Journal ArticleDOI
A Survey of Data Mining and Machine Learning Methods for Cyber Security Intrusion Detection
Anna L. Buczak,Erhan Guven +1 more
TLDR
The complexity of ML/DM algorithms is addressed, discussion of challenges for using ML/ DM for cyber security is presented, and some recommendations on when to use a given method are provided.Abstract:
This survey paper describes a focused literature survey of machine learning (ML) and data mining (DM) methods for cyber analytics in support of intrusion detection. Short tutorial descriptions of each ML/DM method are provided. Based on the number of citations or the relevance of an emerging method, papers representing each method were identified, read, and summarized. Because data are so important in ML/DM approaches, some well-known cyber data sets used in ML/DM are described. The complexity of ML/DM algorithms is addressed, discussion of challenges for using ML/DM for cyber security is presented, and some recommendations on when to use a given method are provided.read more
Citations
More filters
Journal ArticleDOI
A Deep Learning Approach for Intrusion Detection Using Recurrent Neural Networks
TL;DR: The experimental results show that RNN-IDS is very suitable for modeling a classification model with high accuracy and that its performance is superior to that of traditional machine learning classification methods in both binary and multiclass classification.
Journal ArticleDOI
Deep Learning in Mobile and Wireless Networking: A Survey
TL;DR: This paper bridges the gap between deep learning and mobile and wireless networking research, by presenting a comprehensive survey of the crossovers between the two areas, and provides an encyclopedic review of mobile and Wireless networking research based on deep learning, which is categorize by different domains.
Journal ArticleDOI
Survey of intrusion detection systems: techniques, datasets and challenges
TL;DR: A taxonomy of contemporary IDS is presented, a comprehensive review of notable recent works, and an overview of the datasets commonly used for evaluation purposes are presented, and evasion techniques used by attackers to avoid detection are presented.
Journal ArticleDOI
A comprehensive survey on machine learning for networking: evolution, applications and research opportunities
Raouf Boutaba,Mohammad A. Salahuddin,Noura Limam,Sara Ayoubi,Nashid Shahriar,Felipe Estrada-Solano,Felipe Estrada-Solano,Oscar Mauricio Caicedo +7 more
TL;DR: This survey delineates the limitations, give insights, research challenges and future opportunities to advance ML in networking, and jointly presents the application of diverse ML techniques in various key areas of networking across different network technologies.
Journal ArticleDOI
Machine Learning and Deep Learning Methods for Cybersecurity
Yang Xin,Lingshuang Kong,Liu Zhi,Yuling Chen,Yanmiao Li,Hongliang Zhu,Mingcheng Gao,Haixia Hou,Chunhua Wang +8 more
TL;DR: This survey report describes key literature surveys on machine learning (ML) and deep learning (DL) methods for network analysis of intrusion detection and provides a brief tutorial description of each ML/DL method.
References
More filters
Proceedings ArticleDOI
A Naive Bayes Approach for Detecting Coordinated Attacks
TL;DR: This paper proposes a Naive Bayes approach to alert correlation that takes advantage of available historical data, and provides efficient algorithms for detecting and predicting most plausible scenarios.
Journal ArticleDOI
Rule based Network Intrusion Detection using Genetic Algorithm
TL;DR: It is found that accuracy of rule based learning increases with the number of iteration, and network Intrusion Detection based on rules formulation is an efficient approach to classify various type of attack.
Book ChapterDOI
Machine Learning Applied to Cyber Operations
Misty Blowers,Jonathan Williams +1 more
TL;DR: Intrusion Detection Systems (IDS) are constantly evolving with both security upgrades and topology changes, and at most critical points of vulnerability, there are often vigilant humans in the loop.
Journal ArticleDOI
Characterizing network traffic by means of the NetMine framework
TL;DR: Experiments showed the efficiency and effectiveness of the NetMine framework to characterize traffic data, which exploits (user provided) taxonomies to drive the pruning phase of the extraction process.
Proceedings Article
Boosting the Area under the ROC Curve
Phil Long,Rocco A. Servedio +1 more
TL;DR: It is shown that any weak ranker that can achieve an area under the ROC curve slightly better than 1/2 can be efficiently boosted to achieve an Area under theROC curve arbitrarily close to 1.
Related Papers (5)
Outside the Closed World: On Using Machine Learning for Network Intrusion Detection
Robin Sommer,Vern Paxson +1 more