A Survey of Data Mining and Machine Learning Methods for Cyber Security Intrusion Detection

被引：1480

作者：

Buczak, Anna L. ^{[1
]}

Guven, Erhan ^{[1
]}

机构：

[1] Johns Hopkins Univ, Appl Phys Lab, Johns Hopkins Rd, Laurel, MD 20723 USA

来源：

IEEE COMMUNICATIONS SURVEYS AND TUTORIALS | 2016年 / 18卷 / 02期

关键词：

Cyber analytics; data mining; machine learning; SYSTEMS; MODEL;

D O I：

10.1109/COMST.2015.2494502

中图分类号：

TP [自动化技术、计算机技术];

学科分类号：

0812 ;

摘要：

This survey paper describes a focused literature survey of machine learning (ML) and data mining (DM) methods for cyber analytics in support of intrusion detection. Short tutorial descriptions of each ML/DM method are provided. Based on the number of citations or the relevance of an emerging method, papers representing each method were identified, read, and summarized. Because data are so important in ML/DM approaches, some well-known cyber data sets used in ML/DM are described. The complexity of ML/DM algorithms is addressed, discussion of challenges for using ML/DM for cyber security is presented, and some recommendations on when to use a given method are provided.

引用

页码：1153 / 1176

页数：24

共 110 条

[1]

Abraham A., 2007, Int. J. Netw. Secur, V4, P328

[2]

Agrawal R., 1993, SIGMOD Record, V22, P207, DOI 10.1145/170036.170072

[3]

AGRAWAL R, 1995, PROC INT CONF DATA, P3, DOI 10.1109/ICDE.1995.380415

[4]

Agrawal R., 1996, ADV KNOWLEDGE DISCOV, V12, P307, DOI DOI 10.1007/978-3-319-31750-2.

[5]

Ahsan K., 2002, P ACM MULT SEC WORKS, V2

[6] Mutual information-based feature selection for intrusion detection systems [J].

Amiri, Fatemeh ;

Yousefi, MohammadMahdi Rezaei ;

Lucas, Caro ;

Shakery, Azadeh ;

Yazdani, Nasser .

JOURNAL OF NETWORK AND COMPUTER APPLICATIONS, 2011, 34 (04) :1184-1199

[7]

[Anonymous], KDD CUP 1999 DATA SE

[8]

[Anonymous], 1998, TUTORIAL LEARNING BA

[9]

[Anonymous], 1998, P NAT INF SYST SEC C

[10]

[Anonymous], 2005, P 28 AUSTR CS C

← 1 2 3 4 5 6 7 8 9 10 →