With the recent popularity of machine (and deep) learning, a lot of security practitioners started to believe that these techniques can solve all of our cyber security problems. However, in spite of extensive academic research, they are not yet widely used in our production environments. This is due to some key challenges (e.g. zero-days, concept drift, noisy features) in applying machine learning to security problems. This talk begins with an understanding of intruder behaviour, with a particular focus on computer networks, and then presents our recent work on this research area. Finally, the talk concludes with a discussion on research challenges and potential guidelines for applying machine learning to cyber security problems.