Actions for AI in Cybersecurity

Email RIS file
Bookmark
Report an Issue

AI in Cybersecurity / Leslie F. Sikos editor

Published
Cham, Switzerland : Springer Nature : Springer, [2019]
Copyright Date
©2019
Physical Description
xvii, 205 pages : illustrations (some color) ; 24 cm.
Additional Creators
Sikos, Leslie F.

Availability

Browse Nearby on Shelf
I Want It
I Want It

Finding items...

Series
Contents
Machine generated contents note: 1.OWL Ontologies in Cybersecurity: Conceptual Modeling of Cyber-Knowledge / Leslie F. Sikos -- 1.1.Introduction to Knowledge Engineering in Cybersecurity -- 1.2.Cybersecurity Taxonomies -- 1.3.A Core Reference Ontology for Cybersecurity -- 1.4.Upper Ontologies for Cybersecurity -- 1.5.Domain Ontologies for Cybersecurity -- 1.5.1.Intrusion Detection Ontologies -- 1.5.2.Malware Classification and Malware Behavior Ontologies -- 1.5.3.Ontologies for Cyberthreat Intelligence -- 1.5.4.The Ontology for Digital Forensics -- 1.5.5.Ontologies for Secure Operations and Processes -- 1.5.6.An Ontology for Describing Cyberattacks and Their Impact -- 1.6.Networking Ontologies for Cybersecurity -- 1.7.Summary -- References -- 2.Knowledge Representation of Network Semantics for Reasoning-Powered Cyber-Situational Awareness / Wolfgang Mayer -- 2.1.Introduction -- 2.2.Preliminaries -- 2.3.Communication Network Concepts -- 2.3.1.Networks and Topologies -- 2.3.2.Network Interfaces and IP Addressing -- 2.3.3.Routers -- 2.3.4.Autonomous Systems and Routing -- 2.4.Formal Knowledge Representation for Cyber-Situational Awareness -- 2.4.1.Representing Network Knowledge Using Ontology Definitions -- 2.5.Representing Network Data Provenance -- 2.6.Representing Network Data Uncertainty -- 2.7.Representing Network Data Vagueness -- 2.8.Reasoning Support for Cyber-Situational Awareness -- 2.9.Conclusions -- References -- 3.The Security of Machine Learning Systems / Emil C. Lupu -- 3.1.Machine Learning Algorithms Are Vulnerable -- 3.2.Threat Model -- 3.2.1.Threats by the Capability of the Attacker -- 3.2.2.Threats by the Goal of the Attacker -- 3.2.3.Threats by the Knowledge of the Attacker -- 3.2.4.Threats by Attack Strategy -- 3.3.Data Poisoning -- 3.3.1.Poisoning Attack Scenarios -- 3.3.2.Optimal Poisoning Attacks -- 3.3.3.Transferability of Poisoning Attacks -- 3.3.4.Defense Against Poisoning Attacks -- 3.4.Attacks at Test Time -- 3.4.1.Evasion Attack Scenarios -- 3.4.2.Computing Evasion Attacks -- 3.4.3.Transferability of Evasion Attacks -- 3.4.4.Defense Against Evasion Attacks -- 3.5.Conclusion -- References -- 4.Patch Before Exploited: An Approach to Identify Targeted Software Vulnerabilities / Paulo Shakarian -- 4.1.Introduction -- 4.2.Related Work -- 4.3.Preliminaries -- 4.3.1.Supervised Learning Approaches -- 4.3.2.Challenges of Exploit Prediction -- 4.4.Exploit Prediction Model -- 4.4.1.Data Sources -- 4.4.2.Feature Description -- 4.5.Vulnerability and Exploit Analysis -- 4.5.1.Likelihood of Exploitation -- 4.5.2.Time-Based Analysis -- 4.5.3.Vendor-/Platform-Based Analysis -- 4.5.4.Language-Based Analysis -- 4.6.Experimental Setup -- 4.6.1.Performance Evaluation -- 4.6.2.Results -- 4.7.Adversarial Data Manipulation -- 4.8.Discussion -- 4.9.Conclusion -- References -- 5.Applying Artificial Intelligence Methods to Network Attack Detection / Igor Kotenko -- 5.1.Introduction -- 5.2.Related Work -- 5.3.Binary Classifiers -- 5.3.1.Neural Networks -- 5.3.2.Neuro-Fuzzy Networks -- 5.3.3.Support Vector Machines -- 5.4.Training the Binary Classifier for Detecting Network Attacks -- 5.4.1.Calculating and Preprocessing Network Parameters -- 5.4.2.Genetic Optimization of the Weights of the Binary Classifier -- 5.4.3.An Algorithm for Network Attack Detection -- 5.5.Schemes for Combining the Binary Classifiers -- 5.5.1.Low-Level Schemes for Combining Detectors -- 5.5.2.Aggregating Compositions -- 5.5.3.Common Approach for Combining Detectors -- 5.6.Experiments -- 5.6.1.The Dataset -- 5.6.2.Experiment 1 -- 5.6.3.Experiment 2 -- 5.7.Conclusion -- References -- 6.Machine Learning Algorithms for Network Intrusion Detection / Longzhi Yang -- 6.1.Introduction -- 6.2.Network Intrusion Detection Systems -- 6.2.1.Deployment Methods -- 6.2.2.Detection Methodologies -- 6.3.Machine Learning in Network Intrusion Detection -- 6.3.1.Fuzzy Inference Systems -- 6.3.2.Artificial Neural Networks -- 6.3.3.Deployment of ML-Based NIDSes -- 6.4.Experiment -- 6.4.1.Evaluation Environment -- 6.4.2.Model Construction -- 6.4.3.Result Comparisons -- 6.5.Conclusion -- References -- 7.Android Application Analysis Using Machine Learning Techniques / Tao Ban -- 7.1.Introduction -- 7.2.The Structure of Android Application Packages -- 7.2.1.Central Configuration (AndroidManifest.xml) -- 7.2.2.Dalvik Bytecode (classes.dex) -- 7.3.Techniques for Identifying Android Malware -- 7.3.1.Blacklisting -- 7.3.2.Parameterizing -- 7.3.3.Classification -- 7.4.Dataset Preparation -- 7.4.1.APK File Analysis -- 7.4.2.Application Metadata -- 7.4.3.Label Assignment -- 7.4.4.Data Encoding -- 7.4.5.A Novel Dataset of Safe and Malicious APK Files -- 7.5.Detecting Malware Using SVM -- 7.5.1.SVM: A Brief Overview -- 7.5.2.Feature Settings -- 7.5.3.Hyperparameter Tuning -- 7.5.4.Evaluation Metrics -- 7.5.5.Numerical Results -- 7.6.Comparison with Parameterizing -- 7.6.1.Extending DroidRisk -- 7.6.2.DroidRisk Performance -- 7.7.Feature Selection -- 7.7.1.Recursive Feature Elimination -- 7.7.2.Ranking Criterion -- 7.7.3.Experiment -- 7.8.Issues and Limitations -- 7.9.Conclusions.
Subject(s)
ISBN
3319988417 hardback
9783319988412 hardback
Other Forms
Also available in electronic format.
View MARC record | catkey: 28915959