Computer and communication systems are subject to repeated security attacks. Given the variety of new vulnerabilities discovered every day, the introduction of new attack schemes, and the ever-expanding use of the Internet, it is not surprising that the field of computer and network security has grown and evolved significantly in recent years. Attacks are so pervasive nowadays that many firms, especially large financial institutions, spend over 10% of their total information and communication technology (ICT) budget directly on computer and network security. Changes in the type of attacks, such as the use of Advanced Persistent Threat (APT) and the identification of new vulnerabilities have resulted in a highly dynamic threat landscape that is unamenable to traditional security approaches.

Data mining techniques that explore data in order to discover hidden patterns and develop predictive models, have proven to be effective in tackling the aforementioned information security challenges. In recent years classification, associations rules, and clustering mechanisms, have all been used to discover and generalize attack patterns in order to develop powerful solutions for coping with the latest threats such as: APTs, Ransomware, data leakage, and malicious code (Trojan, Worms and computer viruses).