Machine learning and cyber security

IF 1 Q4 COMPUTER SCIENCE, INFORMATION SYSTEMS IT-Information Technology Pub Date : 2023-09-04 DOI:10.1515/itit-2023-0050
S. Karius, Mandy Knöchel, Sascha Heße, Tim Reiprich
{"title":"Machine learning and cyber security","authors":"S. Karius, Mandy Knöchel, Sascha Heße, Tim Reiprich","doi":"10.1515/itit-2023-0050","DOIUrl":null,"url":null,"abstract":"Abstract Cyber Security has gained a significant amount of perceived importance when talking about the risks and challenges that lie ahead in the field of information technology. A recent increase in high-profile incidents involving any form of cyber criminality have raised the awareness of threats that were formerly often hidden from public perception, e.g., with openly carried out attacks against critical infrastructure to accompany traditional forms of warfare, extending those to the cyberspace. Add to that very personal experience of everyday social engineering attacks, which are cast out like a fishing net on a large scale, e.g., to catch anyone not careful enough to double-check a suspicious email. But as the threat level rises and the attacks become even more sophisticated, so do the methods to mitigate (or at least recognize) them. Of central importance here are methods from the field of machine learning (ML). This article provides a comprehensive overview of applied ML methods in cyber security, illustrates the importance of ML for cyber security, and discusses issues and methods for generating good datasets for the training phase of ML methods used in cyber security. This includes own work on the topics of network traffic classification, the collection of real-world attacks using honeypot systems as well as the use of ML to generate artificial network traffic.","PeriodicalId":43953,"journal":{"name":"IT-Information Technology","volume":" ","pages":""},"PeriodicalIF":1.0000,"publicationDate":"2023-09-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"IT-Information Technology","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1515/itit-2023-0050","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q4","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}
引用次数: 0

Abstract

Abstract Cyber Security has gained a significant amount of perceived importance when talking about the risks and challenges that lie ahead in the field of information technology. A recent increase in high-profile incidents involving any form of cyber criminality have raised the awareness of threats that were formerly often hidden from public perception, e.g., with openly carried out attacks against critical infrastructure to accompany traditional forms of warfare, extending those to the cyberspace. Add to that very personal experience of everyday social engineering attacks, which are cast out like a fishing net on a large scale, e.g., to catch anyone not careful enough to double-check a suspicious email. But as the threat level rises and the attacks become even more sophisticated, so do the methods to mitigate (or at least recognize) them. Of central importance here are methods from the field of machine learning (ML). This article provides a comprehensive overview of applied ML methods in cyber security, illustrates the importance of ML for cyber security, and discusses issues and methods for generating good datasets for the training phase of ML methods used in cyber security. This includes own work on the topics of network traffic classification, the collection of real-world attacks using honeypot systems as well as the use of ML to generate artificial network traffic.
查看原文
分享 分享
微信好友 朋友圈 QQ好友 复制链接
本刊更多论文
机器学习和网络安全
摘要当谈到信息技术领域面临的风险和挑战时,网络安全已经获得了相当大的重要性。最近,涉及任何形式网络犯罪的高调事件有所增加,这提高了人们对以前常常隐藏在公众认知之外的威胁的认识,例如,在传统战争形式的同时,公开对关键基础设施进行攻击,并将其扩展到网络空间。再加上日常社会工程攻击的个人经历,这些攻击像渔网一样被大规模抛出,例如,捕捉任何不小心仔细检查可疑电子邮件的人。但随着威胁级别的上升,攻击变得更加复杂,减轻(或至少识别)它们的方法也会随之增加。这里最重要的是来自机器学习(ML)领域的方法。本文全面概述了ML方法在网络安全中的应用,说明了ML对网络安全的重要性,并讨论了为网络安全中使用的ML方法的训练阶段生成良好数据集的问题和方法。这包括自己在网络流量分类、使用蜜罐系统收集真实世界的攻击以及使用ML生成人工网络流量等主题上的工作。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 去求助
来源期刊
IT-Information Technology
IT-Information Technology COMPUTER SCIENCE, INFORMATION SYSTEMS-
CiteScore
3.80
自引率
0.00%
发文量
29
期刊最新文献
Wildfire prediction for California using and comparing Spatio-Temporal Knowledge Graphs Machine learning in AI Factories – five theses for developing, managing and maintaining data-driven artificial intelligence at large scale Machine learning applications Machine learning in sensor identification for industrial systems Machine learning and cyber security
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
0
微信
客服QQ
Book学术公众号 扫码关注我们
反馈
×
意见反馈
请填写您的意见或建议
请填写您的手机或邮箱
已复制链接
已复制链接
快去分享给好友吧!
我知道了
×
扫码分享
扫码分享
Book学术官方微信
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术
文献互助 智能选刊 最新文献 互助须知 联系我们:info@booksci.cn
Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。
Copyright © 2023 Book学术 All rights reserved.
ghs 京公网安备 11010802042870号 京ICP备2023020795号-1