The potential use of machine learning techniques for intrusion detection is widely discussed amongst security experts.
At Kudelski Security, we looked into this topic, and this briefing paper provides an overview of the possibilities and limitations of machine learning. We conclude that although pure machine learning is not well suited for general network intrusion detection today, it is relevant for more specific tasks such as user behavior analysis or specific endpoint security problems.
Kudelski Security is developing machine learning-based methods for specific problems where it is more cost-effective than classical methods, and will continue to monitor the evolution of machine learning. Learn more