Machine learning intrusion detection: cool idea or useful strategy?

October 9, 20172 Minute Read

Select article text below to share directly to Twitter!


In some ways, it’d be fun to go back 15 or 20 years and see the looks on people’s faces when you told them computers would soon be better at finding Waldo than humans ever were. Here in 2017, no striped and bespectacled fugitive is safe, as computers use machine learning to enhance computer-vision. The World Economic Forum even lists deep learning in the top three on its emerging technology of 2017 list.

If you’re not in manufacturing or engineering, listen up: Machine learning intrusion detection has tons of possibilities. Cybersecurity just got cool as hell.

Outwitting static defenses

Intrusion detection is a simple concept: The bad guys want to sneak into your network, and you want to know the second it happens. Unfortunately, this is a classic case of “it’s easier said than done.”

Nefarious intrusions aren’t always entering your network like the Kool-Aid Man through a brick wall. These attacks usually come under the guise of legitimate users with equally legitimate credentials. Network monitoring systems created to spot malicious activity may not even bat an eye when these sophisticated attacks come your way. What’s needed is a more flexible, dynamic, and—most importantly—intelligent way to detect intrusion.

Consider this: Some high-profile attackers earn upward of $15 million annually from their network intrusion antics, so as far as this problem’s concerned, it’s not going away anytime soon. How can machine learning intrusion detection help your business? As it turns out, with some old-fashioned education.

Addressing the human element

Jason Trost compiled an impressive array of relevant deep learning articles over at Medium that serve as a comprehensive foundation for this argument. A great example of is self-taught learning (STL). STL is a deep learning strategy where a large pool of unlabeled data is used to build a feature representation. This representation, or model, can then be used for classification of labeled data and ultimately—with the help of neural networks—profile data inputs in an intelligent, dynamic way.

When it comes to intrusion detection, this technology allows for a more human touch to automated security systems. Intrusion attempts are often cleverly disguised as legitimate network activity. It takes a set of human eyes that know the ins and outs of your environment to detect the subtle anomalies in bogus traffic. Unfortunately, you lose out on automated efficiencies with that clumsy human element. Deep learning strategies like STL can study your environment and collect an accurate pulse on what normal operation looks like.

With its raw processing power, deep learning can also take a more comprehensive dive into your network traffic. Everything from printer security to desktop activity is covered. Oh, and it can be fully automated, too.

Ready to save precious man-hours and eliminate the error-prone qualities of human monitoring? Machine learning intrusion detection gives you the best of both worlds: automated, hands-off security in a dynamic, intelligent way.

  • Recommended for You