Machine Learning-Driven Approaches for Contemporary Cybersecurity: From Intrusion Detection and Malware Classification to Intelligent Incident Response
Keywords:
adaptive defenses, anomaly detection, behavior analytics, federated learning, machine learning, malware classification, zero-day threat detectionAbstract
Social Machine learning augments cybersecurity by automating intrusion detection, malware classification, and behavior analytics across large-scale digital environments. Classification and anomaly detection models analyze network traffic, executable files, and user activities to surface malicious actions concealed within dense data streams. Unsupervised algorithms isolate unusual patterns embedded in unlabeled data, advancing zero-day threat detection. Behavior analytics approaches establish baselines of normal user and device behavior, enabling rapid identification of compromised accounts and insider misuse. Integration of machine learning with threat intelligence workflows transforms fragmented information into actionable insights, guiding incident response processes. Advanced techniques, including reinforcement learning-driven adaptive defenses and federated learning collaborations, strengthen collective resilience against evolving adversaries. This study surveys the current landscape of machine learning-driven security applications, underscoring how algorithmic adaptability and scalability enhance defense mechanisms amid persistent and diverse threats.
References
[1] F. Sobrero, B. Clavarezza, D. Ucci, and F. Bisio, “Towards a near-real-time protocol tunneling detector based on machine learning techniques,” J. Cybersecur. Priv., vol. 3, no. 4, pp. 794–807, Nov. 2023.
[2] V. Danylyk, V. Vysotska, and M. Nazarkevych, “Disinformation, fakes and propaganda identification methods in mass media based on machine learning,” Cybersecurity, vol. 1, no. 25, pp. 449–467, 2024.
[3] C. Chen et al., “Application of GA-WELM model based on stratified cross-validation in intrusion detection,” Symmetry (Basel), vol. 15, no. 9, p. 1719, Sep. 2023.
[4] J. Liu, M. Simsek, M. Nogueira, and B. Kantarci, “Multidomain transformer-based deep learning for early detection of network intrusion,” arXiv [cs.CR], 03-Sep-2023.
[5] M. S. Nawaz, P. Fournier-Viger, M. Z. Nawaz, G. Chen, and Y. Wu, “MalSPM: Metamorphic malware behavior analysis and classification using sequential pattern mining,” Comput. Secur., vol. 118, no. 102741, p. 102741, Jul. 2022.
[6] S. S. Hansen, T. M. T. Larsen, M. Stevanovic, and J. M. Pedersen, “An approach for detection and family classification of malware based on behavioral analysis,” in 2016 International Conference on Computing, Networking and Communications (ICNC), Kauai, HI, USA, 2016.
[7] J. Cui, G. Zhang, Z. Chen, and N. Yu, “Multi-homed abnormal behavior detection algorithm based on fuzzy particle swarm cluster in user and entity behavior analytics,” Sci. Rep., vol. 12, no. 1, p. 22349, Dec. 2022.
[8] R. Olaniyan, S. Rakshit, and N. R. Vajjhala, “Application of user and entity behavioral analytics (UEBA) in the detection of cyber threats and vulnerabilities management,” in Lecture Notes in Electrical Engineering, Singapore: Springer Nature Singapore, 2023, pp. 419–426.
[9] G. Siracusano et al., “Time for aCTIon: Automated analysis of cyber Threat Intelligence in the wild,” arXiv [cs.CR], 14-Jul-2023.
[10] P. Gao et al., “A system for automated open-source threat intelligence gathering and management,” in Proceedings of the 2021 International Conference on Management of Data, Virtual Event China, 2021.
[11] I. Mbona and J. H. P. Eloff, “Classifying social media bots as malicious or benign using semi-supervised machine learning,” J. Cybersecur., vol. 9, no. 1, Jan. 2023.
Downloads
Published
Issue
Section
License
Copyright (c) 2024 author
This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.
