Applications of Positive Unlabeled (PU) and Negative Unlabeled (NU) Learning in Cybersecurity
It addresses cybersecurity challenges such as detecting and mitigating threats, but is incremental as it reviews and formulates applications rather than presenting new empirical findings.
This paper explores applying Positive Unlabeled (PU) and Negative Unlabeled (NU) learning to cybersecurity problems like intrusion detection and malware detection, identifying potential improvements for scenarios with imbalanced or limited labeled data, but does not report specific experimental results or numbers.
This paper explores the relatively underexplored application of Positive Unlabeled (PU) Learning and Negative Unlabeled (NU) Learning in the cybersecurity domain. While these semi-supervised learning methods have been applied successfully in fields like medicine and marketing, their potential in cybersecurity remains largely untapped. The paper identifies key areas of cybersecurity--such as intrusion detection, vulnerability management, malware detection, and threat intelligence--where PU/NU learning can offer significant improvements, particularly in scenarios with imbalanced or limited labeled data. We provide a detailed problem formulation for each subfield, supported by mathematical reasoning, and highlight the specific challenges and research gaps in scaling these methods to real-time systems, addressing class imbalance, and adapting to evolving threats. Finally, we propose future directions to advance the integration of PU/NU learning in cybersecurity, offering solutions that can better detect, manage, and mitigate emerging cyber threats.