On the Variability in the Application and Measurement of Supervised Machine Learning in Cyber Security

Published: 01 Jan 2022, Last Modified: 01 Nov 2024UbiSec 2022EveryoneRevisionsBibTeXCC BY-SA 4.0
Abstract: Supervised learning (SL) is being increasingly adopted to enhance capability and mitigate cyberattacks. Published literature containing empirical studies often demonstrates an optimistic viewpoint, with promising results achieving greater than 90% in terms of accuracy when detecting and mitigating cyberattacks. These results are often generated on well-refined test scenarios. Cyberattack statistics show a continued increase in occurrence and continue to result in significant damage. This is resulting in organisations becoming increasingly worried about suffering a cyberattack, increasing their desire to identify and adopt suitable solutions. The optimistic result presented in research studies might misrepresent the application’s true capabilities and set unreachable expectations. The purpose of this paper is to investigate how SL technique is applied to cybersecurity challenges and how it is evaluated. To pursue this aim, a literature review is undertaken, classifying the most common SL performance measurements in cybersecurity research. The key finding of this paper revealed that SL is mostly used because of its capabilities in detecting known patterns on a restrictive application challenge. This could therefore be misleading for those wanting to utilise such systems.
Loading