Skip to main content

Machine Learning and Deep Learning Techniques for Cybersecurity: A Review

  • Conference paper
  • First Online:
Proceedings of the International Conference on Artificial Intelligence and Computer Vision (AICV2020) (AICV 2020)

Abstract

In this review, significant literature surveys on machine learning (ML) and deep learning (DL) techniques for network analysis of intrusion detection are explained. In addition, it presents a short tutorial explanation on every ML/DL method. Data holds a significant position in ML/DL methods; hence this paper highlights the datasets used in machine learning techniques, which are the primary tools for analyzing network traffic and detecting abnormalities. In addition, we elaborate on the issues faced in using ML/DL for cybersecurity and offer recommendations for future studies.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

References

  1. Buczak, A.L., Guven, E.: A survey of data mining and machine learning methods for cyber security intrusion detection. IEEE Commun. Surv. Tutor. 18(2), 1153–1176 (2015)

    Article  Google Scholar 

  2. Mukkamala, S., Sung, A., Abraham, A.: Cyber security challenges: designing efficient intrusion detection systems and antivirus tools. In: Vemuri, V.R. (ed.) Enhancing Computer Security with Smart Technology 2006, pp. 125–163 (2005)

    Google Scholar 

  3. Yavanoglu, O., Aydos, M.: A review on cyber security datasets for machine learning algorithms. In: 2017 IEEE International Conference on Big Data (Big Data), pp. 2186–2193 (2017)

    Google Scholar 

  4. da Costa, K.A.P., Papa, J.P., Lisboa, C.O., Munoz, R., de Albuquerque, V.H.C.: Internet of Things: a survey on machine learning-based intrusion detection approaches. Comput. Netw. 151, 147–157 (2019)

    Article  Google Scholar 

  5. Liu, Q., Li, P., Zhao, W., Cai, W., Yu, S., Leung, V.C.M.: A survey on security threats and defensive techniques of machine learning: a data driven view. IEEE Access 6, 12103–12117 (2018)

    Article  Google Scholar 

  6. Xin, Y., et al.: Machine learning and deep learning methods for cybersecurity. IEEE Access 6, 35365–35381 (2018)

    Article  Google Scholar 

  7. Dua, S., Du, X.: Data Mining and Machine Learning in Cybersecurity. Auerbach Publications (2016)

    Google Scholar 

  8. Yin, C., Zhu, Y., Fei, J., He, X.: A deep learning approach for intrusion detection using recurrent neural networks. IEEE Access 5, 21954–21961 (2017)

    Article  Google Scholar 

  9. Xiao, L., Wan, X., Lu, X., Zhang, Y., Wu, D.: IoT security techniques based on machine learning (2018). arXiv Prepr. arXiv:1801.06275

  10. Jordan, M.I., Mitchell, T.M.: Machine learning: Trends, perspectives, and prospects. Science (80-.) 349(6245), 255–260 (2015)

    Article  MathSciNet  MATH  Google Scholar 

  11. Fraley, J.B., Cannady, J.: The promise of machine learning in cybersecurity. SoutheastCon 2017, 1–6 (2017)

    Google Scholar 

  12. Alazab, M., Tang, M.: Deep Learning Applications for Cyber Security. Springer, Heidelberg (2019)

    Book  Google Scholar 

  13. Li, J.: Cyber security meets artificial intelligence: a survey. Front. Inf. Technol. Electron. Eng. 19(12), 1462–1474 (2018)

    Article  Google Scholar 

  14. Jones, C.L., Bridges, R.A., Huffer, K.M.T., Goodall, J.R.: Towards a relation extraction framework for cyber-security concepts. In: Proceedings of the 10th Annual Cyber and Information Security Research Conference, p. 11 (2015)

    Google Scholar 

  15. McNeil, N., Bridges, R.A., Iannacone, M.D., Czejdo, B., Perez, N., Goodall, J.R.: Pace: pattern accurate computationally efficient bootstrapping for timely discovery of cyber-security concepts. In: 2013 12th International Conference on Machine Learning and Applications, vol. 2, pp. 60–65 (2013)

    Google Scholar 

  16. Zhang, Q., Man, D., Yang, W.: Using HMM for intent recognition in cyber security situation awareness. In: 2009 Second International Symposium on Knowledge Acquisition and Modeling, vol. 2, pp. 166–169 (2009)

    Google Scholar 

  17. Bonaci, T., Herron, J., Yusuf, T., Yan, J., Kohno, T., Chizeck, H.J.: To make a robot secure: an experimental analysis of cyber security threats against teleoperated surgical robots (2015). arXiv Prepr. arXiv:1504.04339

  18. Hacioglu, U., Sevgilioglu, G.: The evolving role of automated systems and its cyber-security issue for global business operations in Industry 4.0. Int. J. Bus. Ecosyst. Strategy 1(1), 1–11 (2019)

    Google Scholar 

  19. Alhashmi, S.F.S., Salloum, S.A., Abdallah, S.: Critical success factors for implementing artificial intelligence (AI) projects in Dubai government United Arab Emirates (UAE) health sector: applying the extended technology acceptance model (TAM). In: International Conference on Advanced Intelligent Systems and Informatics, pp. 393–405 (2019)

    Google Scholar 

  20. Darwish, A., Ezzat, D., Hassanien, A.E.: An optimized model based on convolutional neural networks and orthogonal learning particle swarm optimization algorithm for plant diseases diagnosis. Swarm Evol. Comput. 52, 100616 (2020)

    Article  Google Scholar 

  21. Abdelghafar, S., Darwish, A., Hassanien, A.E.: Intelligent health monitoring systems for space missions based on data mining techniques. In: Machine Learning and Data Mining in Aerospace Technology, pp. 65–78. Springer (2020)

    Google Scholar 

  22. Elsayad, D., Ali, A., Shedeed, H.A., Tolba, M.F.: PAGeneRN: parallel architecture for gene regulatory network. In: Data Analytics in Medicine: Concepts, Methodologies, Tools, and Applications, pp. 1052–1075. IGI Global (2020)

    Google Scholar 

  23. Pacheco, A.G.C., Ali, A.-R., Trappenberg, T.: Skin cancer detection based on deep learning and entropy to detect outlier samples (2019). arXiv Prepr. arXiv:1909.04525

  24. Salloum, S.A., Al-Emran, M., Monem, A., Shaalan, K.: A survey of text mining in social media: facebook and twitter perspectives. Adv. Sci. Technol. Eng. Syst. J. 2(1), 127–133 (2017)

    Article  Google Scholar 

  25. Alomari, K.M., AlHamad, A.Q., Salloum, S.: Prediction of the digital game rating systems based on the ESRB. Opción 35(19), 1368–1393 (2019)

    Google Scholar 

  26. Salloum, S.A., Al-Emran, M., Shaalan, K.: Mining social media text: extracting knowledge from facebook. Int. J. Comput. Digit. Syst. 6(2), 73–81 (2017)

    Article  Google Scholar 

  27. Salloum, S.A., Al-Emran, M., Abdallah, S., Shaalan, K.: Analyzing the Arab Gulf newspapers using text mining techniques. In: International Conference on Advanced Intelligent Systems and Informatics, pp. 396–405 (2017)

    Google Scholar 

  28. Salloum, S.A., Al-Emran, M., Shaalan, K.: Mining text in news channels: a case study from facebook. Int. J. Inf. Technol. Lang. Stud. 1(1), 1–9 (2017)

    Google Scholar 

  29. Salloum, S.A., AlHamad, A.Q., Al-Emran, M., Shaalan, K.: A survey of Arabic text mining, vol. 740 (2018)

    Google Scholar 

  30. Salloum, S.A., Mhamdi, C., Al-Emran, M., Shaalan, K.: Analysis and classification of Arabic newspapers’ facebook pages using text mining techniques. Int. J. Inf. Technol. Lang. Stud. 1(2), 8–17 (2017)

    Google Scholar 

  31. Amodei, D., Olah, C., Steinhardt, J., Christiano, P., Schulman, J., Mané, D.: Concrete problems in AI safety (2016). arXiv Prepr. arXiv:1606.06565

  32. Papernot, N., McDaniel, P., Sinha, A., Wellman, M.: Towards the science of security and privacy in machine learning (2016). arXiv Prepr. arXiv:1611.03814

  33. Feily, M., Shahrestani, A., Ramadass, S.: A survey of botnet and botnet detection. In: 2009 Third International Conference on Emerging Security Information, Systems and Technologies, pp. 268–273 (2009)

    Google Scholar 

  34. Ben Salem, M., Hershkop, S., Stolfo, S.J.: A survey of insider attack detection research. In: Insider Attack and Cyber Security, pp. 69–90. Springer (2008)

    Google Scholar 

  35. Bhamare, D., Salman, T., Samaka, M., Erbad, A., Jain, R.: Feasibility of supervised machine learning for cloud security. In: 2016 International Conference on Information Science and Security (ICISS), pp. 1–5 (2016)

    Google Scholar 

  36. Gallagher, B., Eliassi-Rad, T.: Classification of http attacks: a study on the ECML/PKDD 2007 discovery challenge. Lawrence Livermore National Lab. (LLNL), Livermore, CA (United States) (2009)

    Google Scholar 

  37. Haddadi, F., Le Cong, D., Porter, L., Zincir-Heywood, A.N.: On the effectiveness of different botnet detection approaches. In: International Conference on Information Security Practice and Experience, pp. 121–135 (2015)

    Google Scholar 

  38. Xie, M., Hu, J., Slay, J.: Evaluating host-based anomaly detection systems: application of the one-class SVM algorithm to ADFA-LD. In: 2014 11th International Conference on Fuzzy Systems and Knowledge Discovery (FSKD), pp. 978–982 (2014)

    Google Scholar 

  39. Kato, K., Klyuev, V.: An intelligent DDoS attack detection system using packet analysis and support vector machine. In: IJICR, pp. 478–485 (2014)

    Google Scholar 

  40. Yusof, A.R., Udzir, N.I., Selamat, A.: An evaluation on KNN-SVM algorithm for detection and prediction of DDoS attack. In: International Conference on Industrial, Engineering and Other Applications of Applied Intelligent Systems, pp. 95–102 (2016)

    Google Scholar 

  41. Hasan, M.A.M., Nasser, M., Ahmad, S., Molla, K.I.: Feature selection for intrusion detection using random forest. J. Inf. Secur. 7(03), 129 (2016)

    Google Scholar 

  42. Javaid, A., Niyaz, Q., Sun, W., Alam, M.: A deep learning approach for network intrusion detection system. In: Proceedings of the 9th EAI International Conference on Bio-inspired Information and Communications Technologies (formerly BIONETICS), pp. 21–26 (2016)

    Google Scholar 

  43. Tang, T.A., Mhamdi, L., McLernon, D., Zaidi, S.A.R., Ghogho, M.: Deep learning approach for network intrusion detection in software defined networking. In: 2016 International Conference on Wireless Networks and Mobile Communications (WINCOM), pp. 258–263 (2016)

    Google Scholar 

  44. Chowdhury, S., et al.: Botnet detection using graph-based feature clustering. J. Big Data 4(1), 14 (2017)

    Article  Google Scholar 

  45. Neethu, B.: Adaptive intrusion detection using machine learning. Int. J. Comput. Sci. Netw. Secur. 13(3), 118 (2013)

    Google Scholar 

  46. Kozik, R., Choraś, M., Renk, R., Hołubowicz, W.: A proposal of algorithm for web applications cyber attack detection. In: IFIP International Conference on Computer Information Systems and Industrial Management, pp. 680–687 (2015)

    Google Scholar 

  47. Lippmann, R., Haines, J.W., Fried, D.J., Korba, J., Das, K.: The 1999 DARPA off-line intrusion detection evaluation. Comput. Netw. 34(4), 579–595 (2000)

    Article  Google Scholar 

  48. Saad, S., et al.: Detecting P2P botnets through network behavior analysis and machine learning. In: 2011 Ninth Annual International Conference on Privacy, Security and Trust, pp. 174–180 (2011)

    Google Scholar 

  49. Torrano-Gimenez, C., Perez-Villegas, A., Alvarez, G.: A self-learning anomaly-based web application firewall. In: Computational Intelligence in Security for Information Systems, pp. 85–92. Springer (2009)

    Google Scholar 

  50. Torrano-Gimenez, C., Pérez-Villegas, A., Álvarez, G., Fernández-Medina, E., Malek, M., Hernando, J.: An anomaly-based web application firewall. In: SECRYPT, pp. 23–28 (2009)

    Google Scholar 

  51. Nguyen, H.T., Torrano-Gimenez, C., Alvarez, G., Petrović, S., Franke, K.: Application of the generic feature selection measure in detection of web attacks. In: Computational Intelligence in Security for Information Systems, pp. 25–32. Springer (2011)

    Google Scholar 

  52. Hoque, N., Bhattacharyya, D.K., Kalita, J.K.: A novel measure for low-rate and high-rate DDoS attack detection using multivariate data analysis. In: 2016 8th International Conference on Communication Systems and Networks (COMSNETS), pp. 1–2 (2016)

    Google Scholar 

  53. Torrano-Giménez, C., Perez-Villegas, A., Alvarez Maranón, G.: An anomaly-based approach for intrusion detection in web traffic (2010)

    Google Scholar 

Download references

Author information

Authors and Affiliations

Authors

Corresponding author

Correspondence to Said A. Salloum .

Editor information

Editors and Affiliations

Rights and permissions

Reprints and permissions

Copyright information

© 2020 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Salloum, S.A., Alshurideh, M., Elnagar, A., Shaalan, K. (2020). Machine Learning and Deep Learning Techniques for Cybersecurity: A Review. In: Hassanien, AE., Azar, A., Gaber, T., Oliva, D., Tolba, F. (eds) Proceedings of the International Conference on Artificial Intelligence and Computer Vision (AICV2020). AICV 2020. Advances in Intelligent Systems and Computing, vol 1153. Springer, Cham. https://doi.org/10.1007/978-3-030-44289-7_5

Download citation

Publish with us

Policies and ethics