A Systematic Review of Artificial Intelligence and Machine Learning Techniques for Cyber Security

The use of technologies, procedures, and practices, designed to protect networks, programs, and data from attacks, damages, or unauthorized access, are called cyber security. Research community has applied different methods in the area of detection of cyber security attacks. However, literature lacks a systematic literature review (SLR) to summarize the use of Artificial Intelligence (AI) and Machine Learning (ML) methods, specifically the use of classifiers, in the detection of cyber security attacks. To cover the vacuum, this paper presents a systematic literature review of existing classification algorithms, applied to the area of detection of cyber security attacks. Relevant literature, qualifying specialized search criteria, is retrieved and extracted from the online libraries of Science Direct and Google Scholar. Total 63 research articles were found in these libraries, which are further filtered and refined to 21 articles. These 21 articles are critically reviewed and the following information are extracted: method used, classifier used, problem solved and domain selected. From the extracted information, a detailed taxonomy is prepared and presented to help beginners in the area to understand the problem. As a result of meta-level analysis, it is concluded that Support Vector Machine (SVM), Random Forest (RF), Decision Tree (DT) and Artificial Neural Network (ANN) are the most frequently used classifiers in the area of detection of cyber security.

[1]  Gregory Epiphaniou,et al.  Proactive Threat Detection for Connected Cars Using Recursive Bayesian Estimation , 2018, IEEE Sensors Journal.

[2]  Jens Myrup Pedersen,et al.  A nifty collaborative intrusion detection and prevention architecture for Smart Grid ecosystems , 2017, Comput. Secur..

[3]  Aiko Pras,et al.  An Overview of IP Flow-Based Intrusion Detection , 2010, IEEE Communications Surveys & Tutorials.

[4]  David Camacho,et al.  Android malware detection through hybrid features fusion and ensemble classifiers: The AndroPyTool framework and the OmniDroid dataset , 2019, Inf. Fusion.

[5]  Ankit Kumar Jain,et al.  Rule-Based Framework for Detection of Smishing Messages in Mobile Environment , 2018 .

[6]  Lior Rokach,et al.  Sec-Lib: Protecting Scholarly Digital Libraries From Infected Papers Using Active Machine Learning Framework , 2019, IEEE Access.

[7]  K. P. Soman,et al.  Robust Intelligent Malware Detection Using Deep Learning , 2019, IEEE Access.

[8]  Yuval Elovici,et al.  Quantifying the resilience of machine learning classifiers used for cyber security , 2018, Expert Syst. Appl..

[9]  Vicente Matellán Olivera,et al.  Detection of Cyber-attacks to indoor real time localization systems for autonomous robots , 2018, Robotics Auton. Syst..

[10]  Chunhua Wang,et al.  Machine Learning and Deep Learning Methods for Cybersecurity , 2018, IEEE Access.

[11]  Ladislav Hluchý,et al.  A heuristics approach to mine behavioural data logs in mobile malware detection system , 2018, Data Knowl. Eng..

[12]  Daniel L. Marino,et al.  Generalization of Deep Learning for Cyber-Physical System Security: A Survey , 2018, IECON 2018 - 44th Annual Conference of the IEEE Industrial Electronics Society.

[13]  S. Sibi Chakkaravarthy,et al.  Malware traffic classification using principal component analysis and artificial neural network for extreme surveillance , 2019, Comput. Commun..

[14]  Erhan Guven,et al.  A Survey of Data Mining and Machine Learning Methods for Cyber Security Intrusion Detection , 2016, IEEE Communications Surveys & Tutorials.

[15]  Trevor J. Bihl,et al.  Feature extraction and feature selection for classifying cyber traffic threats , 2017 .

[16]  Aman Jantan,et al.  Training a Neural Network for Cyberattack Classification Applications Using Hybridization of an Artificial Bee Colony and Monarch Butterfly Optimization , 2019, Neural Processing Letters.

[17]  Thais Rodriguez de Toledo,et al.  Encrypted DNP3 Traffic Classification Using Supervised Machine Learning Algorithms , 2019, Mach. Learn. Knowl. Extr..

[18]  Ali Dehghantanha,et al.  Detecting crypto-ransomware in IoT networks based on energy consumption footprint , 2018, J. Ambient Intell. Humaniz. Comput..

[19]  Daniel S. Berman,et al.  A Survey of Deep Learning Methods for Cyber Security , 2019, Inf..

[20]  Sung Hoon Baek,et al.  Instruction2vec: Efficient Preprocessor of Assembly Code to Detect Software Weakness with CNN , 2019, Applied Sciences.

[21]  John R. Vacca Computer and Information Security Handbook , 2009 .

[22]  Bhavani M. Thuraisingham Data Mining for Security Applications , 2008, 2008 IEEE/IFIP International Conference on Embedded and Ubiquitous Computing.

[23]  Mikhail Iu. Leontev,et al.  Non-iterative Knowledge Fusion in Deep Convolutional Neural Networks , 2018, Neural Processing Letters.

[24]  Daesung Moon,et al.  DFA-AD: a distributed framework architecture for the detection of advanced persistent threats , 2017, Cluster Computing.

[25]  Kim-Kwang Raymond Choo,et al.  A machine learning-based FinTech cyber threat attribution framework using high-level indicators of compromise , 2019, Future Gener. Comput. Syst..

[26]  P. J. García-Nieto,et al.  Review: machine learning techniques applied to cybersecurity , 2019, International Journal of Machine Learning and Cybernetics.

[27]  Banu Diri,et al.  Machine learning based phishing detection from URLs , 2019, Expert Syst. Appl..

[28]  Wolfgang Banzhaf,et al.  The use of computational intelligence in intrusion detection systems: A review , 2010, Appl. Soft Comput..

[29]  Niall M. Adams,et al.  Data Analysis for Network Cyber-Security , 2014 .

[30]  Geethapriya Thamilarasu,et al.  Towards Deep-Learning-Driven Intrusion Detection for the Internet of Things , 2019, Sensors.

[31]  Jingfeng Xue,et al.  Malware Visualization for Fine-Grained Classification , 2018, IEEE Access.

[32]  Yuval Elovici,et al.  Novel set of general descriptive features for enhanced detection of malicious emails using machine learning methods , 2018, Expert Syst. Appl..

[33]  Gabriel Maciá-Fernández,et al.  Anomaly-based network intrusion detection: Techniques, systems and challenges , 2009, Comput. Secur..

[34]  Bhavani M. Thuraisingham,et al.  Data Mining for Security Applications , 2008, EUC.