Data
Reader small image

You're reading from  Hands-On Artificial Intelligence for Cybersecurity

Product typeBook
Published inAug 2019
Reading LevelBeginner
PublisherPackt
ISBN-139781789804027
Edition1st Edition
Languages
Python
Concepts
Artificial Intelligence
Right arrow
Author (1)
Alessandro Parisi
Alessandro Parisi
author image
Alessandro Parisi

Alessandro Parisi has been an IT professional for over 20 years, acquiring significant experience as a Security Data Scientist, and as an Artificial Intelligence Cybersecurity and Blockchain specialist. He has experience of operating within organizational and decisional contexts characterized by high complexity. Over the years, he has helped companies to adopt Artificial Intelligence and Blockchain DLT technologies as strategic tools in protecting sensitive corporate assets. He holds a Master Degree in Economics and Statistics.
Read more about Alessandro Parisi

Right arrow

Network Anomaly Detection with AI

The current level of interconnection that can be established between different devices (for example, think of the Internet of Things (IoT)) has reached such a complexity that it seriously questions the effectiveness of traditional concepts such as perimeter security. As a matter of fact, cyberspace's attack surface grows exponentially, and it is therefore essential to resort to automated tools for the effective detection of network anomalies associated with unprecedented cybersecurity threats.

This chapter will cover the following topics:

  • Network anomaly detection techniques
  • How to classify network attacks
  • Detecting botnet topology
  • Different machine learning (ML) algorithms for botnet detection

In this chapter, we will focus on anomaly detection related to network security, postponing the discussion of the aspects of fraud detection...

Network anomaly detection techniques

The techniques we have seen so far can also be adopted to manage anomaly detection and related attempts to gain unauthorized access to the corporate network. To fully understand the potential of anomaly detection techniques, we will trace its evolution in the cybersecurity area, illustrating the basic principles that characterize it.

In fact, anomaly detection has always been a research area of cybersecurity, particularly in the field of network security protection. However, anomaly detection is not limited to identifying and preventing network attacks, but can also be adopted in other areas, such as fraud detection and in the identification of possible compromises of user profiles.

Anomaly detection rationales

...

How to classify network attacks

We have seen that it is possible to use all different types of algorithms (such as supervised, unsupervised, and reinforcement learning), even in the implementation of network anomaly detection systems.

But how can we effectively train these algorithms in order to identify the anomalous traffic?

It will be necessary to first identify a training dataset that is representative of the traffic considered normal within a given organization.

To this end, we will have to adequately choose the representative features of our model.

The choice of features is of particular importance, as they provide a contextual value to the analyzed data, and consequently determine the reliability and accuracy of our detection system.

In fact, choosing features that are not characterized by high correlation with possible anomalous behaviors translates into high error rates...

Detecting botnet topology

One of the most common pitfalls in network anomaly detection has to do with the detection of botnets within the corporate network. Given the danger of such hidden networks, the detection of botnets is particularly relevant, not only for preventing the exhaustion of the organization's computational and network resources by external attackers, but also for preventing the dissemination of sensitive information (data leakage) outward.

However, identifying the presence of a botnet in time is often an operation that is anything but simple. This is why it is important to understand the very nature of botnets.

What is a botnet?

The term botnet comes from the juxtaposition of the words bot and net. In...

Different ML algorithms for botnet detection

From what we have described so far, it is clear that it is not advisable to exclusively rely on automated tools for network anomaly detection, but it may be more productive to adopt AI algorithms that are able to dynamically learn how to recognize the presence of any anomalies within the network traffic, thus allowing the analyst to perform an in-depth analysis of only really suspicious cases. Now, we will demonstrate the use of different ML algorithms for network anomaly detection, which can also be used to identify a botnet.

The selected features in our example consist of the values of network latency and network throughput. In our threat model, anomalous values ​​associated with these features can be considered as representative of the presence of a botnet.

For each example, the accuracy of the algorithm is calculated...

Summary

In an increasingly interconnected world, and with the progressive spread of the IoT, it becomes essential to effectively analyze network traffic in search of anomalies that can represent reliable indications of possible compromises (such as the presence of botnets).

On the other hand, the exclusive use of automated systems in performing network anomaly detection tasks exposes us to the risk of having to manage an increasing number of misleading signals (false positives).

It is, therefore, more appropriate to integrate the automated anomaly detection activities with analysis carried out by human operators, exploiting AI algorithms as filters, in order to only select the anomalies that are really worthy of in-depth attention from the analysts.

In the next chapter we will deal with AI solutions for securing user authentication.

...
lock icon
The rest of the chapter is locked
Previous Chapter
Chapter 8 of 16
Next Chapter
You have been reading a chapter from
Hands-On Artificial Intelligence for Cybersecurity
Published in: Aug 2019Publisher: PacktISBN-13: 9781789804027
© 2019 Packt Publishing Limited All Rights Reserved
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Sign up now
undefined
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Start free trial
Renews at $15.99/month. Cancel anytime

Author (1)

author image
Alessandro Parisi

Alessandro Parisi has been an IT professional for over 20 years, acquiring significant experience as a Security Data Scientist, and as an Artificial Intelligence Cybersecurity and Blockchain specialist. He has experience of operating within organizational and decisional contexts characterized by high complexity. Over the years, he has helped companies to adopt Artificial Intelligence and Blockchain DLT technologies as strategic tools in protecting sensitive corporate assets. He holds a Master Degree in Economics and Statistics.
Read more about Alessandro Parisi

Other recommended products

Related to this chapter

Mastering Machine Learning for Penetration Testing

Mastering Machine Learning for Penetration Testing

We live in an era where cyber security plays an important role. As systems are getting smarter, we now see machine learning interrupting computer security. With the adoption of machine learning in upcoming security products, it’s important for pentesters and security researchers to understand how these systems work, and to breach them for testing purposes.

BookJun 2018276 pages
Securing Blockchain Networks like Ethereum and Hyperledger Fabric

Securing Blockchain Networks like Ethereum and Hyperledger Fabric

The adoption of blockchain for the value chain, insurance, and healthcare domain is flourishing. However, one of the key challenges faced in blockchain development is securing them. The book will cover essential architectural considerations, system and network security, various operational configurations to Ethereum and Hyperledger fabric network.

BookApr 2020244 pages
Malware Analysis Techniques

Malware Analysis Techniques

Comprehensive threat analysis is important for incident responders as it helps them to ensure that a threat has been entirely eliminated. This book shows you how to quickly triage, identify, attribute, and remediate threats with proper analysis techniques, and guides you in implementing your knowledge to prevent further incidents.

BookJun 2021282 pages
Mastering Machine Learning with scikit-learn

Mastering Machine Learning with scikit-learn

This book examines machine learning models including k-nearest neighbors, logistic regression, naive Bayes, random forests, and support vector machines. You will work through document classification, image recognition, and other example problems.

BookJul 2017254 pages
Machine Learning for Cybersecurity Cookbook

Machine Learning for Cybersecurity Cookbook

This book helps data scientists and cybersecurity experts on implementing the latest AI techniques in cybersecurity. Concrete and clear steps for implementing ML security systems are provided, saving you months in research and development. By the end of this book, you will be able to build defensive systems to curb cybersecurity threats.

BookNov 2019346 pages
Hands-On Machine Learning for Cybersecurity

Hands-On Machine Learning for Cybersecurity

The book will allow readers to implement smart solutions to their existing cybersecurity products and effectively build intelligent solutions which cater to the needs of the future. By the end of this book, you will be able to build, apply, and evaluate machine learning algorithms to identify various cybersecurity potential threats.

BookDec 2018318 pages
Hands-On Machine Learning with scikit-learn and Scientific Python Toolkits

Hands-On Machine Learning with scikit-learn and Scientific Python Toolkits

This book covers the theory and practice of building data-driven solutions. Includes the end-to-end process, using supervised and unsupervised algorithms. With each algorithm, you will learn the data acquisition and data engineering methods, the apt metrics, and the available hyper-parameters. You will learn how to deploy the models in production.

BookJul 2020384 pages
Hands-On Automated Machine Learning

Hands-On Automated Machine Learning

This book helps machine learning professionals in developing AutoML systems that can be utilized to build ML solutions. This book covers the necessary foundations and shows the most practical ways possible to get to speed with regards to creating AutoML modules.

BookApr 2018282 pages
40 Algorithms Every Programmer Should Know

40 Algorithms Every Programmer Should Know

Algorithms play an important role in both the science and practice of computing. To optimally use algorithms, a deeper understanding of their logic and mathematics is essential. Beyond traditional computing, the ability to apply these algorithms to solve real-world problems is a necessary skill, and this is what this book focuses on.

BookJun 2020382 pages5
40 Algorithms Every Programmer Should Know

40 Algorithms Every Programmer Should Know

Algorithms play an important role in both the science and practice of computing. To optimally use algorithms, a deeper understanding of their logic and mathematics is essential. Beyond traditional computing, the ability to apply these algorithms to solve real-world problems is a necessary skill, and this is what this book focuses on.

BookJun 2020382 pages5
Machine Learning Algorithms

Machine Learning Algorithms

Machine learning explores the study and construction of algorithms that can learn from and make predictions on data. This book will act as an entry point for anyone who wants to make a career in Machine Learning. It covers algorithms like Linear regression, Logistic Regression, SVM, Naïve Bayes, K-Means, Random Forest, and Feature engineering.

BookAug 2018522 pages
Machine Learning Algorithms

Machine Learning Algorithms

Machine learning explores the study and construction of algorithms that can learn from, and make predictions on, data. This book will act as an entry point for anyone who wants to make a career in the field of Machine Learning. A few famous algorithms that are covered in this book are Linear regression, Logistic Regression, SVM, Naïve Bayes, K-Means, Random Forest, TensorFlow, and Feature engineering.

BookJul 2017360 pages

Personalised recommendations for you

Based on your interests and search pattern

Et al.

Et al.

Ever wonder why speech recognition systems don't understand the Scottish accent, or what would happen if an astronaut only ate mac 'n' cheese, or other spurious reflections you'd have at a bar? We did, then collated those deliberations into absurd research articles with fake figures and methodologies inspired by even more fictionally absurd studies.

BookAug 2023230 pages5
Generative AI with LangChain

Generative AI with LangChain

This book is a comprehensive introduction to LLMs and LangChain, demystifying the basic mechanics of LangChain, its functionalities, and the myriad of applications it can be integrated into.

BookDec 2023360 pages4
Generative AI with LangChain

Generative AI with LangChain

This book is a comprehensive introduction to LLMs and LangChain, demystifying the basic mechanics of LangChain, its functionalities, and the myriad of applications it can be integrated into.

BookDec 2023360 pages5
Generative AI with LangChain

Generative AI with LangChain

This book is a comprehensive introduction to LLMs and LangChain, demystifying the basic mechanics of LangChain, its functionalities, and the myriad of applications it can be integrated into.

BookDec 2023360 pages1
Generative AI with LangChain

Generative AI with LangChain

This book is a comprehensive introduction to LLMs and LangChain, demystifying the basic mechanics of LangChain, its functionalities, and the myriad of applications it can be integrated into.

BookDec 2023360 pages5
Mastering Tableau 2023

Mastering Tableau 2023

This book is a comprehensive resource to mastering your Tableau skills and becoming a BI expert. As you progress, you will learn how to build advanced dashboards and improve your storytelling to derive key business insight, as well as make you well-versed with advanced functionalities of Tableau in the business intelligence domain.

BookAug 2023684 pages
Building AI Applications with ChatGPT APIs

Building AI Applications with ChatGPT APIs

This guide covers all ChatGPT API features for effortless creation of robust AI powered apps. With its help, you’ll be able to leverage ChatGPT’s cutting-edge NLP models to take your app development skills to the next level. You’ll also work on ten exciting projects that will give you the practical know-how that you can apply to your existing applications.

BookSep 2023258 pages5
Building AI Applications with ChatGPT APIs

Building AI Applications with ChatGPT APIs

This guide covers all ChatGPT API features for effortless creation of robust AI powered apps. With its help, you’ll be able to leverage ChatGPT’s cutting-edge NLP models to take your app development skills to the next level. You’ll also work on ten exciting projects that will give you the practical know-how that you can apply to your existing applications.

BookSep 2023258 pages2
Data Engineering with AWS

Data Engineering with AWS

Embark on a journey to master data engineering pipelines on AWS! Our book offers a hands-on experience of AWS services for ingesting, transforming, and consuming data. Whether you're an absolute beginner or someone with basic data engineering experience, this guide is an indispensable resource.

BookOct 2023636 pages5
Modern Data Architecture on AWS

Modern Data Architecture on AWS

Every organization wants an agile, performant, and cost-effective data platform that meets all their current and future business needs. Purpose-built AWS analytics services and their features play a big part in building such a modern data platform. This book brings to you all the design and architectural patterns that’ll help you achieve this goal.

BookAug 2023420 pages5
Practical Guide to Applied Conformal Prediction in Python

Practical Guide to Applied Conformal Prediction in Python

Discover the power of Conformal Prediction with the "Practical Guide to Applied Conformal Prediction in Python." Master the latest techniques to quantify uncertainty in machine learning and computer vision models, and seamlessly apply them to your industry applications.

BookDec 2023240 pages
TinyML Cookbook

TinyML Cookbook

With over 70 project-based recipes, the TinyML Cookbook is a practical guide that will help you to get the most out of your microcontrollers. It provides a comprehensive understanding of the theoretical foundations while giving you hands-on experience training ML models for deployment on Arduino Nano 33 BLE Sense, Raspberry Pi Pico, and SparkFun RedBoard Artemis Nano microcontrollers.

BookNov 2023664 pages