I’ve read a handful of blog posts related to the idea of using machine learning for computer security. But all of the information I found was too general for my liking. Here are four specific scenarios I’ve used to apply ML to computer security problems.
Scenario #1: You have a set of credit card transactions. You can create a deep neural regression model where the value to predict is the amount charged and the predictor variables are things like time of day, previous transaction amount on the card, and so on. Then for every new transaction you compute the predicted amount of the charge and if the actual amount differs greatly, you flag the transaction for investigation.
Scenario #2: You have a set of log entries of just about anything (network logins, or credit card transactions, etc.) First you encode the raw data by converting non-numeric data (such as State = NY). Next you preprocess the encoded logged data by converting it into strictly scaled numeric data by using a deep autoencoder. Then, with all your data expressed as all numeric values, you can perform clustering using k-means or GMM clustering (which only work for numeric data). Then after clustering, you can identify anomalous logged items, for example, items that are far from their cluster mean in the case of k-means, or items that have ambiguous assignment weights/probabilities in the case of GMM.
Scenario #3: Same problem type as scenario #2 but you use a different ML technique. You encode non-numeric data. Then you process the data using a deep neural autoencoder (also called an encoder-decoder) and identify anomalous data items based on the reconstruction error, which is the difference (such as mean squared error) between the input data and the output data (which should be identical). Greater reconstruction error indicates the item varies from the model.
Scenario #4: You have numeric time series data such as the weekly transaction amounts for a credit card. You create a deep recurrent neural model using an LSTM or similar network. Then you can predict the next transaction amount at any given point in time and if the actual amount differs greatly from the predicted amount, you can flag the transaction for investigation.
Now to be sure, there are tons of details to take care of and all of these techniques require a big effort. But all are feasible.
In general I prefer abstract art to photorealistic art. I like the way abstract art creates a simplified model of reality which can be more interesting than the source reality.
.NET Test Automation Recipes
Software Testing
SciPy Programming Succinctly
Keras Succinctly
R Programming
2026 Visual Studio Live
2025 Summer MLADS Conference
2026 DevIntersection Conference
2025 Machine Learning Week
2025 Ai4 Conference
2026 G2E Conference
2026 iSC West Conference
Thanks for this interesting topic. ML is much too rarely discussed in practice.
I would like to know more details about that. But I also realize that I have to learn more.
T.K.