Survei Penerapan Model Machine Learning Dalam Bidang Keamanan Informasi
Abstract
This paper provides a survey that discusses the spread used of machine learning models and algorithm for problems in information security. The breadth of the various types of techniques and methods by machine learning on this survey also figured by given examples of each model in the application for problems related to information security. The results of the study can be concluded that the use of machine learning in information security has spread widely in its use. Some methods are published in standard ways, with expectations this paper will give the insight to develop better models of machine learning applications in information security.
Downloads
References
A. Dresch, D. P. Lacerda, and J. A. V. Antunes, Design science research : a method for science and technology advancement. Springer.
B. Kitchenham et al., “Systematic literature reviews in software engineering – A tertiary study,” Inf. Softw. Technol., vol. 52, no. 8, pp. 792–805, Aug. 2010.
M. Stamp, “A Revealing Introduction to Hidden Markov Models,” no. October 2018, pp. 1–11, 2018.
A. Kalbhor, T. H. Austin, E. Filiol, S. Josse, and M. Stamp, “Dueling hidden Markov models for virus analysis,” J. Comput. Virol. Hacking Tech., vol. 11, no. 2, pp. 103–118, May 2015.
W. Wong and M. Stamp, “Hunting for metamorphic engines,” J. Comput. Virol., vol. 2, no. 3, pp. 211–229, Nov. 2006.
T. Okamoto and Y. Ishida, “Framework of an Immunity-Based Anomaly Detection System for User Behavior,” in Knowledge-Based Intelligent Information and Engineering Systems, Berlin, Heidelberg: Springer Berlin Heidelberg, 2007, pp. 821–829.
R. Posadas, C. Mex-Perera, R. Monroy, and J. Nolazco-Flores, “Hybrid Method for Detecting Masqueraders Using Session Folding and Hidden Markov Models,” Springer, Berlin, Heidelberg, 2006, pp. 622–631.
N. Cristianini and J. Shawe-Taylor, An Introduction to Support Vector Machines and Other Kernel-based Learning Methods. Cambridge: Cambridge University Press, 2000.
R. Berwick and V. Idiot, “An Idiot’s guide to Support vector machines (SVMs),” 2003.
I. Firdausi, C. lim, A. Erwin, and A. S. Nugroho, “Analysis of Machine learning Techniques Used in Behavior-Based Malware Detection,” in 2010 Second International Conference on Advances in Computing, Control, and Telecommunication Technologies, 2010, pp. 201–203.
Y. Ye, T. Li, D. Adjeroh, and S. S. Iyengar, “A Survey on Malware Detection Using Data Mining Techniques,” ACM Comput. Surv., vol. 50, no. 3, pp. 1–40, Jun. 2017.
K. Rieck, P. Trinius, C. Willems, and T. Holz, “Automatic Analysis of Malware Behavior using Machine Learning,” J. ofComputer Secur., pp. 1–30, 2011.
M. Kamble and C. Dule, “Image Spam Detection : A Review,” 2017.
A. Annadatha and M. Stamp, “Image spam analysis and detection,” J. Comput. Virol. Hacking Tech., vol. 14, no. 1, pp. 39–52, Feb. 2018.
H. Drucker, Donghui Wu, and V. N. Vapnik, “Support vector machines for spam categorization,” IEEE Trans. Neural Networks, vol. 10, no. 5, pp. 1048–1054, 1999.
W. Hu and W. Hu, “Robust Support Vector Machines for Anomaly Detection,” PROC. 2003 Int. Conf. Mach. Learn. Appl. (ICMLA’03, pp. 23--24, 2003.
S. Mukkamala, G. Janoski, and A. Sung, “Intrusion detection using neural networks and support vector machines,” in Proceedings of the 2002 International Joint Conference on Neural Networks. IJCNN’02 (Cat. No.02CH37290), pp. 1702–1707.
L. Khan, M. Awad, and B. Thuraisingham, “A new intrusion detection system using support vector machines and hierarchical clustering,” VLDB J., vol. 16, no. 4, pp. 507–521, Aug. 2007.
T. Sohn, J. Seo, and J. Moon, “A Study on the Covert Channel Detection of TCP/IP Header Using Support Vector Machine,” Springer, Berlin, Heidelberg, 2003, pp. 313–324.
Kumar, “Cluster Analysis: Basic Concepts and Algorithms,” Psychology.
B. Mirkin, “Choosing the number of clusters,” Wiley Interdiscip. Rev. Data Min. Knowl. Discov., vol. 1, no. 3, pp. 252–260, 2011.
U. Narra, F. Di Troia, V. A. Corrado, T. H. Austin, and M. Stamp, “Clustering versus SVM for malware detection,” J. Comput. Virol. Hacking Tech., vol. 12, no. 4, pp. 213–224, Nov. 2016.
J. Kinable and O. Kostakis, “Malware classification based on call graph clustering,” J. Comput. Virol., vol. 7, no. 4, pp. 233–245, Nov. 2011.
R. Perdisci, W. Lee, and N. Feamster, “Behavioral Clustering of HTTP-Based Malware and Signature Generation Using Malicious Network Traces,” USENIX Symp. Networked Syst. Des. Implement. NSDI, pp. 26–26, 2010.
C. Wei, A. Sprague, and G. Warner, “Clustering malware-generated spam emails with a novel fuzzy string matching algorithm,” no. 205, p. 889, 2009.
L. Portnoy, L. Portnoy, E. Eskin, and S. Stolfo, “Intrusion detection with unlabeled data using clustering,” Proc. ACM CSS Work. DATA Min. Appl. TO Secur. (DMSA-2001, pp. 5--8, 2001.
and W. L. Guofei Gu1, Roberto Perdisci, Junjie Zhang, “BotMiner: Clustering Analysis of Network Traffic for Protocol- and Structure-Independent Botnet Detection Guofei,” USENIX Secur. Symp., no. January 2008, pp. 139–154, 2008.
J. Vaidya and C. Clifton, “Privacy-preserving k -means clustering over vertically partitioned data,” in Proceedings of the ninth ACM SIGKDD international conference on Knowledge discovery and data mining - KDD ’03, 2003, p. 206.
S. Kaya, B. Cicioǧlu Aridoǧan, and M. Demirci, “Linear Discriminant Analysis - A Brief Tutorial,” Mikrobiyol. Bul., vol. 38, no. 4, pp. 421–427, 2004.
M. Sakai, N. Kitaoka, and S. Nakagawa, “Power linear discriminant analysis,” 2007 9th Int. Symp. Signal Process. its Appl. ISSPA 2007, Proc., no. 2, 2007.
M. Kan, S. Shan, D. Xu, and X. Chen, “Side-Information based Linear Discriminant Analysis for Face Recognition,” in Procedings of the British Machine Vision Conference 2011, 2011, p. 125.1-125.0.
Chengjun Liu and H. Wechsler, “Gabor feature based classification using the enhanced fisher linear discriminant model for face recognition,” IEEE Trans. Image Process., vol. 11, no. 4, pp. 467–476, Apr. 2002.
J. Lu, K. N. Plataniotis, and A. N. Venetsanopoulos, “Regularization studies of linear discriminant analysis in small sample size scenarios with application to face recognition,” Pattern Recognit. Lett., vol. 26, no. 2, pp. 181–191, 2005.
N. V. Boulgouris and Z. X. Chi, “Gait Recognition Using Radon Transform and Linear Discriminant Analysis,” IEEE Trans. Image Process., vol. 16, no. 3, pp. 731–740, Mar. 2007.
Z. Yao and W. L. Ruzzo, “A Regression-based K nearest neighbor algorithm for gene function prediction from heterogeneous data,” BMC Bioinformatics, vol. 7, no. S1, p. S11, Mar. 2006.
Y. Liao and V. R. Vemuri, “Use of K-Nearest Neighbor classifier for intrusion detection,” Comput. Secur., vol. 21, no. 5, pp. 439–448, Oct. 2002.
J. Hu, D. Gingrich, and A. Sentosa, “A k-Nearest Neighbor Approach for User Authentication through Biometric Keystroke Dynamics,” in 2008 IEEE International Conference on Communications, 2008, pp. 1556–1560.
Y. Elmehdwi, B. K. Samanthula, and W. Jiang, “Secure k-nearest neighbor query over encrypted data in outsourced environments,” in 2014 IEEE 30th International Conference on Data Engineering, 2014, pp. 664–675.
A. Liaw and M. Wiener, “Classification and Regression by randomForest,” R news, vol. 2, no. December, pp. 18–22, 2002.
Y. Lin and Y. Jeon, “Random Forests and Adaptive Nearest Neighbors,” Journal of the American Statistical Association, vol. 101. Taylor & Francis, Ltd.American Statistical Association, pp. 578–590.
J. Zhang and M. Zulkernine, “A hybrid network intrusion detection technique using random forests,” in First International Conference on Availability, Reliability and Security (ARES’06), 2006, p. 8 pp.-269.
S. Thaseen and C. A. Kumar, “An analysis of supervised tree based classifiers for intrusion detection system,” in 2013 International Conference on Pattern Recognition, Informatics and Mobile Engineering, 2013, pp. 294–299.
B. Sanz, I. Santos, C. Laorden, X. Ugarte-Pedrero, P. G. Bringas, and G. Álvarez, “PUMA: Permission Usage to Detect Malware in Android,” Springer, Berlin, Heidelberg, 2013, pp. 289–298.
I. Santos, F. Brezo, X. Ugarte-Pedrero, and P. G. Bringas, “Opcode sequences as representation of executables for data-mining-based unknown malware detection,” Inf. Sci. (Ny)., vol. 231, pp. 64–82, May 2013.
C. Smutz and A. Stavrou, “Malicious PDF detection using metadata and structural features,” in Proceedings of the 28th Annual Computer Security Applications Conference on - ACSAC ’12, 2012, p. 239.
V. Ghosal, P. Tikmani, and P. Gupta, “Face Classification Using Gabor Wavelets and Random Forest,” in 2009 Canadian Conference on Computer and Robot Vision, 2009, pp. 68–73.
V. H. Nguyen and L. M. S. Tran, “Predicting vulnerable software components with dependency graphs,” in Proceedings of the 6th International Workshop on Security Measurements and Metrics - MetriSec ’10, 2010, p. 1.
R. R. Rojas, “AdaBoost and the Super Bowl of Classifiers A Tutorial Introduction to Adaptive Boosting,” Writing, pp. 1–6, 2009.
M. Stamp, Introduction to machine learning with applications in information security. .
Weiming Hu, Wei Hu, and S. Maybank, “AdaBoost-Based Algorithm for Network Intrusion Detection,” IEEE Trans. Syst. Man, Cybern. Part B, vol. 38, no. 2, pp. 577–583, Apr. 2008.
D. Miyamoto, H. Hazeyama, and Y. Kadobayashi, “A Proposal of the AdaBoost-Based Detection of Phishing Sites.” 2007.
A. M. Aswini and P. Vinod, “Droid permission miner: Mining prominent permissions for Android malware analysis,” in The Fifth International Conference on the Applications of Digital Information and Web Technologies (ICADIWT 2014), 2014, pp. 81–86.
M. S. Khan, S. Siddiqui, R. D. McLeod, K. Ferens, and W. Kinsner, “Fractal based adaptive boosting algorithm for cognitive detection of computer malware,” in 2016 IEEE 15th International Conference on Cognitive Informatics & Cognitive Computing (ICCI*CC), 2016, pp. 50–59.
