Machine Learning in Cybersecurity: A Guide

Spring, Jonathan M.; Fallon, Joshua; Metcalf, Leigh

Machine Learning in Cybersecurity: A Guide

Active / Technical Report | Accession Number: AD1088210 |

Open PDF

Abstract:

Decision-makers should ask certain questions before employing machine-learning ML or artificial intelligence AI solutions and receive satisfactory answers. This document suggests important questions when employing ML or AI in cybersecurity and outlines what a satisfactory answer should contain. We focus on questions about quality and usefulness. The questions we discuss are 1. What are you trying to find out 2. What information is needed to answer the target question 3. How do you anticipate that the MLAI tool will address that question 4. Is the design of the MLAI tool robust to the well-known attacks against MLAI in our adversarial, cybersecurity environment 5. How can the input datas bias be managed 6. Does the evaluation of the MLAI tool properly account for well-known study design errors and biases7. What alternative tools have you considered What are the advantages and disadvantages of each

Author(s):

Spring, Jonathan M. ; Fallon, Joshua ; Metcalf, Leigh

Author Organization(s):

Carnegie Mellon University Software Engineering Institute Pittsburgh United States

Descriptive Note:

Technical Report

Pagination:

0011

Security Markings

DOCUMENT & CONTEXTUAL SUMMARY

Distribution:

Approved For Public Release

Distribution Statement:

Approved For Public Release;

RECORD

Collection: TR

Identifying Numbers

Contract/Grant Number(s):

FA8702-15-D-0002

Subject Terms

Joint Capability Areas:

JCA_5_Command and Control; JCA_5.3_Planning; JCA_7_Protection; JCA_6_Net Centric; JCA_6.4.1_Secure Information Exchange; JCA_6.4_Information Assurance; JCA_3.2_Engagement; JCA_3_Force Application; JCA_3.2.2_Non-Kinetic Means; JCA_7.1.2_Prevent Non-kinetic Attack; JCA_7.1_Prevent; JCA_5.3.2_Apply Situational Understanding; JCA_8_Building Partnerships; JCA_5.3.3_Develop Strategy; JCA_8.2.4_Leverage Capacities and Capabilities of Security Establishments; JCA_8.2_Shape; JCA_1.2_Force Preparation; JCA_1_Force Support; JCA_2.4.2_Evaluation; JCA_7.2.1_Mitigate Lethal Effects; JCA_7.2_Mitigate

Modernization Areas:

Cyber

Communities of Interest:

Cyber

Descriptor(s):

machine learning, decision making, cybersecurity, artificial intelligence

Field(s)/Group(s):

Cybernetics

Report Date:

2019 Feb 01

Creation Date:

2020 Jan 06