Mastering Machine Learning for Penetration Testing

Mastering Machine Learning for Penetration Testing

by Chiheb Chebbi
Released June 2018
Publisher(s): Packt Publishing
ISBN: 9781788997409

Read it now on the O’Reilly learning platform with a 10-day free trial.

O’Reilly members get unlimited access to books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Book description

Become a master at penetration testing using machine learning with Python

About This Book
  • Identify ambiguities and breach intelligent security systems
  • Perform unique cyber attacks to breach robust systems
  • Learn to leverage machine learning algorithms
Who This Book Is For

This book is for pen testers and security professionals who are interested in learning techniques to break an intelligent security system. Basic knowledge of Python is needed, but no prior knowledge of machine learning is necessary.

What You Will Learn
  • Take an in-depth look at machine learning
  • Get to know natural language processing (NLP)
  • Understand malware feature engineering
  • Build generative adversarial networks using Python libraries
  • Work on threat hunting with machine learning and the ELK stack
  • Explore the best practices for machine learning
In Detail

Cyber security is crucial for both businesses and individuals. As systems are getting smarter, we now see machine learning interrupting computer security. With the adoption of machine learning in upcoming security products, it's important for pentesters and security researchers to understand how these systems work, and to breach them for testing purposes.

This book begins with the basics of machine learning and the algorithms used to build robust systems. Once you've gained a fair understanding of how security products leverage machine learning, you'll dive into the core concepts of breaching such systems. Through practical use cases, you'll see how to find loopholes and surpass a self-learning security system.

As you make your way through the chapters, you'll focus on topics such as network intrusion detection and AV and IDS evasion. We'll also cover the best practices when identifying ambiguities, and extensive techniques to breach an intelligent system.

By the end of this book, you will be well-versed with identifying loopholes in a self-learning security system and will be able to efficiently breach a machine learning system.

Style and approach

This book takes a step-by-step approach to identify the loop holes in a self-learning security system. You will be able to efficiently breach a machine learning system with the help of best practices towards the end of the book.

Table of contents

  1. Title Page
  2. Copyright and Credits
    1. Mastering Machine Learning for Penetration Testing
  3. Dedication
  4. Packt Upsell
    1. Why subscribe?
    2. PacktPub.com
  5. Contributors
    1. About the author
    2. About the reviewer
    3. Packt is searching for authors like you
  6. Preface
    1. Who this book is for
    2. What this book covers
    3. To get the most out of this book
      1. Download the example code files
      2. Download the color images
      3. Conventions used
    4. Get in touch
      1. Reviews
  7. Introduction to Machine Learning in Pentesting
    1. Technical requirements
    2. Artificial intelligence and machine learning
      1. Machine learning models and algorithms
        1. Supervised
          1. Bayesian classifiers
          2. Support vector machines
          3. Decision trees
        2. Semi-supervised
        3. Unsupervised
          1. Artificial neural networks
          2. Linear regression
          3. Logistic regression
          4. Clustering with k-means
        4. Reinforcement
      2. Performance evaluation
      3. Dimensionality reduction
      4. Improving classification with ensemble learning
    3. Machine learning development environments and Python libraries
      1. NumPy
      2. SciPy
      3. TensorFlow
      4. Keras
      5. pandas
      6. Matplotlib
      7. scikit-learn
      8. NLTK
      9. Theano
    4. Machine learning in penetration testing - promises and challenges
      1. Deep Exploit
    5. Summary
    6. Questions
    7. Further reading
  8. Phishing Domain Detection
    1. Technical requirements
    2. Social engineering overview
      1. Social Engineering Engagement Framework
    3. Steps of social engineering penetration testing
    4. Building real-time phishing attack detectors using different machine learning models
      1. Phishing detection with logistic regression
      2. Phishing detection with decision trees
    5. NLP in-depth overview
      1. Open source NLP libraries
      2. Spam detection with NLTK
    6. Summary
    7. Questions
  9. Malware Detection with API Calls and PE Headers
    1. Technical requirements
    2. Malware overview
      1. Malware analysis
        1. Static malware analysis
        2. Dynamic malware analysis
        3. Memory malware analysis
        4. Evasion techniques
        5. Portable Executable format files
    3. Machine learning malware detection using PE headers
    4. Machine learning malware detection using API calls
    5. Summary
    6. Questions
    7. Further reading
  10. Malware Detection with Deep Learning
    1. Technical requirements
    2. Artificial neural network overview
    3. Implementing neural networks in Python
    4. Deep learning model using PE headers
    5. Deep learning model with convolutional neural networks and malware visualization
      1. Convolutional Neural Networks (CNNs)
      2. Recurrent Neural Networks (RNNs)
      3. Long Short Term Memory networks
      4. Hopfield networks
      5. Boltzmann machine networks
      6. Malware detection with CNNs
    6. Promises and challenges in applying deep learning to malware detection
    7. Summary
    8. Questions
    9. Further reading
  11. Botnet Detection with Machine Learning
    1. Technical requirements
    2. Botnet overview
    3. Building a botnet detector model with multiple machine learning techniques
    4. How to build a Twitter bot detector
      1. Visualization with seaborn
    5. Summary
    6. Questions
    7. Further reading
  12. Machine Learning in Anomaly Detection Systems
    1. Technical requirements
    2. An overview of anomaly detection techniques
      1. Static rules technique
    3. Network attacks taxonomy
    4. The detection of network anomalies
      1. HIDS
      2. NIDS
      3. Anomaly-based IDS
    5. Building your own IDS
    6. The Kale stack
    7. Summary
    8. Questions
    9. Further reading
  13. Detecting Advanced Persistent Threats
    1. Technical requirements
    2. Threats and risk analysis
    3. Threat-hunting methodology
      1. The cyber kill chain
      2. The diamond model of intrusion analysis
    4. Threat hunting with the ELK Stack
      1. Elasticsearch
      2. Kibana
      3. Logstash
      4. Machine learning with the ELK Stack using the X-Pack plugin
    5. Summary
    6. Questions
  14. Evading Intrusion Detection Systems
    1. Technical requirements
    2. Adversarial machine learning algorithms
      1. Overfitting and underfitting
      2. Overfitting and underfitting with Python
      3. Detecting overfitting
      4. Adversarial machine learning
        1. Evasion attacks
        2. Poisoning attacks
        3. Adversarial clustering
        4. Adversarial features
          1. CleverHans
          2. The AML library
          3. EvadeML-Zoo
    3. Evading intrusion detection systems with adversarial network systems
    4. Summary
    5. Questions
    6. Further reading
  15. Bypassing Machine Learning Malware Detectors
    1. Technical requirements
    2. Adversarial deep learning
      1. Foolbox
      2. Deep-pwning
      3. EvadeML
    3. Bypassing next generation malware detectors with generative adversarial networks
      1. The generator
      2. The discriminator
    4. MalGAN
    5. Bypassing machine learning with reinforcement learning
      1. Reinforcement learning
    6. Summary
    7. Questions
    8. Further reading
  16. Best Practices for Machine Learning and Feature Engineering
    1. Technical requirements
    2. Feature engineering in machine learning
    3. Feature selection algorithms
      1. Filter methods
        1. Pearson's correlation
        2. Linear discriminant analysis
        3. Analysis of variance
        4. Chi-square
      2. Wrapper methods
        1. Forward selection
        2. Backward elimination
        3. Recursive feature elimination
      3. Embedded methods
        1. Lasso linear regression L1
        2. Ridge regression L2
        3. Tree-based feature selection
    4. Best practices for machine learning
      1. Information security datasets
      2. Project Jupyter
      3. Speed up training with GPUs
      4. Selecting models and learning curves
      5. Machine learning architecture
      6. Coding
      7. Data handling
      8. Business contexts
    5. Summary
    6. Questions
    7. Further reading
  17. Assessments
    1. Chapter 1 – Introduction to Machine Learning in Pentesting
    2. Chapter 2 – Phishing Domain Detection
    3. Chapter 3 – Malware Detection with API Calls and PE Headers
    4. Chapter 4 – Malware Detection with Deep Learning
    5. Chapter 5 – Botnet Detection with Machine Learning
    6. Chapter 6 – Machine Learning in Anomaly Detection Systems
    7. Chapter 7 – Detecting Advanced Persistent Threats
    8. Chapter 8 – Evading Intrusion Detection Systems with Adversarial Machine Learning
    9. Chapter 9 – Bypass Machine Learning Malware Detectors
    10. Chapter 10 – Best Practices for Machine Learning and Feature Engineering
  18. Other Books You May Enjoy
    1. Leave a review - let other readers know what you think

Product information

  • Title: Mastering Machine Learning for Penetration Testing
  • Author(s): Chiheb Chebbi
  • Release date: June 2018
  • Publisher(s): Packt Publishing
  • ISBN: 9781788997409