Threat Detection in Cyber Security Using Data Mining and Machine Learning Techniques

2020 ◽  
pp. 234-253
Author(s):  
Daniel Kobla Gasu
Keyword(s):  
Machine Learning ◽  
Data Mining ◽  
Intrusion Detection ◽  
Cyber Security ◽  
Attack Detection ◽  
Machine Learning Techniques ◽  
The Internet ◽  
Threat Detection ◽  
Use Of The Internet ◽  
Using Data

The internet has become an indispensable resource for exchanging information among users, devices, and organizations. However, the use of the internet also exposes these entities to myriad cyber-attacks that may result in devastating outcomes if appropriate measures are not implemented to mitigate the risks. Currently, intrusion detection and threat detection schemes still face a number of challenges including low detection rates, high rates of false alarms, adversarial resilience, and big data issues. This chapter describes a focused literature survey of machine learning (ML) and data mining (DM) methods for cyber analytics in support of intrusion detection and cyber-attack detection. Key literature on ML and DM methods for intrusion detection is described. ML and DM methods and approaches such as support vector machine, random forest, and artificial neural networks, among others, with their variations, are surveyed, compared, and contrasted. Selected papers were indexed, read, and summarized in a tabular format.

scholarly journals IntruDTree: A Machine Learning-Based Cyber Security Intrusion Detection Model

2020 ◽  
Author(s):  
Iqbal H. Sarker ◽  
Yoosef B. Abushark ◽  
Fawaz Alsolami ◽  
Asif Irshad Khan
Keyword(s):  
Machine Learning ◽  
Intrusion Detection ◽  
Cyber Security ◽  
Intrusion Detection System ◽  
Detection System ◽  
Machine Learning Techniques ◽  
Support Vector ◽  
Security Model ◽  
K Nearest Neighbor ◽  
Detection Model

Cyber security has recently received enormous attention in today’s security concerns, due to the popularity of the Internet-of-Things (IoT), the tremendous growth of computer networks, and the huge number of relevant applications. Thus, detecting various cyber-attacks or anomalies in a network and building an effective intrusion detection system that performs an essential role in today’s security is becoming more important. Artificial intelligence, particularly machine learning techniques, can be used for building such a data-driven intelligent intrusion detection system. In order to achieve this goal, in this paper, we present an Intrusion Detection Tree (“IntruDTree”) machine-learning-based security model that first takes into account the ranking of security features according to their importance and then build a tree-based generalized intrusion detection model based on the selected important features. This model is not only effective in terms of prediction accuracy for unseen test cases but also minimizes the computational complexity of the model by reducing the feature dimensions. Finally, the effectiveness of our IntruDTree model was examined by conducting experiments on cybersecurity datasets and computing the precision, recall, fscore, accuracy, and ROC values to evaluate. We also compare the outcome results of IntruDTree model with several traditional popular machine learning methods such as the naive Bayes classifier, logistic regression, support vector machines, and k-nearest neighbor, to analyze the effectiveness of the resulting security model.

scholarly journals Research on threat detection in cyber security based on machine learning

2021 ◽  
Vol 2113 (1) ◽  
pp. 012074
Author(s):  
Qiwei Ke
Keyword(s):  
Machine Learning ◽  
Cyber Security ◽  
Information Privacy ◽  
Machine Learning Techniques ◽  
Threat Detection ◽  
Vulnerability Detection ◽  
New Information ◽  
Learning Techniques ◽  
Potential Problems ◽  
Insight Into

Abstract The volume of the data has been rocketed since the new information era arrives. How to protect information privacy and detect the threat whenever the intrusion happens has become a hot topic. In this essay, we are going to look into the latest machine learning techniques (including deep learning) which are applicable in intrusion detection, malware detection, and vulnerability detection. And the comparison between the traditional methods and novel methods will be demonstrated in detail. Specially, we would examine the whole experiment process of representative examples from recent research projects to give a better insight into how the models function and cooperate. In addition, some potential problems and improvements would be illustrated at the end of each section.

Homeland Security Data Mining and Link Analysis

2011 ◽  
pp. 566-569
Author(s):  
Bhavani Thuraisingham
Keyword(s):  
Machine Learning ◽  
Data Mining ◽  
Homeland Security ◽  
Link Analysis ◽  
Machine Learning Techniques ◽  
Data Mining Technique ◽  
Learning Techniques ◽  
Terrorist Groups ◽  
Using Data ◽  
Terrorist Events

Data mining is the process of posing queries to large quantities of data and extracting information often previously unknown using mathematical, statistical, and machine-learning techniques. Data mining has many applications in a number of areas, including marketing and sales, medicine, law, manufacturing, and, more recently, homeland security. Using data mining, one can uncover hidden dependencies between terrorist groups as well as possibly predict terrorist events based on past experience. One particular data-mining technique that is being investigated a great deal for homeland security is link analysis, where links are drawn between various nodes, possibly detecting some hidden links.

scholarly journals Data Mining and Machine Learning Techniques for Cyber Security Intrusion Detection

2020 ◽  
Vol 9 (3) ◽  
pp. 4084-4090
Keyword(s):  
Machine Learning ◽  
Data Mining ◽  
Cyber Security ◽  
Data Stream ◽  
Machine Learning Techniques ◽  
Complex Nature ◽  
Use Of Data ◽  
Learning Techniques ◽  
Examination Paper ◽  
Discovery Rates

An interference discovery framework is customizing that screens a singular or an arrangement of PCs for toxic activities that are away for taking or blue-penciling information or spoiling framework shows. The most methodology used as a piece of the present interference recognition framework is not prepared to deal with the dynamic and complex nature of computerized attacks on PC frameworks. In spite of the way that compelling adaptable methodologies like various frameworks of AI can realize higher discovery rates, cut down bogus alert rates and reasonable estimation and correspondence cost. The use of data mining can realize ceaseless model mining, request, gathering and littler than ordinary data stream. This examination paper portrays a connected with composing audit of AI and data delving procedures for advanced examination in the assistance of interference discovery. In perspective on the number of references or the congruity of a rising methodology, papers addressing each procedure were recognized, examined, and compacted. Since data is so fundamental in AI and data mining draws near, some striking advanced educational records used as a piece of AI and data burrowing are depicted for computerized security is shown, and a couple of recommendations on when to use a given system are given.

Homeland Security Data Mining and Link Analysis

2008 ◽  
pp. 3639-3644
Author(s):  
Bhavani Thuraisingham
Keyword(s):  
Machine Learning ◽  
Data Mining ◽  
Homeland Security ◽  
Link Analysis ◽  
Machine Learning Techniques ◽  
Data Mining Technique ◽  
Learning Techniques ◽  
Terrorist Groups ◽  
Using Data ◽  
Terrorist Events

Data mining is the process of posing queries to large quantities of data and extracting information often previously unknown using mathematical, statistical, and machine-learning techniques. Data mining has many applications in a number of areas, including marketing and sales, medicine, law, manufacturing, and, more recently, homeland security. Using data mining, one can uncover hidden dependencies between terrorist groups as well as possibly predict terrorist events based on past experience. One particular data-mining technique that is being investigated a great deal for homeland security is link analysis, where links are drawn between various nodes, possibly detecting some hidden links.

Sign in / Sign up

Export Citation Format

Share Document