Data Mining and Machine Learning in Cybersecurity: 1st Edition (Hardback) book cover

Data Mining and Machine Learning in Cybersecurity

1st Edition

By Sumeet Dua, Xian Du

Auerbach Publications

256 pages | 69 B/W Illus.

Purchasing Options:$ = USD
Hardback: 9781439839423
pub: 2011-04-25
SAVE ~$22.00
eBook (VitalSource) : 9780429063756
pub: 2016-04-19
from $55.00

FREE Standard Shipping!


With the rapid advancement of information discovery techniques, machine learning and data mining continue to play a significant role in cybersecurity. Although several conferences, workshops, and journals focus on the fragmented research topics in this area, there has been no single interdisciplinary resource on past and current works and possible paths for future research in this area. This book fills this need.

From basic concepts in machine learning and data mining to advanced problems in the machine learning domain, Data Mining and Machine Learning in Cybersecurity provides a unified reference for specific machine learning solutions to cybersecurity problems. It supplies a foundation in cybersecurity fundamentals and surveys contemporary challenges—detailing cutting-edge machine learning and data mining techniques. It also:

  • Unveils cutting-edge techniques for detecting new attacks
  • Contains in-depth discussions of machine learning solutions to detection problems
  • Categorizes methods for detecting, scanning, and profiling intrusions and anomalies
  • Surveys contemporary cybersecurity problems and unveils state-of-the-art machine learning and data mining solutions
  • Details privacy-preserving data mining methods

This interdisciplinary resource includes technique review tables that allow for speedy access to common cybersecurity problems and associated data mining methods. Numerous illustrative figures help readers visualize the workflow of complex techniques and more than forty case studies provide a clear understanding of the design and application of data mining and machine learning techniques in cybersecurity.

Table of Contents



Data Mining

Machine Learning

Review on Cybersecurity Solutions

Proactive Security Solutions

Reactive Security Solutions

Further Reading

Classical Machine-Learning Paradigms for Data Mining

Machine Learning

Fundamentals of Supervised Machine-Learning Methods

Popular Unsupervised Machine-Learning Methods

Improvements on Machine-Learning Methods

New Machine-Learning Algorithms


Feature Selection Methods

Evaluation Methods

Cross Validation


Challenges in Data Mining

Challenges in Machine Learning (Supervised Learning and Unsupervised Learning)

Research Directions

Understanding the Fundamental Problems of Machine-Learning Methods in Cybersecurity

Incremental Learning in Cyberinfrastructures

Feature Selection/Extraction for Data with Evolving Characteristics

Privacy-Preserving Data Mining

Supervised Learning for Misuse/Signature Detection

Misuse/Signature Detection

Machine Learning in Misuse/Signature Detection

Machine-Learning Applications in Misuse Detection

Rule-Based Signature Analysis

Artificial Neural Network

Support Vector Machine

Genetic Programming

Decision Tree and CART

Bayesian Network

Machine Learning for Anomaly Detection


Anomaly Detection

Machine Learning in Anomaly Detection Systems

Machine-Learning Applications in Anomaly Detection

Rule-Based Anomaly Detection (Table 1.3, C.6)

Fuzzy Rule-Based (Table 1.3, C.6)

ANN (Table 1.3, C.9)

Support Vector Machines (Table 1.3, C.12)

Nearest Neighbor-Based Learning (Table 1.3, C.11)

Hidden Markov Model

Kalman Filter

Unsupervised Anomaly Detection

Information Theoretic (Table 1.3, C.5)

Other Machine-Learning Methods Applied in Anomaly Detection (Table 1.3, C.2)

Machine Learning for Hybrid Detection

Hybrid Detection

Machine Learning in Hybrid Intrusion Detection Systems

Machine-Learning Applications in Hybrid Intrusion Detection

Anomaly–Misuse Sequence Detection System

Association Rules in Audit Data Analysis and Mining (Table 1.4, D.4)

Misuse–Anomaly Sequence Detection System

Parallel Detection System

Complex Mixture Detection System

Other Hybrid Intrusion Systems

Machine Learning for Scan Detection

Scan and Scan Detection

Machine Learning in Scan Detection

Machine-Learning Applications in Scan Detection

Other Scan Techniques with Machine-Learning Methods

Machine Learning for Profiling Network Traffic


Network Traffic Profiling and Related Network Traffic Knowledge

Machine Learning and Network Traffic Profiling

Data-Mining and Machine-Learning Applications in Network Profiling

Other Profiling Methods and Applications.

Privacy-Preserving Data Mining


Privacy Preservation Techniques in PPDM


Privacy Preservation in Data Mining

Workflow of PPDM

Introduction of the PPDM Workflow

PPDM Algorithms

Performance Evaluation of PPDM Algorithms

Data-Mining and Machine-Learning Applications in PPDM

Privacy Preservation Association Rules (Table 1.1, A.4)

Privacy Preservation Decision Tree (Table 1.1, A.6)

Privacy Preservation Bayesian Network (Table 1.1, A.2)

Privacy Preservation KNN (Table 1.1, A.7)

Privacy Preservation k-Means Clustering (Table 1.1, A.3)

Other PPDM Methods

Emerging Challenges in Cybersecurity

Emerging Cyber Threats

Threats from Malware

Threats from Botnets

Threats from Cyber Warfare

Threats from Mobile Communication

Cyber Crimes

Network Monitoring, Profiling, and Privacy Preservation

Privacy Preservation of Original Data

Privacy Preservation in the Network Traffic Monitoring and Profiling Algorithms

Privacy Preservation of Monitoring and Profiling Data

Regulation, Laws, and Privacy Preservation

Privacy Preservation, Network Monitoring, and Profiling Example: PRISM

Emerging Challenges in Intrusion Detection

Unifying the Current Anomaly Detection Systems

Network Traffic Anomaly Detection

Imbalanced Learning Problem and Advanced Evaluation Metrics for IDS

Reliable Evaluation Data Sets or Data Generation Tools

Privacy Issues in Network Anomaly Detection


Each chapter includes a Summary and References

About the Authors

Dr. Sumeet Dua is currently an upchurch endowed associate professor and the coordinator of IT research at Louisiana Tech University, Ruston, USA. He received his PhD in computer science from Louisiana State University, Baton Rouge, Louisiana.

His areas of expertise include data mining, image processing and computational decision support, pattern recognition, data warehousing, biomedical informatics, and heterogeneous distributed data integration. The National Science Foundation (NSF), the National Institutes of Health (NIH), the Air Force Research Laboratory (AFRL), the Air Force Office of Sponsored Research (AFOSR), the National Aeronautics and Space Administration (NASA), and the Louisiana Board of Regents (LA-BoR) have funded his research with over $2.8 million. He frequently serves as a study section member (expert panelist) for the National Institutes of Health (NIH) and panelist for the National Science Foundation (NSF)/CISE Directorate. Dr. Dua has chaired several conference sessions in the area of data mining and is the program chair for the Fifth International Conference on Information Systems, Technology, and Management (ICISTM-2011). He has given more than 26 invited talks on data mining and its applications at international academic and industry arenas, has advised more than 25 graduate theses, and currently advises several graduate students in the discipline. Dr. Dua is a coinventor of two issued U.S. patents, has (co-)authored more than 50 publications and book chapters, and has authored or edited four books. Dr. Dua has received the Engineering and Science Foundation Award for Faculty Excellence (2006) and the Faculty Research Recognition Award (2007), has been recognized as a distinguished researcher (2004–2010) by the Louisiana Biomedical Research Network (NIH-sponsored), and has won the Outstanding Poster Award at the NIH/NCI caBIG—NCRI Informatics Joint Conference; Biomedical Informatics without Borders: From Collaboration to Implementation. Dr. Dua is a senior member of the IEEE Computer Society, a senior member of the ACM, and a member of SPIE and the American Association for Advancement of Science.

Dr. Xian Du is a research associate and postdoctoral fellow at Louisiana Tech University, Ruston, USA. He worked as a postdoctoral researcher at the Centre National de la Recherche Scientifique (CNRS) in the CREATIS Lab, Lyon, France, from 2007 to 2008 and served as a software engineer in Kikuze Solutions Pte. Ltd., Singapore, in 2006. He received his PhD from the Singapore–MIT Alliance (SMA) Programme at the National University of Singapore in 2006.

Dr. Xian Du’s current research focus is on high-performance computing using machine-learning and data-mining technologies, data-mining applications for cybersecurity, software in multiple computer operational environments, and clustering theoretical research. He has broad experience in machine-learning applications in industry and academic research at high-level research institutes. During his work in the CREATIS Lab in France, he developed a 3D smooth active contour technology for knee cartilage MRI image segmentation. He led a small research and development group to develop color control plug-ins for an RGB color printer to connect to the Windows system through image processing GDI functions for Kikuze Solutions.

He helped to build an intelligent e-diagnostics system for reducing mean time to repair wire-bonding machines at National Semiconductor Ltd., Singapore (NSC). During his PhD dissertation research at the SMA, he developed an intelligent color print process control system for color printers. Dr. Du’s major research interests are machine-learning and data-mining applications, heterogeneous data integration and visualization, cybersecurity, and clustering theoretical research.

Subject Categories

BISAC Subject Codes/Headings:
COMPUTERS / Database Management / Data Mining
COMPUTERS / Software Development & Engineering / Systems Analysis & Design
COMPUTERS / Security / General