Answer-first summary for fast verification
Answer: Unsupervised Learning
## Explanation **Unsupervised Learning** is the correct approach because: 1. **No predefined labels**: The team doesn't have attack labels (i.e., they don't know what constitutes 'normal' vs 'attack' traffic beforehand). 2. **Pattern discovery**: Unsupervised learning algorithms like clustering, anomaly detection, or association can identify unusual patterns without prior labeling. 3. **Anomaly detection**: This is a classic use case for unsupervised learning where the algorithm learns what 'normal' traffic looks like and flags deviations. **Why other options are incorrect**: - **B) Supervised Learning**: Requires labeled data (attack vs normal traffic) which the team doesn't have. - **C) Reinforcement Learning**: Involves learning through trial-and-error with rewards/penalties, not suitable for pattern detection without interaction. - **D) Regression**: A type of supervised learning for predicting continuous values, requires labeled training data. **Real-world application**: AWS services like Amazon GuardDuty use machine learning (including unsupervised techniques) to detect unusual API calls, potentially unauthorized deployments, and other suspicious activities without requiring predefined attack signatures.
Author: Ritesh Yadav
Ultimate access to all questions.
A cybersecurity team wants to detect unusual traffic patterns that may indicate a network attack, but they don't have predefined attack labels. Which approach is suitable?
A
Unsupervised Learning
B
Supervised Learning
C
Reinforcement Learning
D
Regression
No comments yet.