Machine Learning and Deep Learning Methods for Cybersecurity

With the development of the Internet, cyber-attacks are changing rapidly and the cyber security situation is not optimistic. This survey report describes key literature surveys on machine learning (ML) and deep learning (DL) methods for network analysis of intrusion detection and provides a brief tutorial description of each ML/DL method. Papers representing each method were indexed, read, and summarized based on their temporal or thermal correlations. Because data are so important in ML/DL methods, we describe some of the commonly used network datasets used in ML/DL, discuss the challenges of using ML/DL for cybersecurity and provide suggestions for research directions.

[1]  Thomas G. Dietterich What is machine learning? , 2020, Archives of Disease in Childhood.

[2]  Abien Fred Agarap A Neural Network Architecture Combining Gated Recurrent Unit (GRU) and Support Vector Machine (SVM) for Intrusion Detection in Network Traffic Data , 2017, ICMLC.

[3]  K. Raghuveer,et al.  Confederation of FCM clustering, ANN and SVM techniques to implement hybrid NIDS using corrected KDD cup 99 dataset , 2014, 2014 International Conference on Communication and Signal Processing.

[4]  Rakhi D. Wajgi,et al.  Classification of Attacks Using Support Vector Machine (SVM) on KDDCUP'99 IDS Database , 2015, 2015 Fifth International Conference on Communication Systems and Network Technologies.

[5]  Vineet Richariya,et al.  Intrusion Detection in KDD99 Dataset using SVM-PSO and Feature Reduction with Information Gain , 2014 .

[6]  Xinghuo Yu,et al.  Evaluating Host-Based Anomaly Detection Systems: Application of the Frequency-Based Algorithms to ADFA-LD , 2014, NSS.

[7]  Carla Purdy,et al.  Toward an Online Anomaly Intrusion Detection System Based on Deep Learning , 2016, 2016 15th IEEE International Conference on Machine Learning and Applications (ICMLA).

[8]  Verónica Bolón-Canedo,et al.  Feature selection and classification in multiple class datasets: An application to KDD Cup 99 dataset , 2011, Expert Syst. Appl..

[9]  Yuefei Zhu,et al.  A Deep Learning Approach for Intrusion Detection Using Recurrent Neural Networks , 2017, IEEE Access.

[10]  Haengnam Sung,et al.  A Comparative Study on the Performance of Intrusion Detection using Decision Tree and Artificial Neural Network Models , 2015 .

[11]  Shikha Agrawal,et al.  A Survey on Intrusion Detection Techniques in MANET , 2015, 2015 International Conference on Computational Intelligence and Communication Networks (CICN).

[12]  Ali A. Ghorbani,et al.  A detailed analysis of the KDD CUP 99 data set , 2009, 2009 IEEE Symposium on Computational Intelligence for Security and Defense Applications.

[13]  Zhifang Liu,et al.  A New Method of Transductive SVM-Based Network Intrusion Detection , 2010, CCTA.

[14]  Yoshua Bengio,et al.  Gradient-based learning applied to document recognition , 1998, Proc. IEEE.

[15]  Adel Ammar A Decision Tree Classifier for Intrusion Detection Priority Tagging , 2015 .

[16]  Farrukh Aslam Khan,et al.  A hybrid technique using binary particle swarm optimization and decision tree pruning for network intrusion detection , 2018, Cluster Computing.

[17]  Lalu Banoth,et al.  A Survey of Data Mining and Machine Learning Methods for Cyber Security Intrusion Detection , 2017 .

[18]  Claudia Eckert,et al.  Deep Learning for Classification of Malware System Call Sequences , 2016, Australasian Conference on Artificial Intelligence.

[19]  Ming Zhu,et al.  End-to-end encrypted traffic classification with one-dimensional convolution neural networks , 2017, 2017 IEEE International Conference on Intelligence and Security Informatics (ISI).

[20]  Lijuan Zheng,et al.  Intrusion Detection Using Deep Belief Network and Probabilistic Neural Network , 2017, 22017 IEEE International Conference on Computational Science and Engineering (CSE) and IEEE International Conference on Embedded and Ubiquitous Computing (EUC).

[21]  Vivek Kumar Sharma,et al.  An Intrusion Detection System using KNN-ACO Algorithm , 2017 .

[22]  Ralf C. Staudemeyer,et al.  Applying long short-term memory recurrent neural networks to intrusion detection , 2015 .

[23]  A. O. Jimoh Anomaly Intrusion Detection Using an Hybrid Of Decision Tree And K-Nearest Neighbor , 2015 .

[24]  N. R. Raajan,et al.  AN INTELLECTUAL INTRUSION DETECTION SYSTEM MODEL FOR ATTACKS CLASSIFICATION USING RNN , 2017 .

[25]  Wei Huang,et al.  An intrusion detection method based on DBN in ad hoc networks , 2016 .

[26]  Hey-Jin Ha,et al.  The Influence of Cervical Cancer Knowledge, Preventive Behavioral Intention on Cervical Cancer Screening of Nursing Students , 2020 .

[27]  Dharmaraj R. Patil,et al.  Implementation of network intrusion detection system using variant of decision tree algorithm , 2015, 2015 International Conference on Nascent Technologies in the Engineering Field (ICNTE).

[28]  A. Malathi,et al.  A Detailed Analysis on NSL-KDD Dataset Using Various Machine Learning Techniques for Intrusion Detection , 2013 .

[29]  Alexander Brenning,et al.  Evaluating machine learning and statistical prediction techniques for landslide susceptibility modeling , 2015, Comput. Geosci..

[30]  Yang Yu,et al.  Network Intrusion Detection through Stacking Dilated Convolutional Autoencoders , 2017, Secur. Commun. Networks.

[31]  이상헌,et al.  Deep Belief Networks , 2010, Encyclopedia of Machine Learning.

[32]  Wenjuan Li,et al.  Design of intelligent KNN-based alarm filter using knowledge-based alert verification in intrusion detection , 2015, Secur. Commun. Networks.

[33]  B. Basaveswara Rao,et al.  Fast kNN Classifiers for Network Intrusion Detection System , 2017 .

[34]  Muttukrishnan Rajarajan,et al.  A survey of intrusion detection techniques in Cloud , 2013, J. Netw. Comput. Appl..

[35]  Ming Zhu,et al.  Malware traffic classification using convolutional neural network for representation learning , 2017, 2017 International Conference on Information Networking (ICOIN).

[36]  Mahdi Zamani,et al.  Machine Learning Techniques for Intrusion Detection , 2013, ArXiv.

[37]  Suleyman Serdar Kozat,et al.  Efficient Online Learning Algorithms Based on LSTM Neural Networks , 2018, IEEE Transactions on Neural Networks and Learning Systems.

[38]  Chirag N. Modi,et al.  Virtualization layer security challenges and intrusion detection/prevention systems in cloud computing: a comprehensive review , 2017, The Journal of Supercomputing.

[39]  Dewan Md Farid,et al.  Feature selection and intrusion classification in NSL-KDD cup 99 dataset employing SVMs , 2014, The 8th International Conference on Software, Knowledge, Information Management and Applications (SKIMA 2014).

[40]  Hemanta Kumar Kalita,et al.  Analysis of Machine Learning Techniques Based Intrusion Detection Systems , 2016 .

[41]  Sheng Chen,et al.  Application of Deep Belief Networks for opcode based malware detection , 2016, 2016 International Joint Conference on Neural Networks (IJCNN).

[42]  Jung-Min Park,et al.  An overview of anomaly detection techniques: Existing solutions and latest technological trends , 2007, Comput. Networks.

[43]  Md Zahangir Alom,et al.  Intrusion detection using deep belief networks , 2015, 2015 National Aerospace and Electronics Conference (NAECON).

[44]  Reid G. Smith,et al.  Building AI Applications: Yesterday, Today, and Tomorrow , 2017, AI Mag..

[45]  Jong Hyuk Park,et al.  DTB-IDS: an intrusion detection system based on decision tree using behavior analysis for preventing APT attacks , 2015, The Journal of Supercomputing.

[46]  S. Saravan Kumar,et al.  An Intelligent Intrusion Detection System Using Average Manhattan Distance-based Decision Tree , 2015 .

[47]  Geoff Holmes,et al.  Evaluation methods and decision theory for classification of streaming data with temporal dependence , 2015, Machine Learning.

[48]  Ravi Raj Choudhary,et al.  A review paper on IDS classification using KDD 99 and NSL KDD dataset in WEKA , 2017, 2017 International Conference on Computer, Communications and Electronics (Comptelix).

[49]  Nhien-An Le-Khac,et al.  Collective Anomaly Detection Based on Long Short-Term Memory Recurrent Neural Networks , 2016, FDSE.

[50]  Anamika Yadav,et al.  Decision Tree Based Intrusion Detection System for NSL-KDD Dataset , 2017 .

[51]  Claudia Eckert,et al.  Empowering convolutional networks for malware classification and analysis , 2017, 2017 International Joint Conference on Neural Networks (IJCNN).

[52]  Frederico G. Guimarães,et al.  A GPU deep learning metaheuristic based model for time series forecasting , 2017 .

[53]  Howon Kim,et al.  An Effective Intrusion Detection Classifier Using Long Short-Term Memory with Gradient Descent Optimization , 2017, 2017 International Conference on Platform Technology and Service (PlatCon).

[54]  R.K. Cunningham,et al.  Evaluating intrusion detection systems: the 1998 DARPA off-line intrusion detection evaluation , 2000, Proceedings DARPA Information Survivability Conference and Exposition. DISCEX'00.

[55]  Kajal Rai,et al.  Decision Tree Based Algorithm for Intrusion Detection , 2016 .

[56]  Steven C. H. Hoi,et al.  Malicious URL Detection using Machine Learning: A Survey , 2017, ArXiv.

[57]  Konstantin Berlin,et al.  eXpose: A Character-Level Convolutional Neural Network with Embeddings For Detecting Malicious URLs, File Paths and Registry Keys , 2017, ArXiv.

[58]  Amit Ganatra,et al.  Gain Ratio and Decision Tree Classifier for Intrusion Detection , 2015 .

[59]  Luiz Eduardo Soares de Oliveira,et al.  Towards an Energy-Efficient Anomaly-Based Intrusion Detection Engine for Embedded Systems , 2017, IEEE Transactions on Computers.

[60]  Vijay Kumar Jha,et al.  Genetic Algorithm to Solve the Problem of Small Disjunct In the Decision Tree Based Intrusion Detection System , 2015 .

[61]  Jiankun Hu,et al.  Evaluating host-based anomaly detection systems: Application of the one-class SVM algorithm to ADFA-LD , 2014, 2014 11th International Conference on Fuzzy Systems and Knowledge Discovery (FSKD).

[62]  Michael I. Jordan,et al.  Machine learning: Trends, perspectives, and prospects , 2015, Science.

[63]  Shubha Puthran,et al.  Intrusion Detection Using Improved Decision Tree Algorithm with Binary and Quad Split , 2016, SSCC.

[64]  Dong Yu,et al.  Deep Learning: Methods and Applications , 2014, Found. Trends Signal Process..

[65]  Steven Aftergood,et al.  Cybersecurity: The cold war online , 2017, Nature.

[66]  Shilpa Lakhina,et al.  Feature Reduction using Principal Component Analysis for Effective Anomaly – Based Intrusion Detection on NSL-KDD , 2010 .

[67]  Guigang Zhang,et al.  Deep Learning , 2016, Int. J. Semantic Comput..

[68]  S. Thamarai Selvi,et al.  DDoS detection and analysis in SDN-based environment using support vector machine classifier , 2014, 2014 Sixth International Conference on Advanced Computing (ICoAC).

[69]  Pirooz Shamsinejad,et al.  Intrusion Detection using a Novel Hybrid Method Incorporating an Improved KNN , 2017 .

[70]  Sung-Bae Cho,et al.  A Hybrid System of Deep Learning and Learning Classifier System for Database Intrusion Detection , 2017, HAIS.

[71]  Jinoh Kim,et al.  A survey of deep learning-based network anomaly detection , 2017, Cluster Computing.

[72]  Howon Kim,et al.  Long Short Term Memory Recurrent Neural Network Classifier for Intrusion Detection , 2016, 2016 International Conference on Platform Technology and Service (PlatCon).

[73]  Raquel Sánchez-Fernández,et al.  Sustainability, value, and satisfaction: Model testing and cross-validation in tourist destinations , 2016 .