Book Image

Machine Learning for Cybersecurity Cookbook

By : Emmanuel Tsukerman
Book Image

Machine Learning for Cybersecurity Cookbook

By: Emmanuel Tsukerman

Overview of this book

Organizations today face a major threat in terms of cybersecurity, from malicious URLs to credential reuse, and having robust security systems can make all the difference. With this book, you'll learn how to use Python libraries such as TensorFlow and scikit-learn to implement the latest artificial intelligence (AI) techniques and handle challenges faced by cybersecurity researchers. You'll begin by exploring various machine learning (ML) techniques and tips for setting up a secure lab environment. Next, you'll implement key ML algorithms such as clustering, gradient boosting, random forest, and XGBoost. The book will guide you through constructing classifiers and features for malware, which you'll train and test on real samples. As you progress, you'll build self-learning, reliant systems to handle cybersecurity tasks such as identifying malicious URLs, spam email detection, intrusion detection, network protection, and tracking user and process behavior. Later, you'll apply generative adversarial networks (GANs) and autoencoders to advanced security tasks. Finally, you'll delve into secure and private AI to protect the privacy rights of consumers using your ML models. By the end of this book, you'll have the skills you need to tackle real-world problems faced in the cybersecurity domain using a recipe-based approach.
Table of Contents (11 chapters)

What this book covers

Chapter 1Machine Learning for Cybersecurity, covers the fundamental techniques of machine learning for cybersecurity.

Chapter 2Machine Learning-Based Malware Detection, shows how to perform static and dynamic analysis on samples. You will also learn how to tackle important machine learning challenges that occur in the domain of cybersecurity, such as class imbalance and false positive rate (FPR) constraints.

Chapter 3Advanced Malware Detection, covers more advanced concepts for malware analysis. We will also discuss how to approach obfuscated and packed malware, how to scale up the collection of N-gram features, and how to use deep learning to detect and even create malware.

Chapter 4Machine Learning for Social Engineering, explains how to build a Twitter spear-phishing bot using machine learning. You'll also learn how to use deep learning to have a recording of a target saying whatever you want them to say. The chapter also runs through a lie detection cycle and shows you how to train a Recurrent Neural Network (RNN) so that it is able to generate new reviews, similar to the ones in the training dataset.

Chapter 5Penetration Testing Using Machine Learning, covers a wide selection of machine learning technologies for penetration testing and security countermeasures. It also covers more specialized topics, such as deanonymizing Tor traffic, recognizing unauthorized access via keystroke dynamics, and detecting malicious URLs.

Chapter 6Automatic Intrusion Detection, looks at designing and implementing several intrusion detection systems using machine learning. It also addresses the example-dependent, cost-sensitive, radically-imbalanced, challenging problem of credit card fraud.

Chapter 7Securing and Attacking Data with Machine Learning, covers recipes for employing machine learning to secure and attack data. It also covers an application of ML for hardware security by attacking physically unclonable functions (PUFs) using AI.

Chapter 8Secure and Private AI, explains how to use a federated learning model using the TensorFlow Federated framework. It also includes a walk-through of the basics of encrypted computation and shows how to implement and train a differentially private deep neural network for MNIST using Keras and TensorFlow Privacy.

Appendix offers you a guide to creating infrastructure to handle the challenges of machine learning on cybersecurity data. This chapter also provides a guide to using virtual Python environments, which allow you to seamlessly work on different Python projects while avoiding package conflicts.