Intelligent Security Systems. Leon Reznik
Чтение книги онлайн.

Читать онлайн книгу Intelligent Security Systems - Leon Reznik страница 10

Название: Intelligent Security Systems

Автор: Leon Reznik

Издательство: John Wiley & Sons Limited

Жанр: Программы

Серия:

isbn: 9781119771562

isbn:

СКАЧАТЬ (IDS) design, their analysis, implementation, and use. It presents IDS definition, discusses their goals and functions as well as their progress from the historical perspective. It advances reader’s design and analysis skills in the computer security domain by discussing artificial intelligence and machine learning techniques and their application in IDS design and implementation as well as in classifying IDS systems, evaluating an IDS performance, choosing the IDS design tools and employing them in practical design exercise. Algorithm and code examples are provided.

      Chapter 4 discusses malware types, its detection and recognition techniques and tools. It provides an extensive classification of various malware and virus families, discusses their taxonomy, basic composition, and comparison between them. Beyond pure malware examples, it reviews spam and software vulnerabilities too. Multiple real life cases and examples are provided. Then, it moves to presenting malware detection principles, algorithms and techniques, and anti‐malware tools and technologies. Their examples and use cases are included.

      Module 6 introduces novel adversarial machine learning attacks and their taxonomy when machine learning is used against AI‐based classifiers to make them fail. It investigates a possible data corruption and quality decrease influence on the classifier performance. The module proposes data restoration procedures and other measures to protect against adversarial attacks. Generative adversarial networks are introduced, and their use is discussed. Multiple algorithm examples and use cases are included.

      This section lists standard terms used within the book and where to learn more about them.

Term Additional term Definition Definition source Book section to learn more Example
Offense
Attack Any kind of malicious activity that attempts to collect, disrupt, deny, degrade, or destroy information system resources or the information itself. NIST SP 800‐12; 1.4
Cyber attack An attack, via cyberspace, targeting an enterprise’s use of cyberspace for the purpose of disrupting, disabling, destroying, or maliciously controlling a computing environment/infrastructure; or destroying the integrity of the data or stealing controlled information. NIST SP 800‐30 Rev. 1 5.1.5
Advanced persistent threat (APT) An adversary with sophisticated levels of expertise and significant resources, allowing it through the use of multiple different attack vectors (e.g. cyber, physical, and deception) to generate opportunities to achieve its objectives, which are typically to establish and extend footholds within the information technology infrastructure of organizations for purposes of continually exfiltrating information and/or to undermine or impede critical aspects of a mission, program, or organization, or place itself in a position to do so in the future; moreover, the advanced persistent threat pursues its objectives repeatedly over an extended period of time, adapting to a defender’s efforts to resist it, and with determination to maintain the level of interaction needed to execute its objectives. NIST SP 800‐39 1,6
Adversarial machine learning (AML) AML is concerned with the design of ML algorithms that can resist security challenges, the study of the capabilities of attackers, and the understanding of attack consequences. NISTIR 8269 (DRAFT) 6
Attack signature A specific sequence of events indicative of an unauthorized access attempt. NIST SP 800‐12 Rev. 1; 4.5
Brute force A method of accessing an obstructed device by attempting multiple combinations of numeric/alphanumeric passwords. NIST 800‐101 5.1.5.2
Colluded applications Attack performed by two or more cooperating applications, when an application that individually incorporates only harmless permissions expends them by sending and receiving requests to a collaborating application. 5.1.8
Denial of Service The prevention of authorized access to resources or the delaying of time‐critical operations. (Time‐critical may be milliseconds or it may be hours, depending upon the service provided.) NIST 800‐12 5.1.5.2 Ex. 5.4
Eavesdropping An attack in which an attacker listens passively to the authentication protocol to capture information that can be used in a subsequent active attack to masquerade as the claimant. NIST 800‐63‐3 5.1.5.2
Impersonation A scenario where the attacker impersonates the verifier in an authentication protocol, usually to capture information that can be used to masquerade as a claimant to the real verifier. NIST 800‐63‐2 5.1.5.2
Phishing Fraudulent attempt to obtain sensitive information or data by impersonating oneself as a trustworthy entity in a digital communication. 5.1.5.2 Ex. 5.3
СКАЧАТЬ