|
1.5.3
|
|
|
|
Reinforcement learning
|
Algorithms, in which an agent decides what to do to perform the given task to maximize the given function.
|
|
1.5.7
|
|
|
|
Shallow learning
|
Techniques that separate the process of feature extraction from learning itself.
|
|
3.6.5.1
|
|
|
|
Supervised learning
|
Algorithms, which develop a mathematical model from the input data and known desired outputs.
|
|
1.5.7
|
Alg. 1.1.
|
|
|
Unsupervised learning
|
Algorithms, which take a set of data consisting only of inputs and then they attempt to cluster the data objects based on the similarities or dissimilarities in them.
|
|
1.5.7.
|
Alg. 1.2.
|
|
|
Decision tree
|
Tree‐structure resembling a flowchart, where every node represents a test to an attribute, each branch represents the possible outcomes of that test, and the leaves represent the class labels.
|
|
|
|
|
|
J48
|
Open source Java implementation of the C4.5 algorithm that builds decision trees from a set of training data using the concept of information entropy.
|
|
6.6.4
|
|
|
|
Genetic/evolutionary algorithms
|
Set of evolutionary algorithms, which take an inspiration from genetic evolution theories.
|
|
3.6.4, 3.6.5.4
|
Alg. 1.3
|
|
|
Hidden Markov models
|
Algorithm that builds up a set of states producing outputs with different probabilities with the goal to find out the sequence of states that results in the observed outputs.
|
|
|
|
|
|
K‐means
|
Clustering algorithm that uses a distance function to distribute all data pieces between k clusters defined by their centroid position in the feature space.
|
|
3.6.2
|
|
|
|
K‐nearest neighbor
|
Classification algorithm that uses a distance function in order to determine to which class to assign the new element by finding K closest elements in the feature space.
|
|
3.6.3, 5.3.5.4
|
|
|
|
Naive Bayes
|
Algorithm that consists of applying the Bayes theorem in order to find a distribution of conditional probabilities among class labels, with the assumption of independence between features.
|
|
|
|
|
|
Random forest
|
An ensemble learning method that builds a large group of independent decision trees, and outputs the mode of the label predictions of all the trees.
|
|
6.6.4
|
Sec.6.6.4
|
|
|
Support vector machine
|
Binary classification algorithm that creates a hyper plane that separates the data into two classes with the objective to maximize the gap perpendicular to the plane, allowing better generalization.
|
|
|
|
Please note: I realize that there exist various definitions and even understandings of these terms’ meaning. I have chosen to follow up the definitions given in the publications of the NIST Computer Security Resource Center (see https://csrc.nist.gov/glossary), first (see Section I.6) and then proceed with others (see Section I.7). Even those publications are ambiguous in some cases and provide different meanings too. I have chosen ones, which are followed up in this book. I do not intend to make this list all inclusive or exclusive.
I.6 The Cited NIST Publications
NIST SP 800‐12 An Introduction to Information Security, June 2017, available free of charge from: https://doi.org/10.6028/NIST.SP.800‐12r1
NIST SP 800‐30 Guide for Conducting Risk Assessments NIST, Sep. 2012, available at https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800‐30r1.pdf
NIST SP 800‐39 Managing Information Security Risk, March 2011, available at https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800‐39.pdf
NIST SP 800‐41 Rev. 1 Guidelines on Firewalls and Firewall Policy NIST, September 2009, available at https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800‐41r1.pdf
NIST SP 800‐53 Rev. 5 CNSSI 4009 Security and Privacy Controls for Information Systems and Organizations, September 2020, available at doi.org/10.6028/NIST.SP.800‐53r5
NIST 800‐63 Digital Identity Guidelines, June 2017, available at https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800‐63‐3.pdf
NIST SP 800‐82 Rev. 2 RFC 4949, Guide to Industrial Control Systems (ICS) Security, May 2015, available from: http://dx.doi.org/10.6028/NIST.SP.800‐82r2
NIST 800‐83 Revision 1 Guide to Malware Incident Prevention and Handling for Desktops and Laptops, July 2013, available at https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800‐83r1.pdf
NIST 800‐88, Revision 1: Guidelines for Media Sanitization, 5 February 2015, available at https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800‐88r1.pdf
NIST Special Publication 800‐101 Guidelines
