of learning processes bounds on the rate of convergence ofLearning processes controlling the generalization ability of learning process constructing learning algorithms what is important in learning theory?
Journal ArticleDOI
Collective dynamics of small-world networks
TL;DR: Simple models of networks that can be tuned through this middle ground: regular networks ‘rewired’ to introduce increasing amounts of disorder are explored, finding that these systems can be highly clustered, like regular lattices, yet have small characteristic path lengths, like random graphs.
Related Papers (5)
Outside the Closed World: On Using Machine Learning for Network Intrusion Detection
Robin Sommer,Vern Paxson +1 more