Machine Learning Techniques for Cyber Attacks Detection

  • Rafał Kozik
  • Michał Choraś
Part of the Advances in Intelligent Systems and Computing book series (AISC, volume 233)


The increased usage of cloud services, growing number of users, changes in network infrastructure that connect devices running mobile operating systems, and constantly evolving network technology cause novel challenges for cyber security that have never been foreseen before. As a result, to counter arising threats, network security mechanisms, sensors and protection schemes have also to evolve in order to address the needs and problems of nowadays users.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Kruegel, C., Toth, T., Kirda, E.: Service specific anomaly detection for network intrusion detection. In: Proc. of ACM Symposium on Applied Computing, pp. 201–208 (2002)Google Scholar
  2. 2.
    Choraś, M., Kozik, R., Puchalski, D., Hołubowicz, W.: Correlation Approach for SQL Injection Attacks Detection. In: Herrero, Á., et al. (eds.) Int. Joint Conf. CISIS’12-ICEUTE’12-SOCO’12. AISC, vol. 189, pp. 177–185. Springer, Heidelberg (2013)CrossRefGoogle Scholar
  3. 3.
  4. 4.
  5. 5.
    Shabtai, A., Menahem, E., Elovici, Y.: F-Sign: Automatic, Function-Based Signature Generation for Malware. IEEE Transactions on Systems, Man, and Cybernetics, Part C: Applications and Reviews 41(4), 494–508 (2011)CrossRefGoogle Scholar
  6. 6.
    Kong, D., Jhi, Y.-C., Gong, T., Zhu, S., Liu, P., Xi, H.: SAS: Semantics aware signature generation for polymorphic worm detection. In: Jajodia, S., Zhou, J. (eds.) SecureComm 2010. LNICST, vol. 50, pp. 1–19. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  7. 7.
    SNORT. Project homepage,
  8. 8.
    Sharma, M., Toshniwal, D.: Pre-clustering algorithm for anomaly detection and clustering that uses variable size buckets. In: 2012 1st International Conference on RecentAdvances in Information Technology (RAIT), pp. 515–519 (2012)Google Scholar
  9. 9.
    Adaniya, M.H.A.C., Lima, M.F., Rodrigues, J.J.P.C., Abrao, T., Proenca, M.L.: Anomaly detection using DSNS and Firefly Harmonic Clustering Algorithm. In: 2012 IEEE International Conference on Communications (ICC), pp. 1183–1187 (2012)Google Scholar
  10. 10.
    Mazel, J., Casas, P., Labit, Y., Owezarski, P.: Sub-Space clustering, Inter-Clustering Results Association and anomaly correlation for unsupervised network anomaly detection. In: 2011 7th International Conference on Network and Service Management (CNSM), pp. 1–8 (2011)Google Scholar
  11. 11.
    Yang, C., Deng, F., Yang, H.: An Unsupervised Anomaly Detection Approach using Subtractive Clustering and Hidden Markov Model. In: Second International Conference on Communications and Networking in China, CHINACOM 2007, pp. 313–316 (2007)Google Scholar
  12. 12.
    Liang, H., Wei-wu, R., Fei, R.: An Adaptive Anomaly Detection Based on Hierarchical Clustering. In: 2009 1st International Conference on Information Science and Engineering (ICISE), pp. 1626–1629 (2009)Google Scholar
  13. 13.
    Pons, P., Latapy, M.: Computing Communities in Large Networks Using Random Walks. Journal of Graph Algorithms and Applications 10(2), 191–218 (2006)MathSciNetMATHCrossRefGoogle Scholar
  14. 14.
    Liao, Q., Blaich, A., Van Bruggen, D., Striegel, A.: Managing networks through context: Graph visualization and exploration. Computer Networks 54, 2809–2824 (2010)CrossRefGoogle Scholar
  15. 15.
    Ricciato, F., Fleischer, W.: Bottleneck Detection via Aggregate Rate Analysis: A Real Casein a 3G Network. In: Proc. IEEE/IFIP NOMS (2004)Google Scholar
  16. 16.
    Thottan, M., Ji, C.: Anomaly Detectionin IP Networks. IEEE Trans. Signal Processing, Special Issue of Signal Processing in Networking 51(8), 2191–2204 (2003)CrossRefGoogle Scholar
  17. 17.
    Rish, I., Brodie, M., Sheng, M., Odintsova, N., Beygelzimer, A., Grabarnik, G., Hernandez, K.: Adaptive Diagnosis in Distributed Systems. IEEE Tran. Neural Networks 16(5), 1088–1109 (2005)CrossRefGoogle Scholar
  18. 18.
    Gaddam, S.R., Phoha, V.V., Balagani, K.S.: K-Means+ID3: A Novel Method for Supervised Anomaly Detection by Cascading K-Means Clustering and ID3 DecisionTree Learning Methods. IEEE Transactions on Knowledge and Data Engineering 19(3), 345–354 (2007)CrossRefGoogle Scholar
  19. 19.
    Ma, R., Liu, Y., Lin, X., Wang, Z.: Network Anomaly Detection Using RBF Neural Network with Hybrid QPSO. In: IEEE International Conference on Networking, Sensing and Control, ICNSC 2008, pp. 1284–1287 (2008)Google Scholar
  20. 20.
    Ma, J., Dai, G., Xu, Z.: Network Anomaly Detection Using Dissimilarity-Based One-Class SVM Classifier. In: International Conference on Parallel Processing Workshops, ICPPW 2009, pp. 409–414 (2009)Google Scholar
  21. 21.
    Soule, A., Salamatian, K., Taft, N.: CombiningFiltering and Statistical Methods for AnomalyDetection. In: Proc. of IMC Workshop (2005)Google Scholar

Copyright information

© Springer International Publishing Switzerland 2014

Authors and Affiliations

  • Rafał Kozik
    • 1
  • Michał Choraś
    • 1
    • 2
  1. 1.Institute of TelecommunicationsUT&LS BydgoszczBydgoszczPoland
  2. 2.ITTI Ltd.PoznańPoland

Personalised recommendations