Search icon CANCEL
Subscription
0
Cart icon
Your Cart (0 item)
Close icon
You have no products in your basket yet
Save more on your purchases! discount-offer-chevron-icon
Savings automatically calculated. No voucher code required.
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Newsletter Hub
Free Learning
Arrow right icon
timer SALE ENDS IN
0 Days
:
00 Hours
:
00 Minutes
:
00 Seconds
Arrow up icon
GO TO TOP
Artificial Intelligence for Cybersecurity

You're reading from   Artificial Intelligence for Cybersecurity Develop AI approaches to solve cybersecurity problems in your organization

Arrow left icon
Product type Paperback
Published in Oct 2024
Publisher Packt
ISBN-13 9781805124962
Length 358 pages
Edition 1st Edition
Arrow right icon
Authors (4):
Arrow left icon
Bojan Kolosnjaji Bojan Kolosnjaji
Author Profile Icon Bojan Kolosnjaji
Bojan Kolosnjaji
Apostolis Zarras Apostolis Zarras
Author Profile Icon Apostolis Zarras
Apostolis Zarras
Huang Xiao Huang Xiao
Author Profile Icon Huang Xiao
Huang Xiao
Peng Xu Peng Xu
Author Profile Icon Peng Xu
Peng Xu
Arrow right icon
View More author details
Toc

Table of Contents (27) Chapters Close

Preface 1. Part 1: Data-Driven Cybersecurity and AI
2. Chapter 1: Big Data in Cybersecurity FREE CHAPTER 3. Chapter 2: Automation in Cybersecurity 4. Chapter 3: Cybersecurity Data Analytics 5. Part 2: AI and Where It Fits In
6. Chapter 4: AI, Machine Learning, and Statistics - A Taxonomy 7. Chapter 5: AI Problems and Methods 8. Chapter 6: Workflow, Tools, and Libraries in AI Projects 9. Part 3: Applications of AI in Cybersecurity
10. Chapter 7: Malware and Network Intrusion Detection and Analysis 11. Chapter 8: User and Entity Behavior Analysis 12. Chapter 9: Fraud, Spam, and Phishing Detection 13. Chapter 10: User Authentication and Access Control 14. Chapter 11: Threat Intelligence 15. Chapter 12: Anomaly Detection in Industrial Control Systems 16. Chapter 13: Large Language Models and Cybersecurity 17. Part 4: Common Problems When Applying AI in Cybersecurity
18. Chapter 14: Data Quality and its Usage in the AI and LLM Era 19. Chapter 15: Correlation, Causation, Bias, and Variance 20. Chapter 16: Evaluation, Monitoring, and Feedback Loop 21. Chapter 17: Learning in a Changing and Adversarial Environment 22. Chapter 18: Privacy, Accountability, Explainability, and Trust – Responsible AI 23. Part 5: Final Remarks and Takeaways
24. Chapter 19: Summary 25. Index 26. Other Books You May Enjoy

What this book covers

Chapter 1, Big Data in Cybersecurity, introduces the rising issue of handling large-scale data gathered by cybersecurity departments of various organizations and cybersecurity vendors. It describes the challenges of data processing and scale, as well as data quality, data governance, and similar.

Chapter 2, Automation in Cybersecurity, emphasizes the importance of automation as a driver for efficiency in cybersecurity. We describe tools that help achieve automation, such as SIEM, SOAR, EDR, and IDS, that help experts define workflows and automate tasks. These tools are made with data analysis problems in mind and help automation at scale.

Chapter 3, Cybersecurity Data Analytics, introduces the role of AI in advancing automation through intelligent data analytics on large-scale datasets. We describe challenges in this area that we will be solving throughout the book using AI methods and tools.

Chapter 4, AI, Machine Learning, and Statistics - A Taxonomy, helps disambiguate the terms of AI, machine learning, and statistics, which can be difficult for beginners in this area. It also helps to get the foundations and an understanding of how AI applies to various datasets, and where the important limitations and challenges are.

Chapter 5, AI Problems and Methods, builds on the basic terms of AI and helps you get more extensive knowledge and dive into concrete methods and how they work. It gives you the knowledge needed to recognize where different AI and ML methods are applicable and how to apply them.

Chapter 6, Workflow, Tools, and Libraries in AI Projects, describes the workflow of AI projects, from data collection and preprocessing to training and testing. Furthermore, it describes useful tools and libraries with examples in cybersecurity.

Chapter 7, Malware and Network Intrusion Detection and Analysis, describes the problem of malware detection and network intrusion detection and how AI is applicable to solve it. We describe how AI makes a difference to improve detection performance and provide a hands-on exercise to improve your technical skills.

Chapter 8, User and Entity Behavior Analysis, introduces the problem of finding a way to capture and analyze patterns in the behavior of users and hosts. We describe how AI methods can be used to model this behavior from raw event logs and detect anomalies that can point to cyberattacks.

Chapter 9, Fraud, Spam, and Phishing Detection, contains a description of typical methods to detect transaction fraud, as well as spam and phishing emails using anomaly-based methods. These methods heavily benefit from AI, and we clarify how AI can be applied, and what the problems and challenges are in these use cases.

Chapter 10, User Authentication and Access Control, describes the problem and solutions on how to authenticate users and how to enable them to access only the resources that we intend them to use. We also describe AI methods that are applicable to these problems.

Chapter 11, Threat Intelligence, contains an overview of cyber-threat intelligence problems and techniques to extract information from various sources important to get an understanding of cyber threats. Furthermore, we describe how AI can help solve problems in this area, and we also provide a practical exercise to practice your knowledge of AI methods.

Chapter 12, Anomaly Detection in Industrial Control Systems, shows what kind of cybersecurity-relevant anomalies happen in industrial networks and how to detect them. AI methods are useful in this scenario as well, as they help us model regular behavior and detect anomalies.

Chapter 13, Large Language Models and Cybersecurity, introduces the recently popular topic of large language models (LLMs) as generative AI methods that found applications in cybersecurity. We describe the potential of applying LLMs in cybersecurity scenarios, the challenges in making these applications successful, and how to overcome them.

Chapter 14, Data Quality and its Usage in the AI and LLM Era, is an important chapter, as contemporary AI methods are data-driven and the success of the AI application heavily depends on data being fit for purpose. We describe methods of data quality management and challenges in this area.

Chapter 15, Correlation, Causation, Bias, and Variance, covers these terms as they are important to know, and lack of understanding them often brings problems in AI applications. We give you an introduction and dive into the importance of differentiating correlation and causation, as well as describe the trade-off of bias and variance to help you avoid common pitfalls.

Chapter 16, Evaluation, Monitoring, and Feedback Loop, covers the very important parts of a machine learning workflow. We need to have proper methods for evaluation to describe performance and methods to monitor this performance. Furthermore, we often keep humans in the loop within the AI workflow to enhance our data or tune our models.

Chapter 17, Learning in a Changing and Adversarial Environment, explains how many baseline AI methods contain assumptions about a static environment, and we need new techniques that enable the handling of changes in the data that happen naturally or because of adversarial activity. We present these techniques as they are especially important in cybersecurity applications.

Chapter 18, Privacy, Accountability, Explainability, and Trust – Responsible AI, explores responsible AI – recently, a very important topic as AI applications are adopted in various areas that influence people’s well-being and the development of society. We describe responsible AI and how to achieve it in general and in the cybersecurity context.

Chapter 19, Summary, contains a retrospective on what you have learned in previous chapters and helps you structure the knowledge you obtained while reading the book. Furthermore, it gives you some propositions for the next steps to enhance your knowledge and skills.

lock icon The rest of the chapter is locked
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at $19.99/month. Cancel anytime
Banner background image