Abstract
In this review, significant literature surveys on machine learning (ML) and deep learning (DL) techniques for network analysis of intrusion detection are explained. In addition, it presents a short tutorial explanation on every ML/DL method. Data holds a significant position in ML/DL methods; hence this paper highlights the datasets used in machine learning techniques, which are the primary tools for analyzing network traffic and detecting abnormalities. In addition, we elaborate on the issues faced in using ML/DL for cybersecurity and offer recommendations for future studies.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Buczak, A.L., Guven, E.: A survey of data mining and machine learning methods for cyber security intrusion detection. IEEE Commun. Surv. Tutor. 18(2), 1153–1176 (2015)
Mukkamala, S., Sung, A., Abraham, A.: Cyber security challenges: designing efficient intrusion detection systems and antivirus tools. In: Vemuri, V.R. (ed.) Enhancing Computer Security with Smart Technology 2006, pp. 125–163 (2005)
Yavanoglu, O., Aydos, M.: A review on cyber security datasets for machine learning algorithms. In: 2017 IEEE International Conference on Big Data (Big Data), pp. 2186–2193 (2017)
da Costa, K.A.P., Papa, J.P., Lisboa, C.O., Munoz, R., de Albuquerque, V.H.C.: Internet of Things: a survey on machine learning-based intrusion detection approaches. Comput. Netw. 151, 147–157 (2019)
Liu, Q., Li, P., Zhao, W., Cai, W., Yu, S., Leung, V.C.M.: A survey on security threats and defensive techniques of machine learning: a data driven view. IEEE Access 6, 12103–12117 (2018)
Xin, Y., et al.: Machine learning and deep learning methods for cybersecurity. IEEE Access 6, 35365–35381 (2018)
Dua, S., Du, X.: Data Mining and Machine Learning in Cybersecurity. Auerbach Publications (2016)
Yin, C., Zhu, Y., Fei, J., He, X.: A deep learning approach for intrusion detection using recurrent neural networks. IEEE Access 5, 21954–21961 (2017)
Xiao, L., Wan, X., Lu, X., Zhang, Y., Wu, D.: IoT security techniques based on machine learning (2018). arXiv Prepr. arXiv:1801.06275
Jordan, M.I., Mitchell, T.M.: Machine learning: Trends, perspectives, and prospects. Science (80-.) 349(6245), 255–260 (2015)
Fraley, J.B., Cannady, J.: The promise of machine learning in cybersecurity. SoutheastCon 2017, 1–6 (2017)
Alazab, M., Tang, M.: Deep Learning Applications for Cyber Security. Springer, Heidelberg (2019)
Li, J.: Cyber security meets artificial intelligence: a survey. Front. Inf. Technol. Electron. Eng. 19(12), 1462–1474 (2018)
Jones, C.L., Bridges, R.A., Huffer, K.M.T., Goodall, J.R.: Towards a relation extraction framework for cyber-security concepts. In: Proceedings of the 10th Annual Cyber and Information Security Research Conference, p. 11 (2015)
McNeil, N., Bridges, R.A., Iannacone, M.D., Czejdo, B., Perez, N., Goodall, J.R.: Pace: pattern accurate computationally efficient bootstrapping for timely discovery of cyber-security concepts. In: 2013 12th International Conference on Machine Learning and Applications, vol. 2, pp. 60–65 (2013)
Zhang, Q., Man, D., Yang, W.: Using HMM for intent recognition in cyber security situation awareness. In: 2009 Second International Symposium on Knowledge Acquisition and Modeling, vol. 2, pp. 166–169 (2009)
Bonaci, T., Herron, J., Yusuf, T., Yan, J., Kohno, T., Chizeck, H.J.: To make a robot secure: an experimental analysis of cyber security threats against teleoperated surgical robots (2015). arXiv Prepr. arXiv:1504.04339
Hacioglu, U., Sevgilioglu, G.: The evolving role of automated systems and its cyber-security issue for global business operations in Industry 4.0. Int. J. Bus. Ecosyst. Strategy 1(1), 1–11 (2019)
Alhashmi, S.F.S., Salloum, S.A., Abdallah, S.: Critical success factors for implementing artificial intelligence (AI) projects in Dubai government United Arab Emirates (UAE) health sector: applying the extended technology acceptance model (TAM). In: International Conference on Advanced Intelligent Systems and Informatics, pp. 393–405 (2019)
Darwish, A., Ezzat, D., Hassanien, A.E.: An optimized model based on convolutional neural networks and orthogonal learning particle swarm optimization algorithm for plant diseases diagnosis. Swarm Evol. Comput. 52, 100616 (2020)
Abdelghafar, S., Darwish, A., Hassanien, A.E.: Intelligent health monitoring systems for space missions based on data mining techniques. In: Machine Learning and Data Mining in Aerospace Technology, pp. 65–78. Springer (2020)
Elsayad, D., Ali, A., Shedeed, H.A., Tolba, M.F.: PAGeneRN: parallel architecture for gene regulatory network. In: Data Analytics in Medicine: Concepts, Methodologies, Tools, and Applications, pp. 1052–1075. IGI Global (2020)
Pacheco, A.G.C., Ali, A.-R., Trappenberg, T.: Skin cancer detection based on deep learning and entropy to detect outlier samples (2019). arXiv Prepr. arXiv:1909.04525
Salloum, S.A., Al-Emran, M., Monem, A., Shaalan, K.: A survey of text mining in social media: facebook and twitter perspectives. Adv. Sci. Technol. Eng. Syst. J. 2(1), 127–133 (2017)
Alomari, K.M., AlHamad, A.Q., Salloum, S.: Prediction of the digital game rating systems based on the ESRB. Opción 35(19), 1368–1393 (2019)
Salloum, S.A., Al-Emran, M., Shaalan, K.: Mining social media text: extracting knowledge from facebook. Int. J. Comput. Digit. Syst. 6(2), 73–81 (2017)
Salloum, S.A., Al-Emran, M., Abdallah, S., Shaalan, K.: Analyzing the Arab Gulf newspapers using text mining techniques. In: International Conference on Advanced Intelligent Systems and Informatics, pp. 396–405 (2017)
Salloum, S.A., Al-Emran, M., Shaalan, K.: Mining text in news channels: a case study from facebook. Int. J. Inf. Technol. Lang. Stud. 1(1), 1–9 (2017)
Salloum, S.A., AlHamad, A.Q., Al-Emran, M., Shaalan, K.: A survey of Arabic text mining, vol. 740 (2018)
Salloum, S.A., Mhamdi, C., Al-Emran, M., Shaalan, K.: Analysis and classification of Arabic newspapers’ facebook pages using text mining techniques. Int. J. Inf. Technol. Lang. Stud. 1(2), 8–17 (2017)
Amodei, D., Olah, C., Steinhardt, J., Christiano, P., Schulman, J., Mané, D.: Concrete problems in AI safety (2016). arXiv Prepr. arXiv:1606.06565
Papernot, N., McDaniel, P., Sinha, A., Wellman, M.: Towards the science of security and privacy in machine learning (2016). arXiv Prepr. arXiv:1611.03814
Feily, M., Shahrestani, A., Ramadass, S.: A survey of botnet and botnet detection. In: 2009 Third International Conference on Emerging Security Information, Systems and Technologies, pp. 268–273 (2009)
Ben Salem, M., Hershkop, S., Stolfo, S.J.: A survey of insider attack detection research. In: Insider Attack and Cyber Security, pp. 69–90. Springer (2008)
Bhamare, D., Salman, T., Samaka, M., Erbad, A., Jain, R.: Feasibility of supervised machine learning for cloud security. In: 2016 International Conference on Information Science and Security (ICISS), pp. 1–5 (2016)
Gallagher, B., Eliassi-Rad, T.: Classification of http attacks: a study on the ECML/PKDD 2007 discovery challenge. Lawrence Livermore National Lab. (LLNL), Livermore, CA (United States) (2009)
Haddadi, F., Le Cong, D., Porter, L., Zincir-Heywood, A.N.: On the effectiveness of different botnet detection approaches. In: International Conference on Information Security Practice and Experience, pp. 121–135 (2015)
Xie, M., Hu, J., Slay, J.: Evaluating host-based anomaly detection systems: application of the one-class SVM algorithm to ADFA-LD. In: 2014 11th International Conference on Fuzzy Systems and Knowledge Discovery (FSKD), pp. 978–982 (2014)
Kato, K., Klyuev, V.: An intelligent DDoS attack detection system using packet analysis and support vector machine. In: IJICR, pp. 478–485 (2014)
Yusof, A.R., Udzir, N.I., Selamat, A.: An evaluation on KNN-SVM algorithm for detection and prediction of DDoS attack. In: International Conference on Industrial, Engineering and Other Applications of Applied Intelligent Systems, pp. 95–102 (2016)
Hasan, M.A.M., Nasser, M., Ahmad, S., Molla, K.I.: Feature selection for intrusion detection using random forest. J. Inf. Secur. 7(03), 129 (2016)
Javaid, A., Niyaz, Q., Sun, W., Alam, M.: A deep learning approach for network intrusion detection system. In: Proceedings of the 9th EAI International Conference on Bio-inspired Information and Communications Technologies (formerly BIONETICS), pp. 21–26 (2016)
Tang, T.A., Mhamdi, L., McLernon, D., Zaidi, S.A.R., Ghogho, M.: Deep learning approach for network intrusion detection in software defined networking. In: 2016 International Conference on Wireless Networks and Mobile Communications (WINCOM), pp. 258–263 (2016)
Chowdhury, S., et al.: Botnet detection using graph-based feature clustering. J. Big Data 4(1), 14 (2017)
Neethu, B.: Adaptive intrusion detection using machine learning. Int. J. Comput. Sci. Netw. Secur. 13(3), 118 (2013)
Kozik, R., Choraś, M., Renk, R., Hołubowicz, W.: A proposal of algorithm for web applications cyber attack detection. In: IFIP International Conference on Computer Information Systems and Industrial Management, pp. 680–687 (2015)
Lippmann, R., Haines, J.W., Fried, D.J., Korba, J., Das, K.: The 1999 DARPA off-line intrusion detection evaluation. Comput. Netw. 34(4), 579–595 (2000)
Saad, S., et al.: Detecting P2P botnets through network behavior analysis and machine learning. In: 2011 Ninth Annual International Conference on Privacy, Security and Trust, pp. 174–180 (2011)
Torrano-Gimenez, C., Perez-Villegas, A., Alvarez, G.: A self-learning anomaly-based web application firewall. In: Computational Intelligence in Security for Information Systems, pp. 85–92. Springer (2009)
Torrano-Gimenez, C., Pérez-Villegas, A., Álvarez, G., Fernández-Medina, E., Malek, M., Hernando, J.: An anomaly-based web application firewall. In: SECRYPT, pp. 23–28 (2009)
Nguyen, H.T., Torrano-Gimenez, C., Alvarez, G., Petrović, S., Franke, K.: Application of the generic feature selection measure in detection of web attacks. In: Computational Intelligence in Security for Information Systems, pp. 25–32. Springer (2011)
Hoque, N., Bhattacharyya, D.K., Kalita, J.K.: A novel measure for low-rate and high-rate DDoS attack detection using multivariate data analysis. In: 2016 8th International Conference on Communication Systems and Networks (COMSNETS), pp. 1–2 (2016)
Torrano-Giménez, C., Perez-Villegas, A., Alvarez Maranón, G.: An anomaly-based approach for intrusion detection in web traffic (2010)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2020 Springer Nature Switzerland AG
About this paper
Cite this paper
Salloum, S.A., Alshurideh, M., Elnagar, A., Shaalan, K. (2020). Machine Learning and Deep Learning Techniques for Cybersecurity: A Review. In: Hassanien, AE., Azar, A., Gaber, T., Oliva, D., Tolba, F. (eds) Proceedings of the International Conference on Artificial Intelligence and Computer Vision (AICV2020). AICV 2020. Advances in Intelligent Systems and Computing, vol 1153. Springer, Cham. https://doi.org/10.1007/978-3-030-44289-7_5
Download citation
DOI: https://doi.org/10.1007/978-3-030-44289-7_5
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-44288-0
Online ISBN: 978-3-030-44289-7
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)