The technologies for Cyber Security and Machine Learning intersect in many ways. The objectives of cyber security technologies are to detect cyber-attacks, to thwart them, and—in case stopping an attack is not possible—monitoring system activities to detect an on-going attack before damage has been caused, localizing the source, and maintaining system functionalities while remediation actions are applied. Monitoring is a prerequisite to detection and is used to collect data from various sensors and system activities, and to detect anomalies using machine learning techniques. Malware detection, for instance, may be done effectively through supervised or semi-supervised machine learning based models.
Intrusion detection by analyzing system activities, network traffic, and sensor measurements is often done using supervised and un-supervised machine learning based models. In a WIREs Data Mining and Knowledge Discovery review, the authors discuss a few examples from cyber physical system security, malware analysis and classification, and other domains, which have recently been reported in the literature.
The authors’ objective is not to report any novel results but to review a few examples at the intersection of machine learning and cyber security. This is to provide a reader from either field with a quick overview on how these two fields can be brought together for better cyber security. While no example of security of machine learning methods against the supply of adversarial training data has been discussed, it is another convergence of the two areas that strengthens machine learning against cyber-attacks.
Kindly contributed by the Authors.