Computing Reviews
Today's Issue Hot Topics Search Browse Recommended My Account Log In
Review Help
Search
Introduction to machine learning with applications in information security
Stamp M., Chapman & Hall/CRC, Boca Raton, FL, 2017. 364 pp. Type: Book (978-1-138626-78-2)
Date Reviewed: Jan 17 2018

Machine learning and information security are well-established disciplines that benefit mutually from their interaction because many modern network and system intrusion and prevention systems rely on advanced anomaly detection models in order to detect unknown attack vectors and thus offer excellent application use cases for machine learning algorithms. This book bridges the gap between two different areas in computer science that have multiple intersection points.

For many years, the academic research community has been approaching the information security area from a machine learning perspective, but this knowledge was mostly scattered over the multiple International Symposium on Research in Attacks, Intrusions and Defenses (RAID) conference proceedings. Marc Stamp’s book is a much needed, and until now missing, addition to any IT security bookshelf, covering a pragmatic set of conceptual machine learning approaches and relevant practical use cases.

The book is structured in two parts. The first section lays down the theoretical foundations (hidden Markov models, principal component analysis, support vector machines, and clustering concepts) as well as multiple practical classification and clustering methods. Each of these topics is covered in a standalone chapter. Concepts are introduced formally, detailed with many examples, pseudocode algorithms, and worked-out exercises and examples. The first part of the book represents about two-thirds of the overall content and can on its own be used for an introduction to machine learning. However, for the security-minded reader, the second part of the book (chapters 9 through 13) is a must read. Each of these chapters contains realistic applications for the concepts introduced in the first part of the book. With use cases ranging from malware detection and spam identification through cryptanalysis, this section is very valuable for discovering how to design and evaluate security mechanisms that rely on machine learning.

The target audience of this book can be quite varied. The most appropriate audience is a graduate class in information security, but it may also be useful for readers interested in learning about the underlying theory behind advanced security mitigation tools.

Since the content also addresses conceptual issues as well as very practical technology-driven material, a broader audience can benefit from it. Experienced security professionals can deepen their knowledge on the machine learning content of the book, while data scientists will appreciate the background material on the security part. This book can be read cover to cover, but most probably selected chapters are suitable for a particular interest focus. For these different reader categories, the book does provide timely, necessary, sufficient, and relevant content.

Reviewer:  Radu State Review #: CR145782 (1803-0132)
Bookmark and Share
  Featured Reviewer  
 
Learning (I.2.6 )
 
 
Applications And Expert Systems (I.2.1 )
 
 
Security and Protection (K.6.5 )
 
Would you recommend this review?
yes
no
Other reviews under "Learning": Date
Learning in parallel networks: simulating learning in a probabilistic system
Hinton G. (ed) BYTE 10(4): 265-273, 1985. Type: Article
Nov 1 1985
Macro-operators: a weak method for learning
Korf R. Artificial Intelligence 26(1): 35-77, 1985. Type: Article
Feb 1 1986
Inferring (mal) rules from pupils’ protocols
Sleeman D.  Progress in artificial intelligence (, Orsay, France,391985. Type: Proceedings
Dec 1 1985
more...

E-Mail This Printer-Friendly
Send Your Comments
Contact Us
Reproduction in whole or in part without permission is prohibited.   Copyright 1999-2024 ThinkLoud®
Terms of Use
| Privacy Policy