Machine Learning for Cybersecurity Cookbook

Book description

Learn how to apply modern AI to create powerful cybersecurity solutions for malware, pentesting, social engineering, data privacy, and intrusion detection

Key Features

  • Manage data of varying complexity to protect your system using the Python ecosystem
  • Apply ML to pentesting, malware, data privacy, intrusion detection system(IDS) and social engineering
  • Automate your daily workflow by addressing various security challenges using the recipes covered in the book

Book Description

Organizations today face a major threat in terms of cybersecurity, from malicious URLs to credential reuse, and having robust security systems can make all the difference. With this book, you'll learn how to use Python libraries such as TensorFlow and scikit-learn to implement the latest artificial intelligence (AI) techniques and handle challenges faced by cybersecurity researchers.

You'll begin by exploring various machine learning (ML) techniques and tips for setting up a secure lab environment. Next, you'll implement key ML algorithms such as clustering, gradient boosting, random forest, and XGBoost. The book will guide you through constructing classifiers and features for malware, which you'll train and test on real samples. As you progress, you'll build self-learning, reliant systems to handle cybersecurity tasks such as identifying malicious URLs, spam email detection, intrusion detection, network protection, and tracking user and process behavior. Later, you'll apply generative adversarial networks (GANs) and autoencoders to advanced security tasks. Finally, you'll delve into secure and private AI to protect the privacy rights of consumers using your ML models.

By the end of this book, you'll have the skills you need to tackle real-world problems faced in the cybersecurity domain using a recipe-based approach.

What you will learn

  • Learn how to build malware classifiers to detect suspicious activities
  • Apply ML to generate custom malware to pentest your security
  • Use ML algorithms with complex datasets to implement cybersecurity concepts
  • Create neural networks to identify fake videos and images
  • Secure your organization from one of the most popular threats - insider threats
  • Defend against zero-day threats by constructing an anomaly detection system
  • Detect web vulnerabilities effectively by combining Metasploit and ML
  • Understand how to train a model without exposing the training data

Who this book is for

This book is for cybersecurity professionals and security researchers who are looking to implement the latest machine learning techniques to boost computer security, and gain insights into securing an organization using red and blue team ML. This recipe-based book will also be useful for data scientists and machine learning developers who want to experiment with smart techniques in the cybersecurity domain. Working knowledge of Python programming and familiarity with cybersecurity fundamentals will help you get the most out of this book.

Publisher resources

Download Example Code

Table of contents

  1. Title Page
  2. Copyright and Credits
    1. Machine Learning for Cybersecurity Cookbook
  3. About Packt
    1. Why subscribe?
  4. Contributors
    1. About the author
    2. About the reviewers
    3. Packt is searching for authors like you
  5. Preface
    1. Who this book is for
    2. What this book covers
    3. To get the most out of this book
      1. Download the example code files
      2. Download the color images
      3. Conventions used
    4. Sections
      1. Getting ready
      2. How to do it…
      3. How it works…
      4. There's more…
      5. See also
    5. Get in touch
      1. Reviews
  6. Machine Learning for Cybersecurity
    1. Technical requirements
    2. Train-test-splitting your data
      1. Getting ready
      2. How to do it...
      3. How it works...
    3. Standardizing your data
      1. Getting ready
      2. How to do it...
      3. How it works...
    4. Summarizing large data using principal component analysis
      1. Getting ready
      2. How to do it...
      3. How it works...
    5. Generating text using Markov chains
      1. Getting ready
      2. How to do it...
      3. How it works...
    6. Performing clustering using scikit-learn
      1. Getting ready
      2. How to do it...
      3. How it works...
    7. Training an XGBoost classifier
      1. Getting ready
      2. How to do it...
      3. How it works...
    8. Analyzing time series using statsmodels
      1. Getting ready
      2. How to do it...
      3. How it works...
    9. Anomaly detection with Isolation Forest
      1. Getting ready
      2. How to do it...
      3. How it works...
    10. Natural language processing using a hashing vectorizer and tf-idf with scikit-learn
      1. Getting ready
      2. How to do it…
      3. How it works...
    11. Hyperparameter tuning with scikit-optimize
      1. Getting ready
      2. How to do it...
      3. How it works...
  7. Machine Learning-Based Malware Detection
    1. Technical requirements
    2. Malware static analysis
      1. Computing the hash of a sample
        1. Getting ready
        2. How to do it...
        3. How it works...
      2. YARA
        1. Getting ready
        2. How to do it…
        3. How it works…
      3. Examining the PE header
        1. Getting ready
        2. How to do it...
        3. How it works...
      4. Featurizing the PE header
        1. Getting ready
        2. How to do it...
        3. How it works...
    3. Malware dynamic analysis
      1. Getting ready
      2. How to do it...
      3. How it works...
    4. Using machine learning to detect the file type
      1. Scraping GitHub for files of a specific type
        1. Getting ready
        2. How to do it...
        3. How it works...
      2. Classifying files by type
        1. Getting ready
        2. How to do it...
        3. How it works...
    5. Measuring the similarity between two strings
      1. Getting ready
      2. How to do it...
      3. How it works...
    6. Measuring the similarity between two files
      1. Getting ready
      2. How to do it...
      3. How it works...
    7. Extracting N-grams
      1. Getting ready
      2. How to do it...
      3. How it works...
    8. Selecting the best N-grams
      1. Getting ready
      2. How to do it...
      3. How it works…
    9. Building a static malware detector
      1. Getting ready
      2. How to do it...
      3. How it works…
    10. Tackling class imbalance
      1. Getting ready
      2. How to do it...
      3. How it works…
    11. Handling type I and type II errors
      1. Getting ready
      2. How to do it...
      3. How it works…
  8. Advanced Malware Detection
    1. Technical requirements
    2. Detecting obfuscated JavaScript
      1. Getting ready
      2. How to do it...
      3. How it works…
    3. Featurizing PDF files
      1. Getting ready
      2. How to do it...
      3. How it works…
    4. Extracting N-grams quickly using the hash-gram algorithm
      1. Getting ready
      2. How to do it...
      3. How it works…
      4. See also
    5. Building a dynamic malware classifier
      1. Getting ready
      2. How to do it...
      3. How it works…
    6. MalConv – end-to-end deep learning for malicious PE detection
      1. Getting ready
      2. How to do it...
      3. How it works…
    7. Tackling packed malware
      1. Using packers
        1. Getting ready
        2. How to do it...
        3. How it works…
      2. Assembling a packed sample dataset
        1. Getting ready
        2. How to do it...
        3. How it works…
      3. Building a classifier for packers
        1. Getting ready
        2. How to do it...
        3. How it works…
    8. MalGAN – creating evasive malware
      1. Getting ready
      2. How to do it...
      3. How it works…
    9. Tracking malware drift
      1. Getting ready
      2. How to do it...
      3. How it works…
  9. Machine Learning for Social Engineering
    1. Technical requirements
    2. Twitter spear phishing bot
      1. Getting ready
      2. How to do it...
      3. How it works…
    3. Voice impersonation
      1. Getting ready
      2. How to do it...
      3. How it works…
    4. Speech recognition for OSINT
      1. Getting ready
      2. How to do it...
      3. How it works…
    5. Facial recognition
      1. Getting ready
      2. How to do it…
      3. How it works…
    6. Deepfake
      1. Getting ready
      2. How to do it...
      3. How it works…
    7. Deepfake recognition
      1. Getting ready
      2. How to do it...
      3. How it works…
    8. Lie detection using machine learning
      1. Getting ready
      2. How to do it...
      3. How it works…
    9. Personality analysis
      1. Getting ready
      2. How to do it...
      3. How it works…
    10. Social Mapper
      1. Getting ready
      2. How to do it...
      3. How it works…
    11. Fake review generator
      1. Training a fake review generator
        1. Getting ready
        2. How to do it...
        3. How it works…
      2. Generating fake reviews
        1. Getting ready
        2. How to do it...
        3. How it works...
    12. Fake news
      1. Getting ready
      2. How to do it…
      3. How it works…
  10. Penetration Testing Using Machine Learning
    1. Technical requirements
    2. CAPTCHA breaker
      1. Processing a CAPTCHA dataset
        1. Getting ready
        2. How to do it...
        3. How it works…
      2. Training a CAPTCHA solver neural network
        1. Getting ready
        2. How to do it...
        3. How it works…
    3. Neural network-assisted fuzzing
      1. Getting ready
      2. How to do it...
      3. How it works…
    4. DeepExploit
      1. Getting ready
      2. How to do it...
      3. How it works…
    5. Web server vulnerability scanner using machine learning (GyoiThon)
      1. Getting ready
      2. How to do it...
      3. How it works…
    6. Deanonymizing Tor using machine learning
      1. Getting ready
      2. How to do it…
        1. Collecting data
        2. Training
        3. Predicting
      3. How it works…
    7. IoT device type identification using machine learning
      1. Getting ready
      2. How to do it…
      3. How it works...
    8. Keystroke dynamics
      1. Getting ready
      2. How to do it...
      3. How it works...
    9. Malicious URL detector
      1. Getting ready
      2. How to do it…
      3. How it works…
    10. Deep-pwning
      1. Getting ready
      2. How to do it…
      3. How it works…
    11. Deep learning-based system for the automatic detection of software vulnerabilities
      1. Getting ready
      2. How to do it…
      3. How it works…
  11. Automatic Intrusion Detection
    1. Technical requirements
    2. Spam filtering using machine learning
      1. Getting ready
      2. How to do it...
      3. How it works…
    3. Phishing URL detection
      1. Getting ready
      2. How to do it…
      3. How it works…
    4. Capturing network traffic
      1. Getting ready
      2. How to do it…
      3. How it works…
    5. Network behavior anomaly detection
      1. Getting ready
      2. How to do it…
      3. How it works…
    6. Botnet traffic detection
      1. Getting ready
      2. How to do it…
      3. How it works…
    7. Insider threat detection
      1. Feature engineering for insider threat detection
        1. Getting ready
        2. How to do it…
        3. How it works...
      2. Employing anomaly detection for insider threats
        1. Getting ready
        2. How to do it...
        3. How it works…
    8. Detecting DDoS
      1. Getting ready
      2. How to do it…
      3. How it works…
    9. Credit card fraud detection
      1. Getting ready
      2. How to do it…
      3. How it works…
    10. Counterfeit bank note detection
      1. Getting ready
      2. How to do it...
      3. How it works...
    11. Ad blocking using machine learning
      1. Getting ready
      2. How to do it...
      3. How it works...
    12. Wireless indoor localization
      1. Getting ready
      2. How to do it…
      3. How it works…
  12. Securing and Attacking Data with Machine Learning
    1. Technical requirements
    2. Assessing password security using ML
      1. Getting ready
      2. How to do it…
      3. How it works…
    3. Deep learning for password cracking
      1. Getting ready
      2. How to do it…
      3. How it works…
      4. There's more
    4. Deep steganography
      1. Getting ready
      2. How to do it…
      3. How it works…
    5. ML-based steganalysis
      1. Getting ready
      2. How to do it...
      3. How it works…
    6. ML attacks on PUFs
      1. Getting ready
      2. How to do it...
      3. How it works…
      4. There's more
    7. Encryption using deep learning
      1. Getting ready
      2. How to do it...
      3. How it works...
    8. HIPAA data breaches – data exploration and visualization
      1. Getting ready
      2. How to do it…
      3. How it works…
  13. Secure and Private AI
    1. Technical requirements
    2. Federated learning
      1. Getting ready
      2. How to do it…
      3. How it works...
    3. Encrypted computation
      1. Getting ready
      2. How to do it…
      3. How it works…
    4. Private deep learning prediction
      1. Getting ready
      2. How to do it…
      3. How it works…
    5. Testing the adversarial robustness of neural networks
      1. Getting ready
      2. How to do it...
      3. How it works...
    6. Differential privacy using TensorFlow Privacy
      1. Getting ready
      2. How to do it...
      3. How it works...
  14. Appendix
    1. Setting up a virtual lab environment
      1. Getting ready
      2. How to do it...
      3. How it works...
    2. Using Python virtual environments
      1. Getting ready
      2. How to do it...
      3. How it works...
  15. Other Books You May Enjoy
    1. Leave a review - let other readers know what you think

Product information

  • Title: Machine Learning for Cybersecurity Cookbook
  • Author(s): Emmanuel Tsukerman
  • Release date: November 2019
  • Publisher(s): Packt Publishing
  • ISBN: 9781789614671