Machine Learning and Deep Learning Techniques for Cybersecurity: A Review

In this review, significant literature surveys on machine learning (ML) and deep learning (DL) techniques for network analysis of intrusion detection are explained. In addition, it presents a short tutorial explanation on every ML/DL method. Data holds a significant position in ML/DL methods; hence this paper highlights the datasets used in machine learning techniques, which are the primary tools for analyzing network traffic and detecting abnormalities. In addition, we elaborate on the issues faced in using ML/DL for cybersecurity and offer recommendations for future studies.

[1]  Michael D. Iannacone,et al.  PACE: Pattern Accurate Computationally Efficient Bootstrapping for Timely Discovery of Cyber-security Concepts , 2013, 2013 12th International Conference on Machine Learning and Applications.

[2]  Erhan Guven,et al.  A Survey of Data Mining and Machine Learning Methods for Cyber Security Intrusion Detection , 2016, IEEE Communications Surveys & Tutorials.

[3]  James B. Fraley,et al.  The promise of machine learning in cybersecurity , 2017, SoutheastCon 2017.

[4]  Mohammed Samaka,et al.  Feasibility of Supervised Machine Learning for Cloud Security , 2016, 2016 International Conference on Information Science and Security (ICISS).

[5]  Ali A. Ghorbani,et al.  Detecting P2P botnets through network behavior analysis and machine learning , 2011, 2011 Ninth Annual International Conference on Privacy, Security and Trust.

[6]  Andrew H. Sung,et al.  Cyber Security Challenges: Designing Efficient Intrusion Detection Systems and Antivirus Tools , 2004 .

[7]  Mamoun Alazab,et al.  A Comprehensive Tutorial and Survey of Applications of Deep Learning for Cyber Security , 2020 .

[8]  João Paulo Papa,et al.  Internet of Things: A survey on machine learning-based intrusion detection approaches , 2019, Comput. Networks.

[9]  Ashraf Darwish,et al.  An optimized model based on convolutional neural networks and orthogonal learning particle swarm optimization algorithm for plant diseases diagnosis , 2020, Swarm Evol. Comput..

[10]  Khaled Shaalan,et al.  Mining Social Media Text: Extracting Knowledge from Facebook , 2017 .

[11]  Ali Selamat,et al.  An Evaluation on KNN-SVM Algorithm for Detection and Prediction of DDoS Attack , 2016, IEA/AIE.

[12]  Mohammad Marufuzzaman,et al.  Botnet detection using graph-based feature clustering , 2017, Journal of Big Data.

[13]  Wu Yang,et al.  Using HMM for Intent Recognition in Cyber Security Situation Awareness , 2009, 2009 Second International Symposium on Knowledge Acquisition and Modeling.

[14]  A. SalloumSaid,et al.  A survey of text mining in social media facebook and twitter perspectives , 2017 .

[15]  Said A. Salloum,et al.  Critical Success Factors for Implementing Artificial Intelligence (AI) Projects in Dubai Government United Arab Emirates (UAE) Health Sector: Applying the Extended Technology Acceptance Model (TAM) , 2019, AISI.

[16]  Khaled Shaalan,et al.  A Survey of Arabic Text Mining , 2018 .

[17]  Yuefei Zhu,et al.  A Deep Learning Approach for Intrusion Detection Using Recurrent Neural Networks , 2017, IEEE Access.

[18]  Alejandro Pérez-Villegas,et al.  An Anomaly-Based Approach for Intrusion Detection in Web Traffic , 2010 .

[19]  A. Nur Zincir-Heywood,et al.  On the Effectiveness of Different Botnet Detection Approaches , 2015, ISPEC.

[20]  Jugal K. Kalita,et al.  A novel measure for low-rate and high-rate DDoS attack detection using multivariate data analysis , 2016, COMSNETS.

[21]  Mansoor Alam,et al.  A Deep Learning Approach for Network Intrusion Detection System , 2016, EAI Endorsed Trans. Security Safety.

[22]  Umit Hacioglu,et al.  The evolving role of automated systems and its cyber-security issue for global business operations in Industry 4.0 , 2019, International Journal of Business Ecosystem and Strategy (2687-2293).

[23]  Robert A. Bridges,et al.  Towards a Relation Extraction Framework for Cyber-Security Concepts , 2015, CISR.

[24]  Richard Lippmann,et al.  The 1999 DARPA off-line intrusion detection evaluation , 2000, Comput. Networks.

[25]  Ashraf Darwish,et al.  Intelligent Health Monitoring Systems for Space Missions Based on Data Mining Techniques , 2020 .

[26]  Malek Ben Salem,et al.  A Survey of Insider Attack Detection Research , 2008, Insider Attack and Cyber Security.

[27]  Jian-hua Li,et al.  Cyber security meets artificial intelligence: a survey , 2018, Frontiers of Information Technology & Electronic Engineering.

[28]  Tina Eliassi-Rad,et al.  Classification of HTTP Attacks: A Study on the ECML/PKDD 2007 Discovery Challenge , 2009 .

[29]  Jiankun Hu,et al.  Evaluating host-based anomaly detection systems: Application of the one-class SVM algorithm to ADFA-LD , 2014, 2014 11th International Conference on Fuzzy Systems and Knowledge Discovery (FSKD).

[30]  Michael I. Jordan,et al.  Machine learning: Trends, perspectives, and prospects , 2015, Science.

[31]  B Neethu Adaptive Intrusion Detection Using Machine Learning , 2013 .

[32]  Michal Choras,et al.  A Proposal of Algorithm for Web Applications Cyber Attack Detection , 2014, CISIM.

[33]  Gonzalo Álvarez,et al.  A Self-learning Anomaly-Based Web Application Firewall , 2009, CISIS.

[34]  Mohamed F. Tolba,et al.  PAGeneRN: Parallel Architecture for Gene Regulatory Network , 2017 .

[35]  Murat Aydos,et al.  A review on cyber security datasets for machine learning algorithms , 2017, 2017 IEEE International Conference on Big Data (Big Data).

[36]  Khaled Shaalan,et al.  Mining Text in News Channels: A Case Study from Facebook , 2017 .

[37]  Gonzalo Álvarez,et al.  An Anomaly-based Web Application Firewall , 2009, SECRYPT.

[38]  Vitaly Klyuev,et al.  An Intelligent DDoS Attack Detection System Using Packet Analysis and Support Vector Machine , 2014 .

[39]  Sureswaran Ramadass,et al.  A Survey of Botnet and Botnet Detection , 2009, 2009 Third International Conference on Emerging Security Information, Systems and Technologies.

[40]  M. Al-Emran,et al.  Analysis and Classification of Arabic Newspapers’ Facebook Pages using Text Mining Techniques , 2017 .

[41]  Sumeet Dua,et al.  Data Mining and Machine Learning in Cybersecurity , 2011 .

[42]  Mounir Ghogho,et al.  Deep learning approach for Network Intrusion Detection in Software Defined Networking , 2016, 2016 International Conference on Wireless Networks and Mobile Communications (WINCOM).

[43]  Chunhua Wang,et al.  Machine Learning and Deep Learning Methods for Cybersecurity , 2018, IEEE Access.

[44]  Wei Cai,et al.  A Survey on Security Threats and Defensive Techniques of Machine Learning: A Data Driven View , 2018, IEEE Access.

[45]  Gonzalo Álvarez,et al.  Application of the Generic Feature Selection Measure in Detection of Web Attacks , 2011, CISIS.

[46]  Md. Al Mehedi Hasan,et al.  Feature Selection for Intrusion Detection Using Random Forest , 2016 .

[47]  Said A. Salloum,et al.  Analyzing the Arab Gulf Newspapers Using Text Mining Techniques , 2017, AISI.