Applying Artificial Intelligence in Cybersecurity Analytics and Cyber Threat Detection

✍ Scribed by Shilpa Mahajan (editor), Mehak Khurana (editor), Vania Vieira Estrela (editor)

Publisher: Wiley
Year: 2024
Tongue: English
Leaves: 371
Edition: 1
Category: Library

No coin nor oath required. For personal study only.

✦ Synopsis

APPLYING ARTIFICIAL INTELLIGENCE IN CYBERSECURITY ANALYTICS AND CYBER THREAT DETECTION

Comprehensive resource providing strategic defense mechanisms for malware, handling cybercrime, and identifying loopholes using artificial intelligence (AI) and machine learning (ML)

Applying Artificial Intelligence in Cybersecurity Analytics and Cyber Threat Detection is a comprehensive look at state-of-the-art theory and practical guidelines pertaining to the subject, showcasing recent innovations, emerging trends, and concerns as well as applied challenges encountered, and solutions adopted in the fields of cybersecurity using analytics and machine learning. The text clearly explains theoretical aspects, framework, system architecture, analysis and design, implementation, validation, and tools and techniques of data science and machine learning to detect and prevent cyber threats.

Using AI and ML approaches, the book offers strategic defense mechanisms for addressing malware, cybercrime, and system vulnerabilities. It also provides tools and techniques that can be applied by professional analysts to safely analyze, debug, and disassemble any malicious software they encounter.

With contributions from qualified authors with significant experience in the field, Applying Artificial Intelligence in Cybersecurity Analytics and Cyber Threat Detection explores topics such as:

Cybersecurity tools originating from computational statistics literature and pure mathematics, such as nonparametric probability density estimation, graph-based manifold learning, and topological data analysis
Applications of AI to penetration testing, malware, data privacy, intrusion detection system (IDS), and social engineering
How AI automation addresses various security challenges in daily workflows and how to perform automated analyses to proactively mitigate threats
Offensive technologies grouped together and analyzed at a higher level from both an offensive and defensive standpoint

Providing detailed coverage of a rapidly expanding field, Applying Artificial Intelligence in Cybersecurity Analytics and Cyber Threat Detection is an essential resource for a wide variety of researchers, scientists, and professionals involved in fields that intersect with cybersecurity, artificial intelligence, and machine learning.

✦ Table of Contents

Cover
Title Page
Copyright
Contents
About the Editors
List of Contributors
Preface
Acknowledgment
Disclaimer
Note for Readers
Introduction
Part I Artificial Intelligence (AI) in Cybersecurity Analytics: Fundamental and Challenges
Chapter 1 Analysis of Malicious Executables and Detection Techniques
1.1 Introduction
1.2 Malicious Code Classification System
1.3 Literature Review
1.4 Malware Behavior Analysis
1.5 Conventional Detection Systems
1.6 Classifying Executables by Payload Function
1.7 Result and Discussion
1.8 Conclusion
References
Chapter 2 Detection and Analysis of Botnet Attacks Using Machine Learning Techniques
2.1 Introduction
2.2 Literature Review
2.3 Botnet Architecture
2.3.1 Botnet Life Cycle
2.3.2 Botnet Detection Techniques
2.4 Methodology Adopted
2.4.1 Dataset Used
2.4.2 Machine Learning Algorithms Used
2.5 Experimental Setup
2.5.1 Evaluation Metrics
2.6 Results and Discussions
2.7 Conclusion and Future Work
References
Chapter 3 Artificial Intelligence Perspective on Digital Forensics
3.1 Introduction
3.2 Literature Survey
3.3 Phases of Digital Forensics
3.4 Demystifying Artificial Intelligence in the Digital World
3.4.1 Artificial Narrow Intelligence
3.4.2 Artificial General Intelligence
3.4.3 Artificial Super Intelligence
3.5 Application of Machine Learning in Digital Forensics Investigations
3.6 Implementation of Artificial Intelligence in Forensics
3.7 Pattern Recognition Using Artificial Intelligence
3.8 Applications of AI in Criminal Investigations
3.8.1 Bombing Scenarios
3.8.2 Gun Fires
3.9 Conclusion
References
Chapter 4 Review on Machine Learning‐based Traffic Rules Contravention Detection System
4.1 Introduction
4.2 Technologies Involved in Smart Traffic Monitoring
4.2.1 Device Involving Sensors
4.2.2 Wireless Network
4.2.3 Computer Vision
4.3 Literature Review
4.4 Comparison of Results
4.5 Conclusion and Future Scope
References
Chapter 5 Enhancing Cybersecurity Ratings Using Artificial Intelligence and DevOps Technologies
5.1 Introduction
5.2 Literature Review
5.3 Proposed Methodology
5.4 Results
5.4.1 First Notification Regarding Issues Flagged by Cybersecurity Rating Platform
5.4.1.1 Whenever Any Issues Are Flagged to the Cybersecurity Rating Platform
5.4.2 Checking False Positive and True Positive
5.4.2.1 Validate and Close the Reported Findings – A Case of False Positive Reported Issue
5.4.2.2 Mitigating Vulnerabilities in Realtime with the Proposed System
5.5 Conclusion and Future Scope of Work
References
Part II Cyber Threat Detection and Analysis Using Artificial Intelligence and Big Data
Chapter 6 Malware Analysis Techniques in Android‐Based Smartphone Applications
6.1 Introduction
6.1.1 Android Security Architecture
6.1.2 Android Attack Surface
6.1.3 Android Malware
6.2 Malware Analysis Techniques
6.2.1 Static Analysis
6.2.1.1 Code Analysis Based Tools
6.2.1.2 Code Clone Detection Method
6.2.1.3 Methods Based on API Calls and Permissions
6.2.1.4 Analysis of API Function Calls and Permissions
6.2.1.5 Risk Signals‐Based Detection
6.2.1.6 Other Methods
6.2.2 Dynamic Analysis
6.2.2.1 System Call Monitoring
6.2.2.2 Processing of Natural Language
6.2.2.3 System Call Logs
6.2.2.4 Crowdroid
6.2.3 Monitoring of System‐Level Behaviors
6.2.4 Monitoring of User‐Space Level Behaviors
6.2.4.1 RepassDroid
6.2.4.2 Malware Detection Using Dynamically Generated Data and Machine Learning
6.3 Hybrid Analysis
6.4 Result
6.5 Conclusion
References
Chapter 7 Cyber Threat Detection and Mitigation Using Artificial Intelligence – A Cyber‐physical Perspective
7.1 Introduction
7.2 Types of Cyber Threats
7.3 Cyber Threat Intelligence (CTI)
7.3.1 CTI Process – Intelligence Cycle
7.3.2 CTI Types
7.3.3 CTI Benefits
7.3.4 Fundamental CTI Elements
7.4 Materials and Methods
7.5 Cyber‐Physical Systems Relying on AI (CPS‐AI)
7.6 Experimental Analysis
7.6.1 Request Time Analysis Comparison of the CPS‐AI
7.6.2 Analyzing the Results of a Simulation
7.6.3 Assessment of the Proposed CPS‐AI Framework's Performance
7.6.4 Reliability Breakdown of the CPS‐AI Framework
7.6.5 Overall Performance of the CPS‐AI
7.7 Conclusion
References
Chapter 8 Performance Analysis of Intrusion Detection System Using ML Techniques
8.1 Introduction
8.2 Literature Survey
8.3 ML Techniques
8.3.1 Random Forest
8.3.2 Gradient Boosting
8.3.3 Support Vector Machine (SVM)
8.3.4 k‐Nearest Neighbors (kNN)
8.3.5 Density‐Based Spatial Clustering of Applications with Noise (DBSCAN)
8.4 Overview of Dataset
8.5 Proposed Approach
8.6 Simulation Results
8.6.1 Accuracy Comparison
8.6.2 Precision and Recall Analysis
8.6.3 Comparative Analysis
8.7 Conclusion and Future Work
References
Chapter 9 Spectral Pattern Learning Approach‐based Student Sentiment Analysis Using Dense‐net Multi Perception Neural Network in E‐learning Environment
9.1 Introduction
9.2 Related Work
9.3 Proposed Implementation
9.3.1 Word Vector Correlation Extraction
9.3.2 Spectral Pattern Learning
9.3.2.0 Algorithm
9.3.3 Spider Genetic Sequence Feature Elevation
9.3.3.0 Algorithm:
9.3.4 Dense Net Multi‐perception Neural Network (DMPNN)
9.3.4.0 Algorithm:
9.4 Result and Discussion
9.5 Conclusion
References
Chapter 10 Big Data and Deep Learning‐based Tourism Industry Sentiment Analysis Using Deep Spectral Recurrent Neural Network
10.1 Introduction
10.2 Related Work
10.3 Materials and Method
10.3.1 Individual Value Decomposition Analysis (IVDA) for Pre‐processing Stage
10.3.2 Extracting Features Using Spider Optimization to Select the Effective Features Weight (SO‐EFW)
10.3.3 Sentiment Analysis for Review of Positive and Negative Score
10.3.4 Trained the Features with Softmax Logical Activation Function
10.3.5 Classification Using Deep Spectral Recurrent Neural Network (DSRNN)
10.4 Result and Discussion
10.5 Conclusion
References
Part III Applied Artificial Intelligence Approaches in Emerging Cybersecurity Domains
Chapter 11 Enhancing Security in Cloud Computing Using Artificial Intelligence (AI)
11.1 Introduction
11.2 Background
11.2.1 Cybersecurity
11.2.2 Artificial Intelligence
11.3 Identification Function (IF)
11.3.1 CS Asset Management (CAM)
11.3.2 Business Environment
11.3.3 Governance
11.3.4 Risk Assessment
11.3.5 Risk Management Strategy
11.4 Protection Function (PF)
11.4.1 Controlling, Identity, Authentication, and Access
11.4.2 Awareness and Training
11.4.3 Data Security
11.4.4 Information Protection, Processes, and Procedures
11.4.5 Protective Technologies
11.5 Detection Function (DF)
11.5.1 Anomalies and Events
11.5.2 Secure and Continuous Monitoring
11.5.3 Detection Processes
11.6 Response Function (RF)
11.6.1 Response Planning
11.6.2 Communications
11.6.3 Analysis
11.6.4 Mitigation
11.6.5 Improvements
11.7 Recovery Function (RcF)
11.8 Analysis, Discussion and Research Gaps
11.8.1 Emerging CS Areas
11.8.2 Data Representation
11.8.3 Advanced AICS
11.8.4 Exploring and Developing Innovative Infrastructures
11.9 Conclusion
References
Chapter 12 Utilization of Deep Learning Models for Safe Human‐Friendly Computing in Cloud, Fog, and Mobile Edge Networks
12.1 Introduction
12.2 Human‐Centered Computing (HCC)
12.3 Improving Cybersecurity Through Deep Learning (DL) Models: AI‐HCC Systems
12.3.1 Inserting DL in Cloud, Fog, and Edge Computing
12.3.2 DL and HCI
12.4 Case Studies
12.4.1 HCI Use Cases
12.4.2 Cybersecurity and HCI Use Cases
12.5 Discussion
12.5.1 HCC‐AI Advantages
12.5.2 HCC‐AI Caveats
12.6 Conclusion
References
Chapter 13 Artificial Intelligence for Threat Anomaly Detection Using Graph Databases – A Semantic Outlook
13.1 Introduction
13.2 KGs in Cybersecurity
13.3 CSKG Construction Methodologies
13.3.1 CSKG Building Flow
13.3.2 CS Ontology
13.3.3 CS Entities Extraction
13.3.4 Relations Extraction of CS Entities
13.4 Datasets
13.5 Application Scenarios
13.5.1 CSA and Security Assessment
13.5.2 CTs' Discovery
13.5.3 Attack Probing
13.5.4 Clever Security Operation
13.5.5 Smart Decision‐Making
13.5.6 Vulnerability Prediction and Supervision
13.5.7 Malware Acknowledgment and Analysis
13.5.8 Physical System Connection
13.5.9 Supplementary Reasoning Tasks
13.6 Discussion and Future Trends on CSKG
13.7 Conclusion
References
Chapter 14 Security in Blockchain‐Based Smart Cyber‐Physical Applications Relying on Wireless Sensor and Actuators Networks
14.1 Introduction
14.2 Methodology
14.2.1 WSAN‐Centered Solutions
14.2.1.1 Benefits
14.2.1.2 Challenges
14.2.1.3 WSANs' Structure
14.2.1.4 Characteristics of WSAN
14.2.1.5 WSANs Applications
14.2.1.6 WSAN Requirements
14.2.2 Blockchain‐Based Solutions
14.2.3 Hybrid Solutions
14.3 GIBCS: An Overview
14.4 Blockchain Layer
14.4.1 WSAN‐Based Network Model
14.4.1.1 WSAN Overview
14.4.1.2 Problem Statement
14.5 Trust Management
14.5.1 Authentication Module
14.5.2 Authorization Module
14.5.3 Trust Database Module
14.5.4 Access Decision Control (ACD)
14.5.5 Monitoring and Evaluation Module (MEM)
14.6 Blockchain for Secure Monitoring Back‐End
14.7 Blockchain‐Enabled Cybersecurity: Discussion and Future Directions
14.8 Conclusions
References
Chapter 15 Leveraging Deep Learning Techniques for Securing the Internet of Things in the Age of Big Data
15.1 Introduction to the IoT Security
15.2 Role of Deep Learning in IoT Security
15.3 Deep Learning Architecture for IoT Security
15.4 Future Scope of Deep Learning in IoT Security
15.5 Conclusion
References
Index
EULA

📜 SIMILAR VOLUMES