Machine Learning for Cybersecurity Cookbook

By : Emmanuel Tsukerman

3 (2)

Buy this Book

Machine Learning for Cybersecurity Cookbook

3 (2)

By: Emmanuel Tsukerman

Buy this Book

Overview of this book

Organizations today face a major threat in terms of cybersecurity, from malicious URLs to credential reuse, and having robust security systems can make all the difference. With this book, you'll learn how to use Python libraries such as TensorFlow and scikit-learn to implement the latest artificial intelligence (AI) techniques and handle challenges faced by cybersecurity researchers. You'll begin by exploring various machine learning (ML) techniques and tips for setting up a secure lab environment. Next, you'll implement key ML algorithms such as clustering, gradient boosting, random forest, and XGBoost. The book will guide you through constructing classifiers and features for malware, which you'll train and test on real samples. As you progress, you'll build self-learning, reliant systems to handle cybersecurity tasks such as identifying malicious URLs, spam email detection, intrusion detection, network protection, and tracking user and process behavior. Later, you'll apply generative adversarial networks (GANs) and autoencoders to advanced security tasks. Finally, you'll delve into secure and private AI to protect the privacy rights of consumers using your ML models. By the end of this book, you'll have the skills you need to tackle real-world problems faced in the cybersecurity domain using a recipe-based approach.

Preface

Who this book is for

What this book covers

To get the most out of this book

Sections

Get in touch

Free Chapter

Machine Learning for Cybersecurity

Technical requirements

Train-test-splitting your data

Standardizing your data

Summarizing large data using principal component analysis

Generating text using Markov chains

Performing clustering using scikit-learn

Training an XGBoost classifier

Analyzing time series using statsmodels

Anomaly detection with Isolation Forest

Natural language processing using a hashing vectorizer and tf-idf with scikit-learn

Hyperparameter tuning with scikit-optimize

Machine Learning-Based Malware Detection

Technical requirements

Malware static analysis

Malware dynamic analysis

Using machine learning to detect the file type

Measuring the similarity between two strings

Measuring the similarity between two files

Extracting N-grams

Selecting the best N-grams

Building a static malware detector

Tackling class imbalance

Handling type I and type II errors

Advanced Malware Detection

Technical requirements

Detecting obfuscated JavaScript

Featurizing PDF files

Extracting N-grams quickly using the hash-gram algorithm

Building a dynamic malware classifier

MalConv – end-to-end deep learning for malicious PE detection

Tackling packed malware

MalGAN – creating evasive malware

Tracking malware drift

Machine Learning for Social Engineering

Technical requirements

Twitter spear phishing bot

Voice impersonation

Speech recognition for OSINT

Facial recognition

Deepfake

Deepfake recognition

Lie detection using machine learning

Personality analysis

Social Mapper

Fake review generator

Fake news

Penetration Testing Using Machine Learning

Technical requirements

CAPTCHA breaker

Neural network-assisted fuzzing

DeepExploit

Web server vulnerability scanner using machine learning (GyoiThon)

Deanonymizing Tor using machine learning

IoT device type identification using machine learning

Keystroke dynamics

Malicious URL detector

Deep-pwning

Deep learning-based system for the automatic detection of software vulnerabilities

Automatic Intrusion Detection

Technical requirements

Spam filtering using machine learning

Phishing URL detection

Capturing network traffic

Network behavior anomaly detection

Botnet traffic detection

Insider threat detection

Detecting DDoS

Credit card fraud detection

Counterfeit bank note detection

Ad blocking using machine learning

Wireless indoor localization

Securing and Attacking Data with Machine Learning

Technical requirements

Assessing password security using ML

Deep learning for password cracking

Deep steganography

ML-based steganalysis

ML attacks on PUFs

Encryption using deep learning

HIPAA data breaches – data exploration and visualization

Secure and Private AI

Technical requirements

Federated learning

Encrypted computation

Private deep learning prediction

Testing the adversarial robustness of neural networks

Differential privacy using TensorFlow Privacy

Other Books You May Enjoy

Leave a review - let other readers know what you think

Appendix

Setting up a virtual lab environment

Using Python virtual environments

Customer Reviews

3 (2)

5 star

50%

4 star

3 star

2 star

1 star

50%

Tackling packed malware

Packing is the compression or encryption of an executable file, distinguished from ordinary compression in that it is typically decompressed during runtime, in memory, as opposed to being decompressed to disk, prior to execution. Packers pose an obfuscation challenge to analysts.

A packer called VMProtect, for example, protects its content from analyst eyes by executing in a virtual environment with a unique architecture, making it a great challenge for anyone to analyze the software.

Amber is a reflective PE packer for bypassing security products and mitigations. It can pack regularly compiled PE files into reflective payloads that can load and execute themselves like a shellcode. It enables stealthy in-memory payload deployment that can be used to bypass anti-virus, firewall, IDS, IPS products, and application whitelisting mitigations. The most commonly...

Your notes and bookmarks

Machine Learning for Cybersecurity Cookbook

By : Emmanuel Tsukerman

Machine Learning for Cybersecurity Cookbook

By: Emmanuel Tsukerman

Overview of this book

Delete Bookmark