Abstract: This study paper describes a literature survey focused on machine learning (ML) and data mining (DM) methods for cyber analytics in support of intrusion detection. Descriptions of each ML/DM method are provided shortly. Based on the number of citations or the relevance of an emerging method, papers representing each method were identified, read, and summarized. Because data are so important in ML/DM approaches, some well-known data sets used in ML/DM are described. The complexity of ML/DM algorithms is addressed, discussion of challenges for using ML/DM for security is presented, and some suggestions on when to use a given method are provided.

Keywords: Machine learning, data mining, intrusion detection, etc.