On the effectiveness of machine and deep learning for cyber security

Machine learning is adopted in a wide range of domains where it shows its superiority over traditional rule-based algorithms. These methods are being integrated in cyber detection systems with the goal of supporting or even replacing the first level of security analysts. Although the complete automa...

Full description

Saved in:
Bibliographic Details
Main Authors: Apruzzese, Giovanni, Colajanni, Michele, Ferretti, Luca, Guido, Alessandro, Marchetti, Mirco
Format: Conference Proceeding
Language:English
Subjects:
adversarial learning
Classification algorithms
Computer security
cyber security
deep learning
Hidden Markov models
Machine learning
Machine learning algorithms
Training
Citations: Items that cite this one
Online Access:Request full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:Machine learning is adopted in a wide range of domains where it shows its superiority over traditional rule-based algorithms. These methods are being integrated in cyber detection systems with the goal of supporting or even replacing the first level of security analysts. Although the complete automation of detection and analysis is an enticing goal, the efficacy of machine learning in cyber security must be evaluated with the due diligence. We present an analysis, addressed to security specialists, of machine learning techniques applied to the detection of intrusion, malware, and spam. The goal is twofold: to assess the current maturity of these solutions and to identify their main limitations that prevent an immediate adoption of machine learning cyber detection schemes. Our conclusions are based on an extensive review of the literature as well as on experiments performed on real enterprise systems and network traffic.
ISSN:2325-5366
2325-5374
DOI:10.23919/CYCON.2018.8405026