Skip to main content
SpringerLink
Log in

A Review on the Effectiveness of Machine Learning and Deep Learning Algorithms for Cyber Security

  • Original Paper
  • Published:
Archives of Computational Methods in Engineering Aims and scope Submit manuscript

Abstract

In recent years there exists a wide variety of cyber attacks with the drastic development of the internet technology. Detection of these attacks is of more significant in today’s cyber world scenario. Machine learning (ML) and deep learning (DL) methods have been preferred by researchers across different disciplines for providing solutions to their problems. In this paper we have presented a detailed classification of various DL/ML algorithms. In addition to that a focused survey on the use of various ML/DL methods for the detection of different categories of attacks has been presented. Furthermore the various platforms and tools used for implementing DL/ML methods are explored and the security solutions for the different categories of attacks are summarized.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3

Similar content being viewed by others

References

  1. Loukas G, Vuong T, Heartfield R, Sakellari G, Yoon Y, Gan D (2018) Cloud-based cyber-physical intrusion detection for vehicles using deep learning, security analytics and intelligence for cyber physical systems. IEEE Access 6:3491–3508. https://doi.org/10.1109/ACCESS.2017.2782159

    Article  Google Scholar 

  2. Toch E, Bettini C, Shmueli E, Radaelli L (2018) The privacy implications of cyber security systems: a technological survey. ACM Comput Surv. https://doi.org/10.1145/3172869

    Article  Google Scholar 

  3. Loukas G, Vuong T, Heartfield R, Sakellari G, Yoon Y, Gan D (2018) Cloud-based cyber-physical intrusion detection for vehicles using deep learning. Spec Sect Secur Anal Intell Cyber Phys Syst 6:2169–3536

    Google Scholar 

  4. Koscher K (2010) Experimental security analysis of a modern automobile. In: Proceedings of IEEE Security Privacy, May 2010, pp 447–462

  5. Checkowayet S (2011) Comprehensive experimental analyses of automotive attack surfaces. In: Proceedings of Usenix security symposium, p 6

  6. Ward D, Ibarra I, Ruddle A (2013) Threat analysis and risk assessment in automotive cyber security. Int. J. Passeng Cars 6(2):507–513

    Google Scholar 

  7. McGraw G (2013) Cyber war is inevitable (unless we build security in). J Strateg Stud 36(1):109–119

    Article  Google Scholar 

  8. Lala C, Panda B (2001) Evaluating damage from cyber attacks: a model and analysis. IEEE Trans Syst Man Cybern Part A Syst Hum 31:300–310

    Article  Google Scholar 

  9. Cristalli S, Pagnozzi M, Graziano M, Lanzi A, Balzarotti D (2016) Micro-virtualization memory tracing to detect and prevent spraying attacks. In: Proceedings of the 25th USENIX security symposium, pp 431–446

  10. Hatcher WG, Yu W (2018) Survey of deep learning: platforms. Appl Emerg Res Trends 6:2169–3536

    Google Scholar 

  11. Bonarini A, Lazaric A, Montrone F, Restelli M (2009) Reinforcement distribution in fuzzy Q-learning. Fuzzy Sets Syst Spec Issue Fuzzy Sets Interdiscip Percept Intell 160(10):1420–1443

    MathSciNet  MATH  Google Scholar 

  12. Ge L, Zhang H, Xu G, Yu W, Chen C, Blasch EP (2015) Towards map reduce based machine learning techniques for processing massive network threat monitoring data. Networking for Big Data, published by CRC Press & Francis Group, USA

  13. Huang HH, Liu H (2014) Big data machine learning and graph analytics: Current state and future challenges. In: 2014 IEEE international conference on big data (Big Data), pp 16–17

  14. Yu W, Ge L, Xu GG, Fu X (2014) Towards neural network based malware detection on android mobile devices. In: Pino R, Kott A, Shevenell M (eds) Cybersecurity systems for human cognition augmentation, vol 61. Advances in information security. Springer, Cham. https://doi.org/10.1007/978-3-319-10374-7_7

    Chapter  Google Scholar 

  15. Desmedt Y (2011) Man-in-the-middle attack. In: van Tilborg HCA, Jajodia S (eds) Encyclopedia of Cryptography and Security. Springer, Boston, MA. https://doi.org/10.1007/978-1-4419-5906-5_324

    Chapter  Google Scholar 

  16. Paul M (2017) Multiclass and Multi-Label Classi_cation. [Online]. http://cmci.colorado.edu/classes/INFO-4604/_les/slides-7_multi.pdf

  17. Wang Y, Cai W, Wei P (2016) A deep learning approach for detecting malicious JavaScript code. Secur Commun Netw 9:1520–1534. https://doi.org/10.1002/sec.1441

    Article  Google Scholar 

  18. Su B, Ding X, Wang H, Wu Y (2018) Discriminative dimensionality reduction for multi-dimensional sequences. IEEE Trans Pattern Anal Mach Intell 40(1):77–91

    Article  Google Scholar 

  19. Marquardt D, Doclo S (2017) Noise power spectral density estimation for binaural noise reduction exploiting direction of arrival estimates. In: Proceedings of IEEE workshop on applications of signal processing to audio and acoustics, pp 234–238

  20. Xin Y, Kong L, Liu Z (2018) Machine learning and deep learning methods for cyber security. IEEE 6:2169–3536

    Google Scholar 

  21. Al-Hawawreh M, Moustafa N, Sitnikova E (2018) Identification of malicious activities in industrial internet of things based on deep learning models. J Inf Secur Appl 41:1–11. https://doi.org/10.1016/j.jisa.2018.05.002

    Article  Google Scholar 

  22. Yang Q, An D, Min R, Yu W, Yang X, Zhao W (2017) Optimal PMU placement based defense against data integrity attacks in smart grid. IEEE Trans Forens Inf Secur (T-IFS) 12(7):1735–1750

    Google Scholar 

  23. Yang X, Ren X, Lin J, Yu W (2016) On binary decomposition based privacy-preserving aggregation schemes in real-time monitoring systems. IEEE Trans Parallel Distrib Syst 27(10):2967–2983

    Article  Google Scholar 

  24. Sharma RK, Kalita HK, Borah P (2016) Analysis of machine learning techniques based intrusion detection systems. In: Proceedings of international conference on advanced computing networking and informatics, pp 485–493

  25. Saxena H, Richariya V (2014) Intrusion detection in KDD99 dataset using SVM-PSO and feature reduction with information gain. Int J Comput Appl 98(6):25–29

    Google Scholar 

  26. Rao KS (2017) Fast kNN classifiers for network intrusion detection system. Indian J Sci Technol 10(14):1–10

    Article  Google Scholar 

  27. Vishwakarma S, Sharma V, Tiwari A (2017) An intrusion detection system using KNN-ACO algorithm. Int J Comput Appl 171(10):18–23

    Google Scholar 

  28. Umarani Srikanth G, Geetha R (2018) Task scheduling using Ant Colony Optimization in multicore architectures: a survey. Soft Computing. 22:5179–5196

    Article  Google Scholar 

  29. Kwon D, Kim H, Kim J, Suh SC, Kim I, Kim KJ (2017) A survey of deep learning-based network anomaly detection. Clust Comput 4(3):1–13

    Google Scholar 

  30. Ding Y, Chen S, Xu J (2016) Application of deep belief networks for opcode based malware detection. In: Proceedings of international joint conference on neural networks, pp 3901–3908

  31. Nadeem M, Marshall O, Singh S, Fang X, Yuan X (2016) Semi supervised deep neural network for network intrusion detection. In: Proceedings of the KSU conference on cybersecurity, education, research and practice, pp 1–13

  32. Gao N, Gao L, Gao Q, Wang H (2014) An intrusion detection model based on deep belief networks. In: Proceedings of 2nd international conference on advanced cloud big data, pp. 247–252

  33. Zhao G, Zhang C, Zheng L (2017) Intrusion detection using deep belief network and probabilistic neural network. In: Proceedings of IEEE international conference on computer science and engineering, vol 1, pp 639–642

  34. Alrawashdeh K, Purdy C (2017) Toward an online anomaly intrusion detection system based on deep learning. In: Proceedings IEEE international conference on machine learning and applications, pp 95–200

  35. Alom MZ, Bontupalli VR, Taha TM (2016) Intrusion detection using deep belief networks. In: Proceedings of national aerospace and electronics conference, pp 339–344

  36. Tan Q, Huang W, Li Q (2016) An intrusion detection method based on DBN in ad hoc networks. In: Proceedings of the international conference on wireless communication and sensor network, pp. 477–485

  37. Yin CL, Zhu YF, Fei JL, He XZ (2017) A deep learning approach for intrusion detection using recurrent neural networks. IEEE Access 5:21954–21961

    Article  Google Scholar 

  38. Staudemeyer RC (2015) Applying long short-term memory recurrent neural networks to intrusion detection. S Afr Comput J 56(1):136–154

    Google Scholar 

  39. Bu SJ, Cho BS (2017) A hybrid system of deep learning and learning classifier system for database intrusion detection. In: Hybrid artificial intelligent systems, pp. 615–625

  40. Wang W, Zhu M, Zeng X, Ye X, Sheng Y (2017) Malware traffic classification using convolutional neural network for representation learning. In: Proceedings of the international conference on information networking, pp 712–717

  41. Shi S, Wang Q, Xu P, Chu X (2016) Benchmarking state-of-the-art deep learning software tools. [Online]. https://arxiv.org/abs/1608.07249

  42. (2017) Theano. [Online]. http://deeplearning.net/software/theano/

  43. (2017) Torch: a scientific computing framework for LuaJIT. [Online]. http://torch.ch/

  44. (2017) The Microsoft cognitive toolkit. [Online]. Available:https://docs.microsoft.com/en-us/cognitive-toolkit/

  45. Schweitzer N, Stulman A, Shabtai A, Margalit RD (2016) Mitigating denial of service attacks in OLSR protocol using fictitious nodes. IEEE Trans Mob Comput 15:163–172

    Article  Google Scholar 

  46. (2017) Caffe2: a new lightweight, modular, and scalable deep learning framework. [Online]. https://caffe2.ai/

  47. Jia Y et al. (2014). Caffe: convolutional architecture for fast feature embedding. [Online]. https://arxiv.org/abs/1408.5093

  48. (2017) Caffe. [Online]. http://caffe.berkeleyvision.org/

  49. (2017) Apache MXNet: a flexible and efficient library for deep learning. [Online]. https://mxnet.apache.org/

  50. (2017) Keras: the Python deep learning library. [Online]. https://keras.io/

  51. Tehranipoor M, Koushanfar F (2010) A survey of hardware Trojan taxonomy and detection. IEEE Des Test Comput 27:10–25

    Article  Google Scholar 

  52. Zolotukhin M, Hämäläinen T, Kokkonen T, Siltanen J (2016) Increasing web service availability by detecting application-layer DDoSattacks in encrypted traffic. In: 2016 23rd International conference on telecommunications (ICT), pp 1–6

  53. Kim J, Kim J, Thu T, Kim H (2016) Long short term memory recurrent neural network classifier for intrusion detection. In: Proceedings of international conference on platform technology and service (PlatCon), pp 1–5

  54. Wang S, Shang Y, Wang J, Mei L, Hu C (2015) Deep features for person re-identification. In: 2015 11th International conference on semantics, knowledge and grids (SKG), pp 244–247

  55. Niimi A (2015) Deep learning for credit card data analysis. In: 2015 World congress on internet security (WorldCIS), pp 73–77

  56. Fette I, Sadeh N, Tomasic A (2007) Learning to detect phishing emails. In: Proceedings of the 16th international conference on world wide web. ACM, pp 649–656

  57. Ma J, Saul LK, Savage S, Voelker GM (2009) Beyond blacklists: learning to detect malicious web sites from suspicious URLs. In: Proceedings of the 15th ACMSIGKDD international conference on knowledge discovery and data mining. ACM, pp 1245–1254

  58. Krombholz K, Hobel H, Huber M, Weippl. E (2015) Advanced social engineering attacks. J Inf Secur Appl 22:113–122

    Google Scholar 

  59. Lanzi A, Balzarotti D, Kruegel C, Christodorescu M, Kirda E (2010) AccessMiner: using system-centric models for malware protection. In: Proceedings of the 17th ACM conference on computer and communications security, pp 399–412

  60. Zhu D, Jin H, Yang Y, Wu D, Chen W (2017) Deep flow: deep learning-based malware detection by mining Android application for abnormal usage of sensitive data. In: Proceedings of IEEE symposium on computers and communications (ISCC), pp 438–443

  61. Ding Y, Chen S, Xu J (2016) Application of deep belief networks for opcode based malware detection. In: Proceedings of international joint conference on neural networks (IJCNN), pp 3901–3908

  62. Uwagbole SO, Buchanan WJ, Fan L (2016) Numerical encoding to tame SQL injection attacks. In: Proceedings of NOMS 2016—2016 IEEE/IFIP network operations and management symposium, pp 1253–1256

  63. Yu W, Zhang H, Ge L, Hardy R (2013) On behavior-based detection of malware on android platform. In: 2013 IEEE global communications conference (GLOBECOM), pp 814–819

  64. Pierazzi F, Apruzzese G, Colajanni M, Guido A, Marchetti M (2017) Scalable architecture for online prioritization of cyber threats. In: International conference on cyber conflict (CyCon)

  65. Jan CB (2017) Deep learning in big data analytics: a comparative study. Comput Electr Eng. https://doi.org/10.1016/j.compeleceng.2017.12.009

    Article  Google Scholar 

  66. Chilamkurti N, Diro AA (2017) Distributed attack detection scheme using deep learning approach for Internet of Things. Future Gener Comput Syst. https://doi.org/10.1016/j.future.2017.08.043

    Article  Google Scholar 

  67. Kang M-J, Kang J-W (2016) Intrusion detection system using deep neural network for in-vehicle network security. PLoS ONE 11(6):e0155781. https://doi.org/10.1371/journal.pone.0155781

    Article  Google Scholar 

  68. Wu C, Guo Y, Ma Y (2015) Adaptive anomalies detection with deep network. In: The seventh international conference on advanced 2015 cognitive technologies and applications, IARIA, pp 181–186

  69. Li Y, Maand R, Jiao R (2015) A hybrid malicious code detection method based on deep learning. SERSC Int J Secur Appl 9:205–216. https://doi.org/10.14257/ijsia.2015.9.5.21

    Article  Google Scholar 

  70. Al-Qurishi M, Alrubaian M, Rahman SMM, Alamri A, Hassan MM (2017) A prediction system of Sybil attack in social network using deep-regression model. Future Gener Comput Syst 87:743–753. https://doi.org/10.1016/j.future.2017.08.030

    Article  Google Scholar 

  71. Chen S, Xue M, Fan L, Hao S, Xu L, Zhu H, Li B (2017) Automated poisoning attacks and defenses in malware detection systems: an adversarial machine learning approach. Comput Secur 73:326–344. https://doi.org/10.1016/j.cose.2017.11.007

    Article  Google Scholar 

  72. Pachauria G, Sharma S (2015) Anomaly detection in medical wireless sensor networks using machine learning algorithms. In: Proceedings of 4th international conference on eco-friendly computing and communication systems, Published by Elsevier B.V. Peer-review under responsibility of organizing committee

  73. Rehman UZ (2017) Machine learning-assisted signature and heuristic-based detection of malwares in Android devices. Comput Electr Eng 69:828–841. https://doi.org/10.1016/j.compeleceng.2017.11.028

    Article  Google Scholar 

  74. Hai NM, Dung LN, Mao NX, Tho QT (2018) Auto-detection of sophisticated malware using lazy-binding control flow graph and deep learning. Comput Secur. https://doi.org/10.1016/j.cose.2018.02.006

    Article  Google Scholar 

  75. HaddadPajouh H, Dehghantanha A, Khayami R, Choo KR (2018) A deep recurrent neural network based approach for internet of things malware threat hunting. Future Gener Comput Syst 85:88–96. https://doi.org/10.1016/j.future.2018.03.007

    Article  Google Scholar 

  76. Rav D, Wong C, Lo B, Yang G-Z (2017) A deep learning approach to on-node sensor data analytics for mobile or wearable devices. IEEE J Biomed Health Inform 21(1):56–64

    Article  Google Scholar 

  77. He Y, Mendis GJ, Wei J (2016) Real-time detection of false data injection attacks in smart grid: a deep learning-based intelligent mechanism. IEEE Trans Smart Grid. https://doi.org/10.1109/tsg.2017.270384

    Article  Google Scholar 

  78. Hasana MZ, Hasanb KMZ, Sattar A (2018) Burst header packet flood detection in optical burst switching network using deep learning model. Procedia Comput Sci 143:970–977. https://doi.org/10.1016/j.procs.2018.10.337

    Article  Google Scholar 

  79. Liu H, Lang B, Liu M, Yan H (2018) CNN and RNN based payload classification methods for attack detection. Knowl Based Syst 163:332–341. https://doi.org/10.1016/j.knosys.2018.08.036

    Article  Google Scholar 

  80. Dong B, Wang X, (2016).Comparison deep learning method to traditional methods using for network intrusion detection. In: 8th IEEE international conference on communication software and networks. https://doi.org/10.1109/iccsn.2016.7586590

  81. Loukas G (2015) Cyber-physical attacks: a growing invisible threat. Butterworth-Heinemann, Oxford

    Google Scholar 

  82. Tang TA, LotfiMhamdi DM, Raza Zaidi SA, Ghogho, M (2016) Deep learning approach for network intrusion detection in software defined networking. Int Conf Wirel Netw Mob Commun. https://doi.org/10.1109/WINCOM.2016.7777224

    Article  Google Scholar 

  83. Feng F, Liu X, Yong B, Zhou R, Zhou Q (2018) Anomaly detection in ad-hoc networks based on deep learning model: a plug and play device. J LATEX Templates Ad Hoc Netw 84:82–89. https://doi.org/10.1016/j.adhoc.2018.09.014

    Article  Google Scholar 

  84. Shenfield A, Day D, Ayesh A (2018) Intelligent intrusion detection systems using artificial neural networks. Korean Inst Commun Inf Sci 2:95–99. https://doi.org/10.1016/j.icte.2018.04.003

    Article  Google Scholar 

  85. Li Y, Ma R, Jiao R (2015) A hybrid malicious code detection method based on deep learning. Int J Secur Appl 9:205–216

    Google Scholar 

  86. Niyaz Q, Sun W, Javaid AY, Alam M (2015) A deep learning approach for network intrusion detection system. BICT 2015:03–05

    Google Scholar 

  87. Shone N, Ngoc TN, Phai VD, Shi Q (2018) A deep learning approach to network intrusion detection. IEEE Trans Emerg Top Comput Intell 2:41–50. https://doi.org/10.1109/TETCI.2017.2772792

    Article  Google Scholar 

  88. Hatcher WG, Yu W (2018) A survey of deep learning: platforms, applications and emerging research trends. IEEE Access 6:2169–3536

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Computer Science and Engineering, S.A. Engineering College, Chennai, India

    R. Geetha & T. Thilagam

Authors
  1. R. Geetha
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. T. Thilagam
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to R. Geetha.

Ethics declarations

Conflict of interest

On behalf of all authors, the corresponding author states that there is no conflict of interest.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Geetha, R., Thilagam, T. A Review on the Effectiveness of Machine Learning and Deep Learning Algorithms for Cyber Security. Arch Computat Methods Eng 28, 2861–2879 (2021). https://doi.org/10.1007/s11831-020-09478-2

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11831-020-09478-2

Search

Navigation