Statistical learning methods for information security: Fundamentals and case studies

H. K. Pao, Yuh-Jye Lee*, Chun-Ying Huang

*Corresponding author for this work

Research output: Contribution to journalReview articlepeer-review

2 Scopus citations


One of the most traditional methods for information security can be as easy as sequence matching, such as the signature-based methods for virus detection. However, it is now well accepted that the signature-based methods are no longer satisfactory solutions for many security problems. The signature is usually too rigid, resulting in detection that is hard to adjust and easy to bypass. Statistical learning approaches can complete the puzzle to form an integrated defense system. Numerous statistical learning methods have been proposed in the last couple of decades for various applications. To solve information security problems statistically, we need to carefully choose appropriate statistical learning methods and evaluation procedures so that what seems to be a meaningful and effective method in terms of the statistical analysis can also be beneficial when the method is deployed to the real world. This paper aims to give an introductory and as self-contained as possible overview for how to correctly and effectively apply statistical methods to information security problems. We also demonstrate a couple of applications of the statistical learning methods on the problems of botnet detection and account security.

Original languageEnglish
Pages (from-to)97-113
Number of pages17
JournalApplied Stochastic Models in Business and Industry
Issue number2
StatePublished - 1 Mar 2015


  • Anomaly detection
  • information security
  • intrusion detection
  • signature-based methods
  • statistical learning


Dive into the research topics of 'Statistical learning methods for information security: Fundamentals and case studies'. Together they form a unique fingerprint.

Cite this