How to use Machine Learning in Cyber Security

What is Machine Learning?

Machine learning is a subfield of computer science that developed from the study of pattern recognition and computational learning theory in artificial intelligence. Machine learning provides computers with the ability to learn without being clearly programmed. Machine learning focuses on the development of computer programs that can teach themselves to grow and change when exposed to new data. It is a method of data analysis that automates analytical model building. Using algorithms, machine learning allows computers to find hidden insights without being explicitly programmed where to look.

 Machine Learning

 How is machine learning used today?

Many of our day-to-day activities are powered by machine learning algorithms, including:

  • Fraud detection
  • Web search results
  • Real-time ads on web pages and mobile devices
  • Text-based sentiment analysis
  • Credit scoring and next-best offers
  • Prediction of equipment failures
  • New pricing models
  • Network intrusion detection
  • Pattern and image recognition
  • Email spam filtering


 Difference between Data Mining, Machine Learning & Deep Learning

Data mining discovers previously unknown patterns and knowledge.

Machine learning is used to reproduce known patterns and knowledge, automatically apply that to other data, and then apply those results to decision making and actions.

Deep learning combines advances in computing power and special types of neural networks to learn complicated patterns in large amounts of data.


Use of Machine Learning in Cyber Security

  • Huge amount of security-related data coming on to the network from an ever-widening array of connected devices
  • Difficulties faced by Security experts in monitoring data that gets exchanged and thus potential threats may go unnoticed
  • There are too few qualified personnel to assure proper integration of the multiple systems that feed security data into Security and Event Management systems that aim to detect intruder events.

These conditions contribute to security analysts’ time being taken up wading through false positives and fake alarms, detracting from their ability to find and combat real threats.

The solution to this could be Machine Leaning. Machine Learning is actively being used today to solve advanced threat problems like

  • Identifying infected machines on the corporate network
  • A system can watch traffic to and from connected devices
  • A laptop on the network communicates with various websites – good or bad. The site may not be malicious, but it isn’t good, either. Machine Learning system understands domain reputations and assigns a value of “grey” to website’s reputation. As the system studies the communications between the user’s laptop and the website, patterns arises. Using Machine Learning classifiers, we can determine if this behavior is statistically more likely to be initiated by malware or the user. It turns out that it is more likely malware-driven and that the laptop is talking to a potentially malicious website in an automated fashion.

The technology can plumb the depths of historical security data to learn what attacks look like based on hidden variables and their relationships to each other, all in preparation for “seeing” the next attack when it hits. From the big data it accumulates and analyzes normal network behavior, it can learn what is appropriate activity and speedily flag which appears to be out of place. The sooner such problems are identified, the sooner communication can take place between security analysts and engineers to address threats. Machine learning’s ability to automatically detect changes over time. It is well-suited to helping the enterprise adapt to new forms of attacks without requiring human intervention.


The industry has just started applying machine learning to the growing cyber-security challenges of detecting and analyzing increasingly sophisticated and targeted threats. The industry also will increase its use of hard AI–the simulation of biologic thinking in computers–in detection engines.


One Comment

  1. Thanks for every other wonderful post. The place else may just
    anybody get that type of information in such a perfect
    approach of writing? I’ve a presentation subsequent week, and I am at the search for such

Leave a Reply

Your email address will not be published. Required fields are marked *