Security with AI and Machine Learning

Book Description

For security professionals seeking reliable ways to combat persistent threats to their networks, there’s encouraging news. Tools that employ AI and machine learning have begun to replace the older rules- and signature-based tools that can no longer combat today’s sophisticated attacks. In this ebook, Oracle’s Laurent Gil and Recorded Future’s Allan Liska look at the strengths (and limitations) of AI- and ML-based security tools for dealing with today’s threat landscape.

This high-level overview demonstrates how these new tools use AI and ML to quickly identify threats, connect attack patterns, and allow operators and analysts to focus on their core mission. You’ll also learn how managed security service providers (MSSPs) use AI and ML to identify patterns from across their customer base.

This ebook explains:

  • Why rules-based, signature-based, and firewall solutions have fallen short
  • How automated bots enable cybercriminals and nation-state actors to attack your network
  • The evolution of the botnet: how threat actors constantly change their attack strategy
  • How AI and ML techniques in web applications help you observe, quantify, and classify inbound requests
  • How to detect insider threats and advanced persistent threat actors with AI and ML tools
  • Case studies that show how a media company, an airline, and a university use AL and ML in security

Table of Contents

  1. Preface
  2. 1. The Role of ML and AI in Security
    1. Where Rules-Based, Signature-Based, and Firewall Solutions Fall Short
    2. Preparing for Unexpected Attacks
  3. 2. Understanding AI, ML, and Automation
    1. AI and ML
    2. Automation
    3. Challenges in Adopting AI and ML
    4. The Way Forward
  4. 3. Focusing on the Threat of Malicious Bots
    1. Bots and Botnets
    2. Bots and Remote Code Execution
      1. More Flexible Malicious Bots, More Risks to Your Business
  5. 4. The Evolution of the Botnet
    1. A Thriving Underground Market
    2. The Bot Marketplace
    3. AI and ML Adoption in Botnets
    4. Staying Ahead of the Next Attack with Threat Intelligence
  6. 5. AI and ML on the Security Front: A Focus on Web Applications
    1. Finding Anomalies
    2. Bringing ML to Bot Attack Remediation
    3. Using Supervised ML-Based Defenses for Security Events and Log Analysis
    4. Deploying Increasingly Sophisticated Malware Detection
    5. Using AI to Identify Bots
  7. 6. AI and ML on the Security Front: Beyond Bots
    1. Identifying the Insider Threat
    2. Tracking Attacker Dwell Time
    3. Orchestrating Protection
    4. ML and AI in Security Solutions Today
  8. 7. ML and AI Case Studies
    1. Case Study: Global Media Company Fights Scraping Bots
      1. The Problem
      2. Human versus Bot Behavior
      3. Bot Management
      4. Human Interaction Analysis: 90% Were Bots
    2. When Nothing Else Works: Using Very Sophisticated ML Engines with a Data Science Team
      1. Correlated elements
    3. The Results
  9. 8. Looking Ahead: AI, ML, and Managed Security Service Providers
    1. The MSSP as an AI and ML Source
    2. Cloud-Based WAFs Using AI and ML
      1. Addressing the Application Security Challenge
  10. 9. Conclusion: Why AI and ML Are Pivotal to the Future of Enterprise Security

Product Information

  • Title: Security with AI and Machine Learning
  • Author(s): Laurent Gil, Allan Liska
  • Release date: February 2019
  • Publisher(s): O'Reilly Media, Inc.
  • ISBN: 9781492043126