Introduction to Machine Learning with Applications in Information Security Chapman & Hall/CRC Machine Learning & Pattern Recognition Series

Introduction to Machine Learning with Applications in Information Security provides a class-tested introduction to a wide variety of machine learning algorithms, reinforced through realistic applications. The book is accessible and doesn?t prove theorems, or otherwise dwell on mathematical theory. The goal is to present topics at an intuitive level, with just enough detail to clarify the underlying concepts.

The book covers core machine learning topics in-depth, including Hidden Markov Models, Principal Component Analysis, Support Vector Machines, and Clustering. It also includes coverage of Nearest Neighbors, Neural Networks, Boosting and AdaBoost, Random Forests, Linear Discriminant Analysis, Vector Quantization, Naive Bayes, Regression Analysis, Conditional Random Fields, and Data Analysis.

Most of the examples in the book are drawn from the field of information security, with many of the machine learning applications specifically focused on malware. The applications presented are designed to demystify machine learning techniques by providing straightforward scenarios. Many of the exercises in this book require some programming, and basic computing concepts are assumed in a few of the application sections. However, anyone with a modest amount of programming experience should have no trouble with this aspect of the book.

Instructor resources, including PowerPoint slides, lecture videos, and other relevant material are provided on an accompanying website: http://www.cs.sjsu.edu/~stamp/ML/. For the reader?s benefit, the figures in the book are also available in electronic form, and in color.

Mark Stamp has been a Professor of Computer Science at San Jose State University since 2002. Prior to that, he worked at the National Security Agency (NSA) for seven years, and a Silicon Valley startup company for two years. He received his Ph.D. from Texas Tech University in 1992. His love affair with machine learning began in the early 1990s, when he was working at the NSA, and continues today at SJSU, where he has supervised vast numbers of master?s student projects, most of which involve a combination of information security and machine learning.

Introduction

What is Machine Learning? 


About This Book


Necessary Background

A Few Too Many Notes

Introduction and Background

A Simple Example

Notation

The Three Problems

The Three Solutions

Dynamic Programming 


Scaling


All Together Now

The Bottom Line


Introduction

Overview and Notation

Pairwise Alignment

Multiple Sequence Alignment

PHMM from MSA

Scoring

The Bottom Line

Introduction


Background

Principal Component Analysis 


SVD Basics 


All Together Now

A Numerical Example 


The Bottom Line


Introduction


Constrained Optimization

AC loser Look at SVM

All Together Now


A Note on Quadratic Programming


The Bottom Line


Problems 


Introduction

Overview and Background

-Means

Measuring Cluster Quality

EM Clustering

The Bottom Line

Problems

Introduction

-Nearest Neighbors

Neural Networks

Boosting

Random Forest

Linear Discriminant Analysis

VectorQuantization

Naïve Bayes

Regression Analysis

Conditional Random Fields

Introduction

Experimental Design

Accuracy

ROC Curves

Imbalance Problem

PR Curves

The Bottom Line

Introduction

English Text Analysis 


Detecting "Undetectable" Malware


Classic Cryptanalysis

Introduction

Masquerade Detection

Malware Detection

Introduction

Eigenfaces

Eigenviruses

Eigenspam

Introduction

Malware Detection

Image Spam Revisited

Introduction

-Means for Malware Classification

EM vs -Means for Malware Analysis

Mark Stamp is a Professor at San Jose State University, and the author of two textbooks, Information Security: Principles and Practice and Applied Cryptanalysis: Breaking Ciphers in the Real World.