Coverart for item
The Resource Data mining and machine learning in cybersecurity, Sumeet Dua and Xian Du

Data mining and machine learning in cybersecurity, Sumeet Dua and Xian Du

Label
Data mining and machine learning in cybersecurity
Title
Data mining and machine learning in cybersecurity
Statement of responsibility
Sumeet Dua and Xian Du
Creator
Contributor
Subject
Language
eng
Summary
"Introducing basic concepts of machine learning and data mining methodologies for cyber security, this book provides a unified reference for specific machine learning solutions and cybersecurity problems. The authors focus on how to apply machine learning methodologies in cybersecurity, categorizing methods for detecting, scanning, profiling, intrusions, and anomalies. The text presents challenges and solutions in machine learning along with cybersecurity fundamentals. It also describes advanced problems in cybersecurity in the machine learning domain and examines privacy-preserving data mining methods as a proactive security solution"-- Provided by publisher
Cataloging source
DLC
http://library.link/vocab/creatorName
Dua, Sumeet
Index
index present
Literary form
non fiction
Nature of contents
bibliography
http://library.link/vocab/relatedWorkOrContributorName
Du, Xian
http://library.link/vocab/subjectName
  • Data mining
  • Machine learning
  • Computer security
Label
Data mining and machine learning in cybersecurity, Sumeet Dua and Xian Du
Instantiates
Publication
Bibliography note
Includes bibliographical references and index
Contents
1. Introduction -- 1.1. Cybersecurity -- 1.2. Data Mining -- 1.3. Machine Learning -- 1.4. Review of Cybersecurity Solutions -- 1.4.1. Proactive Security Solutions -- 1.4.2. Reactive Security Solutions -- 1.4.2.1. Misuse/Signature Detection -- 1.4.2.2. Anomaly Detection -- 1.4.2.3. Hybrid Detection -- 1.4.2.4. Scan Detection -- 1.4.2.5. Profiling Modules -- 1.5. Summary -- 1.6. Further Reading -- References -- 2. Classical Machine-Learning Paradigms for Data Mining -- 2.1. Machine Learning -- 2.1.1. Fundamentals of Supervised Machine-Learning Methods -- 2.1.1.1. Association Rule Classification -- 2.1.1.2. Artificial Neural Network -- 2.1.1.3. Support Vector Machines -- 2.1.1.4. Decision Trees -- 2.1.1.5. Bayesian Network -- 2.1.1.6. Hidden Markov Model -- 2.1.1.7. Kalman Filter -- 2.1.1.8. Bootstrap, Bagging, and AdaBoost -- 2.1.1.9. Random Forest -- 2.1.2. Popular Unsupervised Machine-Learning Methods -- 2.1.2.1. k-Means Clustering -- 2.1.2.2. Expectation Maximum -- 2.1.2.3. k-Nearest Neighbor -- 2.1.2.4. SOM ANN -- 2.1.2.5. Principal Components Analysis -- 2.1.2.6. Subspace Clustering -- 2.2. Improvements on Machine-Learning Methods -- 2.2.1. New Machine-Learning Algorithms -- 2.2.2. Resampling -- 2.2.3. Feature Selection Methods -- 2.2.4. Evaluation Methods -- 2.2.5. Cross Validation -- 2.3. Challenges -- 2.3.1. Challenges in Data Mining -- 2.3.1.1. Modeling Large-Scale Networks -- 2.3.1.2. Discovery of Threats -- 2.3.1.3. Network Dynamics and Cyber Attacks -- 2.3.1.4. Privacy Preservation in Data Mining -- 2.3.2. Challenges in Machine Learning (Supervised Learning and Unsupervised Learning) -- 2.3.2.1. Online Learning Methods for Dynamic Modeling of Network Data -- 2.3.2.2. Modeling Data with Skewed Class Distributions to Handle Rare Event Detection -- 2.3.2.3. Feature Extraction for Data with Evolving Characteristics -- 2.4. Research Directions -- 2.4.1. Understanding the Fundamental Problems of Machine-Learning Methods in Cybersecurity -- 2.4.2. Incremental Learning in Cyberinfrastructures -- 2.4.3. Feature Selection/Extraction for Data with Evolving Characteristics -- 2.4.4. Privacy-Preserving Data Mining -- 2.5. Summary -- References -- 3. Supervised Learning for Misuse/Signature Detection -- 3.1. Misuse/Signature Detection -- 3.2. Machine Learning in Misuse/Signature Detection -- 3.3. Machine-Learning Applications in Misuse Detection -- 3.3.1. Rule-Based Signature Analysis -- 3.3.1.1. Classification Using Association Rules -- 3.3.1.2. Fuzzy-Rule-Based -- 3.3.2. Artificial Neural Network -- 3.3.3. Support Vector Machine -- 3.3.4. Genetic Programming -- 3.3.5. Decision Tree and CART -- 3.3.5.1. Decision-Tree Techniques -- 3.3.5.2. Application of a Decision Tree in Misuse Detection -- 3.3.5.3. CART -- 3.3.6. Bayesian Network -- 3.3.6.1. Bayesian Network Classifier -- 3.3.6.2. Naive Bayes -- 3.4. Summary -- References -- 4. Machine Learning for Anomaly Detection -- 4.1. Introduction -- 4.2. Anomaly Detection -- 4.3. Machine Learning in Anomaly Detection Systems -- 4.4. Machine-Learning Applications in Anomaly Detection -- 4.4.1. Rule-Based Anomaly Detection (Table 1.3, C.6) -- 4.4.1.1. Fuzzy Rule-Based (Table 1.3, C.6) -- 4.4.2. ANN (Table 1.3, C.9) -- 4.4.3. Support Vector Machines (Table 1.3, C.12) -- 4.4.4. Nearest Neighbor-Based Learning (Table 1.3, C.11) -- 4.4.5. Hidden Markov Model -- 4.4.6. Kalman Filter -- 4.4.7. Unsupervised Anomaly Detection -- 4.4.7.1. Clustering-Based Anomaly Detection -- 4.4.7.2. Random Forests -- 4.4.7.3. Principal Component Analysis/Subspace -- 4.4.7.4. One-Class Supervised Vector Machine -- 4.4.8. Information Theoretic (Table 1.3, C.5) -- 4.4.9. Other Machine-Learning Methods Applied in Anomaly Detection (Table 1.3, C.2) -- 4.5. Summary -- References -- 5. Machine Learning for Hybrid Detection -- 5.1. Hybrid Detection -- 5.2. Machine Learning in Hybrid Intrusion Detection Systems -- 5.3. Machine-Learning Applications in Hybrid Intrusion Detection -- 5.3.1. Anomaly-Misuse Sequence Detection System -- 5.3.2. Association Rules in Audit Data Analysis and Mining (Table 1.4, D.4) -- 5.3.3. Misuse-Anomaly Sequence Detection System -- 5.3.4. Parallel Detection System -- 5.3.5. Complex Mixture Detection System -- 5.3.6. Other Hybrid Intrusion Systems -- 5.4. Summary -- References -- 6. Machine Learning for Scan Detection -- 6.1. Scan and Scan Detection -- 6.2. Machine Learning in Scan Detection -- 6.3. Machine-Learning Applications in Scan Detection -- 6.4. Other Scan Techniques with Machine-Learning Methods -- 6.5. Summary -- References -- 7. Machine Learning for Profiling Network Traffic -- 7.1. Introduction -- 7.2. Network Traffic Profiling and Related Network Traffic Knowledge -- 7.3. Machine Learning and Network Traffic Profiling -- 7.4. Data-Mining and Machine-Learning Applications in Network Profiling -- 7.4.1. Other Profiling Methods and Applications -- 7.5. Summary -- References -- 8. Privacy-Preserving Data Mining -- 8.1. Privacy Preservation Techniques in PPDM -- 8.1.1. Notations -- 8.1.2. Privacy Preservation in Data Mining -- 8.2. Workflow of PPDM -- 8.2.1. Introduction of the PPDM Workflow -- 8.2.2. PPDM Algorithms -- 8.2.3. Performance Evaluation of PPDM Algorithms -- 8.3. Data-Mining and Machine-Learning Applications in PPDM -- 8.3.1. Privacy Preservation Association Rules (Table 1.1, A.4) -- 8.3.2. Privacy Preservation Decision Tree (Table 1.1, A.6) -- 8.3.3. Privacy Preservation Bayesian Network (Table 1.1, A.2) -- 8.3.4. Privacy Preservation KNN (Table 1.1, A.7) -- 8.3.5. Privacy Preservation k-Means Clustering (Table 1.1, A.3) -- 8.3.6. Other PPDM Methods -- 8.4. Summary -- References -- 9. Emerging Challenges in Cybersecurity -- 9.1. Emerging Cyber Threats -- 9.1.1. Threats from Malware -- 9.1.2. Threats from Botnets -- 9.1.3. Threats from Cyber Warfare -- 9.1.4. Threats from Mobile Communication -- 9.1.5. Cyber Crimes -- 9.2. Network Monitoring, Profiling, and Privacy Preservation -- 9.2.1. Privacy Preservation of Original Data -- 9.2.2. Privacy Preservation in the Network Traffic Monitoring and Profiling Algorithms -- 9.2.3. Privacy Preservation of Monitoring and Profiling Data -- 9.2.4. Regulation, Laws, and Privacy Preservation -- 9.2.5. Privacy Preservation, Network Monitoring, and Profiling Example: PRISM -- 9.3. Emerging Challenges in Intrusion Detection -- 9.3.1. Unifying the Current Anomaly Detection Systems -- 9.3.2. Network Traffic Anomaly Detection -- 9.3.3. Imbalanced Learning Problem and Advanced Evaluation Metrics for IDS -- 9.3.4. Reliable Evaluation Data Sets or Data Generation Tools -- 9.3.5. Privacy Issues in Network Anomaly Detection -- 9.4. Summary -- References
Control code
ocn707725928
Dimensions
25 cm
Extent
xxii, 234 p.
Isbn
9781439839423
Isbn Type
(hardback)
Lccn
2011006228
Other physical details
ill.
System control number
(OCoLC)707725928
Label
Data mining and machine learning in cybersecurity, Sumeet Dua and Xian Du
Publication
Bibliography note
Includes bibliographical references and index
Contents
1. Introduction -- 1.1. Cybersecurity -- 1.2. Data Mining -- 1.3. Machine Learning -- 1.4. Review of Cybersecurity Solutions -- 1.4.1. Proactive Security Solutions -- 1.4.2. Reactive Security Solutions -- 1.4.2.1. Misuse/Signature Detection -- 1.4.2.2. Anomaly Detection -- 1.4.2.3. Hybrid Detection -- 1.4.2.4. Scan Detection -- 1.4.2.5. Profiling Modules -- 1.5. Summary -- 1.6. Further Reading -- References -- 2. Classical Machine-Learning Paradigms for Data Mining -- 2.1. Machine Learning -- 2.1.1. Fundamentals of Supervised Machine-Learning Methods -- 2.1.1.1. Association Rule Classification -- 2.1.1.2. Artificial Neural Network -- 2.1.1.3. Support Vector Machines -- 2.1.1.4. Decision Trees -- 2.1.1.5. Bayesian Network -- 2.1.1.6. Hidden Markov Model -- 2.1.1.7. Kalman Filter -- 2.1.1.8. Bootstrap, Bagging, and AdaBoost -- 2.1.1.9. Random Forest -- 2.1.2. Popular Unsupervised Machine-Learning Methods -- 2.1.2.1. k-Means Clustering -- 2.1.2.2. Expectation Maximum -- 2.1.2.3. k-Nearest Neighbor -- 2.1.2.4. SOM ANN -- 2.1.2.5. Principal Components Analysis -- 2.1.2.6. Subspace Clustering -- 2.2. Improvements on Machine-Learning Methods -- 2.2.1. New Machine-Learning Algorithms -- 2.2.2. Resampling -- 2.2.3. Feature Selection Methods -- 2.2.4. Evaluation Methods -- 2.2.5. Cross Validation -- 2.3. Challenges -- 2.3.1. Challenges in Data Mining -- 2.3.1.1. Modeling Large-Scale Networks -- 2.3.1.2. Discovery of Threats -- 2.3.1.3. Network Dynamics and Cyber Attacks -- 2.3.1.4. Privacy Preservation in Data Mining -- 2.3.2. Challenges in Machine Learning (Supervised Learning and Unsupervised Learning) -- 2.3.2.1. Online Learning Methods for Dynamic Modeling of Network Data -- 2.3.2.2. Modeling Data with Skewed Class Distributions to Handle Rare Event Detection -- 2.3.2.3. Feature Extraction for Data with Evolving Characteristics -- 2.4. Research Directions -- 2.4.1. Understanding the Fundamental Problems of Machine-Learning Methods in Cybersecurity -- 2.4.2. Incremental Learning in Cyberinfrastructures -- 2.4.3. Feature Selection/Extraction for Data with Evolving Characteristics -- 2.4.4. Privacy-Preserving Data Mining -- 2.5. Summary -- References -- 3. Supervised Learning for Misuse/Signature Detection -- 3.1. Misuse/Signature Detection -- 3.2. Machine Learning in Misuse/Signature Detection -- 3.3. Machine-Learning Applications in Misuse Detection -- 3.3.1. Rule-Based Signature Analysis -- 3.3.1.1. Classification Using Association Rules -- 3.3.1.2. Fuzzy-Rule-Based -- 3.3.2. Artificial Neural Network -- 3.3.3. Support Vector Machine -- 3.3.4. Genetic Programming -- 3.3.5. Decision Tree and CART -- 3.3.5.1. Decision-Tree Techniques -- 3.3.5.2. Application of a Decision Tree in Misuse Detection -- 3.3.5.3. CART -- 3.3.6. Bayesian Network -- 3.3.6.1. Bayesian Network Classifier -- 3.3.6.2. Naive Bayes -- 3.4. Summary -- References -- 4. Machine Learning for Anomaly Detection -- 4.1. Introduction -- 4.2. Anomaly Detection -- 4.3. Machine Learning in Anomaly Detection Systems -- 4.4. Machine-Learning Applications in Anomaly Detection -- 4.4.1. Rule-Based Anomaly Detection (Table 1.3, C.6) -- 4.4.1.1. Fuzzy Rule-Based (Table 1.3, C.6) -- 4.4.2. ANN (Table 1.3, C.9) -- 4.4.3. Support Vector Machines (Table 1.3, C.12) -- 4.4.4. Nearest Neighbor-Based Learning (Table 1.3, C.11) -- 4.4.5. Hidden Markov Model -- 4.4.6. Kalman Filter -- 4.4.7. Unsupervised Anomaly Detection -- 4.4.7.1. Clustering-Based Anomaly Detection -- 4.4.7.2. Random Forests -- 4.4.7.3. Principal Component Analysis/Subspace -- 4.4.7.4. One-Class Supervised Vector Machine -- 4.4.8. Information Theoretic (Table 1.3, C.5) -- 4.4.9. Other Machine-Learning Methods Applied in Anomaly Detection (Table 1.3, C.2) -- 4.5. Summary -- References -- 5. Machine Learning for Hybrid Detection -- 5.1. Hybrid Detection -- 5.2. Machine Learning in Hybrid Intrusion Detection Systems -- 5.3. Machine-Learning Applications in Hybrid Intrusion Detection -- 5.3.1. Anomaly-Misuse Sequence Detection System -- 5.3.2. Association Rules in Audit Data Analysis and Mining (Table 1.4, D.4) -- 5.3.3. Misuse-Anomaly Sequence Detection System -- 5.3.4. Parallel Detection System -- 5.3.5. Complex Mixture Detection System -- 5.3.6. Other Hybrid Intrusion Systems -- 5.4. Summary -- References -- 6. Machine Learning for Scan Detection -- 6.1. Scan and Scan Detection -- 6.2. Machine Learning in Scan Detection -- 6.3. Machine-Learning Applications in Scan Detection -- 6.4. Other Scan Techniques with Machine-Learning Methods -- 6.5. Summary -- References -- 7. Machine Learning for Profiling Network Traffic -- 7.1. Introduction -- 7.2. Network Traffic Profiling and Related Network Traffic Knowledge -- 7.3. Machine Learning and Network Traffic Profiling -- 7.4. Data-Mining and Machine-Learning Applications in Network Profiling -- 7.4.1. Other Profiling Methods and Applications -- 7.5. Summary -- References -- 8. Privacy-Preserving Data Mining -- 8.1. Privacy Preservation Techniques in PPDM -- 8.1.1. Notations -- 8.1.2. Privacy Preservation in Data Mining -- 8.2. Workflow of PPDM -- 8.2.1. Introduction of the PPDM Workflow -- 8.2.2. PPDM Algorithms -- 8.2.3. Performance Evaluation of PPDM Algorithms -- 8.3. Data-Mining and Machine-Learning Applications in PPDM -- 8.3.1. Privacy Preservation Association Rules (Table 1.1, A.4) -- 8.3.2. Privacy Preservation Decision Tree (Table 1.1, A.6) -- 8.3.3. Privacy Preservation Bayesian Network (Table 1.1, A.2) -- 8.3.4. Privacy Preservation KNN (Table 1.1, A.7) -- 8.3.5. Privacy Preservation k-Means Clustering (Table 1.1, A.3) -- 8.3.6. Other PPDM Methods -- 8.4. Summary -- References -- 9. Emerging Challenges in Cybersecurity -- 9.1. Emerging Cyber Threats -- 9.1.1. Threats from Malware -- 9.1.2. Threats from Botnets -- 9.1.3. Threats from Cyber Warfare -- 9.1.4. Threats from Mobile Communication -- 9.1.5. Cyber Crimes -- 9.2. Network Monitoring, Profiling, and Privacy Preservation -- 9.2.1. Privacy Preservation of Original Data -- 9.2.2. Privacy Preservation in the Network Traffic Monitoring and Profiling Algorithms -- 9.2.3. Privacy Preservation of Monitoring and Profiling Data -- 9.2.4. Regulation, Laws, and Privacy Preservation -- 9.2.5. Privacy Preservation, Network Monitoring, and Profiling Example: PRISM -- 9.3. Emerging Challenges in Intrusion Detection -- 9.3.1. Unifying the Current Anomaly Detection Systems -- 9.3.2. Network Traffic Anomaly Detection -- 9.3.3. Imbalanced Learning Problem and Advanced Evaluation Metrics for IDS -- 9.3.4. Reliable Evaluation Data Sets or Data Generation Tools -- 9.3.5. Privacy Issues in Network Anomaly Detection -- 9.4. Summary -- References
Control code
ocn707725928
Dimensions
25 cm
Extent
xxii, 234 p.
Isbn
9781439839423
Isbn Type
(hardback)
Lccn
2011006228
Other physical details
ill.
System control number
(OCoLC)707725928

Library Locations

    • Albany LibraryBorrow it
      Gate 1, East Precinct, Albany Expressway (SH17), Albany, Auckland, 0632, NZ
      -36.733330 174.700641
Processing Feedback ...