Journal ArticleDOI
A Survey of Data Mining and Machine Learning Methods for Cyber Security Intrusion Detection
Anna L. Buczak,Erhan Guven +1 more
TLDR
The complexity of ML/DM algorithms is addressed, discussion of challenges for using ML/ DM for cyber security is presented, and some recommendations on when to use a given method are provided.Abstract:
This survey paper describes a focused literature survey of machine learning (ML) and data mining (DM) methods for cyber analytics in support of intrusion detection. Short tutorial descriptions of each ML/DM method are provided. Based on the number of citations or the relevance of an emerging method, papers representing each method were identified, read, and summarized. Because data are so important in ML/DM approaches, some well-known cyber data sets used in ML/DM are described. The complexity of ML/DM algorithms is addressed, discussion of challenges for using ML/DM for cyber security is presented, and some recommendations on when to use a given method are provided.read more
Citations
More filters
Journal ArticleDOI
A Deep Learning Approach for Intrusion Detection Using Recurrent Neural Networks
TL;DR: The experimental results show that RNN-IDS is very suitable for modeling a classification model with high accuracy and that its performance is superior to that of traditional machine learning classification methods in both binary and multiclass classification.
Journal ArticleDOI
Deep Learning in Mobile and Wireless Networking: A Survey
TL;DR: This paper bridges the gap between deep learning and mobile and wireless networking research, by presenting a comprehensive survey of the crossovers between the two areas, and provides an encyclopedic review of mobile and Wireless networking research based on deep learning, which is categorize by different domains.
Journal ArticleDOI
Survey of intrusion detection systems: techniques, datasets and challenges
TL;DR: A taxonomy of contemporary IDS is presented, a comprehensive review of notable recent works, and an overview of the datasets commonly used for evaluation purposes are presented, and evasion techniques used by attackers to avoid detection are presented.
Journal ArticleDOI
A comprehensive survey on machine learning for networking: evolution, applications and research opportunities
Raouf Boutaba,Mohammad A. Salahuddin,Noura Limam,Sara Ayoubi,Nashid Shahriar,Felipe Estrada-Solano,Felipe Estrada-Solano,Oscar Mauricio Caicedo +7 more
TL;DR: This survey delineates the limitations, give insights, research challenges and future opportunities to advance ML in networking, and jointly presents the application of diverse ML techniques in various key areas of networking across different network technologies.
Journal ArticleDOI
Machine Learning and Deep Learning Methods for Cybersecurity
Yang Xin,Lingshuang Kong,Liu Zhi,Yuling Chen,Yanmiao Li,Hongliang Zhu,Mingcheng Gao,Haixia Hou,Chunhua Wang +8 more
TL;DR: This survey report describes key literature surveys on machine learning (ML) and deep learning (DL) methods for network analysis of intrusion detection and provides a brief tutorial description of each ML/DL method.
References
More filters
Proceedings Article
FLAME: a flow-level anomaly modeling engine
TL;DR: This work presents flame, a tool for injection of hand-crafted anomalies into a given background traffic trace that combines the controllability offered by simulation with the realism provided by captured traffic traces, and believes that flame can contribute significantly to the development and evaluation of advanced anomaly detection mechanisms.
Cyber Security Challenges: Designing Efficient Intrusion Detection Systems and Antivirus Tools
TL;DR: This chapter presents the state-of-the-art of the evolution of intrusion detection technology and addresses a few intrusion detection techniques and IDS implementations, and describes few obfuscation techniques applied to recent viruses that were used to thwart commercial grade antivirus tools.
Book ChapterDOI
OMC-IDS: at the cross-roads of OLAP mining and intrusion detection
TL;DR: A new Intrusion Detection Systems (IDS) is introduced, called OMC-IDS, which integrates data mining techniques and On Line Analytical Processing (OLAP) tools, which can be a powerful solution to deal with the defects of IDS.
Proceedings ArticleDOI
Artificial intelligence and the future of cybersecurity
TL;DR: This paper focuses on web application security and advocates the use of Knowledge Based Systems, probabilistic reasoning and Bayesian updating to control the probability of false positives and false negatives.
Proceedings ArticleDOI
Real-Time Correlation of Network Security Alerts
TL;DR: A novel method using sequential pattern mining algorithm is applied to discover complicated multistage attack behavior patterns and their result can be transformed into rules automatically and overcomes the drawback of high dependence on precise attack specifications and accurate rule definitions.
Related Papers (5)
Outside the Closed World: On Using Machine Learning for Network Intrusion Detection
Robin Sommer,Vern Paxson +1 more