Universal Review ISSN NO : 2277-2723

A survey of cyber security operations based

on Machine learning & Deep learning
Saba Karbhari Reena Gunjan
Electronics & Communication Engineering Department Electronics & Communication Engineering Department
ADT MIT School of Engineering ADT MIT School of Engineering
Pune, India Pune, India
sabakarbhari@gmail.com reenagunjan@gmail.com

Abstract— In past decade machine learning (ML) and deep Protection of networks, computer connected devices,
learning (DL), has generated irresistible research interest and programs, and data from malicious attacks or unauthorized
attracted unprecedented public attention. With the increasing access using set of technologies is known as cyber security.
integration of the Internet and social life, there is change in Cyber security can be commonly referred as information
how people learn and work, but it also exposes them to serious
technology security. Information can be sensitive
security threats. It is a challenging task to protect sensitive
information, data, network and computers connected systems information, or other types of data for which unauthorized
from the unauthorized cyberattacks. For this purpose, effective access leads to disaster. In the process of synchronizing with
cyber security is required. Recent technologies such as machine new upcoming technologies, security trends and threat
learning and deep learning are integrated with cyberattacks to intelligence cyber security are at high risk. However, it is
provide solution to this problem. The paper surveys machine essential to protect information and data from cyberattacks,
learning and deep learning in cyber security also it discusses to maintain cyber security.
the challenges and opportunities of using ML / DL and
provides suggestions for research directions. A. Challenges of cybersecurity
There are many challenges in the field of cyber security.
Keywords- Cyber security, Machine learning, Deep learning,
Intrusion detection.
One of the most challenging elements of cybersecurity is the
changing nature of security threats. Traditionally protecting
I. INTRODUCTION the biggest known threats and not protecting systems against
less dangerous risks was approach against maintaining cyber
Presently system connected by internet, such as the security.
hardware, software & data can be protected from cyberattacks Key challenges of cyber security are:
by means of cyber security. Cybersecurity is a set of
technologies and processes designed to protect computers,
networks, programs and data from attacks and unauthorized
access, alteration, or destruction. As threats become more Application security Information security
sophisticated the most recent technologies such as Machine
learning (ML) and deep learning (DL) are used in the
Key challanges
cybersecurity community to leverage security abilities. of cyber
Nowadays, cyber security is a stimulating issue in the cyber security
space and it has been depending on computerization of different
application domains such as finances, industry, medical, and Disater security Network security
many other important areas [11]. To identify various network
attacks, particularly not previously seen attacks, is a key issue
to be solved urgently [1].
This paper deals with previous work in machine learning (ML) Fig.1. Areas covered in cyber security
and deep learning (DL) methods for cybersecurity applications
and some applications of each method in cyber security • Application security: To protect applications from
operations are described. The ML and DL methods covered in threats come from faults in the application design,
this paper are applicable to detect cyber security threats such as development, deployment, upgrade or maintenance
hackers and predators, spyware, phishing and network intrusion through actions that are taken during the development
detection in ML/DL. Thus, great prominence is placed on a life-cycle is known as application security. Some basic
thorough description of the ML/DL methods, and references to methods used for application security are:
seminal works for each ML and DL method are provided [1]. 1. Input parameter validation.
And discuss the challenges and opportunities of using ML / DL
2. User/Role Authentication & Authorization.
for cybersecurity.
3. Session management, parameter manipulation &
The rest of the survey is organized as follows:
exception management.
Section II tells about cyber security, Section III is composed
of Machine learning, Section IV contains survey on Deep • Information security: It protects information from
learning and Section V dedicated to similarities and unauthorized access to save privacy. Methods used are:
differences between Machine learning & Deep learning. 1. Identification, authentication & authorization of
user.
II. CYBER SECURITY 2. Cryptography.

Volume VIII, Issue II, FEBRUARY/2019 Page No: 168

Universal Review ISSN NO : 2277-2723
• Disaster recovery planning: It is a process that comprises • Trojan virus is performing malicious activity when
performing risk assessment, generating priorities, evolving executed.
recovery strategies in case of a disaster. • Phishing is a form of fraud where phishing attacks are sent
• Network security: Network security includes actions via email and ask users to click on a link and enter their
that are used to protect the usability, reliability, integrity personal data. However, the intention of these emails is to
and safety of the network. Security components include: steal sensitive data, such as credit card or login
1. Anti-virus and anti-spyware. information. There is a concerning factor about phishing
2. Firewall, to block unauthorized access to your that phishing emails have become sophisticated and often
network. look just like genuine requests for information.
3. To identify fast-spreading threats, and Virtual
Private Networks (VPNs) and to provide secure III. MACHINE LEARNING
remote access intrusion prevention systems (IPS) is Machine learning (ML) allows software applications to
needed. predict outcomes without being explicitly programmed by
use of an algorithm or group of algorithms. The machine
B. Types of cybersecurity threats
learning builds algorithms for receiving input data and uses
A cyberattack is a deliberate corruption of computers statistical analysis to predict an output while updating
and servers, electronic systems, networks and data. outputs as new data becomes available. Prior work in cyber
Cyberattacks uses fake code to alter original computer code, security based on machine learning and artificial intelligence
logic or data, resulting in troublemaking consequences that is presented below.
lead to cybercrimes. End goal of cyber security is to prevent
cyberattacks. Liu et al., published a systematic study on security concerns
Following are some common types of cyber threats: with a variety of machine learning techniques. The existing
security attacks explored towards machine learning from
two aspects, the training phase and the testing/inferring
phase [2]. Furthermore, categorization based on current
Ransom defensive techniques of machine learning into security
Malware
ware assessment mechanisms, countermeasures in the training
phase, those in the testing or inferring phase, data security
and privacy is done.

Trojan Phishing Paper presented by Fraley and Dr. Cannady gives better
understanding of how machine learning could be leveraged
to classify various security events and alerts. They
developed model to react to security events by alerting
Social
Viruses Enginee SMEs, alerting analysts or producing reports depending
ring upon the severity of the security event. Additional support
for cyber defense was discussed to further reduce the time
demand for responding to critical security events [3].
Spyware
/ adware
Worms Merat et al. presented different types of computer processes
that can be mapped in multitasking environment for the
improvement of machine learning. SHOWAN model
developed by them was used to learn the cyber awareness
Fig.2. Types of cyber threats behavior of a computer process against multiple concurrent
threads [4]. The examined process starts to outperform, and
tended to manage numerous tasks poorly, but it gradually
learned to acquire and control tasks, in the context of
• Type of activity that involves an attacker hacking anomaly detection. Finally, SHOWAN plots the abnormal
system files through encryption and demanding a activities of manually projected task and compare with
payment to decrypt is known as Ransomware. loading trends of other tasks within the group.
• Malware is any file or program used to harm a
computer user, such as worms, computer viruses, In the article, an overview of applying machine learning to
Trojan horses and spyware. address challenges in emerging vehicular networks was
• Worms are like viruses in that they are self-replicating presented by Ye et al. This paper introduced basics of
• An attack that relies on human interaction to trick users machine learning, including major categories and
for breaking security to gain sensitive is Social representative algorithms in brief. Some preliminary
engineering. examples of applying machine learning in vehicular
• A virus is a piece of malicious code that is loaded onto a networks to ease data-driven decision making using
machine without the user’s knowledge. It spread to other reinforcement learning was published [5]. Some open issues
computers by attaching itself to another computer file. for further research also highlighted in this paper.
• Spyware/adware can be installed on computer without
knowledge of user when attachments is opened or A systematic of the challenges associated with machine
clicked or downloaded it infects the software and learning in the context of big data and categorization based on
collects personal information. the V dimensions of big data was published by L’Heureux

Volume VIII, Issue II, FEBRUARY/2019 Page No: 169

Universal Review ISSN NO : 2277-2723
machines, and neural networks [5]. Classic algorithms
and Grolinger [7]. An overview of ML approaches and how
these techniques overcome the various challenges were include logistic regression, support vector regression, and
discussed in this paper. The use of the big data to categorize the Gaussian process for regression [3].
the challenges of machine learning enables the creation of
B. Unsupervised Learning
cause-effect connections for each of the issues. Further, the
creation of explicit relations between approaches and For supervised learning, with enough data, the error rate can be
challenges enables a more thorough understanding of ML reduced close to the minimum error rate bound. However, a
with cyber security. large amount of labeled data is often hard to obtain in practice.
Therefore, learning with unlabeled data, known as unsupervised
Golam et al., consider a data-driven next-generation wireless learning, has attracted more attention. This method of learning
network model, where the MNOs employs advanced data aims to find efficient representation of the data samples, which
analytics, ML and AI are used for efficient operation, might be explained by hidden structures or hidden variables,
control, and optimization. How ML, AI and computational which can be represented and learned by Bayesian learning
intelligence play their important roles in data analytics for methods. Clustering is a representative problem of
next-generation wireless networks are discussed in this unsupervised learning, grouping samples into different clusters
paper. A set of network designs and optimization schemes depending on their similarities. Input features could be either
with respect to data analytics are presented [8]. the absolute description of each sample or the relative
similarities between samples. Classic clustering algorithms
Feng and Wu presented a user-centric machine learning system include k means, hierarchical clustering, spectrum clustering,
which leverages big data of various security logs, alert and the Dirichlet process. Another important class of
information, and analyst insights to the identification of risky unsupervised learning is dimension reduction, which projects
user. System provides a complete framework and solution to samples from a high-dimensional space onto a lower one
risky user detection for enterprise security operation center without losing much information. In many scenarios, the raw
[12]. Generates labels from SOC investigation notes, to data come with high dimension, and may want to reduce the
correlate IP, host, and users to generate user-centric features, input dimension for various reasons. In optimization, clustering,
to select machine learning algorithms and evaluate and classification, the model complexity and the number of
performances, as well as a machine learning system in SOC required training samples dramatically grow with the feature
production environment was briefly introduced. The whole dimension. Another reason is that the inputs of each dimension
machine learning system is implemented in production are usually correlated, and some dimensions may be corrupted
environment and fully automated from data acquisition, with noise and interference, which will degrade the learning
daily model refreshing, to real time scoring, which greatly performance significantly if not handled properly
improve and enhance enterprise risk detection and
management. As to the future work, learning algorithms was [5]. Some classic dimension reduction algorithms include
proposed for further improvement of the detection accuracy. linear projection methods, such as principal component
Technological trends in anomaly detection and identification analysis, and nonlinear projection methods, such as manifold
and open problems and challenges in anomaly detection learning, local linear embedding, and isometric mapping [5].
systems and hybrid intrusion detection systems was discussed C. Reinforcement Learning
by Patcha et al. However, the survey only covers papers
published from 2002 to 2006. Unlike Modi C et al., this review Reinforcement learning deciphers how to map situations to
covers the application of ML / DL in various areas of intrusion actions, through interacting with the environment in a trial-
detection and is not limited to cloud security. [1]. and-error search to maximize a reward, and it comes without
explicit supervision. A Markov decision process (MDP) is
Buczak et al. proposed machine-learning methods and their
applications to detect intrusion [1]. Algorithms like Neural generally assumed in reinforcement learning, which
Networks, Support Vector Machine, Genetic Algorithms, introduces actions and (delayed) rewards to the Markov
Fuzzy Logics, Bayesian Networks and Decision Tree are process. The learning Q function is a classic model-free
also described in paper. learning approach to solve the MDP problem, without the
need for any information about the environment. This Q
function estimates the expectation of sum reward when
Machine-learning methods are coarsely divided into three
taking an action in a given state, and the optimal Q function
major categories as supervised, unsupervised, and
is the maximum expected sum reward achievable by
reinforcement learning. There are two phases in machine
choosing actions. Reinforcement learning can be applied in
learning i.e. training and testing. In the training stage, a model
vehicular networks to handle the temporal variation of
is learned based on training data, whereas in the testing stage,
wireless environments [5].
the trained model is applied to produce the prediction.
A. Supervised Learning IV. DEEP LEARNING
Supervised learning receives a labeled data set and further Deep Learning is a sub area of Machine Learning research.
divide into classification and regression types. Each training It is a collection of algorithms in machine learning, used to
sample comes with a discrete (classification) or continuous model high-level abstractions in data. It Uses model
(regression) value called a label or ground truth. The goal of
architectures composed of multiple nonlinear
supervised learning is to gain the mapping from the input
transformations. Recently, it has made significant advances
feature space to the label or decision space. Classification
on various machine-learning tasks. Deep learning aims to
algorithms assign a categorical label to each incoming sample.
Algorithms in this category include Bayesian classifiers, k- understand the data representations, which can be built in
nearest neighbors, decision trees, support vector supervised, unsupervised, and reinforcement learning. The
input layer is at the leftmost, where each node in the figure

Volume VIII, Issue II, FEBRUARY/2019 Page No: 170

Universal Review
represents a dimension of input data. The output layer is at the B.Restricted Boltzmann Machines (RBMs)
ISSN NO : 2277-2723
rightmost, corresponding to the desired outputs, whereas the RBM is an energy-based probabilistic generative model. It is
layers in the middle are called hidden layers. Typically, the composed of one layer of visible units and one layer of hidden
number of hidden layers and the number of nodes in each layer units. The visible units represent the input vector of a data
are. A deep architecture means it has multiple hidden layers in sample and the hidden units represent features that are
the network as shown in figure 3. However, deeper networks abstracted from the visible units. Each visible unit is connected
bring new challenges, such as needing much more training data to hidden unit, whereas no connection exists within the visible
and gradients of networks easily exploding or vanishing. With layer or hidden layer. During past years, the quality of image
the help of faster computation resources, new training methods classification and object detection has been dramatically
improved due to the deep learning method.
(new activation functions, pretraining), and new structures
(batch norm, residual networks), training such deep architecture C. Recurrent neural Network
becomes possible. Deep learning has been widely used in such RNNs are used to make use of sequential information. In a
areas as computer vision, speech recognition, and natural traditional neural network all inputs (and outputs) are
language processing and greatly improved state-of-the-art independent of each other. To predict the next word in a
performance in these areas. Depending on applications, sentence, need to know which words came before it. RNNs
different structures can be added to the deep networks, e.g. are called recurrent as they perform the same task for every
convolutional networks share weights among spatial element of a sequence, with the output being depended on
dimensions, whereas recurrent neural networks (RNNs) and the previous computations. RNNs can make use of
long short-term memory (LSTM) share weights among the information in arbitrarily long sequences, but in practice
temporal dimensions [5]. they are limited to only a few steps. An online unsupervised
Deep learning aims to learn a hierarchy of features from input deep learning system is used to filter system log data for
data. It can automatically learn features at multiple levels, analyst. In which variants of Deep Neural Networks (DNNs)
which makes the system be able to learn complex mapping and Recurrent Neural Networks (RNNs) are trained to
function directly from data. The most characterizing feature of recognize activity of each user on a network and
deep learning is that models have deep architectures. Deep concurrently assess whether user behavior is normal or
architecture has multiple hidden layers in the network. In anomalous, all in real time [10]. Developed model faced
contrast a shallow architecture has only a few hidden layers (1 several key difficulties in applying machine learning to the
to 2 layers). Deep learning algorithms have been extensively cyber security domain. Model was trained continuously in
studied in recent years. Algorithms are grouped into two an online fashion, but detection of malicious events was
categories based on their architectures: challenging task.
Comparative study was presented by Gavai et al. (2015) of a
supervised approach and an unsupervised approach using
the isolation forest method for detecting insider threat from
network logs. Ryan et al. (1998) applied neural network-
Input Hidden based approaches to train network with one hidden layer to
layer Layers 2 predict the probabilities-based network intrusion [10]. A
network intrusion was detected for the probability less than
0.5. But input features were not structured and did not train
the network in an online fashion.
Hidden Output
Layers 1 Layer Modeling normal user activity on a network using RNNs
was performed by Debar et al. (1992). The RNN was trained
on a representative sequence of Unix command line
Fig. 3. Deep learning arguments (from login to logout). Network intrusion
detected when the trained network poorly predicts the login
to logout sequence. While this work partially addresses
online training, it does not continuously train the network to
A. Convolutional neural networks(CNN)
consider changing user habits over time.
Convolutional neural networks (CNNs) has gain astonishing
Recurrent neural networks have been successfully applied to
recognition in the field of computer vision. It has been
anomaly detection in various alternative domains such as
continuously advancing the image classification accuracy.
signals from mechanical sensors for machinery such as
Also plays an important role for generic feature extraction
engines, and vehicles [10].
such as scene classification, object detection, semantic
segmentation, image retrieval, and image caption.
An inclusive analysis of text Captchas, to evaluate security,
Convolutional neural network (CNNs) is most important
a simple, effective and fast attack on text Captchas proposed
aspect of deep neural networks in image processing. It is
by Tang et al. Using deep learning techniques, which
highly effective and commonly used in computer vision
successfully can attack all Roman character-based text
applications. The convolution neural network composed of
Captchas deployed by the top 50 most popular websites in
three types of layers: convolution layers, subsampling
the world and achieved state-of-the-art results. Success rates
layers, and full connection layers.
range from 10.1% to 90.0% [9]. A novel image-based
Captcha named SACaptcha using neural style transfer
techniques also presented. This is a positive attempt to

Volume VIII, Issue II, FEBRUARY/2019 Page No: 171

Universal Review ISSN NO : 2277-2723
learning. Semi-supervised learning uses a large amount of
improve the security of Captchas by utilizing deep learning
techniques. In this paper, deep learning techniques play two unlabeled data when using labeled data for pattern
roles: as a character recognition engine to recognize recognition. Using semi-supervised learning can reduce
individual characters and as a powerful means to enhance label efforts while achieving high accuracy [1].
the security of the image-based Captcha This proved that
deep learning is a double-edged sword. It can be either used
to attack Captchas or improve the security of Captchas [9]. Feature
Engineering
In future, they predicted existing text Captchas are no longer
secure. Other Captcha alternatives are robust, and the Choosing appropriate
designs of new Captchas can be simultaneously secure and algorithm
usable are still challenging difficulties to be work on [9].
Train and evaluate
model performance
A new approach for detection of network intrusion using
unsupervised deep learning with iterative K-means clustering Use the trained model to classify
or predict the unknown data
proposed by Alom and Taha. In addition, unsupervised ELM,
and only K-means clustering approaches were tested. From
empirical evaluation on KDD-Cup 99 benchmark, it is observed Fig. 4. Steps involved in ML and DL
that the deep learning approach of RBM and AE with k-means
clustering show around 92.12% and 91.86% accuracy for
network intrusion detection respectively. RBM with K-means
clustering provides around 4.4% and 2.95% better detection B. Differences
accuracy compare to K-means and USELM techniques ML and DL methods different in following ways:
respectively [11]. • Data dependencies.
The main difference between deep learning and machine
Nichols and Robinson present an online unsupervised deep learning is its performance as the amount of data increases.
learning approach to detect anomalous network activity Deep learning algorithms do not perform well when the data
from system logs in real time. Models decompose anomaly volumes are small, because deep learning algorithms require
scores into the contributions of individual user behavior a large amount of data to understand the data perfectly.
features for increased interpretability to aid analysts Conversely, machine-learning algorithm uses the established
reviewing potential cases of insider threat. Using the CERT rules, thus performance is better.
Insider Threat Dataset v6.2 and threat detection recall, their • Hardware dependencies
novel deep and recurrent neural network models outperform The DL algorithm requires many matrix operations. The GPU
Principal Component Analysis, Support Vector Machine and is largely used to optimize matrix operations efficiently.
Isolation [10]. Therefore, the GPU is the hardware necessary for the DL to
work properly. DL relies more on high-performance machines
V. SIMILARITIES AND DIFFERENCES BETWEEN with GPUs than machine-learning algorithms.
MACHINE LEARNING & DEEP LEARNING • Feature processing
There are many puzzles about the relationship among ML, The process of putting domain knowledge into a feature
DL, and artificial intelligence (AI). Machine-learning is a extractor to reduce the complexity of the data and generate
branch of AI and is closely related to computational patterns that make learning algorithms work better is known
statistics, which also focuses on prediction making using as feature processing. In ML, most of the characteristics of
computers [1]. whereas DL is a sub-field in machine- an application must be determined by an expert and then
learning research. Its motivation lies in the establishment of encoded as a data type. The performance of most ML
a neural network that simulates the human brain for algorithms depends upon the accuracy of the features
analytical learning. It mimics the human brain mechanism to extracted. Trying to obtain high-level features directly from
interpret data such as images, sounds and texts [14]. data is a major difference between DL and traditional
machine-learning algorithms. Thus, DL reduces the effort of
A. Similarities designing a feature extractor for each problem.
• Steps involved in ML and DL • Problem-solving method
ML and DL method primarily uses similar four steps in In Problem-solving method on applying traditional machine-
except feature extraction in DL is automated rather than learning algorithms to solve problems, traditional machine
manual [12]. learning usually breaks down the problem into multiple sub-
• Methods used in ML and DL problems and solves the sub-problems, ultimately obtaining
ML/DL are similar in these three approaches: supervised, the result. Unlike deep learning which solves end-to-end
unsupervised and semi-supervised. In supervised learning, problem.
each instance consists of an input sample and a label. The • Execution time.
supervised learning algorithm analyzes the training data and DL algorithm takes long time to train because there are
uses the results of the analysis to map new instances. many parameters in the DL algorithm. Whereas ML training
Unsupervised learning that deduces the description of takes relatively less time, only seconds to hours. The test
hidden structures from unlabeled data. Because the sample time is exactly opposite for ML and DL. Deep learning
is unlabeled, the accuracy of the algorithm's output cannot algorithms require very little time to run during testing
be evaluated, and only the key features of the data can be phase compared to ML algorithms. This is not applicable to
summarized and explained. Semi-supervised learning is a all ML algorithms, some required short test times [1]
means of combining supervised learning with unsupervised

Volume VIII, Issue II, FEBRUARY/2019 Page No: 172

Universal Review V. CONCLUSION [13] Ozlem Yavanoglu And Murat Aydos, “A Review ISSN NO Security
On Cyber : 2277-2723
Datasets For Machine Learning Algorithms”, In IEEE International
This paper provides researchers with a strong foundation for Conference On Big Data ,Jan 2018.
making easier and better informed choices about machine [14] A. Milenkoski, M. Vieira, S. Kounev, A. Avritzer, and B. D. Payne,
learning and deep learning for cyber security. It was “Evaluating Computer Intrusion Detection Systems:A Survey of Common
Practices,” Acm Comput. Surv., vol. 48, no. 1, pp. 1–41, 2015.
reviewed that machine learning has some challenges in
[15] C. N. Modi and K. Acha, “Virtualization layer security challenges and
handling Big Data whereas deep learning performance is intrusion detection/prevention systems in cloud computing: a
better in context of big data. To improve the security, an comprehensive review,” J. Supercomput., vol. 73, no. 3, pp. 1–43,
innovative image-based captcha named SACaptcha using 2016.
deep learning techniques can be used. Unsupervised deep [16] E. Viegas, A. O. Santin, A. França, R. Jasinski, V. A. Pedroni, and L.
learning of RBM and AE with iterative k-means clustering S. Oliveira, “Towards an Energy-Efficient Anomaly-Based Intrusion
Detection Engine for Embedded Systems,” IEEE Trans. Comput., vol.
show around 92.12% and 91.86% accuracy for network 66, no. 1, pp. 163–177, 2017.
intrusion detection. In future, system of network intrusion
detection for cyber security with online learning approach
can be deployed. Machine learning is used to develop a
model which detect and highlight advanced malware, by
alerting SMEs, alerting analysts or producing reports
depending upon the severity of the security event. The
model performs these functions with very high accuracy
(90%). To detect abnormal network activity from system
logs in real time, an online unsupervised deep learning
approach can be used that produces interpretable
assessments of insider threat in streaming system user logs.
This work has therefore accomplished its objective by
providing with potential directions for future work and will
hopefully serve as groundwork for great improvements of
machine learning and deep learning methods for cyber
security operations.
REFERENCES
[1] Yang Xin Et Al., “Machine Learning And Deep Learning Methods
For Cybersecurity”In IEEE Journals & Magazine, May 2018.
[2] Qiang Liu Et Al., “A Survey On Security Threats And Defensive
Techniques Of Machine Learning: A Data Driven View”,In IEEE
Journals & Magazine, Vol 6, February 2018.
[3] James B. Fraley And Dr. James Cannady, “The Promise Of Machine
Learning In Cybersecurity”, In Southeast conference , May 2017.
[4] Soorena Merat, P.Eng, Dr. Wahab Almuhtadi, P.Eng., “Artificial
Intelligence Application For Improving Cyber-Security Acquirement”
In 28th IEEE Canadian Conference On Electrical And Computer
Engineering, Halifax, Canada, May 2015.
[5] Hao Ye, Le Liang et al., “Machine Learning for Vehicular Networks”
In IEEE Vehicular Technology Magazine, April 2018.
[6] Ge Wang, Jong Chu Ye et al., “Image Reconstruction Is A New
Frontier Of Machine Learning”, In IEEE Transactions On Medical
Imaging ,Vol. 37, pp 1289 – 1296, June 2018.
[7] Alexandra L’heureux et al., “Machine Learning With Big Data:
Challenges And Approaches”, In IEEE Journal & Magazine ,Vol 5,
pp 7776 – 7797, April 2017.
[8] Mirza Golam Kibria Et Al., “Big Data Analytics, Machine Learning
And Artificial Intelligence In Next-Generation Wireless Networks”,
In IEEE Journal & Magazine, May 2018, pp 2169-3536.
[9] Mengyun Tang Et Al., “Research On Deep Learning Techniques In
Breaking Text-Based Captchas And Designing Image-Based
Captcha”, In IEEE Transactions On Information Forensics And
Security,Vol13, Issue: 10,pp 2522 – 2537,Oct. 2018.
[10] Aaron Tuor ,Samuel Kaplan And Brian Hutchinson, “Deep Learning
For Unsupervised Insider Threat Detection In Structured
Cybersecurity Data Streams”, In Proceedings Of Ai For Cyber
Security Workshop At AAAI ,Dec 2017.
[11] Md Zahangir Alom And Tarek M. Taha, “Network Intrusion Detection
For Cyber Security Using Unsupervised Deep Learning Approaches”,
In IEEE National Aerospace And Electronics Conference
(NAECON), Dayton, Oh, USA, June 2017.
[12] Charles Feng*, Shunning Wu And Ningwei Liu, “A User-Centric Machine
Learning Framework For Cyber Security Operations Center”,
In IEEE International Conference On Intelligence And Security
Informatics (ISI), Beijing, China, July 2017.

Volume VIII, Issue II, FEBRUARY/2019 Page No: 173