Leon Reznik

Intelligent Security Systems


Скачать книгу

very intense knowledge domain intersecting intelligent methods with computer security applications and to become much better prepared for computer security practice challenges. It aims at developing both theoretical knowledge as well as research and practical skills.

      The book doubles as both a textbook and a reference book. From the education perspective, the book bridges education in cybersecurity domain with computer science and new data science programs, helping to advance all of them together. The content ranges from an explanation of basic concepts to the brief description of available tools. The writing style includes a traditional narrative as well as formulating and answering essential questions that will guide the presentation. The questions will help in self‐education as well as will assist instructors who might like to use them in their courses to get better prepared for possible student’s inquires. The book includes exercises. Slides will be available on the author’s website, https://www.cs.rit.edu/~lr/. Instructors will be provided with the list of suggested test and exam questions.

      The book is oriented toward computer security practice, not its mathematical foundations. The book will teach how to design the prolific computer security systems and tools such as firewalls, intrusion detection systems, anti‐malware protection systems, hacking activities, and attacks recognition tools. The readers will gain deeper understanding of those systems and tools design. While discussing machine learning and data science algorithms, it does not go deep in mathematical details but prefers concentrating on possible applications.

      1 review of the modern state of the computer security and artificial intelligence, machine learning, and data science applications in the area;

      2 firewall design;

      3 intrusion detection systems;

      4 anti‐malware methods and tools;

      5 hacking activities, attack recognition, and prevention;

      6 adversarial attacks against AI‐based computer security tools and systems.

Schematic illustration of book organization.

      The book will be accompanied by presentation slides as well as samples of exercises, test and exam questions, research, and tool assignments.

      From the computer security perspective, the book moves a reader from reviewing the current situation through the traditional first line of defense (firewalls) and the second line of defense (intrusion detection systems) to the discussion of the modern malware families and anti‐malware protection and toward hacker’s and ordinary user’s profiles and typical activities with finishing up by discussing the privacy protection systems and adversarial attacks using machine learning techniques.

      While the book content covers major security mechanisms as well as intelligent techniques they employ, they are distributed over all chapters. In respect to the techniques generally, the book moves from older (and possibly, simpler) methods to newer (and possibly, more sophisticated) ones. However, each chapter is self‐contained and could be studied separately from others.

      In particular:

      Chapter 1 discusses the basic concepts of computer security as well as the taxonomy and classification of the fundamental algorithms in the domains of artificial intelligence, machine learning, and data science in relation to their applications in computer security. It reviews the sources of security threats and the attacks, concentrating on the area of IoT and wireless devices, as well as examines the possible protection mechanisms and tools. The module provides a general classification of intelligent approaches and their relationship to various computer security fields. It focuses on an introduction of the major intelligent techniques and technologies in computer security, such as expert systems, fuzzy logic, machine learning, artificial neural networks, and genetic algorithms. While presenting multiple techniques, the text emphasizes their advantage in comparison to each other as well as the obstacles in their further progress. Short algorithm descriptions and code examples are included.

      Chapter 2 introduces a firewall as the first line of defense mechanism. It provides its definition, discusses the functions, possible architectures, and operational models, concentrating on presentation of their advantages and drawbacks. It includes the step‐by‐step guide to firewall design and implementation process ranging from planning to deployment and maintenance. The major emphasis in this chapter is placed on using rules to set up, configure, and modify the firewall’s policy. Both generic and specific rules are discussed as well as their formulation and editing with firewall tools. Substantial rules design principles and conflict avoidance and resolution are presented.

      Chapter 3 develops knowledge and practical skills on intrusion detection and prevention systems (IDS) design, their analysis, implementation, and use. It presents IDS definition, discusses their goals and functions as well as their progress from the historical perspective. It advances reader’s design and analysis skills in the computer security domain by discussing artificial intelligence and machine learning techniques and their application in IDS design and implementation as well as in classifying IDS systems, evaluating an IDS performance, choosing the IDS design tools and employing them in practical design exercise. Algorithm and code examples are provided.

      Chapter 4 discusses malware types, its detection and recognition techniques and tools. It provides an extensive classification of various malware and virus families, discusses their taxonomy, basic composition, and comparison between them. Beyond pure malware examples, it reviews spam and