Authors: Prateek Rana, Himanshu Tiwari, Nikhil Kumar Singh
Certificate: View Certificate
Machine learning (ML) plays a crucial role in cybersecurity across various aspects of threat detection, prevention, and response. Here are specific roles and applications of machine learning in cybersecurity. Machine Learning (ML) represents a pivotal technology for current and future information systems, and many domains already leverage the capabilities of ML. However, deployment of ML in cybersecurity is still at an early stage, revealing a significant discrepancy between research and practice. Such a discrepancy has its root cause in the current state of the art, which does not allow us to identify the role of ML in cybersecurity. The full potential of ML will never be unleashed unless its pros and cons are understood by a broad audience. In the computer world, data science is the force behind the recent dramatic changes in cybersecurity\'s operations and technologies. The secret to making a security system automated and intelligent is to extract patterns or insights related to security incidents from cybersecurity data and construct appropriate data-driven models. Data science, also known as diverse scientific approaches, machine learning techniques, processes, and systems, is the study of actual occurrences via the use of data. Recent breakthroughs in Machine Learning (ML) methods promise new solutions to each of these infamous diversification and asymmetric information problems throughout the constantly increasing vulnerability reporting data-bases. Due to their varied methodologies, those procedures themselves display varying levels of performance. The authors provide a method for cognitive cybersecurity that enhances human cognitive capacity in two ways. To create trustworthy data sets, initially reconcile competing vulnerability reports and then pre-process advanced embedded indicators
In the current era of computing devices, most of the devices that we are using are connected to the Internet in an Internet of Things (IoT) environment. These devices share and transmit their data through the insecure (open) communication medium, also called as the Internet. Most of the time this data is sensitive in nature (i.e., healthcare data, banking data, insurance data, other finance related data, and social security numbers). The malicious entities, such as the online attackers (hackers) are always in search of that, where they play with the things (for example, they can launch attacks, like replay, man-in the-middle, impersonation, credential guessing, session key computation, malware injection and data modification) [1,2]. Therefore, from time-to-time several researchers propose different security protocols to mitigate these attacks protocols or cyber security protocols can be divided into different categories: “authentication protocols”, “access control protocols”, “intrusion detection protocols”, “key management protocols”, and “blockchain enabled security protocols”. The advent of technologies ranging from smartphones to large-scale communication systems has resulted in an exceptionally digital interconnected society and humongous usage of the internet. It is estimated that there are more than 6 billion smart devices and 3.5 billion internet users in the world as of today. This cyber connectivity is widely being used in a diverse set of applications, such as online banking and shopping, email, documents or critical information sharing, video chatting, and gaming, to name a few. Consequently, lots of data, in terabytes per second, are being created, processed, exchanged, and stored by different applications as well as the Internet of Things (IoT). In fact, it is believed that 92% of the data in the world today has been generated in the last two years alone.
Although cyber-attacks do not use any physical weapons, they are the most dangerous and harmful weapons that may cause revelation of the topmost classified information of government organizations through espionage or sensitive personal information through to phishing. According to cybersecurity experts, just in 2018 cyber-attacks might have caused US$5 billion worth of damage and will grow in the future. The development of modern technology makes it possible to communicate effectively across every field; specifically, the Cyber Physical System (CPS) is a cutting-edge system that provides a more efficient environment for data sharing and transmission from one endpoint to another via various proper communication channels
II. MACHINE LEARNING IN CYBER SECURITY
Machine learning techniques are playing a major role in fighting against cybersecurity threats and attacks such as intrusion detection system, malware detection, phishing detection, spam detection, and fraud detection to name a few more. We will focus on malware detection, intrusion detection system, and spam classification for this review. Malware is a set of instructions that are designed for malicious intent to disrupt the normal flow of computer activities. Malicious code runs on a targeted machine with the intent to harm and compromise the integrity, confidentiality and availability of computer resources and services. Saad et al. in discussed the main critical problems in applying machine learning techniques for malware detection. Sad et al. argued that machine-learning techniques have the ability to detect polymorphic and new attacks. Machine learning techniques will lead to all other conventional detection methods in the future. The training methods for malware detections should be cost-effective. The malware analysts should also be able to keep with the understanding of ML malware detection methods up to an expert level. One of the critical downsides of the security system is that the security reliability level of the computing resources is generally determined by the ordinary user, who does not possess technical knowledge about security.
The use of machine learning techniques has grown in value, allowing for more efficient threat detection and response. The approaches used to use machine learning in cybersecurity are thoroughly reviewed in this article, with emphasis on their advantages, disadvantages, and practical applications
A. Data Collection and Preprocessing
Data collection and preprocessing are fundamental steps in the machine learning pipeline. The quality and suitability of the data you use greatly impact the performance and generalization of your machine learning models. Here's an overview of these two crucial stages:
B. Model Selection
Model selection and evaluation are critical steps in the machine learning process, helping you choose the most suitable algorithm for your problem and assess its performance.
C. Model Evaluation
D. Deployment and Integration
Deployment and integration are crucial steps in bringing a machine learning model into practical use within real-world applications.
III. DIFFERENT BLOCKCHAIN ENABLED SECURITY PROTOCOLS
IV. ADVANTAGES OF UNITING CYBER SECURITY AND MACHINE LEARNING
Both cyber security and machine learning are essential for each other and can improve their mutual performances. Some of the advantages of their uniting are as follows.
V. ISSUES AND CHALLENGES OF UNITING OF CYBER SECURITY AND MACHINE LEARNING
We presented the details of two different concepts by uniting of cyber security and machine leaning: “machine learning in cyber security” and “cyber security in machine learning”. We then discussed the advantages, issues and challenges of uniting of cyber security and ML. Further, we highlighted the different attacks and also provided a comparative study of various techniques in two different considered categories. Finally, some future research directions are provided. machine learning techniques are becoming quite useful in the cybersecurity industry. Traditional detection techniques have shown to be insufficient in addressing the developing nature of cybercrimes, given the rapid increase of cyber threats and attacks. By creating automated and intelligent systems that can analyse massive amounts of data, spot patterns, and spot potential security breaches in real-time, machine learning provides a solution. This article has covered a number of machine learning applications in cybersecurity, such as spam classification, malware detection, intrusion detection, and more. These software programmes make use of machine learning methods to improve threat detection and reaction times. Machine learning algorithms can learn to distinguish between legitimate and harmful activity by being trained on labelled datasets, making it possible to identify cyber threats and attacks. Yet, there are difficulties in applying machine learning to cybersecurity.
 Butun, P. Osterberg, H. Song, Security of the internet of things: Vulnerabilities, attacks, and countermeasures, IEEE Commun. Surv. Tutor. 22 (1) (2020) 616–644, http://dx.doi.org/10.1109/COMST.2019. 2953364.  Z. Lv, L. Qiao, J. Li, H. Song, Deep-learning-enabled security issues in the internet of things, IEEE Internet Things J. 8 (12) (2021) 9531–9538.  Y. Wang, J. Yu, B. Yan, G. Wang, Z. Shan, BSV-PAGS: Blockchainbased special vehicles priority access guarantee scheme, Comput. Commun. 161 (2020) 28–40.  N. Magaia, R. Fonseca, K. Muhammad, A.H.F.N. Segundo, A.V. Lira Neto, V.H.C. de Albuquerque, Industrial internet-of-things security enhanced with deep learning approaches for smart cities, IEEE Internet Things J. 8 (8) (2021) 6393–6405.  S.A. Parah, J.A. Kaw, P. Bellavista, N.A. Loan, G.M. Bhat, K. Muhammad, V.H.C. de Albuquerque, Efficient security and authentication for edge-based internet of medical things, IEEE Internet Things J. 8 (21) (2021) 15652–15662.  Y. Sun, A.K. Bashir, U. Tariq, F. Xiao, Effective malware detection scheme based on classified behaviour graph in IIoT, Ad Hoc Netw. 120 (2021) 102558.  J. Yang, Z. Bian, J. Liu, B. Jiang, W. Lu, X. Gao, H. Song, No reference quality assessment for screen content images using visual edge model and Ada Boosting neural network, IEEE Trans. Image Process. 30 (2021) 6801–6814.
Copyright © 2024 Prateek Rana, Himanshu Tiwari, Nikhil Kumar Singh. This is an open access article distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.