Machine learning and cyber security

IF 1 Q4 COMPUTER SCIENCE, INFORMATION SYSTEMS
S. Karius, Mandy Knöchel, Sascha Heße, Tim Reiprich
{"title":"Machine learning and cyber security","authors":"S. Karius, Mandy Knöchel, Sascha Heße, Tim Reiprich","doi":"10.1515/itit-2023-0050","DOIUrl":null,"url":null,"abstract":"Abstract Cyber Security has gained a significant amount of perceived importance when talking about the risks and challenges that lie ahead in the field of information technology. A recent increase in high-profile incidents involving any form of cyber criminality have raised the awareness of threats that were formerly often hidden from public perception, e.g., with openly carried out attacks against critical infrastructure to accompany traditional forms of warfare, extending those to the cyberspace. Add to that very personal experience of everyday social engineering attacks, which are cast out like a fishing net on a large scale, e.g., to catch anyone not careful enough to double-check a suspicious email. But as the threat level rises and the attacks become even more sophisticated, so do the methods to mitigate (or at least recognize) them. Of central importance here are methods from the field of machine learning (ML). This article provides a comprehensive overview of applied ML methods in cyber security, illustrates the importance of ML for cyber security, and discusses issues and methods for generating good datasets for the training phase of ML methods used in cyber security. This includes own work on the topics of network traffic classification, the collection of real-world attacks using honeypot systems as well as the use of ML to generate artificial network traffic.","PeriodicalId":43953,"journal":{"name":"IT-Information Technology","volume":" ","pages":""},"PeriodicalIF":1.0000,"publicationDate":"2023-09-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"IT-Information Technology","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1515/itit-2023-0050","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q4","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}
引用次数: 0

Abstract

Abstract Cyber Security has gained a significant amount of perceived importance when talking about the risks and challenges that lie ahead in the field of information technology. A recent increase in high-profile incidents involving any form of cyber criminality have raised the awareness of threats that were formerly often hidden from public perception, e.g., with openly carried out attacks against critical infrastructure to accompany traditional forms of warfare, extending those to the cyberspace. Add to that very personal experience of everyday social engineering attacks, which are cast out like a fishing net on a large scale, e.g., to catch anyone not careful enough to double-check a suspicious email. But as the threat level rises and the attacks become even more sophisticated, so do the methods to mitigate (or at least recognize) them. Of central importance here are methods from the field of machine learning (ML). This article provides a comprehensive overview of applied ML methods in cyber security, illustrates the importance of ML for cyber security, and discusses issues and methods for generating good datasets for the training phase of ML methods used in cyber security. This includes own work on the topics of network traffic classification, the collection of real-world attacks using honeypot systems as well as the use of ML to generate artificial network traffic.
机器学习和网络安全
摘要当谈到信息技术领域面临的风险和挑战时,网络安全已经获得了相当大的重要性。最近,涉及任何形式网络犯罪的高调事件有所增加,这提高了人们对以前常常隐藏在公众认知之外的威胁的认识,例如,在传统战争形式的同时,公开对关键基础设施进行攻击,并将其扩展到网络空间。再加上日常社会工程攻击的个人经历,这些攻击像渔网一样被大规模抛出,例如,捕捉任何不小心仔细检查可疑电子邮件的人。但随着威胁级别的上升,攻击变得更加复杂,减轻(或至少识别)它们的方法也会随之增加。这里最重要的是来自机器学习(ML)领域的方法。本文全面概述了ML方法在网络安全中的应用,说明了ML对网络安全的重要性,并讨论了为网络安全中使用的ML方法的训练阶段生成良好数据集的问题和方法。这包括自己在网络流量分类、使用蜜罐系统收集真实世界的攻击以及使用ML生成人工网络流量等主题上的工作。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 求助全文
来源期刊
IT-Information Technology
IT-Information Technology COMPUTER SCIENCE, INFORMATION SYSTEMS-
CiteScore
3.80
自引率
0.00%
发文量
29
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信