Machine Learning and Data Mining for Computer Security

Methods and Applications

  • Marcus A. Maloof

Part of the Advanced Information and Knowledge Processing book series (AI&KP)

Table of contents

  1. Front Matter
    Pages I-XVI
  2. Marcus A. Maloof
    Pages 1-3
  3. Survey Contributions

  4. Research Contributions

    1. Jeremy Z. Kolter, Marcus A. Maloof
      Pages 47-63
    2. Eric E. Bloedorn, Lisa M. Talbot, David D. DeBarr
      Pages 65-88
    3. Klaus Julisch
      Pages 89-106
    4. James P. Early, Carla E. Brodley
      Pages 107-124
    5. Wenke Lee, Wei Fan, Salvatore J. Stolfo, Matthew Miller
      Pages 125-136
    6. Gaurav Tandon, Philip Chan, Debasis Mitra
      Pages 137-156
  5. Back Matter
    Pages 179-210

About this book


The Internet began as a private network connecting government, military, and academic researchers. As such, there was little need for secure protocols, encrypted packets, and hardened servers. When the creation of the World Wide Web unexpectedly ushered in the age of the commercial Internet, the network's size and subsequent rapid expansion made it impossible retroactively to apply secure mechanisms. The Internet's architects never coined terms such as spam, phishing, zombies, and spyware, but they are terms and phenomena we now encounter constantly.

Programming detectors for such threats has proven difficult. Put simply, there is too much information---too many protocols, too many layers, too many applications, and too many uses of these applications---for anyone to make sufficient sense of it all. Ironically, given this wealth of information, there is also too little information about what is important for detecting attacks.

Methods of machine learning and data mining can help build better detectors from massive amounts of complex data. Such methods can also help discover the information required to build more secure systems. For some problems in computer security, one can directly apply machine learning and data mining techniques. Other problems, both current and future, require new approaches, methods, and algorithms.

This book presents research conducted in academia and industry on methods and applications of machine learning and data mining for problems in computer security and will be of interest to researchers and practitioners, as well students.

 ‘Dr. Maloof not only did a masterful job of focusing the book on a critical area that was in dire need of research, but he also strategically picked papers that complemented each other in a productive manner. … This book is a must read for anyone interested in how research can improve computer security.’

Dr Eric Cole, Computer Security Expert


Anomaly detection Audit trail analysis Computer forensics Frames behavior clustering computer computer security data cleansing data mining intrusion detection learning machine learning modeling security

Editors and affiliations

  • Marcus A. Maloof
    • 1
  1. 1.Department of Computer ScienceGeorgetown UniversityUSA

Bibliographic information