Implementation of Machine Learning in Network Security

Implementation of Machine Learning in Network Security

Bharathi N. Gopalsamy (SRM Institute of Science and Technology, India), Brindha G. R. (School of Computing, SASTRA University (Deemed), India) and B. Santhi (School of Computing, SASTRA University (Deemed), India)
DOI: 10.4018/978-1-5225-9643-1.ch013

Abstract

Machine learning (ML) is prevalent across the globe and applied in almost all domains. This chapter focuses on implementation of ML with real-time use cases. Day-to-day activities are automated to ease the task and increase the quality of decision. ML is the backbone of the perfect decision support system with a plethora of applications. The use case described in this chapter is ML & Security, which is implemented in R Script. Adversaries took advantages of ML to avoid detection and evade defenses. Network intrusion detection system (IDS) is the major issue nowadays. Its primary task is to collect relevant features from the computer network. These selected features can be fed into the ML algorithms to predict the label. The challenge in this use case is what type of feature to consider for intrusion and anomaly detection (AD). This chapter focuses on end-to-end process to get insight into the stream of data from the network connection with priority given to forecasting mechanism and prediction of the future. Forecasting is applied to the time series data to get sensible decisions.
Chapter Preview
Top

Introduction

ML is the combination of mathematics and statistics. ML algorithms identify patterns in the data from real time. By viewing this it is possible to identify correlations and also to detect anomalies. This chapter provides intuition to the reader about ML and its significant role in the network security. The reader could have basics of ML and design framework for security issues and have the practical skill to implement the ML algorithms. ML is for learning by experiences. It brings intelligence and adaptable to dynamic data through past data. Being get features of available data and relations among them, it could be possible to predict future outcomes. This could use these tasks: Information mining, and brings the inference and insight from data. Whenever we want to classify the elements, we first extract features from the elements and significant towards the label, which could differentiate between classes. We applied ML algorithms over the labeled data and model parameters are identified. These learned parameters are used to differentiate the unseen data, in the validation phase.

ML seems to be the best solution to cyber security in the large amount of digital era. This chapter focuses on little basics of ML and security. It picturizes the concept of ML in security and it is explained through use cases. The example is going to help the readers to get deep dive into the hands-on part of ML algorithms. It also gives the over view of ML and security state of the art. Key word in this technology world are Artificial intelligence (AI), ML and Deep Learning (DL) given in Figure 1.

Figure 1.
978-1-5225-9643-1.ch013.f01

AI is the roof; Making things smart by machines and doing human like activities with intelligence. ML is the subset of AI and it learns from experience. ML is having capacity to recognize pattern without program. ML makes decisions based on data not from algorithm.

DL is the techniques for doing ML logics. DL recognizes patterns of pattern.

  • Learning [supervised, unsupervised, semi-supervised]

  • Supervised (Task driven approach): Classifier, Regression(prediction)

  • Unsupervised (Data Driven approach): Clustering

  • Semi supervised: combined both supervised and unsupervised

  • Ensemble Learning: Extension of Supervised learning. Combining simple models to get best output.

  • Reinforcement learning (Environment driven approach): Behavior react on changing environment based on rewards and punishments.

  • Active learning: Subset of Reinforcement learning. With teacher correction is possible other than environment changes

Top

Ml And Security- State Of The Art

This section elaborates with current scenario of ML in security. Current trend in research area focused with three major areas such as security issues in network, security issues in IoT and security issues in medicine. These issues are resolved by researchers using several techniques. This chapter concentrates on ML techniques to resolve security issues in these areas. It also discusses three use cases and suggests tool for handling security challenges.

Complete Chapter List

Search this Book:
Reset