The absence of a robust and unified theory of cyber dynamics presents challenges and opportunities for using machine learning based data-driven approaches to further the understanding of the behavior of such complex systems. Analysts can also use machine learning approaches to gain operational insights. In order to be operationally beneficial, cybersecurity machine learning based models need to have the ability to: (1) represent a real-world system, (2) infer system properties, and (3) learn and adapt based on expert knowledge and observations. Probabilistic models and Probabilistic graphical models provide these necessary properties and are further explored in this chapter. Bayesian Networks and Hidden Markov Models are introduced as an example of a widely used data driven classification/modeling strategy.
Revised: August 29, 2017 |
Published: April 21, 2017
Citation
Chikkagoudar S., S. Chatterjee, D.G. Thomas, T.E. Carroll, and G. Muller. 2017.Machine Learning. In Research Methods for Cyber Security, edited by TW Edgar and DO Manz. 153-173. Cambridge, Massachusetts:Syngress.PNNL-SA-122747.doi:10.1016/B978-0-12-805349-2.00006-6