Book Image

Mastering Machine Learning for Penetration Testing

By : Chiheb Chebbi

Book Image

Mastering Machine Learning for Penetration Testing

By: Chiheb Chebbi

Overview of this book

Cyber security is crucial for both businesses and individuals. As systems are getting smarter, we now see machine learning interrupting computer security. With the adoption of machine learning in upcoming security products, it’s important for pentesters and security researchers to understand how these systems work, and to breach them for testing purposes. This book begins with the basics of machine learning and the algorithms used to build robust systems. Once you’ve gained a fair understanding of how security products leverage machine learning, you'll dive into the core concepts of breaching such systems. Through practical use cases, you’ll see how to find loopholes and surpass a self-learning security system. As you make your way through the chapters, you’ll focus on topics such as network intrusion detection and AV and IDS evasion. We’ll also cover the best practices when identifying ambiguities, and extensive techniques to breach an intelligent system. By the end of this book, you will be well-versed with identifying loopholes in a self-learning security system and will be able to efficiently breach a machine learning system.

Preface

Who this book is for

What this book covers

To get the most out of this book

Free Chapter

Introduction to Machine Learning in Pentesting

Introduction to Machine Learning in Pentesting

Technical requirements

Artificial intelligence and machine learning

Machine learning development environments and Python libraries

Machine learning in penetration testing - promises and challenges

Further reading

Phishing Domain Detection

Phishing Domain Detection

Technical requirements

Social engineering overview

Steps of social engineering penetration testing

Building real-time phishing attack detectors using different machine learning models

NLP in-depth overview

Malware Detection with API Calls and PE Headers

Malware Detection with API Calls and PE Headers

Technical requirements

Malware overview

Machine learning malware detection using PE headers

Machine learning malware detection using API calls

Further reading

Malware Detection with Deep Learning

Malware Detection with Deep Learning

Technical requirements

Artificial neural network overview

Implementing neural networks in Python

Deep learning model using PE headers

Deep learning model with convolutional neural networks and malware visualization

Promises and challenges in applying deep learning to malware detection

Further reading

Botnet Detection with Machine Learning

Botnet Detection with Machine Learning

Technical requirements

Botnet overview

Building a botnet detector model with multiple machine learning techniques

How to build a Twitter bot detector

Further reading

Machine Learning in Anomaly Detection Systems

Machine Learning in Anomaly Detection Systems

Technical requirements

An overview of anomaly detection techniques

Network attacks taxonomy

The detection of network anomalies

Building your own IDS

Further reading

Detecting Advanced Persistent Threats

Detecting Advanced Persistent Threats

Technical requirements

Threats and risk analysis

Threat-hunting methodology

Threat hunting with the ELK Stack

Evading Intrusion Detection Systems

Evading Intrusion Detection Systems

Technical requirements

Adversarial machine learning algorithms

Evading intrusion detection systems with adversarial network systems

Further reading

Bypassing Machine Learning Malware Detectors

Bypassing Machine Learning Malware Detectors

Technical requirements

Adversarial deep learning

Bypassing next generation malware detectors with generative adversarial networks

Bypassing machine learning with reinforcement learning

Further reading

Best Practices for Machine Learning and Feature Engineering

Best Practices for Machine Learning and Feature Engineering

Technical requirements

Feature engineering in machine learning

Feature selection algorithms

Best practices for machine learning

Further reading

Assessments

Chapter 1 – Introduction to Machine Learning in Pentesting

Chapter 2 – Phishing Domain Detection

Chapter 3 – Malware Detection with API Calls and PE Headers

Chapter 4 – Malware Detection with Deep Learning

Chapter 5 – Botnet Detection with Machine Learning

Chapter 6 – Machine Learning in Anomaly Detection Systems

Chapter 7 – Detecting Advanced Persistent Threats

Chapter 8 – Evading Intrusion Detection Systems with Adversarial Machine Learning

Chapter 9 – Bypass Machine Learning Malware Detectors

Chapter 10 – Best Practices for Machine Learning and Feature Engineering

Other Books You May Enjoy

Other Books You May Enjoy

Leave a review - let other readers know what you think

Customer Reviews

5 star

0

4 star

0

3 star

0

2 star

0

1 star

0

Machine learning malware detection using API calls

Analyzing malware with API calls plays a huge role in malware analysis. Thus, APIs can give malware analysts an idea about malware behavior, especially when basic, static analysis wasn't successful due to obfuscation techniques (like packers, crypters, and protectors). Malware analysts can gain an understanding of how a malicious file works by studying API calls. There are many online tools that will give you the ability to analyze malware in a secure environment. Those utilities and environments are called sandboxes. Malware that is detected is identified by a hash function (MD5 or SHA256). Malware analysts use hashing to sign a file. For example, the following APIs were taken from the report of an online malware scan with https://www.hybrid-analysis.com.

These are some details about the malware "PE32 executable (GUI...