One advantage of machine learning in network security is that it can identify a zero-day attack. It takes time to identify and analyze a new signature-based attack, but machine learning can apply rules that differentiate legitimate operations from attacks. A new form of malware can be detected based on its actions, so previous observation and analysis are unnecessary. Organizations can prepare machine learning software for operation in several ways. The software can be presented with a set of inputs labeled as attacks and other inputs labeled as legitimate.
Feb-12-2019, 10:58:00 GMT