Machine Learning Security Principles: Keep data, networks, users, and applications safe from prying eyes
- Length: 450 pages
- Edition: 1
- Language: English
- Publisher: Packt Publishing
- Publication Date: 2022-12-30
- ISBN-10: 1804618853
- ISBN-13: 9781804618851
- Sales Rank: #0 (See Top 100 Books)
Thwart hackers by preventing, detecting, and misdirecting access before they can plant malware, obtain credentials, engage in fraud, modify data, poison models, corrupt users, eavesdrop, and otherwise ruin your day
Key Features
- Discover how hackers rely on misdirection and deep fakes to fool even the best security systems
- Retain the usefulness of your data by detecting unwanted and invalid modifications
- Develop application code to meet the security requirements related to machine learning
Book Description
Businesses are leveraging the power of AI to make undertakings that used to be complicated and pricy much easier, faster, and cheaper. The first part of this book will explore these processes in more depth, which will help you in understanding the role security plays in machine learning.
As you progress to the second part, you’ll learn more about the environments where ML is commonly used and dive into the security threats that plague them using code, graphics, and real-world references.
The next part of the book will guide you through the process of detecting hacker behaviors in the modern computing environment, where fraud takes many forms in ML, from gaining sales through fake reviews to destroying an adversary’s reputation. Once you’ve understood hacker goals and detection techniques, you’ll learn about the ramifications of deep fakes, followed by mitigation strategies.
This book also takes you through best practices for embracing ethical data sourcing, which reduces the security risk associated with data. You’ll see how the simple act of removing personally identifiable information (PII) from a dataset lowers the risk of social engineering attacks.
By the end of this machine learning book, you’ll have an increased awareness of the various attacks and the techniques to secure your ML systems effectively.
What you will learn
- Explore methods to detect and prevent illegal access to your system
- Implement detection techniques when access does occur
- Employ machine learning techniques to determine motivations
- Mitigate hacker access once security is breached
- Perform statistical measurement and behavior analysis
- Repair damage to your data and applications
- Use ethical data collection methods to reduce security risks
Who this book is for
Whether you’re a data scientist, researcher, or manager working with machine learning techniques in any aspect, this security book is a must-have. While most resources available on this topic are written in a language more suitable for experts, this guide presents security in an easy-to-understand way, employing a host of diagrams to explain concepts to visual learners. While familiarity with machine learning concepts is assumed, knowledge of Python and programming in general will be useful.
Machine Learning Security Principles Foreword Contributors About the author Acknowledgments About the reviewers Preface Who this book is for What this book covers To get the most out of this book Download the example code files Conventions used Get in touch Share Your Thoughts Download a free PDF copy of this book Part 1 – Securing a Machine Learning System Chapter 1: Defining Machine Learning Security Building a picture of ML Why is ML important? Identifying the ML security domain Distinguishing between supervised and unsupervised Using ML from development to production Adding security to ML Defining the human element Compromising the integrity and availability of ML models Describing the types of attacks against ML Considering what ML security can achieve Setting up for the book What do you need to know? Considering the programming setup Summary Chapter 2: Mitigating Risk at Training by Validating and Maintaining Datasets Technical requirements Defining dataset threats Learning about the kinds of database threats Considering dataset threat sources Delving into data change Delving into data corruption Uncovering feature manipulation Examining source modification Thwarting privacy attacks Detecting dataset modification An example of relying on traditional methods Working with hashes and larger files Using a data version control system example Mitigating dataset corruption The human factor in missingness An example of recreating the dataset Using an imputer Handling missing or corrupted data Summary Chapter 3: Mitigating Inference Risk by Avoiding Adversarial Machine Learning Attacks Defining adversarial ML Categorizing the attack vectors Examining the hacker mindset Considering security issues in ML algorithms Defining attacker motivations Employing CAPTCHA bypass techniques Considering common hacker goals Relying on trial and error Avoiding helping the hacker Integrating new research quickly Understanding the Black Swan Theory Describing the most common attack techniques Evasion attacks Model poisoning Understanding membership inference attacks Understanding Trojan attacks Understanding backdoor (neural) attacks Seeing adversarial attacks in action Mitigating threats to the algorithm Developing principles that help protect against every threat Detecting and mitigating an evasion attack Detecting and mitigating a model poisoning attack Detecting and mitigating a membership inference attack Detecting and mitigating a Trojan attack Detecting and mitigating backdoor (neural) attacks Summary Further reading Part 2 – Creating a Secure System Using ML Chapter 4: Considering the Threat Environment Technical requirements Defining an environment Understanding business threats Protecting consumer sites Understanding malware Understanding network attacks Eyeing the small stuff Dealing with web APIs Dealing with the hype cycle Considering social threats Spam Identity theft Unwanted tracking Remote storage data loss or corruption Account takeover Employing ML in security in the real world Understanding the kinds of application security Considering the realities of the machine Adding human intervention Developing a simple authentication example Developing a simple spam filter example Summary Further reading Chapter 5: Keeping Your Network Clean Technical requirements Defining current network threats Developing a sense of control over chaos Implementing access control Ensuring authentication Detecting intrusions Defining localized attacks Understanding botnets Considering traditional protections Working with honeypots Using data-centric security Locating subtle intrusion indicators Using alternative identity strategies Obtaining data for network traffic testing Adding ML to the mix Developing an updated security plan Determining which features to track Creating real-time defenses Using supervised learning example Using a subprocess in Python example Working with Flask example Asking for human intervention Developing predictive defenses Defining what is available today Downsides of predicting the future Creating a realistic network model Summary Chapter 6: Detecting and Analyzing Anomalies Technical requirements Defining anomalies Specifying the causes and effects of anomaly detection Considering anomaly sources Understanding when anomalies occur Using and combining anomaly detection and signature detection Detecting data anomalies Checking data validity Forecasting potential anomalies example Using anomaly detection effectively in ML Considering other mitigation techniques Summary Further reading Chapter 7: Dealing with Malware Technical requirements Defining malware Specifying the malware types Understanding the subtleties of malware Determining malware goals Generating malware detection features Getting the required disassembler Collecting data about any application Extracting strings from an executable Extracting images from an executable Generating a list of application features Selecting the most important features Considering speed of detection Building a malware detection toolbox Classifying malware Obtaining malware samples and labels Development of a simple malware detection scenario Summary Further reading Chapter 8: Locating Potential Fraud Technical requirements Understanding the types of fraud Defining fraud sources Considering fraudsters Considering hackers Considering other organizations Considering company insiders Considering customers (or fraudsters posing as customers) Obtaining fraud datasets Considering fraud that occurs in the background Detecting fraud that occurs when you’re not looking Building a background fraud detection application Considering fraud that occurs in real time Considering the types of real-time fraud Detecting real-time fraud Building a fraud detection example Getting the data Setting the example up Splitting the data into train and test sets Building the model Performing the analysis Checking another model Creating a ROC curve and calculating AUC Summary Further reading Chapter 9: Defending against Hackers Technical requirements Considering hacker targets Hosted systems Networks Mobile devices Customers Public venues and social media Defining hacker goals Data stealing Data modification Algorithm modification System damage Monitoring and alerting Considering the importance of lag An example of detecting behavior Building and testing an XGBoost regressor Putting the data in perspective Predicting new behavior based on the past Locating other behavioral datasets Improving security and reliability Summary Further reading Part 3 – Protecting against ML-Driven Attacks Chapter 10: Considering the Ramifications of Deepfakes Technical requirements Defining a deepfake Modifying media Common deepfake types The history of deepfakes Creating a deepfake computer setup Installing TensorFlow on a desktop system Checking for a GPU Understanding autoencoders Defining the autoencoder Working with an autoencoder example Understanding CNNs and implementing GANs An overview of a Pix2Pix GAN Obtaining and viewing the images Manipulating the images Developing datasets from the modified images Creating the generator Creating the discriminator Performing optimization of both generator and discriminator Monitoring the training process Training the model Summary Further reading Chapter 11: Leveraging Machine Learning for Hacking Making attacks automatic and personalized Gaining unauthorized access bypassing CAPTCHA Automatically harvesting information Enhancing existing capabilities Rendering malware less effective using GANs Putting artificial intelligence in spear-phishing Generating smart bots for fake news and reviews Summary Further reading Part 4 – Performing ML Tasks in an Ethical Manner Chapter 12: Embracing and Incorporating Ethical Behavior Technical requirements Sanitizing data correctly Obtaining benefits from data sanitization Considering the current dataset Removing PII Adding traits together to make them less identifiable Eliminating unnecessary features Defining data source awareness Validating user permissions Using recognizable datasets Verifying third-party datasets Obtaining required third-party permissions Understanding ML fairness Determining what fairness means Understanding Simpson’s paradox Removing personal bias Defining algorithmic bias Addressing fairness concerns Computing fairness indicators with TensorFlow Solving fairness problems with TensorFlow-constrained optimization Mitigating privacy risks using federated learning and differential privacy Distributing data and privacy risks using federated learning Relying on differential privacy Summary Further reading Index Why subscribe? Other Books You May Enjoy Packt is searching for authors like you Share Your Thoughts Download a free PDF copy of this book
Donate to keep this site alive
How to download source code?
1. Go to: https://github.com/PacktPublishing
2. In the Find a repository… box, search the book title: Machine Learning Security Principles: Keep data, networks, users, and applications safe from prying eyes
, sometime you may not get the results, please search the main title.
3. Click the book title in the search results.
3. Click Code to download.
1. Disable the AdBlock plugin. Otherwise, you may not get any links.
2. Solve the CAPTCHA.
3. Click download link.
4. Lead to download server to download.