Table 3 A summary of key terms and areas related to cybersecurity data science
From: Cybersecurity data science: an overview from machine learning perspective
Key terms | Description |
|---|---|
Security incident or attack | An incident or cyber-attack, is any act that threatens the security, confidentiality, integrity, or availability of information assets, information systems, or the networks that deliver the information |
Data breach | An intentional or unintentional release of secure data to an untrusted environment, which is also known as data spill or data leak |
Cyber anomaly | Anomalies are data points, items, observations or events that do not conform to the expected pattern of a given group, such as cyber intrusions or fraud. Anomalies are also referred to as outliers, noise, deviations, and exceptions in cyber data |
Cybercrime | A criminal activity done using computers and the Internet, that can be committed against government and private organizations |
Cybersecurity | A set of technologies and processes designed to protect networks, devices, programs, and data from various cyber attacks, damages, or unauthorized access |
Data science | Focuses on the collection and application of data to provide insights or meaningful information in industry, academia, or the context of human life |
Artificial intelligence (AI) | A technology that behaves intelligently with the ability of thinking and working like humans, e.g., intelligent decision making in cyber domain |
Machine learning | A significant part of AI, which deals with the scientific study of algorithms and statistical models that learn from cybersecurity data to perform a specific task without using explicit instructions, relying on security incident patterns and inference instead. |
Deep learning | A significant part of machine learning in AI that typically builds security models based on artificial neural networks consisting of several data processing layers |
Cyber features | These are attributes, extracted from cyber data sources to analyze and build target cyber security models |
Security models | Models take features as inputs and they apply simple or hybrid machine learning algorithms to come up with a specific outcome for a cybersecurity use case for intelligent decision making |
Threat intelligence | Deals with gathering raw data of threats, and then analyzes and filters the data to produce usable information for automated security control systems, i.e., evidence-based knowledge in cybersecurity |
Behavioral analytics | Deals with the behavioral patterns of various security incidents or the malicious behavior in the data |
Internet-of-Things (IoT) | A smart environment where an object that can represent itself becomes greater by connecting to surrounding objects and the extensive data flowing around it, in which the cyber criminals are associated with. |