Muutke küpsiste eelistusi

E-raamat: Malware Data Science

3.87/5 (63 hinnangut Goodreads-ist)
,
  • Formaat: EPUB+DRM
  • Ilmumisaeg: 25-Sep-2018
  • Kirjastus: No Starch Press,US
  • Keel: eng
  • ISBN-13: 9781593278601
Teised raamatud teemal:
  • Formaat - EPUB+DRM
  • Hind: 43,04 €*
  • * hind on lõplik, st. muud allahindlused enam ei rakendu
  • Lisa ostukorvi
  • Lisa soovinimekirja
  • See e-raamat on mõeldud ainult isiklikuks kasutamiseks. E-raamatuid ei saa tagastada.
Malware Data ScienceSuurem pilt
  • Formaat: EPUB+DRM
  • Ilmumisaeg: 25-Sep-2018
  • Kirjastus: No Starch Press,US
  • Keel: eng
  • ISBN-13: 9781593278601
Teised raamatud teemal:

DRM piirangud

  • Kopeerimine (copy/paste):

    ei ole lubatud

  • Printimine:

    ei ole lubatud

  • Kasutamine:

    Digitaalõiguste kaitse (DRM)
    Kirjastus on väljastanud selle e-raamatu krüpteeritud kujul, mis tähendab, et selle lugemiseks peate installeerima spetsiaalse tarkvara. Samuti peate looma endale  Adobe ID Rohkem infot siin. E-raamatut saab lugeda 1 kasutaja ning alla laadida kuni 6'de seadmesse (kõik autoriseeritud sama Adobe ID-ga).

    Vajalik tarkvara
    Mobiilsetes seadmetes (telefon või tahvelarvuti) lugemiseks peate installeerima selle tasuta rakenduse: PocketBook Reader (iOS / Android)

    PC või Mac seadmes lugemiseks peate installima Adobe Digital Editionsi (Seeon tasuta rakendus spetsiaalselt e-raamatute lugemiseks. Seda ei tohi segamini ajada Adober Reader'iga, mis tõenäoliselt on juba teie arvutisse installeeritud )

    Seda e-raamatut ei saa lugeda Amazon Kindle's. 

Malware Data Science explains how to identify, analyze, and classify large-scale malware using machine learning and data visualization.

Security has become a "big data" problem. The growth rate of malware has accelerated to tens of millions of new files per year while our networks generate an ever-larger flood of security-relevant data each day. In order to defend against these advanced attacks, you'll need to know how to think like a data scientist.

In Malware Data Science, security data scientist Joshua Saxe introduces machine learning, statistics, social network analysis, and data visualization, and shows you how to apply these methods to malware detection and analysis.

You'll learn how to:
- Analyze malware using static analysis
- Observe malware behavior using dynamic analysis
- Identify adversary groups through shared code analysis
- Catch 0-day vulnerabilities by building your own machine learning detector
- Measure malware detector accuracy
- Identify malware campaigns, trends, and relationships through data visualization

Whether you're a malware analyst looking to add skills to your existing arsenal, or a data scientist interested in attack detection and threat intelligence, Malware Data Science will help you stay ahead of the curve.

Arvustused

"For those looking to become a security data scientist, or just want to get a comprehensive understanding of how to use data science to deal with malicious software, Malware Data Science is a superb reference."  Ben Rothke, RSA Conference



"If you are new to data science or machine learning, this book provides an excellent introduction to these topics." DMFR Security

Muu info

Malware Data Science explains how to identify, analyze, and classify large-scale malware using machine learning and data visualization.
Foreword xvii
Anup Ghosh
Acknowledgments xix
Introduction xxi
What Is Data Science? xxii
Why Data Science Matters for Security xxii
Applying Data Science to Malware xxiii
Who Should Read This Book? xxiv
About This Book xxiv
How to Use the Sample Code and Data xxv
1 Basic Static Malware Analysis
1(10)
The Microsoft Windows Portable Executable Format
2(3)
The PE Header
3(1)
The Optional Header
3(1)
Section Headers
4(1)
Dissecting the PE Format Using pefile
5(2)
Examining Malware Images
7(1)
Examining Malware Strings
8(2)
Using the strings Program
8(1)
Analyzing Your strings Dump
9(1)
Summary
10(1)
2 Beyond Basic Static Analysis: X86 Disassembly
11(14)
Disassembly Methods
12(1)
Basics of x86 Assembly Language
12(8)
CPU Registers
13(2)
Arithmetic Instructions
15(1)
Data Movement Instructions
15(5)
Disassembling ircbot.exe Using pefile and capstone
20(1)
Factors That Limit Static Analysis
21(2)
Packing
21(1)
Resource Obfuscation
22(1)
Anti-disassembly Techniques
22(1)
Dynamically Downloaded Data
22(1)
Summary
23(2)
3 A Brief Introduction To Dynamic Analysis
25(10)
Why Use Dynamic Analysis?
26(1)
Dynamic Analysis for Malware Data Science
26(1)
Basic Tools for Dynamic Analysis
27(6)
Typical Malware Behaviors
27(1)
Loading a File on malwr.com
27(1)
AnalyzingResultsonmalwr.com
28(5)
Limitations of Basic Dynamic Analysis
33(1)
Summary
34(1)
4 Identifying Attack Campaigns Using Malware Networks
35(24)
Nodes and Edges
37(1)
Bipartite Networks
37(2)
Visualizing Malware Networks
39(1)
The Distortion Problem
39(1)
Force-Directed Algorithms
40(1)
Building Networks with NetworkX
40(1)
Adding Nodes and Edges
41(2)
Adding Attributes
42(1)
Saving Networks to Disk
42(1)
Network Visualization with GraphViz
43(8)
Using Parameters to Adjust Networks
44(1)
The GraphViz Command Line Tools
44(4)
Adding Visual Attributes to Nodes and Edges
48(3)
Building Malware Networks
51(3)
Building a Shared Image Relationship Network
54(4)
Summary
58(1)
5 Shared Code Analysis
59(30)
Preparing Samples for Comparison by Extracting Features
62(2)
How Bag of Features Models Work
62(1)
What are N-Grams?
63(1)
Using the Jaccard Index to Quantify Similarity
64(2)
Using Similarity Matrices to Evaluate Malware Shared Code Estimation Methods
66(7)
Instruction Sequence-Based Similarity
67(3)
Strings-Based Similarity
70(1)
Import Address Table-Based Similarity
71(1)
Dynamic API Call-Based Similarity
72(1)
Building a Similarity Graph
73(4)
Scaling Similarity Comparisons
77(2)
Minhash in a Nutshell
77(1)
Minhash in Depth
78(1)
Building a Persistent Malware Similarity Search System
79(6)
Running the Similarity Search System
85(2)
Summary
87(2)
6 Understanding Machine Learning-Based Malware Detectors
89(30)
Steps for Building a Machine Learning-Based Detector
90(3)
Gathering Training Examples
91(1)
Extracting Features
91(1)
Designing Good Features
92(1)
Training Machine Learning Systems
92(1)
Testing Machine Learning Systems
93(1)
Understanding Feature Spaces and Decision Boundaries
93(5)
What Makes Models Good or Bad: Overfitting and Underfitting
98(3)
Major Types of Machine Learning Algorithms
101(16)
Logistic Regression
102(3)
K-Nearest Neighbors
105(4)
Decision Trees
109(6)
Random Forest
115(2)
Summary
117(2)
7 Evaluating Malware Detection Systems
119(1)
Four Possible Detection Outcomes
120(4)
True and False Positive Rates
120(1)
Relationship Between True and False Positive Rates
121(2)
ROC Curves
123(1)
Considering Base Rates in Your Evaluation
124(2)
How Base Rate Affects Precision
124(1)
Estimating Precision in a Deployment Environment
125(1)
Summary
126(1)
8 Building Machine Learning Detectors
127(38)
Terminology and Concepts
128(1)
Building a Toy Decision Tree-Based Detector
129(5)
Training Your Decision Tree Classifier
130(1)
Visualizing the Decision Tree
131(2)
Complete Sample Code
133(1)
Building Real-World Machine Learning Detectors with sklearn
134(7)
Real-World Feature Extraction
134(3)
Why You Can't Use All Possible Features
137(1)
Using the Hashing Trick to Compress Features
138(3)
Building an Industrial-Strength Detector
141(5)
Extracting Features
141(1)
Training the Detector
142(2)
Running the Detector on New Binaries
144(1)
What We've Implemented So Far
144(2)
Evaluating Your Detector's Performance
146(7)
Using ROC Curves to Evaluate Detector Efficacy
147(1)
Computing ROC Curves
147(1)
Splitting Data into Training and Test Sets
148(1)
Computing the ROC Curve
149(1)
Cross-Validation
150(3)
Next Steps
153(1)
Summary
154(1)
9 Visualizing Malware Trends
155(20)
Why Visualizing Malware Data Is Important
156(2)
Understanding Our Malware Dataset
158(4)
Loading Data into pandas
158(1)
Working with a pandas DataFrame
159(2)
Filtering Data Using Conditions
161(1)
Using matplotlib to Visualize Data
162(6)
Plotting the Relationship Between Malware Size and Detection
162(2)
Plotting Ransomware Detection Rates
164(1)
Plotting Ransomware and Worm Detection Rates
165(3)
Using seaborn to Visualize Data
168(6)
Plotting the Distribution of Antivirus Detections
169(3)
Creating a Violin Plot
172(2)
Summary
174(1)
10 Deep Learning Basics
175(24)
What Is Deep Learning?
176(1)
How Neural Networks Work
177(12)
Anatomy of a Neuron
177(3)
A Network of Neurons
180(1)
Universal Approximation Theorem
181(1)
Building Your Own Neural Network
182(4)
Adding Another Neuron to the Network
186(2)
Automatic Feature Generation
188(1)
Training Neural Networks
189(4)
Using Backpropagation to Optimize a Neural Network
190(2)
Path Explosion
192(1)
Vanishing Gradient
192(1)
Types of Neural Networks
193(4)
Feed-Forward Neural Network
193(1)
Convolutional Neural Network
193(1)
Autoencoder Neural Network
194(1)
Generative Adversarial Network
195(1)
Recurrent Neural Network
196(1)
ResNet
196(1)
Summary
197(2)
11 Building A Neural Network Malware Detector With Keras
199(16)
Defining a Model's Architecture
200(2)
Compiling the Model
202(1)
Training the Model
203(6)
Extracting Features
203(1)
Creating a Data Generator
204(3)
Incorporating Validation Data
207(2)
Saving and Loading the Model
209(1)
Evaluating the Model
209(2)
Enhancing the Model Training Process with Callbacks
211(3)
Using a Built-in Callback
212(1)
Using a Custom Callback
213(1)
Summary
214(1)
12 Becoming A Data Scientist
215(6)
Paths to Becoming a Security Data Scientist
216(1)
A Day in the Life of a Security Data Scientist
216(2)
Traits of an Effective Security Data Scientist
218(1)
Open-Mindedness
218(1)
Boundless Curiosity
218(1)
Obsession with Results
219(1)
Skepticism of Results
219(1)
Where to Go from Here
219(2)
Appendix An Overview Of Datasets And Tools
221(12)
Overview of Datasets
222(3)
Chapter 1 Basic Static Malware Analysis
222(1)
Chapter 2 Beyond Basic Static Analysis: x86 Disassembly
222(1)
Chapter 3 A Brief Introduction to Dynamic Analysis
222(1)
Chapter 4 Identifying Attack Campaigns Using Malware Networks
222(1)
Chapter 5 Shared Code Analysis
223(1)
Chapter 6 Understanding Machine Learning-Based Malware Detectors and
Chapter 7: Evaluating Malware Detection Systems
223(1)
Chapter 8 Building Machine Learning Detectors
224(1)
Chapter 9 Visualizing Malware Trends
224(1)
Chapter 10 Deep Learning Basics
224(1)
Chapter 11 Building a Neural Network Malware Detector with Keras
224(1)
Chapter 12 Becoming a Data Scientist
224(1)
Tool Implementation Guide
225(8)
Shared Hostname Network Visualization
225(1)
Shared Image Network Visualization
226(1)
Malware Similarity Visualization
227(2)
Malware Similarity Search System
229(1)
Machine Learning Malware Detection System
230(3)
Index 233
Joshua Saxe is Chief Data Scientist at major security vendor, Sophos, where he leads a security data science research team. He's also a principal inventor of Sophos' neural network-based malware detector, which defends tens of millions of Sophos customers from malware infections. Before joining Sophos, Joshua spent 5 years leading DARPA funded security data research projects for the US government.

Hillary Sanders leads the infrastructure data science team at Sophos, which develops the frameworks used to build Sophos' deep learning models. Before joining Sophos, Hillary created a recipe web app and spent three years as a data scientist at Premise Data Corporation.
Lisainfo e-raamatute kohta Lisainfo e-raamatute kohta
Püsilink: https://www.kriso.ee/db/97815932786016e.html
Märksõnad: