Machine Intelligence and Big Data Analytics for Cybersecurity Applications

Preface
Contents
About the Editors
Machine Intelligence and Big Data Analytics for Cybersecurity: Fundamentals and Challenges
Network Intrusion Detection: Taxonomy and Machine Learning Applications
	1 Introduction
	2 Overview of Intrusion Detection System
		2.1 Detection Methodologies
		2.2 Detection Approaches
		2.3 Analysis Target
		2.4 Response Method
		2.5 Analysis Timing
		2.6 Architecture
	3 Machine Learning Applications in Intrusion Detection
		3.1 Brief Overview of Machine Learning and Classification
		3.2 Datasets for Intrusion Detection System (IDS)
		3.3 Machine Learning in Intrusion Detection System
	4 Summary and Future Directions
	References
Machine Learning and Deep Learning Models for Big Data Issues
	1 Introduction
	2 Importance of Predictive Analytics for Big Data Security
	3 Predictive Models for Malware Detection
	4 Predictive Models for Anomaly Detection
	5 Predictive Models for Intrusion Detection
	6 Predictive Models for Access Control
		6.1 Attacks and Threats Detection
		6.2 Privacy-Preserving Techniques
	7 Predictive Models for Reliable Ingestion and Normalization
	8 Conclusion
	References
The Fundamentals and Potential for Cybersecurity of Big Data in the Modern World
	1 Introduction
	2 Methodology
	3 Big Data and Cybersecurity
	4 Machine Learning and Cybersecurity
	5 Big Data Analytics and Cybersecurity
	6 Discussion
	7 Trends
	8 Conclusions
	References
Toward a Knowledge-Based Model to Fight Against Cybercrime Within Big Data Environments: A Set of Key Questions to Introduce the Topic
	1 Big Data Large Context
		1.1 Classical Data: Ambiguities and Misunderstandings
		1.2 Overview of the Big Data Concept
	2 Cybercrime: Context and Useful Concepts
		2.1 Cybercrime: General Context
		2.2 Fight Against Cybercrime
	3 Big Data Versus Cybercrime: A Knowledge War
		3.1 Overview on Our Starting Idea
		3.2 Theoretical Framework of Our Model
		3.3 Illustration and Interpretation
	References
Machine Intelligence and Big Data Analytics for Cyber-Threat Detection and Analysis
Improving Cyber-Threat Detection by Moving the Boundary Around the Normal Samples
	1 Introduction
	2 Related Works
		2.1 Traditional Machine Learning
		2.2 Deep Learning
		2.3 Final Remarks
	3 The Proposed Method
		3.1 Stage 1—Boundary Detection
		3.2 Stage 2—Boundary Re-positioning
		3.3 Stage 3—Classification Model Learning
		3.4 Implementation Details
	4 Empirical Study
		4.1 Dataset Description
		4.2 Experimental Setting and Evaluation Metrics
		4.3 Results
	5 Conclusion
	References
Bayesian Networks for Online Cybersecurity Threat Detection
	1 Introduction
	2 Related Works
	3 Integrating Bayesian Networks in the DETECT Framework
		3.1 Introduction to DETECT
		3.2 The Architecture of the DETECT Framework
		3.3 Bayesian Networks for Online Threat Detection in DETECT
		3.4 Attack Trees
		3.5 Bayesian Networks
		3.6 Model-to-Model (M2M) Transformation Proposal: From Attack Trees to Bayesian Networks
		3.7 Data Population of the Probability Tables
		3.8 Transformation of Bayesian Networks to Machine-Readable XML Code
	4 Case Study: Authentication Violation Scenario
		4.1 Brief Description of the Scenario and  Attack Tree
		4.2 Values for Static Assessment
	5 Analysis
		5.1 Relative Variations
		5.2 Absolute Variations
		5.3 Overall Analysis
	6 Discussion
	7 Conclusion
	Appendix 1
	Appendix 2
	References
Spam Emails Detection Based on Distributed Word Embedding with Deep Learning
	1 Introduction
	2 Related Work
	3 Preliminaries
		3.1 Classical Machine Learning Models
		3.2 Text Representation
		3.3 Deep Learning
	4 Methodology
		4.1 Proposed Architecture
		4.2 Evaluation Metrics
	5 Experimental Results and Discussions
		5.1 Datasets
		5.2 Observations and Results
	6 Conclusion
	References
AndroShow: A Large Scale Investigation to Identify the Pattern of Obfuscated Android Malware
	1 Introduction
	2 Literature Review
		2.1 Permission
		2.2 Obfuscation Techniques
	3 Methodology
		3.1 Dataset
		3.2 Environment
		3.3 Data Preprocessing
		3.4 Feature Extraction
		3.5 Vector Matrix (Final Pattern)
		3.6 Summary
	4 Results and Discussion
		4.1 Permission Analysis
		4.2 App Component Analysis
		4.3 Filtered Intent Analysis
		4.4 API Call Analysis
		4.5 System Call Analysis
		4.6 Existing Tools and Approaches
	5 Conclusion
		5.1 Findings and Contributions
		5.2 Recommendations for Future Works
	References
IntAnti-Phish: An Intelligent Anti-Phishing Framework Using Backpropagation Neural Network
	1 Introduction
	2 Background
	3 IntAnti-Phish: The Proposed Approach
		3.1 Model Generation Phase
		3.2 Feature Extraction and Pattern Generation Phase
		3.3 Detection and Test Phase:
	4 Experimental Results Analysis and Discussion
		4.1 Environment Setup
		4.2 Dataset Used
		4.3 Experiments, Results and Discussion
	5 Conclusion
	References
Network Intrusion Detection for TCP/IP Packets with Machine Learning Techniques
	1 Introduction
	2 Related Works
	3 Datasets
	4 Methodology
		4.1 Gaussian Naive Bayes
		4.2 Logistic Regression
		4.3 Artificial Neural Network
		4.4 Decision Tree
	5 Evaluation
	6 Conclusion
	References
Developing a Blockchain-Based and Distributed Database-Oriented Multi-malware Detection Engine
	1 Introduction
	2 Malware
		2.1 Components of Malware
		2.2 Malware Detection Approaches
		2.3 Malware Detection Techniques
	3 Blockchain Technology
		3.1 How Does a Blockchain Work?
		3.2 Types of Blockchain Architecture
	4 Previous Related Works
	5 Proposed Methodology
	6 Implementation and Results
	7 Conclusion
	8 Future Work
	References
Ameliorated Face and Iris Recognition Using Deep Convolutional Networks
	1 Introduction
	2 Related Works
		2.1 Face Based Biometric Recognition
		2.2 Iris Based Biometric Recognition
	3 Proposed System
		3.1 VGG-16 and VGG-19 Architectures
		3.2 Face Based Biometric Recognition
		3.3 Iris Based Biometric Recognition
	4 Conclusion and Future Work
	References
Presentation Attack Detection Framework
	1 Introduction
	2 Background and Related Works
		2.1 Attacks on Iris-Based System
		2.2 Related Work
	3 Classifier for Iris Detection System
		3.1 Haar-Cascade Classifier
		3.2 LBP Classifier
	4 IRIS Signature Generator Framework
		4.1 Authentication Process
		4.2 Iris Code and QR Code Generation
	5 Implementation and Evaluation
	6 Conclusion
	References
Classifying Common Vulnerabilities and Exposures Database Using Text Mining and Graph Theoretical Analysis
	1 Introduction
	2 State of Art
		2.1 Common Vulnerabilities and Exposures
		2.2 Content Analysis Through Text Mining
		2.3 Graph Theoretical Analysis
	3 Methodology
		3.1 Data Set
		3.2 Content Analysis of CVE Database
		3.3 Applying Graph Theoretical Analysis Techniques on CVE Concepts
	4 Results
		4.1 Semi Structured Content Analysis Results Through Keywords
		4.2 Computerized Content Analysis Results
		4.3 Results of Applying Graph Theoretical Analysis Techniques
	5 Discussion
	6 Conclusions
	References
Machine Intelligence and Big Data Analytics for Cybersecurity Applications
A Novel Deep Learning Model to Secure Internet of Things in Healthcare
	1 Introduction
	2 Related Work
	3 Materials and Methods
		3.1 ANN Architecture
		3.2 Prediction Algorithm
	4 Results and Discussion
		4.1 Testing Environment
		4.2 Results
	5 Conclusion
	References
Secure Data Sharing Framework Based on Supervised Machine Learning Detection System for Future SDN-Based Networks
	1 Introduction
	2 Literature Review
		2.1 Security Issues in SDN Architecture
		2.2 Machine Learning Anomalies Detection for SDN Architecture
	3 Proposed Framework Based on Machine Learning Techniques to Secure Data Sharing in SDN
	4 Experimental Environment and Results
		4.1 Environment
		4.2 Implementation Framework Results
	5 Conclusion
	References
MSDN-GKM: Software Defined Networks Based Solution for Multicast Transmission with Group Key Management
	1 Introduction
	2 Related Works and Research Scopes
		2.1 Multicast IP
		2.2 Group Key Management
		2.3 Multicast and Software-Defined Networking SDN Integration
	3 Proposal Solution
		3.1 General Architecture
		3.2 Multicast Tree Computing Mathematic Modeling
		3.3 Controller SDN
		3.4 The Multicast Signalization Message Dispatcher Module
		3.5 The Multicast Member Management Module
		3.6 The Group Management Module
		3.7 Multicast Tree Computing Module
	4 Implementation and Results
		4.1 Experimental Environment
		4.2 Experimental Results
	5 Conclusion and Future Work
	References
Machine Learning for CPS Security: Applications, Challenges and Recommendations
	1 Introduction
	2 Machine Learning Preliminaries
		2.1 Supervised and Semi-supervised Learning
		2.2 Unsupervised Learning
		2.3 Reinforcement Learning
	3 ML Phases: Modeling, Training and Deployment
	4 Design of Learning-Based Anomaly Detectors:  Practical Challenges
		4.1 Model Creation
		4.2 Testing and Updating
	5 Experimental Evaluation on SWAT Testbed
	6 Threat Model
	7 Case Study-1: Invariant Generation Using Data-Centric Approach
		7.1 Association Rule Mining
		7.2 Feature Engineering and Challenges to Generate Invariants
		7.3 Challenges Solved
	8 Case Study-2: System Model Based Attack Detection and Isolation
		8.1 Attack Isolation Algorithm
		8.2 Empirical Evaluation
		8.3 Challenges Solved
	9 Related Studies
	10 Conclusions and Recommendations for Future Work
	References
Applied Machine Learning to Vehicle Security
	1 Introduction
	2 Related Works
		2.1 Controller Area Network (CAN)
	3 Machine Learning
		3.1 Neural Network Training Algorithms
	4 Vehicle Security Study
	5 Dataset
		5.1 Classification of Vehicle Models
		5.2 Vehicle Network Anomaly Detection
	6 Conclusions and Future Directions
	References
Mobile Application Security Using Static and Dynamic Analysis
	1 Introduction
	2 Related Works
		2.1 CuckooDroid
		2.2 FlowDroid
		2.3 DroidBox
	3 Hands-on Analysis
		3.1 Static Analysis by MobiSF
		3.2 Dynamic Analysis Using MobiSF
		3.3 Tainted Data Flow Analysis
	4 Conclusion
	References
Mobile and Cloud Computing Security
	1 Introduction
	2 Cloud Computing and Service Models
		2.1 Infrastructure-as-a-Service (IaaS)
		2.2 Platform-as-a-Service (PaaS)
		2.3 Software-as-a-Service (SaaS)
		2.4 Mobile Cloud Services Model
		2.5 Cloud Deployment Models
	3 Mobile and Cloud Computing Security
		3.1 Mobile Computing Security
		3.2 Mobile Cloud Computing Security
		3.3 Data Security
	4 Virtualization Security in Cloud Computing
		4.1 Virtualization Security Challenges
	5 Implementation and Real-Life Applications
		5.1 Big Data, Cloud and Cybersecurity in Healthcare
		5.2 Healthcare: Wearables Applications
		5.3 Healthcare: ECG Cloud Application
	6 Summary
	References
Robust Cryptographical Applications for a Secure Wireless Network Protocol
	1 Introduction
	2 Related Works
	3 Synchronous Stream Cipher Generator
		3.1 Process of Generating the Initial Vectors
		3.2 Balancing Process of the Initial Vectors
		3.3 Keystream Generation Process
	4 Dynamic Primitive Polynomials Generator
	5 Security Issues
	6 Highlights and Future Work
	7 Conclusion
	References
A Machine Learning Based Secure Change Management
	1 Introduction
	2 Literature Review
	3 IT Change Management
	4 Methodology
		4.1 Business Understanding
		4.2 Preparing Data
		4.3 Feature Selection
	5 Performance Evaluation
	6 Conclusion
	References
Intermediary Technical Interoperability Component TIC Connecting Heterogeneous Federation Systems
	1 Introduction
	2 Definitions of Terms
	3 Related Works
	4 Materials and Methods
		4.1 Federations’ Technologies and Interoperability Challenges
		4.2 Problem Statement
		4.3 Problem Discussion
		4.4 Prototype Proposal
	5 Results
		5.1 Implementation
		5.2 Main Results
	6 Conclusion and Future Works
	References