Explore Products

Best Sellers

New Releases

Books

Videos

Audiobooks

Learning Hub

Conferences

Free Learning

You're reading from Hands-On Machine Learning for Cybersecurity Safeguard your system by making your machines intelligent using the Python ecosystem

Product type Paperback

Published in Dec 2018

Publisher Packt

ISBN-13 9781788992282

Length 318 pages

Edition 1st Edition

Languages

Python

Tools

CUDA

Concepts

Cybersecurity

Authors (2):

Soma Halder

Sinan Ozdemir

View More author details

Table of Contents (13) Chapters

Preface

1. Basics of Machine Learning in Cybersecurity

2. Time Series Analysis and Ensemble Modeling FREE CHAPTER

3. Segregating Legitimate and Lousy URLs

4. Knocking Down CAPTCHAs

5. Using Data Science to Catch Email Fraud and Spam

6. Efficient Network Anomaly Detection Using k-means

7. Decision Tree and Context-Based Malicious Event Detection

8. Catching Impersonators and Hackers Red Handed

9. Changing the Game with TensorFlow

10. Financial Fraud and How Deep Learning Can Mitigate It

11. Case Studies

12. Other Books You May Enjoy

Leave a review - let other readers know what you think

Using Windows event logs to detect network anomalies

We will use Windows event logs to detect lateral movement in the first pass of detecting network anomalies. We will use Windows Active Directory logs for the purpose of the experiment. Active Directory is a Microsoft product that provides a directory service for network domains. Active Directory services include a wide range of directory-based identity-related services.

Active Directory stores all sorts of authorization and authentication logs using lightweight directory access protocol (LDAP). Active Directory logs a host of processes such as log-on events. In other words, when someone logs on to a computer and lockout events, that is, when someone enters wrong passwords and is unable to login. The following diagram shows the Active Directory logs along with the different processes:

We will discuss each of these types so that...

The rest of the chapter is locked

A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.

Unlock this book and the full library FREE for 7 days

Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of

Start free trial

Renews at $19.99/month. Cancel anytime

Authors (2)

Halder

Soma Halder is the data science lead of the big data analytics group at Reliance Jio Infocomm Ltd, one of India's largest telecom companies. She specializes in analytics, big data, cybersecurity, and machine learning. She has approximately 10 years of machine learning experience, especially in the field of cybersecurity. She studied at the University of Alabama, Birmingham where she did her master's with an emphasis on Knowledge discovery and Data Mining and computer forensics. She has worked for Visa, Salesforce, and AT&T. She has also worked for start-ups, both in India and the US (E8 Security, Headway ai, and Norah ai). She has several conference publications to her name in the field of cybersecurity, machine learning, and deep learning.

See other products by Halder

Sinan Ozdemir

Sinan is an active lecturer focusing on large language models and a former lecturer of data science at the Johns Hopkins University. He is the author of multiple textbooks on data science and machine learning including "Quick Start Guide to LLMs". Sinan is currently the founder of LoopGenius which uses AI to help people and businesses boost their sales and was previously the founder of the acquired Kylie.ai, an enterprise-grade conversational AI platform with RPA capabilities. He holds a Master's Degree in Pure Mathematics from Johns Hopkins University and is based in San Francisco.

See other products by Sinan Ozdemir