Search icon CANCEL
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Conferences
Free Learning
Arrow right icon
Hands-On Machine Learning for Cybersecurity
Hands-On Machine Learning for Cybersecurity

Hands-On Machine Learning for Cybersecurity: Safeguard your system by making your machines intelligent using the Python ecosystem

Arrow left icon
Profile Icon Halder Profile Icon Sinan Ozdemir
Arrow right icon
AU$36.99 AU$53.99
Full star icon Full star icon Half star icon Empty star icon Empty star icon 2.7 (6 Ratings)
eBook Dec 2018 318 pages 1st Edition
eBook
AU$36.99 AU$53.99
Paperback
AU$67.99
Subscription
Free Trial
Renews at AU$24.99p/m
Arrow left icon
Profile Icon Halder Profile Icon Sinan Ozdemir
Arrow right icon
AU$36.99 AU$53.99
Full star icon Full star icon Half star icon Empty star icon Empty star icon 2.7 (6 Ratings)
eBook Dec 2018 318 pages 1st Edition
eBook
AU$36.99 AU$53.99
Paperback
AU$67.99
Subscription
Free Trial
Renews at AU$24.99p/m
eBook
AU$36.99 AU$53.99
Paperback
AU$67.99
Subscription
Free Trial
Renews at AU$24.99p/m

What do you get with eBook?

Product feature icon Instant access to your Digital eBook purchase
Product feature icon Download this book in EPUB and PDF formats
Product feature icon Access this title in our online reader with advanced features
Product feature icon DRM FREE - Read whenever, wherever and however you want
Table of content icon View table of contents Preview book icon Preview Book

Hands-On Machine Learning for Cybersecurity

Time Series Analysis and Ensemble Modeling

In this chapter, we will study two important concepts of machine learning: time series analysis and ensemble learning. These are important concepts in the field of machine learning.

We use these concepts to detect anomalies within a system. We analyze historic data and compare it with the current data to detect deviations from normal activities.

The topics that will be covered in this chapter are the following:

  • Time series and its different classes
  • Time series decomposition
  • Analysis of time series in cybersecurity
  • Prediction of DDoS attack
  • Ensemble learning methods and voting ensemble methods to detect cyber attacks

What is a time series?

A time series is defined as an array of data points that is arranged with respect to time. The data points are indicative of an activity that takes place at a time interval. One popular example is the total number of stocks that were traded at a certain time interval with other details like stock prices and their respective trading information at each second. Unlike a continuous time variable, these time series data points have a discrete value at different points of time. Hence, these are often referred to as discrete data variables. Time series data can be gathered over any minimum or maximum amount of time. There is no upper or lower bound to the period over which data is collected.

Time series data has the following:

  • Specific instances of time forming the timestamp
  • A start timestamp and an end timestamp
  • The total elapsed time for the instance

The...

Classes of time series models

Based on the use-case type that we have in hand, the relationship between the number of temporal sequences and time can be distributed among multiple classes. Problems bucketed into each of these classes have different machine learning algorithms to handle them.

Stochastic time series model

Stochastic processes are random mathematical objects that can be defined using random variables. These data points are known to randomly change over time. Stochastic processes can again be divided into three main classes that are dependent on historic data points. They are autoregressive (AR) models, the moving average (MA) model, and integrated (I) models. These models combine to form the autoregressive...

Time series decomposition

Time series decomposition is a better way of understanding the data in hand. Decomposing the model creates an abstract model that can be used for generalization of the data. Decomposition involves identifying trends and seasonal, cyclical, and irregular components of the data. Making sense of data with these components is the systematic type of modeling.

In the following section, we will look at these recurring properties and how they help analyze time series data.

Level

We have discussed moving averages with respect to time series before. The level can be defined as the average or mean of a bunch of time series data points.

...

Use cases for time series

In the Signal processing section, we will discuss the different fields where time series are utilized to extract meaningful information from very large datasets. Be it social media analysis, click stream trends, or system log generations, time series can be used to mine any data that has a similar time-sensitive approach to data collection and storage.

Signal processing

Digital signal processing uses time series analysis to identify a signal from a mixture of noise and signals. Signal processing uses various methods to perform this identification, like smoothing, correlation, convolution, and so on. Time series helps measure deviations from the stationary behaviors of signals. These drifts or deviations...

Time series analysis in cybersecurity

Computer attacks interrupt day-to-day services and cause data losses and network interruption. Time series analyses are popular machine learning methods that help to quantitatively detect anomalies or outliers in data, by either data fitting or forecasting. Time series analysis helps thwarting compromises and keep information loss to a minimum. The following graph shows the attacks mitigated on a routed platform:

Time series trends and seasonal spikes

Time series analysis can be used to detect attack attempts, like failed logins, using a time series model. Plotting login attempts identifies spikes (/) in failed logins. Such spikes are indicative of account takeover (ATO).

Time series identify another cyber security use case—data exfiltration is the process in which the unauthorized transfer of data takes place from a computer system to a malicious location. Time series can identify huge network data packets being transported out of the network. Data exfiltration could be because of either an outsider compromise or an insider threat. In a later section of the chapter, we will use ensemble learning methods to identify the source of the attack.

We will learn the details of the attack in the next section. The goal of this chapter is to be able to detect reconnaissance so that we are...

Predicting DDoS attacks

Now that we have identified a seasonality, the trend in the network data will baseline the data by fitting to a stochastic model. We have already defined systematic parameters, and we will apply them next.

ARMA

This is a weak stochastic stationary process, such that, when provided with a time series Xt, ARMA helps to forecast future values with respect to current values. ARMA consists of two actions:

  • The autoregression (p)
  • The moving average (q)

  • C = Constant
  • Et = White noise
  • θ = Parameters

ARIMA

ARIMA is a generalized version of ARMA...

Ensemble learning methods

Ensemble learning methods are used to improve performance by taking the cumulative results from multiple models to make a prediction. Ensemble models overcome the problem of overfitting by considering outputs of multiple models. This helps in overlooking modeling errors from any one model.

Ensemble learning can be a problem for time series models because every data point has a time dependency. However, if we choose to look at the data as a whole, we can overlook time dependency components. Time dependency components are conventional ensemble methods like bagging, boosting, random forests, and so on.

Types of ensembling

Ensembling of models to derive the best model performance can happen in many ways...

Voting ensemble method to detect cyber attacks

In the voting ensemble method, every model gets to make a prediction about the results of the model, and the decision on the model result is made on the majority votes or predictions made. There is another advanced level of the voting the ensemble method known as weighted voting. Here certain predictor models have more weights associated with their votes and thus get to make more privileged predictions:

  1. We start by importing the respective libraries:
import pandas
from sklearn import model_selection
from sklearn.linear_model import LogisticRegression
from sklearn.tree import DecisionTreeClassifier
from sklearn.svm import SVC
from sklearn.ensemble import VotingClassifier
  1. We detect a cyber attack via a voting mechanism where we use algorithms like SCV, decision tree, and logistic regression. We finally use the voting classifier to choose...

Summary

In this chapter, we dealt with the theory of time series analysis and ensemble learning and with real-life use cases where these methods can be implemented. We took one of the most frequent examples of cybersecurity, DoS attacks, and introduced a method that will capture them beforehand.

In the next chapter, we will learn about segregating legitimate and lousy URLs.

Left arrow icon Right arrow icon
Download code icon Download Code

Key benefits

  • Learn machine learning algorithms and cybersecurity fundamentals
  • Automate your daily workflow by applying use cases to many facets of security
  • Implement smart machine learning solutions to detect various cybersecurity problems

Description

Cyber threats today are one of the costliest losses that an organization can face. In this book, we use the most efficient tool to solve the big problems that exist in the cybersecurity domain. The book begins by giving you the basics of ML in cybersecurity using Python and its libraries. You will explore various ML domains (such as time series analysis and ensemble modeling) to get your foundations right. You will implement various examples such as building system to identify malicious URLs, and building a program to detect fraudulent emails and spam. Later, you will learn how to make effective use of K-means algorithm to develop a solution to detect and alert you to any malicious activity in the network. Also learn how to implement biometrics and fingerprint to validate whether the user is a legitimate user or not. Finally, you will see how we change the game with TensorFlow and learn how deep learning is effective for creating models and training systems

Who is this book for?

This book is for the data scientists, machine learning developers, security researchers, and anyone keen to apply machine learning to up-skill computer security. Having some working knowledge of Python and being familiar with the basics of machine learning and cybersecurity fundamentals will help to get the most out of the book

What you will learn

  • Use machine learning algorithms with complex datasets to implement cybersecurity concepts
  • Implement machine learning algorithms such as clustering, k-means, and Naive Bayes to solve real-world problems
  • Learn to speed up a system using Python libraries with NumPy, Scikit-learn, and CUDA
  • Understand how to combat malware, detect spam, and fight financial fraud to mitigate cyber crimes
  • Use TensorFlow in the cybersecurity domain and implement real-world examples
  • Learn how machine learning and Python can be used in complex cyber issues

Product Details

Country selected
Publication date, Length, Edition, Language, ISBN-13
Publication date : Dec 31, 2018
Length: 318 pages
Edition : 1st
Language : English
ISBN-13 : 9781788990967
Category :
Languages :

What do you get with eBook?

Product feature icon Instant access to your Digital eBook purchase
Product feature icon Download this book in EPUB and PDF formats
Product feature icon Access this title in our online reader with advanced features
Product feature icon DRM FREE - Read whenever, wherever and however you want

Product Details

Publication date : Dec 31, 2018
Length: 318 pages
Edition : 1st
Language : English
ISBN-13 : 9781788990967
Category :
Languages :

Packt Subscriptions

See our plans and pricing
Modal Close icon
AU$24.99 billed monthly
Feature tick icon Unlimited access to Packt's library of 7,000+ practical books and videos
Feature tick icon Constantly refreshed with 50+ new titles a month
Feature tick icon Exclusive Early access to books as they're written
Feature tick icon Solve problems while you work with advanced search and reference features
Feature tick icon Offline reading on the mobile app
Feature tick icon Simple pricing, no contract
AU$249.99 billed annually
Feature tick icon Unlimited access to Packt's library of 7,000+ practical books and videos
Feature tick icon Constantly refreshed with 50+ new titles a month
Feature tick icon Exclusive Early access to books as they're written
Feature tick icon Solve problems while you work with advanced search and reference features
Feature tick icon Offline reading on the mobile app
Feature tick icon Choose a DRM-free eBook or Video every month to keep
Feature tick icon PLUS own as many other DRM-free eBooks or Videos as you like for just AU$5 each
Feature tick icon Exclusive print discounts
AU$349.99 billed in 18 months
Feature tick icon Unlimited access to Packt's library of 7,000+ practical books and videos
Feature tick icon Constantly refreshed with 50+ new titles a month
Feature tick icon Exclusive Early access to books as they're written
Feature tick icon Solve problems while you work with advanced search and reference features
Feature tick icon Offline reading on the mobile app
Feature tick icon Choose a DRM-free eBook or Video every month to keep
Feature tick icon PLUS own as many other DRM-free eBooks or Videos as you like for just AU$5 each
Feature tick icon Exclusive print discounts

Frequently bought together


Stars icon
Total AU$ 226.97
Hands-On Machine Learning for Algorithmic Trading
AU$90.99
Hands-On Artificial Intelligence for Cybersecurity
AU$67.99
Hands-On Machine Learning for Cybersecurity
AU$67.99
Total AU$ 226.97 Stars icon

Table of Contents

12 Chapters
Basics of Machine Learning in Cybersecurity Chevron down icon Chevron up icon
Time Series Analysis and Ensemble Modeling Chevron down icon Chevron up icon
Segregating Legitimate and Lousy URLs Chevron down icon Chevron up icon
Knocking Down CAPTCHAs Chevron down icon Chevron up icon
Using Data Science to Catch Email Fraud and Spam Chevron down icon Chevron up icon
Efficient Network Anomaly Detection Using k-means Chevron down icon Chevron up icon
Decision Tree and Context-Based Malicious Event Detection Chevron down icon Chevron up icon
Catching Impersonators and Hackers Red Handed Chevron down icon Chevron up icon
Changing the Game with TensorFlow Chevron down icon Chevron up icon
Financial Fraud and How Deep Learning Can Mitigate It Chevron down icon Chevron up icon
Case Studies Chevron down icon Chevron up icon
Other Books You May Enjoy Chevron down icon Chevron up icon

Customer reviews

Top Reviews
Rating distribution
Full star icon Full star icon Half star icon Empty star icon Empty star icon 2.7
(6 Ratings)
5 star 33.3%
4 star 0%
3 star 0%
2 star 33.3%
1 star 33.3%
Filter icon Filter
Top Reviews

Filter reviews by




Endoplasmic Reticulum May 16, 2019
Full star icon Full star icon Full star icon Full star icon Full star icon 5
Still reading it
Amazon Verified review Amazon
Navya Nov 16, 2019
Full star icon Full star icon Full star icon Full star icon Full star icon 5
Very well written and helped clear the concepts. However, wish this book was not restricted only to Python and even snippets of R were included.
Amazon Verified review Amazon
countermode Feb 05, 2020
Full star icon Full star icon Empty star icon Empty star icon Empty star icon 2
This e-book cover topics that I was seeking suitable material for, so I was highly delighted to find a book on those topics. However, I soon discovered that the book is not at all self-explanatory in the sense that the author throws several important notions at the reader without any reference. For instance, in the chapter on time series analysis the author mentions ACF and PACF, "explaining" them with a few sentences. It took me several video lectures on YouTube (which are, of course, of diverse quality) to get the idea and some background in order to follow the author. I don't think that the concepts of ACF, PACF, auto-regression, moving average, ARMA, ARIMA etc. are "common folklore", so I wish the author had introduced them more carefully, or at least, if he had provided suitable references. What is good, at least, is that the reader gets the key words to look for so with quite some additional effort it is possible to follow the author.In the end, given the price, I am utterly disappointed; I've seen much better literature for much lower prices.
Amazon Verified review Amazon
Alvaro Feb 18, 2020
Full star icon Full star icon Empty star icon Empty star icon Empty star icon 2
I totally agree with and confirm the truth of the comment made by "countermode" He is fully right.The author of the book has touched upon a tremendous amount of complex concepts, something that you can tell in the Table of Contents, but then you see that she just devotes a couple of lines leaving the matter unexplained. Therefore, the reader is left to look for explanations elsewhere, like tutorials on the internet, videos etc.The reason is obvious. She has written a book of 300 pages, but the topics that she mentions would require around 1500-1800 pages.On page 46 she just breezes in about correlation time series and provides no explanation about the graphic that is shown. This is a pattern throughout the book.So, consider that you are going to have to devote about 10 times more time to learn about the topics she mentions.
Amazon Verified review Amazon
Luciano Montenegro Oct 01, 2023
Full star icon Empty star icon Empty star icon Empty star icon Empty star icon 1
Caso, a intenção foi ser prático com o material do livro, poderia ter tido um cuidado maior nos códigos utilizados. E apresentar referências para aprofundar determinados aspectos de ML. Achei o valor muito alto para o conteúdo apresentado. Os códigos simplesmente precisam ser atualizados para versão mais atuais de python.
Amazon Verified review Amazon
Get free access to Packt library with over 7500+ books and video courses for 7 days!
Start Free Trial

FAQs

How do I buy and download an eBook? Chevron down icon Chevron up icon

Where there is an eBook version of a title available, you can buy it from the book details for that title. Add either the standalone eBook or the eBook and print book bundle to your shopping cart. Your eBook will show in your cart as a product on its own. After completing checkout and payment in the normal way, you will receive your receipt on the screen containing a link to a personalised PDF download file. This link will remain active for 30 days. You can download backup copies of the file by logging in to your account at any time.

If you already have Adobe reader installed, then clicking on the link will download and open the PDF file directly. If you don't, then save the PDF file on your machine and download the Reader to view it.

Please Note: Packt eBooks are non-returnable and non-refundable.

Packt eBook and Licensing When you buy an eBook from Packt Publishing, completing your purchase means you accept the terms of our licence agreement. Please read the full text of the agreement. In it we have tried to balance the need for the ebook to be usable for you the reader with our needs to protect the rights of us as Publishers and of our authors. In summary, the agreement says:

  • You may make copies of your eBook for your own use onto any machine
  • You may not pass copies of the eBook on to anyone else
How can I make a purchase on your website? Chevron down icon Chevron up icon

If you want to purchase a video course, eBook or Bundle (Print+eBook) please follow below steps:

  1. Register on our website using your email address and the password.
  2. Search for the title by name or ISBN using the search option.
  3. Select the title you want to purchase.
  4. Choose the format you wish to purchase the title in; if you order the Print Book, you get a free eBook copy of the same title. 
  5. Proceed with the checkout process (payment to be made using Credit Card, Debit Cart, or PayPal)
Where can I access support around an eBook? Chevron down icon Chevron up icon
  • If you experience a problem with using or installing Adobe Reader, the contact Adobe directly.
  • To view the errata for the book, see www.packtpub.com/support and view the pages for the title you have.
  • To view your account details or to download a new copy of the book go to www.packtpub.com/account
  • To contact us directly if a problem is not resolved, use www.packtpub.com/contact-us
What eBook formats do Packt support? Chevron down icon Chevron up icon

Our eBooks are currently available in a variety of formats such as PDF and ePubs. In the future, this may well change with trends and development in technology, but please note that our PDFs are not Adobe eBook Reader format, which has greater restrictions on security.

You will need to use Adobe Reader v9 or later in order to read Packt's PDF eBooks.

What are the benefits of eBooks? Chevron down icon Chevron up icon
  • You can get the information you need immediately
  • You can easily take them with you on a laptop
  • You can download them an unlimited number of times
  • You can print them out
  • They are copy-paste enabled
  • They are searchable
  • There is no password protection
  • They are lower price than print
  • They save resources and space
What is an eBook? Chevron down icon Chevron up icon

Packt eBooks are a complete electronic version of the print edition, available in PDF and ePub formats. Every piece of content down to the page numbering is the same. Because we save the costs of printing and shipping the book to you, we are able to offer eBooks at a lower cost than print editions.

When you have purchased an eBook, simply login to your account and click on the link in Your Download Area. We recommend you saving the file to your hard drive before opening it.

For optimal viewing of our eBooks, we recommend you download and install the free Adobe Reader version 9.